1) Slow computer, error messages

[spypcsense]

Oops! Sorry, thought that was the first report. Here it is. Choices were skip and Quarantine so I chose quarantine. That's where they are. Saw a remote access file was quarantined. Good.
Part1
08:59:36.0143 0x0758 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
09:01:36.0684 0x0758 ============================================================
09:01:36.0684 0x0758 Current date / time: 2015/01/16 09:01:36.0684
09:01:36.0684 0x0758 SystemInfo:
09:01:36.0684 0x0758
09:01:36.0684 0x0758 OS Version: 6.1.7601 ServicePack: 1.0
09:01:36.0684 0x0758 Product type: Workstation
09:01:36.0684 0x0758 ComputerName: BRUCE-LENOVO
09:01:36.0684 0x0758 UserName: Bruce
09:01:36.0684 0x0758 Windows directory: C:\Windows
09:01:36.0684 0x0758 System windows directory: C:\Windows
09:01:36.0684 0x0758 Processor architecture: Intel x86
09:01:36.0684 0x0758 Number of processors: 4
09:01:36.0684 0x0758 Page size: 0x1000
09:01:36.0684 0x0758 Boot type: Normal boot
09:01:36.0684 0x0758 ============================================================
09:01:37.0058 0x0758 KLMD registered as C:\Windows\system32\drivers\58755457.sys
09:01:37.0760 0x0758 System UUID: {5C5497F2-AB82-E6C6-9B2A-5E273D5EB167}
09:01:38.0618 0x0758 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x17A85, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
09:01:38.0618 0x0758 ============================================================
09:01:38.0618 0x0758 \Device\Harddisk0\DR0:
09:01:38.0618 0x0758 MBR partitions:
09:01:38.0618 0x0758 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x258000
09:01:38.0618 0x0758 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x258800, BlocksNum 0x542BE800
09:01:38.0618 0x0758 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x54517000, BlocksNum 0x302F000
09:01:38.0618 0x0758 ============================================================
09:01:38.0650 0x0758 C: <-> \Device\Harddisk0\DR0\Partition2
09:01:38.0681 0x0758 Q: <-> \Device\Harddisk0\DR0\Partition3
09:01:38.0712 0x0758 ============================================================
09:01:38.0712 0x0758 Initialize success
09:01:38.0712 0x0758 ============================================================
09:02:32.0080 0x11f0 ============================================================
09:02:32.0080 0x11f0 Scan started
09:02:32.0080 0x11f0 Mode: Manual; SigCheck; TDLFS;
09:02:32.0080 0x11f0 ============================================================
09:02:32.0080 0x11f0 KSN ping started
09:02:34.0732 0x11f0 KSN ping finished: true
09:02:35.0964 0x11f0 ================ Scan system memory ========================
09:02:35.0964 0x11f0 System memory - ok
09:02:35.0964 0x11f0 ================ Scan services =============================
09:02:36.0136 0x11f0 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:02:36.0198 0x11f0 1394ohci - detected UnsignedFile.Multi.Generic ( 1 )
09:02:39.0131 0x11f0 Detect skipped due to KSN trusted
09:02:39.0131 0x11f0 1394ohci - ok
09:02:39.0224 0x11f0 [ A3AC25D2C9EEB18384A88DEB392C355D, F7348A1F15A7134ABB06C672C533498998100538E740B67C86B2696E0C77F913 ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
09:02:39.0256 0x11f0 5U877 - detected UnsignedFile.Multi.Generic ( 1 )
09:02:42.0001 0x11f0 Detect skipped due to KSN trusted
09:02:42.0001 0x11f0 5U877 - ok
09:02:42.0064 0x11f0 [ BEB5E6A8C17C3C7485563281E0F9E77E, D04ACF4833370AC1BFA5365B7D23DB0F6BD5067102B4AD523D74DBE89EDDABBA ] 61883 C:\Windows\system32\DRIVERS\61883.sys
09:02:42.0079 0x11f0 61883 - detected UnsignedFile.Multi.Generic ( 1 )
09:02:45.0074 0x11f0 Detect skipped due to KSN trusted
09:02:45.0074 0x11f0 61883 - ok
09:02:45.0152 0x11f0 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:02:45.0199 0x11f0 ACPI - ok
09:02:45.0215 0x11f0 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:02:45.0230 0x11f0 AcpiPmi - detected UnsignedFile.Multi.Generic ( 1 )
09:02:48.0132 0x11f0 Detect skipped due to KSN trusted
09:02:48.0132 0x11f0 AcpiPmi - ok
09:02:48.0241 0x11f0 [ C0F22E875F5B6417BDD70D7A0C015415, BDDD010C331CEFDB9BFC8C15ECC443171EA7F06376E7D54661A74EA108B73FA2 ] AcPrfMgrSvc C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe
09:02:48.0257 0x11f0 AcPrfMgrSvc - ok
09:02:48.0272 0x11f0 [ E714E5A88CD4AC11C9914A9D8879EFEA, 42C76FD40AD837AF4142E180D3AC78DE39D96AB31F8713C7020462FFA81E5A8E ] AcSvc C:\Program Files\Lenovo\Access Connections\AcSvc.exe
09:02:48.0288 0x11f0 AcSvc - ok
09:02:48.0397 0x11f0 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:02:48.0413 0x11f0 AdobeARMservice - ok
09:02:48.0475 0x11f0 [ CB1719E3EA00A0C114A8AD2655F43754, B38D21C4A7A83904CADEBA96A56AA5D1807C412A8E0BEFC889DF20D02941E570 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:02:48.0491 0x11f0 AdobeFlashPlayerUpdateSvc - ok
09:02:48.0506 0x11f0 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:02:48.0538 0x11f0 adp94xx - ok
09:02:48.0553 0x11f0 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:02:48.0569 0x11f0 adpahci - ok
09:02:48.0600 0x11f0 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:02:48.0616 0x11f0 adpu320 - ok
09:02:48.0631 0x11f0 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:02:48.0647 0x11f0 AeLookupSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:02:51.0221 0x11f0 Detect skipped due to KSN trusted
09:02:51.0221 0x11f0 AeLookupSvc - ok
09:02:51.0361 0x11f0 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
09:02:51.0392 0x11f0 AFD - detected UnsignedFile.Multi.Generic ( 1 )
09:02:54.0138 0x11f0 Detect skipped due to KSN trusted
09:02:54.0138 0x11f0 AFD - ok
09:02:54.0216 0x11f0 [ 8D0CF8A08034CD3D273C9FFC759B62A6, 538D35A0D31BF3D68118CCBDC14CBFDA7A0C0241D929D3AD718A5D60B32B8517 ] AFS C:\Windows\system32\drivers\AFS.sys
09:02:54.0247 0x11f0 AFS - detected UnsignedFile.Multi.Generic ( 1 )
09:02:57.0149 0x11f0 Detect skipped due to KSN trusted
09:02:57.0149 0x11f0 AFS - ok
09:02:57.0211 0x11f0 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
09:02:57.0227 0x11f0 agp440 - ok
09:02:57.0227 0x11f0 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
09:02:57.0242 0x11f0 aic78xx - ok
09:02:57.0258 0x11f0 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
09:02:57.0274 0x11f0 ALG - detected UnsignedFile.Multi.Generic ( 1 )
09:03:00.0019 0x11f0 Detect skipped due to KSN trusted
09:03:00.0019 0x11f0 ALG - ok
09:03:00.0050 0x11f0 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
09:03:00.0066 0x11f0 aliide - ok
09:03:00.0082 0x11f0 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:03:00.0097 0x11f0 amdagp - ok
09:03:00.0144 0x11f0 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
09:03:00.0160 0x11f0 amdide - ok
09:03:00.0160 0x11f0 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:03:00.0191 0x11f0 AmdK8 - detected UnsignedFile.Multi.Generic ( 1 )
09:03:03.0124 0x11f0 Detect skipped due to KSN trusted
09:03:03.0124 0x11f0 AmdK8 - ok
09:03:03.0124 0x11f0 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:03:03.0155 0x11f0 AmdPPM - detected UnsignedFile.Multi.Generic ( 1 )
09:03:05.0963 0x11f0 Detect skipped due to KSN trusted
09:03:05.0963 0x11f0 AmdPPM - ok
09:03:05.0978 0x11f0 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:03:05.0994 0x11f0 amdsata - ok
09:03:06.0010 0x11f0 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:03:06.0041 0x11f0 amdsbs - ok
09:03:06.0056 0x11f0 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:03:06.0072 0x11f0 amdxata - ok
09:03:06.0119 0x11f0 [ 99BBEF4A68BF398ED647F4EEB8FF66D4, DCBEDBAE10D188B1CB5E4684FEB70093C684927B6B711F164E676211B9B4F37C ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
09:03:06.0166 0x11f0 AMPPAL - detected UnsignedFile.Multi.Generic ( 1 )
09:03:08.0927 0x11f0 Detect skipped due to KSN trusted
09:03:08.0927 0x11f0 AMPPAL - ok
09:03:08.0974 0x11f0 [ 99BBEF4A68BF398ED647F4EEB8FF66D4, DCBEDBAE10D188B1CB5E4684FEB70093C684927B6B711F164E676211B9B4F37C ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
09:03:09.0020 0x11f0 AMPPALP - detected UnsignedFile.Multi.Generic ( 1 )
09:03:09.0020 0x11f0 Detect skipped due to KSN trusted
09:03:09.0020 0x11f0 AMPPALP - ok
09:03:09.0176 0x11f0 [ EF4022E9C59B20438C1304424D9441F4, 325F76944BD20B792096D00B726308EDA484514B7D21BEC56C046D936CB3683F ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
09:03:09.0270 0x11f0 AMPPALR3 - ok
09:03:09.0301 0x11f0 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
09:03:09.0332 0x11f0 AppID - detected UnsignedFile.Multi.Generic ( 1 )
09:03:12.0094 0x11f0 Detect skipped due to KSN trusted
09:03:12.0094 0x11f0 AppID - ok
09:03:12.0140 0x11f0 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:03:12.0172 0x11f0 AppIDSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:03:14.0792 0x11f0 Detect skipped due to KSN trusted
09:03:14.0792 0x11f0 AppIDSvc - ok
09:03:14.0824 0x11f0 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo C:\Windows\System32\appinfo.dll
09:03:14.0855 0x11f0 Appinfo - detected UnsignedFile.Multi.Generic ( 1 )
09:03:17.0756 0x11f0 Detect skipped due to KSN trusted
09:03:17.0756 0x11f0 Appinfo - ok
09:03:17.0819 0x11f0 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:03:17.0850 0x11f0 AppMgmt - detected UnsignedFile.Multi.Generic ( 1 )
09:03:20.0705 0x11f0 Detect skipped due to KSN trusted
09:03:20.0705 0x11f0 AppMgmt - ok
09:03:20.0767 0x11f0 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:03:20.0783 0x11f0 arc - ok
09:03:20.0799 0x11f0 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:03:20.0799 0x11f0 arcsas - ok
09:03:20.0939 0x11f0 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:03:20.0986 0x11f0 aspnet_state - ok
09:03:21.0033 0x11f0 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:03:21.0064 0x11f0 AsyncMac - detected UnsignedFile.Multi.Generic ( 1 )
09:03:24.0012 0x11f0 Detect skipped due to KSN trusted
09:03:24.0012 0x11f0 AsyncMac - ok
09:03:24.0090 0x11f0 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
09:03:24.0090 0x11f0 atapi - ok
09:03:24.0121 0x11f0 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:03:24.0168 0x11f0 AudioEndpointBuilder - detected UnsignedFile.Multi.Generic ( 1 )
09:03:27.0148 0x11f0 Detect skipped due to KSN trusted
09:03:27.0148 0x11f0 AudioEndpointBuilder - ok
09:03:27.0226 0x11f0 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:03:27.0257 0x11f0 Audiosrv - detected UnsignedFile.Multi.Generic ( 1 )
09:03:27.0257 0x11f0 Detect skipped due to KSN trusted
09:03:27.0257 0x11f0 Audiosrv - ok
09:03:27.0319 0x11f0 [ C44BDD77E06053CF5AFE046F3A47C16B, FB0EF5AEDD5F8760765A3AB890B32867C0A38397B6423D5291BCFF6FC38346D9 ] Avc C:\Windows\system32\DRIVERS\avc.sys
09:03:27.0335 0x11f0 Avc - detected UnsignedFile.Multi.Generic ( 1 )
09:03:30.0018 0x11f0 Detect skipped due to KSN trusted
09:03:30.0018 0x11f0 Avc - ok
09:03:30.0143 0x11f0 [ D4CC608FCAB4EC5D9ED19E004FF783CD, A026B4B0331A100433ADFD60BAD9937B2DF7EE36AC2ACAD9F83A643A437D912F ] AvgApiWrapper C:\Program Files\AVG\CloudCare\AvgApiWrapper.exe
09:03:30.0174 0x11f0 AvgApiWrapper - ok
09:03:30.0221 0x11f0 [ 7F9B01CE297EF4D54C5C4D736D22CF96, 7B13DE8346FE8218CA1D3ECFBD610B0292606318BA863D2C0941B6D3F55FB788 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6x.sys
09:03:30.0237 0x11f0 Avgfwfd - ok
09:03:30.0361 0x11f0 [ C45E6D7B79E504EB6A98B5F75ED746BA, 8E747DFEEB7EB9351462A0A8DEA9D9ED6799EEB600A80BFB202B6965C750423B ] avgfws C:\Program Files\AVG\AVG2014\avgfws.exe
09:03:30.0424 0x11f0 avgfws - ok
09:03:30.0564 0x11f0 [ 5AFCA73A6807B6ABA67E01C3AD1F4E2B, 39F68A2C09F1F1032AFB1817D297F3D7C0FABC119F42CBE319A42970F967276D ] AVGIDSAgent C:\Program Files\AVG\AVG2014\avgidsagent.exe
09:03:30.0658 0x11f0 AVGIDSAgent - ok
09:03:30.0720 0x11f0 [ 8F07F27A2954775823A89C5976BF4F36, 232B10ECFD420B1BCB390FC495670FE092AAE9726185D2B50CBF6A5DD5D5C7A6 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdriverx.sys
09:03:30.0736 0x11f0 AVGIDSDriver - ok
09:03:30.0798 0x11f0 [ C0701A3C53F0A0F5E4900F26365A10A1, 2755AF8C98F4855FD467F0174D6AE7AC3E7050D95008FE521918194593684D51 ] AVGIDSHX C:\Windows\system32\DRIVERS\avgidshx.sys
09:03:30.0814 0x11f0 AVGIDSHX - ok
09:03:30.0845 0x11f0 [ E7FEE532CEF01C97D7682E35D156244F, CF54B4B83E1A060FF52BDEAC4E20492ACFAABC87BC6BE784D6AB4CD64C965B92 ] AVGIDSShim C:\Windows\system32\DRIVERS\avgidsshimx.sys
09:03:30.0861 0x11f0 AVGIDSShim - ok
09:03:30.0923 0x11f0 [ 83645E273A9EEFB3B554AD0D8A01F33D, 23491C196156BC7BF47FCD4825CCE4DEC6BE0764D7113F2D612473551305860B ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
09:03:30.0939 0x11f0 Avgldx86 - ok
09:03:30.0985 0x11f0 [ 8D37558421330218C98722DF4AD85E83, 24C33B317BA605DFC9B9CE2868391A815870A61F58A172806533A16F29F92B0A ] Avglogx C:\Windows\system32\DRIVERS\avglogx.sys
09:03:31.0001 0x11f0 Avglogx - ok
09:03:31.0048 0x11f0 [ BE4C960D8B2B5DE08B87970D89146ABE, 18523356835D296C25FD73DA9F5CC3A5F4542D713ABEB9F8253CC871BBFCC958 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
09:03:31.0063 0x11f0 Avgmfx86 - ok
09:03:31.0141 0x11f0 [ 93B89FC2A371ECFAAB242050F07D451B, E966826DBF836D98F016724BFA246EB65A2618C75D308FE96C5C44338E5924E5 ] AvgRemote C:\Program Files\AVG\CloudCare\AvgRemote\AvgRemote.exe
09:03:31.0157 0x11f0 AvgRemote - ok
09:03:31.0204 0x11f0 [ 86FCB8CE3E68C4777B98F7AF06FE8519, 6B7507DA927ECDBA8B2DAA87530DDAEAC5B0983D3CF11D1F6D00D36601FBC60C ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
09:03:31.0219 0x11f0 Avgrkx86 - ok
09:03:31.0251 0x11f0 [ 674B31FADA5C6A8678B1CCFE1D1F8796, 1EB85DC5A426C19ED2EED5993F2B6A1C81904832FAA746169A42FEA1A969B423 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
09:03:31.0266 0x11f0 Avgtdix - ok
09:03:31.0282 0x11f0 [ F8459F4970C2CDE22DBA890636DD85AF, 355FE960B57E3121B1BBFFC9CB35A6D35085368F70C2EE7E1633B72C7438D6F4 ] AvgUpgrade C:\Program Files\AVG\CloudCare\AvgUpgrade.exe
09:03:31.0297 0x11f0 AvgUpgrade - ok
09:03:31.0344 0x11f0 [ 4A3D6702F4A101C4DDC7000B59530DD5, D89AB84C2834DD72883A989C7915DCE294A455986301A7529AEB8F7B68762E99 ] avgwd C:\Program Files\AVG\AVG2014\avgwdsvc.exe
09:03:31.0360 0x11f0 avgwd - ok
09:03:31.0391 0x11f0 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:03:31.0422 0x11f0 AxInstSV - detected UnsignedFile.Multi.Generic ( 1 )
09:03:34.0121 0x11f0 Detect skipped due to KSN trusted
09:03:34.0121 0x11f0 AxInstSV - ok
09:03:34.0183 0x11f0 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
09:03:34.0230 0x11f0 b06bdrv - detected UnsignedFile.Multi.Generic ( 1 )
09:03:37.0194 0x11f0 Detect skipped due to KSN trusted
09:03:37.0194 0x11f0 b06bdrv - ok
09:03:37.0257 0x11f0 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:03:37.0288 0x11f0 b57nd60x - detected UnsignedFile.Multi.Generic ( 1 )
09:03:39.0955 0x11f0 Detect skipped due to KSN trusted
09:03:39.0955 0x11f0 b57nd60x - ok
09:03:40.0018 0x11f0 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
09:03:40.0049 0x11f0 BDESVC - detected UnsignedFile.Multi.Generic ( 1 )
09:03:42.0826 0x11f0 Detect skipped due to KSN trusted
09:03:42.0826 0x11f0 BDESVC - ok
09:03:42.0888 0x11f0 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
09:03:42.0919 0x11f0 Beep - detected UnsignedFile.Multi.Generic ( 1 )
09:03:45.0681 0x11f0 Detect skipped due to KSN trusted
09:03:45.0681 0x11f0 Beep - ok
09:03:45.0774 0x11f0 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
09:03:45.0805 0x11f0 BFE - detected UnsignedFile.Multi.Generic ( 1 )
09:03:50.0298 0x11f0 Detect skipped due to KSN trusted
09:03:50.0298 0x11f0 BFE - ok
09:03:50.0392 0x11f0 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
09:03:50.0439 0x11f0 BITS - detected UnsignedFile.Multi.Generic ( 1 )
09:03:53.0434 0x11f0 Detect skipped due to KSN trusted
09:03:53.0434 0x11f0 BITS - ok
09:03:53.0512 0x11f0 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:03:53.0527 0x11f0 blbdrive - detected UnsignedFile.Multi.Generic ( 1 )
09:03:56.0538 0x11f0 Detect skipped due to KSN trusted
09:03:56.0538 0x11f0 blbdrive - ok
09:03:56.0632 0x11f0 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:03:56.0663 0x11f0 bowser - detected UnsignedFile.Multi.Generic ( 1 )
09:03:59.0409 0x11f0 Detect skipped due to KSN trusted
09:03:59.0409 0x11f0 bowser - ok
09:03:59.0471 0x11f0 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:03:59.0487 0x11f0 BrFiltLo - detected UnsignedFile.Multi.Generic ( 1 )
09:04:02.0310 0x11f0 Detect skipped due to KSN trusted
09:04:02.0310 0x11f0 BrFiltLo - ok
09:04:02.0357 0x11f0 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:04:02.0388 0x11f0 BrFiltUp - detected UnsignedFile.Multi.Generic ( 1 )
09:04:05.0196 0x11f0 Detect skipped due to KSN trusted
09:04:05.0196 0x11f0 BrFiltUp - ok
09:04:05.0259 0x11f0 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
09:04:05.0274 0x11f0 Browser - detected UnsignedFile.Multi.Generic ( 1 )
09:04:08.0004 0x11f0 Detect skipped due to KSN trusted
09:04:08.0004 0x11f0 Browser - ok
09:04:08.0020 0x11f0 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:04:08.0067 0x11f0 Brserid - detected UnsignedFile.Multi.Generic ( 1 )
09:04:10.0765 0x11f0 Detect skipped due to KSN trusted
09:04:10.0765 0x11f0 Brserid - ok
09:04:10.0797 0x11f0 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:04:10.0828 0x11f0 BrSerWdm - detected UnsignedFile.Multi.Generic ( 1 )
09:04:13.0698 0x11f0 Detect skipped due to KSN trusted
09:04:13.0698 0x11f0 BrSerWdm - ok
09:04:13.0761 0x11f0 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:04:13.0792 0x11f0 BrUsbMdm - detected UnsignedFile.Multi.Generic ( 1 )
09:04:16.0506 0x11f0 Detect skipped due to KSN trusted
09:04:16.0506 0x11f0 BrUsbMdm - ok
09:04:16.0522 0x11f0 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:04:16.0537 0x11f0 BrUsbSer - detected UnsignedFile.Multi.Generic ( 1 )
09:04:19.0486 0x11f0 Detect skipped due to KSN trusted
09:04:19.0486 0x11f0 BrUsbSer - ok
09:04:19.0564 0x11f0 [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
09:04:19.0595 0x11f0 BthEnum - detected UnsignedFile.Multi.Generic ( 1 )
09:04:22.0465 0x11f0 Detect skipped due to KSN trusted
09:04:22.0465 0x11f0 BthEnum - ok
09:04:22.0481 0x11f0 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:04:22.0512 0x11f0 BTHMODEM - detected UnsignedFile.Multi.Generic ( 1 )
09:04:25.0211 0x11f0 Detect skipped due to KSN trusted
09:04:25.0211 0x11f0 BTHMODEM - ok
09:04:25.0289 0x11f0 [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:04:25.0305 0x11f0 BthPan - detected UnsignedFile.Multi.Generic ( 1 )
09:04:28.0284 0x11f0 Detect skipped due to KSN trusted
09:04:28.0284 0x11f0 BthPan - ok
09:04:28.0362 0x11f0 [ 1153DE2E4F5941E10C399CB5592F78A1, 2B88AF246D62F72FA9F5B921B0375AE59A0F263672472D5EC9FDB5CA5EF51C31 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
09:04:28.0409 0x11f0 BTHPORT - detected UnsignedFile.Multi.Generic ( 1 )
09:04:31.0155 0x11f0 Detect skipped due to KSN trusted
09:04:31.0155 0x11f0 BTHPORT - ok
09:04:31.0217 0x11f0 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
09:04:31.0248 0x11f0 bthserv - detected UnsignedFile.Multi.Generic ( 1 )
09:04:33.0916 0x11f0 Detect skipped due to KSN trusted
09:04:33.0916 0x11f0 bthserv - ok
09:04:33.0963 0x11f0 [ 8893814133AFDD17431E2682EDE2DCE9, 33DBBF8C297B710F2F6215E48DA5291B41F60EF5C8F5E66C6BF234629D361284 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
09:04:33.0978 0x11f0 BTHSSecurityMgr - ok
09:04:34.0009 0x11f0 [ C81E9413A25A439F436B1D4B6A0CF9E9, A4C290163207AED22C70C7F90B28F6FC24892889643D60D915059405AC5A4A72 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
09:04:34.0041 0x11f0 BTHUSB - detected UnsignedFile.Multi.Generic ( 1 )
09:04:36.0989 0x11f0 Detect skipped due to KSN trusted
09:04:36.0989 0x11f0 BTHUSB - ok
09:04:37.0083 0x11f0 [ F549C3FB145A4928E40BB1518B2034DC, FAD5B228B43FEC582DBDD91903216C1B170AC3C426E1F3420985988559F2AC49 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys
09:04:37.0098 0x11f0 btusbflt - ok
09:04:37.0145 0x11f0 [ F8B4F60768328FAA2FFE2727F66809F8, 7281200791AC91AB88D5D338AA6B5401AA2039E2963F94C13B4887E73C3F8EE7 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
09:04:37.0161 0x11f0 btwaudio - ok
09:04:37.0207 0x11f0 [ FA7446DD38DE84D4988D1F2EBB854589, 5F9C674C6811CC7DA60111B758433800246C967D8C1551391823390D8F4F30A1 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
09:04:37.0223 0x11f0 btwavdt - ok
09:04:37.0317 0x11f0 [ 56CB951571E2C6E69990F40220467359, 7E01690D01626D3FE2C03681434F87CDCA6F756CA8997CBE198AC590435D1F33 ] btwdins C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
09:04:37.0348 0x11f0 btwdins - ok
09:04:37.0395 0x11f0 [ AAFD7CB76BA61FBB08E302DA208C974A, 1B342095E373ECCA1775B30E92CD337BECEB4BA9F821132C33507A646E6A341C ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
09:04:37.0410 0x11f0 btwl2cap - ok
09:04:37.0457 0x11f0 [ D5862FBC1CBC0404614FD9D85C8D880E, C05BC43415BD646CA950E177F3D3829C6600024061D19CDFB6507DC46A824144 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
09:04:37.0457 0x11f0 btwrchid - ok
09:04:37.0488 0x11f0 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:04:37.0504 0x11f0 cdfs - detected UnsignedFile.Multi.Generic ( 1 )
09:04:40.0265 0x11f0 Detect skipped due to KSN trusted
09:04:40.0265 0x11f0 cdfs - ok
09:04:40.0359 0x11f0 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:04:40.0405 0x11f0 cdrom - detected UnsignedFile.Multi.Generic ( 1 )
09:04:43.0323 0x11f0 Detect skipped due to KSN trusted
09:04:43.0323 0x11f0 cdrom - ok
09:04:43.0385 0x11f0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
09:04:43.0416 0x11f0 CertPropSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:04:46.0411 0x11f0 Detect skipped due to KSN trusted
09:04:46.0411 0x11f0 CertPropSvc - ok
09:04:46.0458 0x11f0 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:04:46.0489 0x11f0 circlass - detected UnsignedFile.Multi.Generic ( 1 )
09:04:49.0173 0x11f0 Detect skipped due to KSN trusted
09:04:49.0173 0x11f0 circlass - ok
09:04:49.0266 0x11f0 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
09:04:49.0282 0x11f0 CLFS - ok
09:04:49.0375 0x11f0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:04:49.0391 0x11f0 clr_optimization_v2.0.50727_32 - ok
09:04:49.0453 0x11f0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:04:49.0563 0x11f0 clr_optimization_v4.0.30319_32 - ok
09:04:49.0625 0x11f0 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:04:49.0641 0x11f0 CmBatt - detected UnsignedFile.Multi.Generic ( 1 )
09:04:52.0651 0x11f0 Detect skipped due to KSN trusted
09:04:52.0651 0x11f0 CmBatt - ok
09:04:52.0729 0x11f0 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:04:52.0745 0x11f0 cmdide - ok
09:04:52.0807 0x11f0 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG C:\Windows\system32\Drivers\cng.sys
09:04:52.0854 0x11f0 CNG - ok
09:04:52.0901 0x11f0 [ 2FE437862D0CAA879B3C01EF353EDDA7, 5A831A79AABC9721DBB1CDEC02629A373B5DD13EE386A42AF9BBEF33C14373E8 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
09:04:52.0948 0x11f0 CnxtHdAudService - ok
09:04:52.0963 0x11f0 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:04:52.0979 0x11f0 Compbatt - ok
09:04:53.0026 0x11f0 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:04:53.0041 0x11f0 CompositeBus - detected UnsignedFile.Multi.Generic ( 1 )
09:04:55.0927 0x11f0 Detect skipped due to KSN trusted
09:04:55.0927 0x11f0 CompositeBus - ok
09:04:55.0943 0x11f0 COMSysApp - ok
09:04:55.0959 0x11f0 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:04:55.0974 0x11f0 crcdisk - ok
09:04:56.0037 0x11f0 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:04:56.0068 0x11f0 CryptSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:04:58.0704 0x11f0 Detect skipped due to KSN trusted
09:04:58.0704 0x11f0 CryptSvc - ok
09:04:58.0798 0x11f0 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
09:04:58.0845 0x11f0 CSC - detected UnsignedFile.Multi.Generic ( 1 )
09:05:01.0668 0x11f0 Detect skipped due to KSN trusted
09:05:01.0668 0x11f0 CSC - ok
09:05:01.0746 0x11f0 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
09:05:01.0777 0x11f0 CscService - detected UnsignedFile.Multi.Generic ( 1 )
09:05:04.0539 0x11f0 Detect skipped due to KSN trusted
09:05:04.0539 0x11f0 CscService - ok
09:05:04.0601 0x11f0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
09:05:04.0648 0x11f0 DcomLaunch - detected UnsignedFile.Multi.Generic ( 1 )
09:05:07.0409 0x11f0 Detect skipped due to KSN trusted
09:05:07.0409 0x11f0 DcomLaunch - ok
09:05:07.0471 0x11f0 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
09:05:07.0503 0x11f0 defragsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:05:10.0373 0x11f0 Detect skipped due to KSN trusted
09:05:10.0373 0x11f0 defragsvc - ok
09:05:10.0467 0x11f0 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:05:10.0482 0x11f0 DfsC - detected UnsignedFile.Multi.Generic ( 1 )
09:05:13.0072 0x11f0 Detect skipped due to KSN trusted
09:05:13.0072 0x11f0 DfsC - ok
09:05:13.0166 0x11f0 [ 560B0DCE52DFED6623B27C9BAFA6F236, BB4156BB1CCA64CCDE065870DAE56CD58BF05CEBF7C3B17C7A821FDF02A8B157 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
09:05:13.0166 0x11f0 dg_ssudbus - ok
09:05:13.0197 0x11f0 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:05:13.0244 0x11f0 Dhcp - detected UnsignedFile.Multi.Generic ( 1 )
09:05:15.0802 0x11f0 Detect skipped due to KSN trusted
09:05:15.0802 0x11f0 Dhcp - ok
09:05:15.0818 0x11f0 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
09:05:15.0849 0x11f0 discache - detected UnsignedFile.Multi.Generic ( 1 )
09:05:18.0672 0x11f0 Detect skipped due to KSN trusted
09:05:18.0672 0x11f0 discache - ok
09:05:18.0719 0x11f0 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:05:18.0735 0x11f0 Disk - ok
09:05:18.0750 0x11f0 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:05:18.0782 0x11f0 Dnscache - detected UnsignedFile.Multi.Generic ( 1 )
09:05:21.0839 0x11f0 Detect skipped due to KSN trusted
09:05:21.0839 0x11f0 Dnscache - ok
09:05:21.0870 0x11f0 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
09:05:21.0917 0x11f0 dot3svc - detected UnsignedFile.Multi.Generic ( 1 )
09:05:24.0912 0x11f0 Detect skipped due to KSN trusted
09:05:24.0912 0x11f0 dot3svc - ok
09:05:24.0975 0x11f0 [ E00B3CE273B17AEE1259C105DF5524CA, F4896FC70CF5FDEF86CD3763F7E7220AEEBD16CC5CAE327AEBFC7812D42C67CB ] DozeHDD C:\Windows\system32\DRIVERS\DozeHDD.sys
09:05:24.0990 0x11f0 DozeHDD - ok
09:05:25.0006 0x11f0 [ 003ACEE8650BFD49E4121289BBF59480, FD0A5A2C2766A792D85311AB8DAC696F5DBECB5A214B8E2B3ED9F90E24133070 ] DozeSvc C:\Program Files\ThinkPad\Utilities\DOZESVC.EXE
09:05:25.0022 0x11f0 DozeSvc - ok
09:05:25.0053 0x11f0 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
09:05:25.0068 0x11f0 DPS - detected UnsignedFile.Multi.Generic ( 1 )
09:05:27.0783 0x11f0 Detect skipped due to KSN trusted
09:05:27.0783 0x11f0 DPS - ok
09:05:27.0861 0x11f0 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:05:27.0908 0x11f0 drmkaud - detected UnsignedFile.Multi.Generic ( 1 )
09:05:30.0622 0x11f0 Detect skipped due to KSN trusted
09:05:30.0622 0x11f0 drmkaud - ok
09:05:30.0684 0x11f0 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:05:30.0731 0x11f0 DXGKrnl - ok
09:05:30.0794 0x11f0 [ E7DD83584042EE5F9B0CF0C8C6B064D5, 42071768937F00FAEEF338EB6BC4C1BC0E762076EA1109FB0CFA54BF4C2D12F6 ] e1kexpress C:\Windows\system32\DRIVERS\e1k6232.sys
09:05:30.0825 0x11f0 e1kexpress - ok
09:05:30.0872 0x11f0 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
09:05:30.0903 0x11f0 EapHost - detected UnsignedFile.Multi.Generic ( 1 )
09:05:33.0820 0x11f0 Detect skipped due to KSN trusted
09:05:33.0820 0x11f0 EapHost - ok
09:05:33.0960 0x11f0 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
09:05:34.0132 0x11f0 ebdrv - detected UnsignedFile.Multi.Generic ( 1 )
09:05:36.0893 0x11f0 Detect skipped due to KSN trusted
09:05:36.0893 0x11f0 ebdrv - ok
09:05:36.0971 0x11f0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] EFS C:\Windows\System32\lsass.exe
09:05:36.0987 0x11f0 EFS - detected UnsignedFile.Multi.Generic ( 1 )
09:05:39.0764 0x11f0 Detect skipped due to KSN trusted
09:05:39.0764 0x11f0 EFS - ok
09:05:39.0857 0x11f0 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:05:39.0920 0x11f0 ehRecvr - detected UnsignedFile.Multi.Generic ( 1 )
09:05:42.0665 0x11f0 Detect skipped due to KSN trusted
09:05:42.0665 0x11f0 ehRecvr - ok
09:05:42.0728 0x11f0 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
09:05:42.0759 0x11f0 ehSched - detected UnsignedFile.Multi.Generic ( 1 )
09:05:45.0598 0x11f0 Detect skipped due to KSN trusted
09:05:45.0598 0x11f0 ehSched - ok
09:05:45.0770 0x11f0 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:05:45.0801 0x11f0 elxstor - ok
09:05:45.0816 0x11f0 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:05:45.0832 0x11f0 ErrDev - detected UnsignedFile.Multi.Generic ( 1 )
09:05:48.0671 0x11f0 Detect skipped due to KSN trusted
09:05:48.0671 0x11f0 ErrDev - ok
09:05:48.0765 0x11f0 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
09:05:48.0796 0x11f0 EventSystem - detected UnsignedFile.Multi.Generic ( 1 )
09:05:51.0542 0x11f0 Detect skipped due to KSN trusted
09:05:51.0542 0x11f0 EventSystem - ok
09:05:51.0682 0x11f0 [ B6C691D8CAE275ED9B2782E62626F36A, 81D2BF9715506FFD4A40D524827899A1B9CC7ED1176E4AE7C4D33FFD69E807EF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:05:51.0729 0x11f0 EvtEng - ok
09:05:51.0791 0x11f0 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
09:05:51.0822 0x11f0 exfat - detected UnsignedFile.Multi.Generic ( 1 )
09:05:54.0818 0x11f0 Detect skipped due to KSN trusted
09:05:54.0818 0x11f0 exfat - ok
09:05:54.0896 0x11f0 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:05:54.0927 0x11f0 fastfat - detected UnsignedFile.Multi.Generic ( 1 )
09:05:57.0688 0x11f0 Detect skipped due to KSN trusted
09:05:57.0688 0x11f0 fastfat - ok
09:05:57.0766 0x11f0 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
09:05:57.0813 0x11f0 Fax - detected UnsignedFile.Multi.Generic ( 1 )
09:06:00.0746 0x11f0 Detect skipped due to KSN trusted
09:06:00.0746 0x11f0 Fax - ok
09:06:00.0808 0x11f0 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:06:00.0839 0x11f0 fdc - detected UnsignedFile.Multi.Generic ( 1 )
09:06:03.0616 0x11f0 Detect skipped due to KSN trusted
09:06:03.0616 0x11f0 fdc - ok
09:06:03.0678 0x11f0 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
09:06:03.0694 0x11f0 fdPHost - detected UnsignedFile.Multi.Generic ( 1 )
09:06:06.0705 0x11f0 Detect skipped due to KSN trusted
09:06:06.0705 0x11f0 fdPHost - ok
09:06:06.0736 0x11f0 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
09:06:06.0767 0x11f0 FDResPub - detected UnsignedFile.Multi.Generic ( 1 )
09:06:09.0653 0x11f0 Detect skipped due to KSN trusted
09:06:09.0653 0x11f0 FDResPub - ok
09:06:09.0731 0x11f0 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:06:09.0747 0x11f0 FileInfo - ok
09:06:09.0762 0x11f0 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:06:09.0778 0x11f0 Filetrace - detected UnsignedFile.Multi.Generic ( 1 )
09:06:12.0524 0x11f0 Detect skipped due to KSN trusted
09:06:12.0524 0x11f0 Filetrace - ok
09:06:12.0633 0x11f0 [ 1F63900E2EB00101B9ACA2B7A870704E, 5AFE1FC852937FECE6B33147BD0110436FE97F33BFDA3F69B1F5EDAD6FFC09C6 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:06:12.0664 0x11f0 FLEXnet Licensing Service - ok
09:06:12.0680 0x11f0 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:06:12.0711 0x11f0 flpydisk - detected UnsignedFile.Multi.Generic ( 1 )
09:06:17.0032 0x11f0 Detect skipped due to KSN trusted
09:06:17.0032 0x11f0 flpydisk - ok
09:06:17.0094 0x11f0 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:06:17.0110 0x11f0 FltMgr - ok
09:06:17.0188 0x11f0 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache C:\Windows\system32\FntCache.dll
09:06:17.0235 0x11f0 FontCache - detected UnsignedFile.Multi.Generic ( 1 )
09:06:19.0996 0x11f0 Detect skipped due to KSN trusted
09:06:19.0996 0x11f0 FontCache - ok
09:06:20.0058 0x11f0 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:06:20.0058 0x11f0 FontCache3.0.0.0 - ok
09:06:20.0074 0x11f0 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:06:20.0105 0x11f0 FsDepends - ok
09:06:20.0152 0x11f0 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:06:20.0168 0x11f0 Fs_Rec - ok
09:06:20.0183 0x11f0 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:06:20.0199 0x11f0 fvevol - ok
09:06:20.0230 0x11f0 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:06:20.0246 0x11f0 gagp30kx - ok
09:06:20.0292 0x11f0 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
09:06:20.0339 0x11f0 gpsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:06:23.0272 0x11f0 Detect skipped due to KSN trusted
09:06:23.0272 0x11f0 gpsvc - ok
09:06:23.0397 0x11f0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:06:23.0412 0x11f0 gupdate - ok
09:06:23.0444 0x11f0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:06:23.0444 0x11f0 gupdatem - ok
09:06:23.0459 0x11f0 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:06:23.0490 0x11f0 hcw85cir - detected UnsignedFile.Multi.Generic ( 1 )
09:06:26.0423 0x11f0 Detect skipped due to KSN trusted
09:06:26.0423 0x11f0 hcw85cir - ok
09:06:26.0501 0x11f0 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:06:26.0532 0x11f0 HdAudAddService - detected UnsignedFile.Multi.Generic ( 1 )
09:06:29.0356 0x11f0 Detect skipped due to KSN trusted
09:06:29.0356 0x11f0 HdAudAddService - ok
09:06:29.0418 0x11f0 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:06:29.0450 0x11f0 HDAudBus - detected UnsignedFile.Multi.Generic ( 1 )
09:06:32.0180 0x11f0 Detect skipped due to KSN trusted
09:06:32.0180 0x11f0 HDAudBus - ok
09:06:32.0258 0x11f0 [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI C:\Windows\system32\DRIVERS\HECI.sys
09:06:32.0289 0x11f0 HECI - detected UnsignedFile.Multi.Generic ( 1 )
09:06:35.0908 0x11f0 Detect skipped due to KSN trusted
09:06:35.0908 0x11f0 HECI - ok
09:06:35.0970 0x11f0 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:06:36.0002 0x11f0 HidBatt - detected UnsignedFile.Multi.Generic ( 1 )
09:06:38.0825 0x11f0 Detect skipped due to KSN trusted
09:06:38.0825 0x11f0 HidBatt - ok
09:06:38.0872 0x11f0 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:06:38.0934 0x11f0 HidBth - detected UnsignedFile.Multi.Generic ( 1 )
09:06:41.0602 0x11f0 Detect skipped due to KSN trusted
09:06:41.0602 0x11f0 HidBth - ok
09:06:41.0664 0x11f0 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:06:41.0696 0x11f0 HidIr - detected UnsignedFile.Multi.Generic ( 1 )
09:06:44.0472 0x11f0 Detect skipped due to KSN trusted
09:06:44.0472 0x11f0 HidIr - ok
09:06:44.0535 0x11f0 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
09:06:44.0582 0x11f0 hidserv - detected UnsignedFile.Multi.Generic ( 1 )
09:06:47.0343 0x11f0 Detect skipped due to KSN trusted
09:06:47.0343 0x11f0 hidserv - ok
09:06:47.0390 0x11f0 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:06:47.0405 0x11f0 HidUsb - detected UnsignedFile.Multi.Generic ( 1 )
09:06:50.0213 0x11f0 Detect skipped due to KSN trusted
09:06:50.0213 0x11f0 HidUsb - ok
09:06:50.0276 0x11f0 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
09:06:50.0307 0x11f0 hkmsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:06:53.0084 0x11f0 Detect skipped due to KSN trusted
09:06:53.0084 0x11f0 hkmsvc - ok
09:06:53.0146 0x11f0 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:06:53.0177 0x11f0 HomeGroupListener - detected UnsignedFile.Multi.Generic ( 1 )
09:06:56.0142 0x11f0 Detect skipped due to KSN trusted
09:06:56.0142 0x11f0 HomeGroupListener - ok
09:06:56.0173 0x11f0 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:06:56.0205 0x11f0 HomeGroupProvider - detected UnsignedFile.Multi.Generic ( 1 )
09:06:58.0857 0x11f0 Detect skipped due to KSN trusted
09:06:58.0857 0x11f0 HomeGroupProvider - ok
09:06:58.0919 0x11f0 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:06:58.0935 0x11f0 HpSAMD - ok
09:06:58.0997 0x11f0 [ 210388FD8225B02BD83D77628AAE64A9, EFB755244CDF8344E14528CF46A6D43C1E8266A307603A63023D8955925FE0C3 ] HsfXAudioService C:\Windows\system32\XAudio32.dll
09:06:59.0059 0x11f0 HsfXAudioService - detected UnsignedFile.Multi.Generic ( 1 )
09:07:01.0992 0x11f0 Detect skipped due to KSN trusted
09:07:01.0992 0x11f0 HsfXAudioService - ok
09:07:02.0070 0x11f0 [ C761B4A8391F5E47F7C51A691CE773F4, FDECE4A213F6200B381149DA7C7236E0B26F6AD8BFA09BE678E391FF924BA0DE ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:07:02.0117 0x11f0 HSF_DPV - detected UnsignedFile.Multi.Generic ( 1 )
09:07:04.0878 0x11f0 Detect skipped due to KSN trusted
09:07:04.0878 0x11f0 HSF_DPV - ok
09:07:04.0941 0x11f0 [ 50B42EF358A2E5363BE6B77138A22391, 8ACFA56E332338047CEBE8F87AE6614B9222DFDD49C48FA6F3C3C4AED3206B9F ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:07:04.0987 0x11f0 HSXHWAZL - detected UnsignedFile.Multi.Generic ( 1 )
09:07:07.0718 0x11f0 Detect skipped due to KSN trusted
09:07:07.0718 0x11f0 HSXHWAZL - ok
09:07:07.0796 0x11f0 [ 950CC1E6AE3A6CD23E0945CDE089B02C, C242AE9F21FE7FBC269BD11BDD3346936626DA15596561B527EF20CFAEF77055 ] HTCAND32 C:\Windows\system32\Drivers\ANDROIDUSB.sys
09:07:07.0811 0x11f0 HTCAND32 - detected UnsignedFile.Multi.Generic ( 1 )
09:07:10.0588 0x11f0 Detect skipped due to KSN trusted
09:07:10.0588 0x11f0 HTCAND32 - ok
09:07:10.0666 0x11f0 [ 339ADEFAD60353F960E3CA67CE468C24, AF0953ACBE2CA6466595A31349DBF96452DEF2633FD279E8F2B59A3767B89AFC ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
09:07:10.0697 0x11f0 htcnprot - detected UnsignedFile.Multi.Generic ( 1 )
09:07:13.0552 0x11f0 Detect skipped due to KSN trusted
09:07:13.0552 0x11f0 htcnprot - ok
09:07:13.0646 0x11f0 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:07:13.0724 0x11f0 HTTP - detected UnsignedFile.Multi.Generic ( 1 )
09:07:16.0422 0x11f0 Detect skipped due to KSN trusted
09:07:16.0422 0x11f0 HTTP - ok
09:07:16.0485 0x11f0 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:07:16.0500 0x11f0 hwpolicy - ok
09:07:16.0547 0x11f0 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:07:16.0578 0x11f0 i8042prt - detected UnsignedFile.Multi.Generic ( 1 )
09:07:19.0496 0x11f0 Detect skipped due to KSN trusted
09:07:19.0496 0x11f0 i8042prt - ok
09:07:19.0589 0x11f0 [ EDF5ECC965FAAA533D35E02F47B9132E, 09CF93344C399A5F3C3984557EE09A70072727579D3EFEE5D442940D679CF35A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:07:19.0605 0x11f0 iaStor - ok
09:07:19.0667 0x11f0 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:07:19.0698 0x11f0 iaStorV - ok
09:07:19.0745 0x11f0 [ 9A5506E974C8929E4FE578C9C11D298F, 98791D25306113D48DF9B7152D3AE5B5C9D968590A80A38BC8192AE61D96051B ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
09:07:19.0761 0x11f0 IBMPMDRV - ok
09:07:19.0776 0x11f0 [ 0F851A9546AE0394E1D0FF975F414B21, 486550DBEA6C89A48A7AF751C6E33EE8250219B0F70795478C9F94286FD8A1CD ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
09:07:19.0776 0x11f0 IBMPMSVC - ok
09:07:19.0870 0x11f0 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:07:19.0917 0x11f0 idsvc - ok
09:07:19.0948 0x11f0 IEEtwCollectorService - ok
09:07:20.0135 0x11f0 [ AD626F6964F4D364D226C39E06872DD3, 5D52F89930BB07D4D2D0FC12143BD233B5D2C238527B3B4CAD74736D1EC84218 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
09:07:20.0354 0x11f0 igfx - detected UnsignedFile.Multi.Generic ( 1 )
09:07:23.0052 0x11f0 Detect skipped due to KSN trusted
09:07:23.0052 0x11f0 igfx - ok
09:07:23.0115 0x11f0 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:07:23.0130 0x11f0 iirsp - ok
09:07:23.0162 0x11f0 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
09:07:23.0224 0x11f0 IKEEXT - detected UnsignedFile.Multi.Generic ( 1 )
09:07:26.0250 0x11f0 Detect skipped due to KSN trusted
09:07:26.0250 0x11f0 IKEEXT - ok
09:07:26.0328 0x11f0 [ 2DB41BA61D5E44D0667CF126D35DCF34, AFD9EE3167C8BA0B547DBA8D559401F49EC4ACEBFF2BFE7598A0BC61491C45F8 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
09:07:26.0360 0x11f0 Impcd - detected UnsignedFile.Multi.Generic ( 1 )
09:07:29.0230 0x11f0 Detect skipped due to KSN trusted
09:07:29.0230 0x11f0 Impcd - ok
09:07:29.0277 0x11f0 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
09:07:29.0292 0x11f0 intelide - ok
09:07:29.0292 0x11f0 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:07:29.0324 0x11f0 intelppm - detected UnsignedFile.Multi.Generic ( 1 )
09:07:32.0085 0x11f0 Detect skipped due to KSN trusted
09:07:32.0085 0x11f0 intelppm - ok
09:07:32.0147 0x11f0 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:07:32.0178 0x11f0 IPBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
09:07:35.0064 0x11f0 Detect skipped due to KSN trusted
09:07:35.0064 0x11f0 IPBusEnum - ok
09:07:35.0127 0x11f0 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:07:35.0158 0x11f0 IpFilterDriver - detected UnsignedFile.Multi.Generic ( 1 )
09:07:42.0084 0x11f0 Detect skipped due to KSN trusted
09:07:42.0084 0x11f0 IpFilterDriver - ok
09:07:42.0178 0x11f0 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:07:42.0225 0x11f0 iphlpsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:07:45.0002 0x11f0 Detect skipped due to KSN trusted
09:07:45.0002 0x11f0 iphlpsvc - ok
09:07:45.0033 0x11f0 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:07:45.0064 0x11f0 IPMIDRV - detected UnsignedFile.Multi.Generic ( 1 )
09:07:48.0059 0x11f0 Detect skipped due to KSN trusted
09:07:48.0059 0x11f0 IPMIDRV - ok
09:07:48.0075 0x11f0 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:07:48.0106 0x11f0 IPNAT - detected UnsignedFile.Multi.Generic ( 1 )
09:07:51.0647 0x11f0 Detect skipped due to KSN trusted
09:07:51.0647 0x11f0 IPNAT - ok
09:07:51.0710 0x11f0 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:07:51.0725 0x11f0 IRENUM - detected UnsignedFile.Multi.Generic ( 1 )
09:07:56.0156 0x11f0 Detect skipped due to KSN trusted
09:07:56.0156 0x11f0 IRENUM - ok
09:07:56.0171 0x11f0 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:07:56.0171 0x11f0 isapnp - ok
09:07:56.0218 0x11f0 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:07:56.0234 0x11f0 iScsiPrt - ok
09:07:56.0265 0x11f0 [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
09:07:56.0265 0x11f0 IviRegMgr - ok
09:07:56.0280 0x11f0 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
09:07:56.0296 0x11f0 kbdclass - ok
09:07:56.0343 0x11f0 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:07:56.0374 0x11f0 kbdhid - detected UnsignedFile.Multi.Generic ( 1 )
09:08:02.0708 0x11f0 Detect skipped due to KSN trusted
09:08:02.0708 0x11f0 kbdhid - ok
09:08:02.0739 0x11f0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] KeyIso C:\Windows\system32\lsass.exe
09:08:02.0754 0x11f0 KeyIso - detected UnsignedFile.Multi.Generic ( 1 )
09:08:02.0754 0x11f0 Detect skipped due to KSN trusted
09:08:02.0754 0x11f0 KeyIso - ok
09:08:02.0817 0x11f0 [ 4120DA10AA42A9996F4575DB9E3E6E6E, 1C6E790772EA327ACB885D731A030408160534997DD56FEE4D6CEE6929873BB8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:08:02.0832 0x11f0 KSecDD - ok
09:08:02.0848 0x11f0 [ D3964885F0A11ACF51DA3AAA776973B2, 417ED5A3201FC50FBC0D646F8F2114A1E8A91E7919A62508DCBC156C0BFB2FBA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:08:02.0864 0x11f0 KSecPkg - ok
09:08:02.0895 0x11f0 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:08:02.0942 0x11f0 KtmRm - detected UnsignedFile.Multi.Generic ( 1 )
09:08:05.0890 0x11f0 Detect skipped due to KSN trusted
09:08:05.0890 0x11f0 KtmRm - ok
09:08:05.0968 0x11f0 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:08:06.0015 0x11f0 LanmanServer - detected UnsignedFile.Multi.Generic ( 1 )
09:08:08.0963 0x11f0 Detect skipped due to KSN trusted
09:08:08.0963 0x11f0 LanmanServer - ok
09:08:08.0981 0x11f0 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:08:09.0009 0x11f0 LanmanWorkstation - detected UnsignedFile.Multi.Generic ( 1 )
09:08:12.0042 0x11f0 Detect skipped due to KSN trusted
09:08:12.0042 0x11f0 LanmanWorkstation - ok
09:08:12.0142 0x11f0 [ CAB9C6C37FD0F9612B269349116504B6, ACA134CC1531791F1EB424BF64F5F46C4FD91439DB5E7D23140A0104E4FD522C ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
09:08:12.0152 0x11f0 LENOVO.CAMMUTE - ok
09:08:12.0172 0x11f0 [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
09:08:12.0192 0x11f0 LENOVO.MICMUTE - ok
09:08:12.0222 0x11f0 [ 9AAC267A225F3CAEBB9E633F7EB16E4B, BFBB9772646D62ACD9208041621E4CDE92982ED96F243C8F61334F7FC368B387 ] lenovo.smi C:\Windows\system32\DRIVERS\smiif32.sys
09:08:12.0232 0x11f0 lenovo.smi - ok
09:08:12.0242 0x11f0 [ 04B5F7F44CCB2FAB615C67ED0E6C8323, CB0C7DD1F968FA7DC8F9AC99435FF9FB6E39CB058C978E977606F5C8CD275B90 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
09:08:12.0252 0x11f0 LENOVO.TPKNRSVC - ok
09:08:12.0262 0x11f0 [ 158B67696EC8602CE71F9AA4F14AA96F, D1453B52D6DFB7209F20FF052187C2FC24F1778A520015B8A4CD05E35593B26A ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
09:08:12.0272 0x11f0 Lenovo.VIRTSCRLSVC - ok
09:08:12.0302 0x11f0 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:08:12.0332 0x11f0 lltdio - detected UnsignedFile.Multi.Generic ( 1 )
09:08:15.0231 0x11f0 Detect skipped due to KSN trusted
09:08:15.0231 0x11f0 lltdio - ok
09:08:15.0247 0x11f0 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:08:15.0294 0x11f0 lltdsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:08:17.0961 0x11f0 Detect skipped due to KSN trusted
09:08:17.0961 0x11f0 lltdsvc - ok
09:08:18.0024 0x11f0 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:08:18.0055 0x11f0 lmhosts - detected UnsignedFile.Multi.Generic ( 1 )
09:08:21.0034 0x11f0 Detect skipped due to KSN trusted
09:08:21.0034 0x11f0 lmhosts - ok
09:08:21.0112 0x11f0 [ 1C05C59D588A94867671FD07B7062CAF, 84DE146D86D84DBBC3150FD383F845DF1B1D9A087A25AC47E14563B31A1E2034 ] LMS C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:08:21.0144 0x11f0 LMS - ok
09:08:21.0159 0x11f0 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:08:21.0175 0x11f0 LSI_FC - ok
09:08:21.0190 0x11f0 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:08:21.0206 0x11f0 LSI_SAS - ok
09:08:21.0206 0x11f0 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:08:21.0222 0x11f0 LSI_SAS2 - ok
09:08:21.0237 0x11f0 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:08:21.0253 0x11f0 LSI_SCSI - ok
09:08:21.0315 0x11f0 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
09:08:21.0331 0x11f0 luafv - detected UnsignedFile.Multi.Generic ( 1 )
09:08:24.0108 0x11f0 Detect skipped due to KSN trusted
09:08:24.0108 0x11f0 luafv - ok
09:08:24.0186 0x11f0 [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:08:24.0201 0x11f0 MBAMProtector - ok
09:08:24.0310 0x11f0 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
09:08:24.0388 0x11f0 MBAMScheduler - ok
09:08:24.0466 0x11f0 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
09:08:24.0513 0x11f0 MBAMService - ok
09:08:24.0576 0x11f0 [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
09:08:24.0591 0x11f0 MBAMSwissArmy - ok
09:08:24.0607 0x11f0 [ 312CD3307F600E7CD340B79B3DCB3A01, 861A6DFC53C69743129DAAFE73DECDE8D842475503E8D713E7CE5D22AC8D1370 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:08:24.0622 0x11f0 MBAMWebAccessControl - ok
09:08:24.0669 0x11f0 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:08:24.0700 0x11f0 Mcx2Svc - detected UnsignedFile.Multi.Generic ( 1 )
09:08:27.0696 0x11f0 Detect skipped due to KSN trusted
09:08:27.0696 0x11f0 Mcx2Svc - ok
09:08:27.0758 0x11f0 [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:08:27.0789 0x11f0 mdmxsdk - detected UnsignedFile.Multi.Generic ( 1 )
09:08:30.0457 0x11f0 Detect skipped due to KSN trusted
09:08:30.0457 0x11f0 mdmxsdk - ok
09:08:30.0519 0x11f0 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:08:30.0535 0x11f0 megasas - ok
09:08:30.0582 0x11f0 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:08:30.0613 0x11f0 MegaSR - ok
09:08:30.0675 0x11f0 Microsoft SharePoint Workspace Audit Service - ok
09:08:30.0706 0x11f0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
09:08:30.0738 0x11f0 MMCSS - detected UnsignedFile.Multi.Generic ( 1 )
09:08:33.0530 0x11f0 Detect skipped due to KSN trusted
09:08:33.0530 0x11f0 MMCSS - ok
09:08:33.0608 0x11f0 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
09:08:33.0639 0x11f0 Modem - detected UnsignedFile.Multi.Generic ( 1 )
09:08:42.0640 0x11f0 Detect skipped due to KSN trusted
09:08:42.0640 0x11f0 Modem - ok
09:08:42.0734 0x11f0 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:08:42.0750 0x11f0 monitor - detected UnsignedFile.Multi.Generic ( 1 )
09:08:45.0511 0x11f0 Detect skipped due to KSN trusted
09:08:45.0511 0x11f0 monitor - ok
09:08:45.0604 0x11f0 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:08:45.0620 0x11f0 mouclass - ok
09:08:45.0636 0x11f0 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:08:45.0667 0x11f0 mouhid - detected UnsignedFile.Multi.Generic ( 1 )
09:08:48.0475 0x11f0 Detect skipped due to KSN trusted
09:08:48.0475 0x11f0 mouhid - ok
09:08:48.0553 0x11f0 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:08:48.0568 0x11f0 mountmgr - ok
09:08:48.0646 0x11f0 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:08:48.0662 0x11f0 MozillaMaintenance - ok
09:08:48.0662 0x11f0 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
09:08:48.0678 0x11f0 mpio - ok
09:08:48.0740 0x11f0 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:08:48.0756 0x11f0 mpsdrv - detected UnsignedFile.Multi.Generic ( 1 )
09:08:51.0564 0x11f0 Detect skipped due to KSN trusted
09:08:51.0564 0x11f0 mpsdrv - ok
09:08:51.0642 0x11f0 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:08:51.0688 0x11f0 MpsSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:08:54.0496 0x11f0 Detect skipped due to KSN trusted
09:08:54.0496 0x11f0 MpsSvc - ok
09:08:54.0528 0x11f0 [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:08:54.0574 0x11f0 MRxDAV - detected UnsignedFile.Multi.Generic ( 1 )
09:08:57.0289 0x11f0 Detect skipped due to KSN trusted
09:08:57.0289 0x11f0 MRxDAV - ok
09:08:57.0351 0x11f0 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:08:57.0382 0x11f0 mrxsmb - detected UnsignedFile.Multi.Generic ( 1 )
09:09:01.0688 0x11f0 Detect skipped due to KSN trusted
09:09:01.0688 0x11f0 mrxsmb - ok
09:09:01.0751 0x11f0 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:09:01.0782 0x11f0 mrxsmb10 - detected UnsignedFile.Multi.Generic ( 1 )
09:09:04.0559 0x11f0 Detect skipped due to KSN trusted
09:09:04.0559 0x11f0 mrxsmb10 - ok
09:09:04.0574 0x11f0 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:09:04.0605 0x11f0 mrxsmb20 - detected UnsignedFile.Multi.Generic ( 1 )
09:09:07.0320 0x11f0 Detect skipped due to KSN trusted
09:09:07.0320 0x11f0 mrxsmb20 - ok
09:09:07.0382 0x11f0 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
09:09:07.0398 0x11f0 msahci - ok
09:09:07.0413 0x11f0 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:09:07.0429 0x11f0 msdsm - ok
09:09:07.0460 0x11f0 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
09:09:07.0476 0x11f0 MSDTC - detected UnsignedFile.Multi.Generic ( 1 )
09:09:10.0190 0x11f0 Detect skipped due to KSN trusted
09:09:10.0190 0x11f0 MSDTC - ok
09:09:10.0299 0x11f0 [ 114B67C324D64C8195FD3BF93B4DF02A, EF9349BD28578D3BE57946125AA909DFF902D8CB0BFCD9902F690C70F78E3EEB ] MSDV C:\Windows\system32\DRIVERS\msdv.sys
09:09:10.0346 0x11f0 MSDV - detected UnsignedFile.Multi.Generic ( 1 )
09:09:13.0263 0x11f0 Detect skipped due to KSN trusted
09:09:13.0263 0x11f0 MSDV - ok
09:09:13.0310 0x11f0 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:09:13.0341 0x11f0 Msfs - detected UnsignedFile.Multi.Generic ( 1 )
09:09:15.0993 0x11f0 Detect skipped due to KSN trusted
09:09:15.0993 0x11f0 Msfs - ok
09:09:16.0040 0x11f0 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:09:16.0071 0x11f0 mshidkmdf - detected UnsignedFile.Multi.Generic ( 1 )
09:09:21.0344 0x11f0 Detect skipped due to KSN trusted
09:09:21.0344 0x11f0 mshidkmdf - ok
09:09:21.0422 0x11f0 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:09:21.0438 0x11f0 msisadrv - ok
09:09:21.0469 0x11f0 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:09:21.0500 0x11f0 MSiSCSI - detected UnsignedFile.Multi.Generic ( 1 )
09:09:31.0406 0x11f0 Object is SCO, delete is not allowed
09:09:31.0406 0x11f0 MSiSCSI ( UnsignedFile.Multi.Generic ) - warning
09:09:31.0406 0x11f0 Force sending object to P2P due to detect: MSiSCSI
09:09:31.0406 0x11f0 Object send P2P result: false
09:09:31.0406 0x11f0 msiserver - ok
09:09:31.0422 0x11f0 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:09:31.0437 0x11f0 MSKSSRV - detected UnsignedFile.Multi.Generic ( 1 )
09:09:31.0437 0x11f0 Object is SCO, delete is not allowed
09:09:31.0437 0x11f0 MSKSSRV ( UnsignedFile.Multi.Generic ) - warning
09:09:31.0437 0x11f0 Force sending object to P2P due to detect: MSKSSRV
09:09:31.0437 0x11f0 Object send P2P result: false
09:09:31.0484 0x11f0 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:09:31.0515 0x11f0 MSPCLOCK - detected UnsignedFile.Multi.Generic ( 1 )
09:09:31.0515 0x11f0 Object is SCO, delete is not allowed
09:09:31.0515 0x11f0 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
09:09:31.0531 0x11f0 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:09:31.0562 0x11f0 MSPQM - detected UnsignedFile.Multi.Generic ( 1 )
09:09:31.0562 0x11f0 Object is SCO, delete is not allowed
09:09:31.0562 0x11f0 MSPQM ( UnsignedFile.Multi.Generic ) - warning
09:09:31.0578 0x11f0 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:09:31.0593 0x11f0 MsRPC - ok
09:09:31.0609 0x11f0 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:09:31.0609 0x11f0 mssmbios - ok
09:09:31.0625 0x11f0 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:09:31.0656 0x11f0 MSTEE - detected UnsignedFile.Multi.Generic ( 1 )
09:09:31.0656 0x11f0 Object is SCO, delete is not allowed
09:09:31.0656 0x11f0 MSTEE ( UnsignedFile.Multi.Generic ) - warning
09:09:31.0656 0x11f0 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:09:31.0687 0x11f0 MTConfig - detected UnsignedFile.Multi.Generic ( 1 )
09:09:31.0687 0x11f0 MTConfig ( UnsignedFile.Multi.Generic ) - warning
09:09:31.0687 0x11f0 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
09:09:31.0703 0x11f0 Mup - ok
09:09:31.0734 0x11f0 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
09:09:31.0765 0x11f0 napagent - detected UnsignedFile.Multi.Generic ( 1 )
09:09:31.0765 0x11f0 Object is SCO, delete is not allowed
09:09:31.0765 0x11f0 napagent ( UnsignedFile.Multi.Generic ) - warning
09:09:31.0812 0x11f0 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:09:31.0843 0x11f0 NativeWifiP - detected UnsignedFile.Multi.Generic ( 1 )
09:09:31.0843 0x11f0 Object is SCO, delete is not allowed
09:09:31.0843 0x11f0 NativeWifiP ( UnsignedFile.Multi.Generic ) - warning
09:09:31.0921 0x11f0 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:09:31.0952 0x11f0 NDIS - ok
09:09:32.0015 0x11f0 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:09:32.0030 0x11f0 NdisCap - detected UnsignedFile.Multi.Generic ( 1 )
09:09:32.0030 0x11f0 NdisCap ( UnsignedFile.Multi.Generic ) - warning
09:09:32.0093 0x11f0 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:09:32.0124 0x11f0 NdisTapi - detected UnsignedFile.Multi.Generic ( 1 )
09:09:32.0124 0x11f0 Object is SCO, delete is not allowed
09:09:32.0124 0x11f0 NdisTapi ( UnsignedFile.Multi.Generic ) - warning
09:09:32.0155 0x11f0 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:09:32.0186 0x11f0 Ndisuio - detected UnsignedFile.Multi.Generic ( 1 )
09:09:32.0186 0x11f0 Object is SCO, delete is not allowed
09:09:32.0186 0x11f0 Ndisuio ( UnsignedFile.Multi.Generic ) - warning
09:09:32.0202 0x11f0 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:09:32.0233 0x11f0 NdisWan - detected UnsignedFile.Multi.Generic ( 1 )
09:09:32.0233 0x11f0 Object is SCO, delete is not allowed
09:09:32.0233 0x11f0 NdisWan ( UnsignedFile.Multi.Generic ) - warning
09:09:32.0280 0x11f0 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:09:32.0311 0x11f0 NDProxy - detected UnsignedFile.Multi.Generic ( 1 )
09:09:32.0311 0x11f0 Object is SCO, delete is not allowed
09:09:32.0311 0x11f0 NDProxy ( UnsignedFile.Multi.Generic ) - warning
09:09:32.0358 0x11f0 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:09:32.0389 0x11f0 NetBIOS - detected UnsignedFile.Multi.Generic ( 1 )
09:09:32.0389 0x11f0 Object is SCO, delete is not allowed
09:09:32.0389 0x11f0 NetBIOS ( UnsignedFile.Multi.Generic ) - warning
09:09:32.0405 0x11f0 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:09:32.0436 0x11f0 NetBT - detected UnsignedFile.Multi.Generic ( 1 )
09:09:32.0436 0x11f0 Object is SCO, delete is not allowed
09:09:32.0436 0x11f0 NetBT ( UnsignedFile.Multi.Generic ) - warning
09:09:32.0451 0x11f0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] Netlogon C:\Windows\system32\lsass.exe
09:09:32.0483 0x11f0 Netlogon - detected UnsignedFile.Multi.Generic ( 1 )
09:09:32.0483 0x11f0 Detect skipped due to KSN trusted
09:09:32.0483 0x11f0 Netlogon - ok
09:09:32.0514 0x11f0 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
09:09:32.0545 0x11f0 Netman - detected UnsignedFile.Multi.Generic ( 1 )
09:09:32.0545 0x11f0 Netman ( UnsignedFile.Multi.Generic ) - warning
09:09:32.0607 0x11f0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:09:32.0639 0x11f0 NetMsmqActivator - ok
09:09:32.0670 0x11f0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:09:32.0701 0x11f0 NetPipeActivator - ok
09:09:32.0732 0x11f0 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
09:09:32.0810 0x11f0 netprofm - detected UnsignedFile.Multi.Generic ( 1 )
09:09:32.0810 0x11f0 Object is SCO, delete is not allowed
09:09:32.0810 0x11f0 netprofm ( UnsignedFile.Multi.Generic ) - warning
09:09:32.0841 0x11f0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:09:32.0857 0x11f0 NetTcpActivator - ok
09:09:32.0873 0x11f0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:09:32.0888 0x11f0 NetTcpPortSharing - ok
09:09:33.0138 0x11f0 [ 3577B851E59DA59E6D65419A057C9914, 1B1F0B3BDF697E1A226B5346F55570DC13365FFD615C0158CD3287C4DD0B9CB2 ] NETw5s32 C:\Windows\system32\DRIVERS\NETw5s32.sys
09:09:33.0465 0x11f0 NETw5s32 - detected UnsignedFile.Multi.Generic ( 1 )
09:09:33.0465 0x11f0 NETw5s32 ( UnsignedFile.Multi.Generic ) - warning
09:09:33.0590 0x11f0 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
09:09:33.0809 0x11f0 netw5v32 - detected UnsignedFile.Multi.Generic ( 1 )
09:09:33.0809 0x11f0 netw5v32 ( UnsignedFile.Multi.Generic ) - warning
09:09:34.0121 0x11f0 [ 5C979C481981E04919ECBB3B88D54B34, B7FF0BF75A5BCDA33F62BA85BA3391A02704B19609AD676FDF90E541687FC501 ] NETwNs32 C:\Windows\system32\DRIVERS\NETwNs32.sys
09:09:34.0479 0x11f0 NETwNs32 - detected UnsignedFile.Multi.Generic ( 1 )
09:09:34.0479 0x11f0 NETwNs32 ( UnsignedFile.Multi.Generic ) - warning
09:09:34.0511 0x11f0 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:09:34.0526 0x11f0 nfrd960 - ok
09:09:34.0573 0x11f0 [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:09:34.0620 0x11f0 NlaSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:34.0620 0x11f0 Object is SCO, delete is not allowed
09:09:34.0620 0x11f0 NlaSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:34.0682 0x11f0 [ 25401B0C9576C8456B3E0BBD74FF0771, BB569C99360A631850537DC2EDA0BF85D091CC30BD98B3FD2AC9DABDFB7741DA ] NPF C:\Windows\system32\drivers\npf.sys
09:09:34.0698 0x11f0 NPF - ok
09:09:34.0713 0x11f0 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:09:34.0729 0x11f0 Npfs - detected UnsignedFile.Multi.Generic ( 1 )
09:09:34.0745 0x11f0 Object is SCO, delete is not allowed
09:09:34.0745 0x11f0 Npfs ( UnsignedFile.Multi.Generic ) - warning
09:09:34.0745 0x11f0 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
09:09:34.0776 0x11f0 nsi - detected UnsignedFile.Multi.Generic ( 1 )
09:09:34.0776 0x11f0 Object is SCO, delete is not allowed
09:09:34.0776 0x11f0 nsi ( UnsignedFile.Multi.Generic ) - warning
09:09:34.0823 0x11f0 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:09:34.0854 0x11f0 nsiproxy - detected UnsignedFile.Multi.Generic ( 1 )
09:09:34.0854 0x11f0 Object is SCO, delete is not allowed
09:09:34.0854 0x11f0 nsiproxy ( UnsignedFile.Multi.Generic ) - warning
09:09:34.0963 0x11f0 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:09:35.0010 0x11f0 Ntfs - ok
09:09:35.0025 0x11f0 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
09:09:35.0057 0x11f0 Null - detected UnsignedFile.Multi.Generic ( 1 )
09:09:35.0057 0x11f0 Object is SCO, delete is not allowed
09:09:35.0057 0x11f0 Null ( UnsignedFile.Multi.Generic ) - warning
09:09:35.0119 0x11f0 [ FBEC0FD36ED61EFEE1E3063281EAB984, AE4BC81897FDDE6EBEE7A9A3C9252A8E454B80831A853F9D1DCC0C2F8FA7DAAC ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
09:09:35.0150 0x11f0 NVHDA - ok
09:09:35.0431 0x11f0 [ 0F2AA7E719ABF64A1504997EDF5EDCD6, 9787B279E8BB4D27DC60E855C271441BBBA9766921DA02EAAD1D36A966D08C0C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:09:35.0727 0x11f0 nvlddmkm - ok
09:09:35.0774 0x11f0 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:09:35.0790 0x11f0 nvraid - ok
09:09:35.0790 0x11f0 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:09:35.0805 0x11f0 nvstor - ok
09:09:35.0883 0x11f0 [ F8901C8D170BF16DBA6F396025D9AB15, FFDA9977F13EF5DF2C76DF3CFD4695D5C5C05871E73173E8C5D4E0E2A904C534 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:09:35.0915 0x11f0 nvsvc - ok
09:09:35.0930 0x11f0 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:09:35.0946 0x11f0 nv_agp - ok
09:09:35.0977 0x11f0 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:09:35.0993 0x11f0 ohci1394 - detected UnsignedFile.Multi.Generic ( 1 )
09:09:35.0993 0x11f0 Object is SCO, delete is not allowed
09:09:35.0993 0x11f0 ohci1394 ( UnsignedFile.Multi.Generic ) - warning
09:09:36.0071 0x11f0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:09:36.0071 0x11f0 ose - ok
09:09:36.0227 0x11f0 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:09:36.0383 0x11f0 osppsvc - ok
09:09:36.0414 0x11f0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:09:36.0445 0x11f0 p2pimsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:36.0445 0x11f0 p2pimsvc ( UnsignedFile.Multi.Generic ) - warning
09:09:36.0461 0x11f0 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
09:09:36.0492 0x11f0 p2psvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:36.0492 0x11f0 Object is SCO, delete is not allowed
09:09:36.0492 0x11f0 p2psvc ( UnsignedFile.Multi.Generic ) - warning
09:09:36.0507 0x11f0 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:09:36.0539 0x11f0 Parport - detected UnsignedFile.Multi.Generic ( 1 )
09:09:36.0539 0x11f0 Object is SCO, delete is not allowed
09:09:36.0539 0x11f0 Parport ( UnsignedFile.Multi.Generic ) - warning
09:09:36.0585 0x11f0 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:09:36.0601 0x11f0 partmgr - ok
09:09:36.0617 0x11f0 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
09:09:36.0632 0x11f0 Parvdm - detected UnsignedFile.Multi.Generic ( 1 )
09:09:36.0632 0x11f0 Parvdm ( UnsignedFile.Multi.Generic ) - warning
09:09:36.0726 0x11f0 [ 39B9DCD7040654C2E57D7396736C718E, 70A637A955A2611E5ADA31FDD4B1D7EEECFBC22504A770DA71B502E160AEDAFD ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
09:09:36.0757 0x11f0 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
09:09:36.0757 0x11f0 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
09:09:36.0773 0x11f0 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:09:36.0804 0x11f0 PcaSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:36.0804 0x11f0 Object is SCO, delete is not allowed
09:09:36.0804 0x11f0 PcaSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:36.0819 0x11f0 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
09:09:36.0835 0x11f0 pci - ok
09:09:36.0882 0x11f0 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
09:09:36.0882 0x11f0 pciide - ok
09:09:36.0913 0x11f0 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:09:36.0929 0x11f0 pcmcia - ok
09:09:36.0944 0x11f0 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
09:09:36.0960 0x11f0 pcw - ok
09:09:36.0991 0x11f0 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:09:37.0053 0x11f0 PEAUTH - detected UnsignedFile.Multi.Generic ( 1 )
09:09:37.0053 0x11f0 Object is SCO, delete is not allowed
09:09:37.0053 0x11f0 PEAUTH ( UnsignedFile.Multi.Generic ) - warning
09:09:37.0131 0x11f0 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:09:37.0225 0x11f0 PeerDistSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:37.0225 0x11f0 PeerDistSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:37.0350 0x11f0 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
09:09:37.0428 0x11f0 pla - detected UnsignedFile.Multi.Generic ( 1 )
09:09:37.0428 0x11f0 Object is SCO, delete is not allowed
09:09:37.0428 0x11f0 pla ( UnsignedFile.Multi.Generic ) - warning
09:09:37.0506 0x11f0 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:09:37.0537 0x11f0 PlugPlay - detected UnsignedFile.Multi.Generic ( 1 )
09:09:37.0537 0x11f0 Object is SCO, delete is not allowed
09:09:37.0537 0x11f0 PlugPlay ( UnsignedFile.Multi.Generic ) - warning
09:09:37.0537 0x11f0 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:09:37.0568 0x11f0 PNRPAutoReg - detected UnsignedFile.Multi.Generic ( 1 )
09:09:37.0568 0x11f0 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - warning
09:09:37.0599 0x11f0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:09:37.0631 0x11f0 PNRPsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:37.0631 0x11f0 PNRPsvc ( UnsignedFile.Multi.Generic ) - warning
09:09:37.0631 0x11f0 Force sending object to P2P due to detect: PNRPsvc
09:09:37.0631 0x11f0 Object send P2P result: false
09:09:37.0662 0x11f0 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:09:37.0709 0x11f0 PolicyAgent - detected UnsignedFile.Multi.Generic ( 1 )
09:09:37.0709 0x11f0 Object is SCO, delete is not allowed
09:09:37.0709 0x11f0 PolicyAgent ( UnsignedFile.Multi.Generic ) - warning
09:09:37.0709 0x11f0 Force sending object to P2P due to detect: PolicyAgent
09:09:37.0709 0x11f0 Object send P2P result: false
09:09:37.0740 0x11f0 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
09:09:37.0771 0x11f0 Power - detected UnsignedFile.Multi.Generic ( 1 )
09:09:37.0771 0x11f0 Power ( UnsignedFile.Multi.Generic ) - warning
09:09:37.0849 0x11f0 [ 6C9FE6569F190BC77ECD334F0E650F74, 2DD001AD59D7769ACDCA6C7BE37CDEFBAD558679A3465681D61F93BE034CC930 ] Power Manager DBC Service C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE
09:09:37.0849 0x11f0 Power Manager DBC Service - ok
09:09:37.0865 0x11f0 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:09:37.0896 0x11f0 PptpMiniport - detected UnsignedFile.Multi.Generic ( 1 )
09:09:37.0896 0x11f0 Object is SCO, delete is not allowed
09:09:37.0896 0x11f0 PptpMiniport ( UnsignedFile.Multi.Generic ) - warning
09:09:37.0911 0x11f0 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:09:37.0943 0x11f0 Processor - detected UnsignedFile.Multi.Generic ( 1 )
09:09:37.0943 0x11f0 Object is SCO, delete is not allowed
09:09:37.0943 0x11f0 Processor ( UnsignedFile.Multi.Generic ) - warning
09:09:37.0974 0x11f0 [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc C:\Windows\system32\profsvc.dll
09:09:38.0021 0x11f0 ProfSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:38.0021 0x11f0 Object is SCO, delete is not allowed
09:09:38.0021 0x11f0 ProfSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:38.0052 0x11f0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:09:38.0067 0x11f0 ProtectedStorage - detected UnsignedFile.Multi.Generic ( 1 )
09:09:38.0067 0x11f0 Detect skipped due to KSN trusted
09:09:38.0067 0x11f0 ProtectedStorage - ok
09:09:38.0099 0x11f0 [ 72DE205CD4006DC45B1401859C506679, E5F7A616D2ECE172ECB13F7492D34B853E92F0F5AD5A727A0683DC5C32985D3A ] psadd C:\Windows\system32\DRIVERS\psadd.sys
09:09:38.0099 0x11f0 psadd - ok
09:09:38.0161 0x11f0 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:09:38.0192 0x11f0 Psched - detected UnsignedFile.Multi.Generic ( 1 )
09:09:38.0192 0x11f0 Object is SCO, delete is not allowed
09:09:38.0192 0x11f0 Psched ( UnsignedFile.Multi.Generic ) - warning
09:09:38.0255 0x11f0 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
09:09:38.0270 0x11f0 PxHelp20 - ok
09:09:38.0333 0x11f0 [ 681177830D9C62C43F664F313D116821, 1F5D0064C74371BE7890E4B292ABACFE5BA2B9FB5E205B97D34F36F832E92C1D ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
09:09:38.0364 0x11f0 QBCFMonitorService - detected UnsignedFile.Multi.Generic ( 1 )
09:09:38.0364 0x11f0 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning
09:09:38.0442 0x11f0 [ 2241EAF40E472C471CB80CF6B97CCA11, A19F76D73A8FF69DF6A008B6B079989376FAC3E4B743054AC257A758904C9A97 ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
09:09:38.0473 0x11f0 QBFCService - detected UnsignedFile.Multi.Generic ( 1 )
09:09:38.0473 0x11f0 QBFCService ( UnsignedFile.Multi.Generic ) - warning
09:09:38.0551 0x11f0 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:09:38.0613 0x11f0 ql2300 - ok
09:09:38.0629 0x11f0 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:09:38.0645 0x11f0 ql40xx - ok
09:09:38.0676 0x11f0 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
09:09:38.0707 0x11f0 QWAVE - detected UnsignedFile.Multi.Generic ( 1 )
09:09:38.0707 0x11f0 Object is SCO, delete is not allowed
09:09:38.0707 0x11f0 QWAVE ( UnsignedFile.Multi.Generic ) - warning
09:09:38.0707 0x11f0 Force sending object to P2P due to detect: QWAVE
09:09:38.0707 0x11f0 Object send P2P result: false
09:09:38.0723 0x11f0 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:09:38.0754 0x11f0 QWAVEdrv - detected UnsignedFile.Multi.Generic ( 1 )
09:09:38.0754 0x11f0 Object is SCO, delete is not allowed
09:09:38.0754 0x11f0 QWAVEdrv ( UnsignedFile.Multi.Generic ) - warning
09:09:38.0754 0x11f0 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:09:38.0785 0x11f0 RasAcd - detected UnsignedFile.Multi.Generic ( 1 )
09:09:38.0785 0x11f0 Object is SCO, delete is not allowed
09:09:38.0785 0x11f0 RasAcd ( UnsignedFile.Multi.Generic ) - warning
09:09:38.0785 0x11f0 Force sending object to P2P due to detect: RasAcd
09:09:38.0785 0x11f0 Object send P2P result: false
09:09:38.0832 0x11f0 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:09:38.0863 0x11f0 RasAgileVpn - detected UnsignedFile.Multi.Generic ( 1 )
09:09:38.0863 0x11f0 RasAgileVpn ( UnsignedFile.Multi.Generic ) - warning
09:09:38.0879 0x11f0 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
09:09:38.0910 0x11f0 RasAuto - detected UnsignedFile.Multi.Generic ( 1 )
09:09:38.0910 0x11f0 Object is SCO, delete is not allowed
09:09:38.0910 0x11f0 RasAuto ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0144 0x11f0 [ 52B9FA60C8B60932AABFAE73CF3BA61C, 01A364D22603B852E9FB659CCBBB637A27DA78D01EE9F4288A78310EF56C8D2C ] raserver C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe
09:09:39.0206 0x11f0 raserver - ok
09:09:39.0237 0x11f0 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:09:39.0269 0x11f0 Rasl2tp - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0269 0x11f0 Object is SCO, delete is not allowed
09:09:39.0269 0x11f0 Rasl2tp ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0269 0x11f0 Force sending object to P2P due to detect: Rasl2tp
09:09:39.0269 0x11f0 Object send P2P result: false
09:09:39.0300 0x11f0 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
09:09:39.0331 0x11f0 RasMan - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0331 0x11f0 Object is SCO, delete is not allowed
09:09:39.0331 0x11f0 RasMan ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0331 0x11f0 Force sending object to P2P due to detect: RasMan
09:09:39.0331 0x11f0 Object send P2P result: false
09:09:39.0362 0x11f0 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:09:39.0393 0x11f0 RasPppoe - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0393 0x11f0 Object is SCO, delete is not allowed
09:09:39.0393 0x11f0 RasPppoe ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0393 0x11f0 Force sending object to P2P due to detect: RasPppoe
09:09:39.0409 0x11f0 Object send P2P result: false
09:09:39.0440 0x11f0 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:09:39.0471 0x11f0 RasSstp - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0471 0x11f0 Object is SCO, delete is not allowed
09:09:39.0471 0x11f0 RasSstp ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0471 0x11f0 Force sending object to P2P due to detect: RasSstp
09:09:39.0471 0x11f0 Object send P2P result: false
09:09:39.0518 0x11f0 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:09:39.0549 0x11f0 rdbss - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0549 0x11f0 Object is SCO, delete is not allowed
09:09:39.0549 0x11f0 rdbss ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0549 0x11f0 Force sending object to P2P due to detect: rdbss
09:09:39.0565 0x11f0 Object send P2P result: false
09:09:39.0565 0x11f0 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:09:39.0596 0x11f0 rdpbus - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0596 0x11f0 rdpbus ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0612 0x11f0 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:09:39.0643 0x11f0 RDPCDD - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0643 0x11f0 Object is SCO, delete is not allowed
09:09:39.0643 0x11f0 RDPCDD ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0690 0x11f0 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:09:39.0737 0x11f0 RDPDR - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0737 0x11f0 Object is SCO, delete is not allowed
09:09:39.0737 0x11f0 RDPDR ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0737 0x11f0 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:09:39.0783 0x11f0 RDPENCDD - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0783 0x11f0 Object is SCO, delete is not allowed
09:09:39.0783 0x11f0 RDPENCDD ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0783 0x11f0 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:09:39.0815 0x11f0 RDPREFMP - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0815 0x11f0 RDPREFMP ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0846 0x11f0 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:09:39.0893 0x11f0 RdpVideoMiniport - detected UnsignedFile.Multi.Generic ( 1 )
09:09:39.0893 0x11f0 RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - warning
09:09:39.0971 0x11f0 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:09:40.0002 0x11f0 RDPWD - detected UnsignedFile.Multi.Generic ( 1 )
09:09:40.0002 0x11f0 Object is SCO, delete is not allowed
09:09:40.0002 0x11f0 RDPWD ( UnsignedFile.Multi.Generic ) - warning
09:09:40.0049 0x11f0 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:09:40.0080 0x11f0 rdyboost - ok
09:09:40.0127 0x11f0 [ 001B4278407F4303EFC902A2B16F2453, 92A95B0EFAAE7ADC6380D5207C86CB45BEEAE6974417A13669484A9D179E69AC ] regi C:\Windows\system32\drivers\regi.sys
09:09:40.0142 0x11f0 regi - ok
09:09:40.0236 0x11f0 [ 6C47AC711F5FB55C5387A85D50AB4703, E53A999F22FD139EA9209AF6E0B8FDBE6BBD64A040B4742585A75F932AFEEF0E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:09:40.0267 0x11f0 RegSrvc - ok
09:09:40.0283 0x11f0 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:09:40.0314 0x11f0 RemoteAccess - detected UnsignedFile.Multi.Generic ( 1 )
09:09:40.0314 0x11f0 Object is SCO, delete is not allowed
09:09:40.0314 0x11f0 RemoteAccess ( UnsignedFile.Multi.Generic ) - warning
09:09:40.0329 0x11f0 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:09:40.0376 0x11f0 RemoteRegistry - detected UnsignedFile.Multi.Generic ( 1 )
09:09:40.0376 0x11f0 RemoteRegistry ( UnsignedFile.Multi.Generic ) - warning
09:09:40.0423 0x11f0 [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:09:40.0454 0x11f0 RFCOMM - detected UnsignedFile.Multi.Generic ( 1 )
09:09:40.0454 0x11f0 RFCOMM ( UnsignedFile.Multi.Generic ) - warning
09:09:40.0548 0x11f0 [ E891F07815AF88075705EF6A248711F6, E21FEAD2A2E5A036B87A1C38F5190B507B76A59486FF9FD70890D2EF9BD03612 ] rimspci C:\Windows\system32\DRIVERS\rimspe86.sys
09:09:40.0563 0x11f0 rimspci - detected UnsignedFile.Multi.Generic ( 1 )
09:09:40.0563 0x11f0 rimspci ( UnsignedFile.Multi.Generic ) - warning
09:09:40.0610 0x11f0 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
09:09:40.0626 0x11f0 rpcapd - ok
09:09:40.0641 0x11f0 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:09:40.0673 0x11f0 RpcEptMapper - detected UnsignedFile.Multi.Generic ( 1 )
09:09:40.0673 0x11f0 RpcEptMapper ( UnsignedFile.Multi.Generic ) - warning
09:09:40.0688 0x11f0 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
09:09:40.0719 0x11f0 RpcLocator - detected UnsignedFile.Multi.Generic ( 1 )
09:09:40.0719 0x11f0 RpcLocator ( UnsignedFile.Multi.Generic ) - warning
09:09:40.0751 0x11f0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
09:09:40.0782 0x11f0 RpcSs - detected UnsignedFile.Multi.Generic ( 1 )
09:09:40.0782 0x11f0 Detect skipped due to KSN trusted
09:09:40.0782 0x11f0 RpcSs - ok
09:09:40.0797 0x11f0 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:09:40.0829 0x11f0 rspndr - detected UnsignedFile.Multi.Generic ( 1 )
09:09:40.0829 0x11f0 Object is SCO, delete is not allowed
09:09:40.0829 0x11f0 rspndr ( UnsignedFile.Multi.Generic ) - warning
09:09:40.0922 0x11f0 [ 45F606823EAA469582318C722C76A29D, 1016FBE111638AE369F7C5FF6CA33178FD6CB06D361F3B488DE6C4D85A22253A ] RUBotSrv C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
09:09:40.0953 0x11f0 RUBotSrv - ok
09:09:41.0000 0x11f0 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:09:41.0031 0x11f0 s3cap - detected UnsignedFile.Multi.Generic ( 1 )
09:09:41.0031 0x11f0 s3cap ( UnsignedFile.Multi.Generic ) - warning
09:09:41.0031 0x11f0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] SamSs C:\Windows\system32\lsass.exe
09:09:41.0063 0x11f0 SamSs - detected UnsignedFile.Multi.Generic ( 1 )
09:09:41.0063 0x11f0 Detect skipped due to KSN trusted
09:09:41.0063 0x11f0 SamSs - ok
09:09:41.0078 0x11f0 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:09:41.0094 0x11f0 sbp2port - ok
09:09:41.0141 0x11f0 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:09:41.0172 0x11f0 SCardSvr - detected UnsignedFile.Multi.Generic ( 1 )
09:09:41.0172 0x11f0 Object is SCO, delete is not allowed
09:09:41.0172 0x11f0 SCardSvr ( UnsignedFile.Multi.Generic ) - warning
09:09:41.0172 0x11f0 Force sending object to P2P due to detect: SCardSvr
09:09:41.0172 0x11f0 Object send P2P result: false
09:09:41.0187 0x11f0 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:09:41.0219 0x11f0 scfilter - detected UnsignedFile.Multi.Generic ( 1 )
09:09:41.0219 0x11f0 scfilter ( UnsignedFile.Multi.Generic ) - warning
09:09:41.0250 0x11f0 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
09:09:41.0297 0x11f0 Schedule - detected UnsignedFile.Multi.Generic ( 1 )
09:09:41.0297 0x11f0 Schedule ( UnsignedFile.Multi.Generic ) - warning
09:09:41.0328 0x11f0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:09:41.0343 0x11f0 SCPolicySvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:41.0343 0x11f0 Detect skipped due to KSN trusted
09:09:41.0343 0x11f0 SCPolicySvc - ok
09:09:41.0359 0x11f0 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\drivers\sdbus.sys
09:09:41.0390 0x11f0 sdbus - detected UnsignedFile.Multi.Generic ( 1 )
09:09:41.0390 0x11f0 sdbus ( UnsignedFile.Multi.Generic ) - warning
09:09:41.0406 0x11f0 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:09:41.0437 0x11f0 SDRSVC - detected UnsignedFile.Multi.Generic ( 1 )
09:09:41.0437 0x11f0 Object is SCO, delete is not allowed
09:09:41.0437 0x11f0 SDRSVC ( UnsignedFile.Multi.Generic ) - warning
09:09:41.0640 0x11f0 [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
09:09:41.0796 0x11f0 SDScannerService - ok
09:09:41.0889 0x11f0 [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
09:09:41.0952 0x11f0 SDUpdateService - ok
09:09:42.0014 0x11f0 [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
09:09:42.0030 0x11f0 SDWSCService - ok
09:09:42.0045 0x11f0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:09:42.0077 0x11f0 secdrv - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0077 0x11f0 secdrv ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0077 0x11f0 Force sending object to P2P due to detect: secdrv
09:09:42.0077 0x11f0 Object send P2P result: false
09:09:42.0092 0x11f0 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
09:09:42.0123 0x11f0 seclogon - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0123 0x11f0 Object is SCO, delete is not allowed
09:09:42.0123 0x11f0 seclogon ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0123 0x11f0 Force sending object to P2P due to detect: seclogon
09:09:42.0123 0x11f0 Object send P2P result: false
09:09:42.0170 0x11f0 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
09:09:42.0201 0x11f0 SENS - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0201 0x11f0 Object is SCO, delete is not allowed
09:09:42.0201 0x11f0 SENS ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0233 0x11f0 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:09:42.0264 0x11f0 SensrSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0264 0x11f0 SensrSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0264 0x11f0 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:09:42.0295 0x11f0 Serenum - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0295 0x11f0 Object is SCO, delete is not allowed
09:09:42.0295 0x11f0 Serenum ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0326 0x11f0 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:09:42.0357 0x11f0 Serial - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0357 0x11f0 Object is SCO, delete is not allowed
09:09:42.0357 0x11f0 Serial ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0373 0x11f0 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:09:42.0404 0x11f0 sermouse - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0404 0x11f0 Object is SCO, delete is not allowed
09:09:42.0404 0x11f0 sermouse ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0435 0x11f0 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
09:09:42.0467 0x11f0 SessionEnv - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0467 0x11f0 Object is SCO, delete is not allowed
09:09:42.0467 0x11f0 SessionEnv ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0482 0x11f0 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
09:09:42.0513 0x11f0 sffdisk - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0513 0x11f0 Object is SCO, delete is not allowed
09:09:42.0513 0x11f0 sffdisk ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0513 0x11f0 Force sending object to P2P due to detect: sffdisk
09:09:42.0513 0x11f0 Object send P2P result: false
09:09:42.0529 0x11f0 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:09:42.0545 0x11f0 sffp_mmc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0560 0x11f0 Object is SCO, delete is not allowed
09:09:42.0560 0x11f0 sffp_mmc ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0560 0x11f0 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
09:09:42.0591 0x11f0 sffp_sd - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0591 0x11f0 Object is SCO, delete is not allowed
09:09:42.0591 0x11f0 sffp_sd ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0591 0x11f0 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:09:42.0623 0x11f0 sfloppy - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0623 0x11f0 Object is SCO, delete is not allowed
09:09:42.0623 0x11f0 sfloppy ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0638 0x11f0 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:09:42.0669 0x11f0 SharedAccess - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0669 0x11f0 Object is SCO, delete is not allowed
09:09:42.0669 0x11f0 SharedAccess ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0732 0x11f0 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:09:42.0763 0x11f0 ShellHWDetection - detected UnsignedFile.Multi.Generic ( 1 )
09:09:42.0763 0x11f0 ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
09:09:42.0841 0x11f0 [ 486A1BD22DD66D0A8542EBB0CD792BDB, E59329EFF47EB4B8CB0D5D122A781A6DEDCB164A82C059B41703E75B46F2CACF ] Shockprf C:\Windows\system32\DRIVERS\Apsx86.sys
09:09:42.0857 0x11f0 Shockprf - ok
09:09:42.0872 0x11f0 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:09:42.0872 0x11f0 sisagp - ok
09:09:42.0888 0x11f0 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:09:42.0903 0x11f0 SiSRaid2 - ok
09:09:42.0903 0x11f0 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:09:42.0919 0x11f0 SiSRaid4 - ok
09:09:43.0013 0x11f0 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:09:43.0028 0x11f0 SkypeUpdate - ok
09:09:43.0044 0x11f0 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:09:43.0075 0x11f0 Smb - detected UnsignedFile.Multi.Generic ( 1 )
09:09:43.0075 0x11f0 Object is SCO, delete is not allowed
09:09:43.0075 0x11f0 Smb ( UnsignedFile.Multi.Generic ) - warning
09:09:43.0122 0x11f0 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:09:43.0153 0x11f0 SNMPTRAP - detected UnsignedFile.Multi.Generic ( 1 )
09:09:43.0153 0x11f0 Object is SCO, delete is not allowed
09:09:43.0153 0x11f0 SNMPTRAP ( UnsignedFile.Multi.Generic ) - warning
09:09:43.0169 0x11f0 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
09:09:43.0184 0x11f0 spldr - ok
09:09:43.0231 0x11f0 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
09:09:43.0278 0x11f0 Spooler - detected UnsignedFile.Multi.Generic ( 1 )
09:09:43.0278 0x11f0 Spooler ( UnsignedFile.Multi.Generic ) - warning
09:09:43.0387 0x11f0 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
09:09:43.0512 0x11f0 sppsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:43.0512 0x11f0 sppsvc ( UnsignedFile.Multi.Generic ) - warning
09:09:43.0512 0x11f0 Force sending object to P2P due to detect: sppsvc
09:09:43.0527 0x11f0 Object send P2P result: false
09:09:43.0543 0x11f0 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:09:43.0574 0x11f0 sppuinotify - detected UnsignedFile.Multi.Generic ( 1 )
09:09:43.0574 0x11f0 sppuinotify ( UnsignedFile.Multi.Generic ) - warning
09:09:43.0605 0x11f0 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:09:43.0652 0x11f0 srv - detected UnsignedFile.Multi.Generic ( 1 )
09:09:43.0652 0x11f0 Object is SCO, delete is not allowed
09:09:43.0652 0x11f0 srv ( UnsignedFile.Multi.Generic ) - warning
09:09:43.0668 0x11f0 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:09:43.0715 0x11f0 srv2 - detected UnsignedFile.Multi.Generic ( 1 )
09:09:43.0715 0x11f0 Object is SCO, delete is not allowed
09:09:43.0715 0x11f0 srv2 ( UnsignedFile.Multi.Generic ) - warning
09:09:43.0715 0x11f0 Force sending object to P2P due to detect: srv2
09:09:43.0715 0x11f0 Object send P2P result: false
09:09:43.0761 0x11f0 [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA C:\Windows\system32\DRIVERS\VSTAZL3.SYS
09:09:43.0793 0x11f0 SrvHsfHDA - detected UnsignedFile.Multi.Generic ( 1 )
09:09:43.0793 0x11f0 SrvHsfHDA ( UnsignedFile.Multi.Generic ) - warning
09:09:43.0793 0x11f0 Force sending object to P2P due to detect: SrvHsfHDA
09:09:43.0808 0x11f0 Object send P2P result: false
09:09:43.0839 0x11f0 [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
09:09:43.0917 0x11f0 SrvHsfV92 - detected UnsignedFile.Multi.Generic ( 1 )
09:09:43.0917 0x11f0 SrvHsfV92 ( UnsignedFile.Multi.Generic ) - warning
09:09:43.0964 0x11f0 [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
09:09:44.0042 0x11f0 SrvHsfWinac - detected UnsignedFile.Multi.Generic ( 1 )
09:09:44.0042 0x11f0 SrvHsfWinac ( UnsignedFile.Multi.Generic ) - warning
09:09:44.0058 0x11f0 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:09:44.0089 0x11f0 srvnet - detected UnsignedFile.Multi.Generic ( 1 )
09:09:44.0089 0x11f0 Object is SCO, delete is not allowed
09:09:44.0089 0x11f0 srvnet ( UnsignedFile.Multi.Generic ) - warning
09:09:44.0089 0x11f0 Force sending object to P2P due to detect: srvnet
09:09:44.0089 0x11f0 Object send P2P result: false
09:09:44.0105 0x11f0 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:09:44.0136 0x11f0 SSDPSRV - detected UnsignedFile.Multi.Generic ( 1 )
09:09:44.0136 0x11f0 SSDPSRV ( UnsignedFile.Multi.Generic ) - warning
09:09:44.0151 0x11f0 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:09:44.0183 0x11f0 SstpSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:44.0183 0x11f0 Object is SCO, delete is not allowed
09:09:44.0183 0x11f0 SstpSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:44.0245 0x11f0 [ 585FDB94DB04AC1C56298D1FD1F1389E, 5CEBAAF3B649E580B3EF2B9B38426D6EE13B244BE1274BA0C0A468EC4CFB680C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
09:09:44.0276 0x11f0 ssudmdm - ok
09:09:44.0323 0x11f0 [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
09:09:44.0354 0x11f0 Steam Client Service - ok
09:09:44.0385 0x11f0 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:09:44.0401 0x11f0 stexstor - ok
09:09:44.0463 0x11f0 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
09:09:44.0526 0x11f0 StiSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:44.0526 0x11f0 Object is SCO, delete is not allowed
09:09:44.0526 0x11f0 StiSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:44.0526 0x11f0 Force sending object to P2P due to detect: StiSvc
09:09:44.0526 0x11f0 Object send P2P result: false
09:09:44.0541 0x11f0 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:09:44.0573 0x11f0 storflt - ok
09:09:44.0604 0x11f0 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
09:09:44.0635 0x11f0 StorSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:44.0635 0x11f0 StorSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:44.0651 0x11f0 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:09:44.0666 0x11f0 storvsc - ok
09:09:44.0760 0x11f0 [ 6EA2F517373771CAC5188E82617C9C0B, 8ADCCF88C0BA60994060AEDA97873EBDEACBCC728FD379F117DCB6A095E59CB9 ] SUService C:\Program Files\Lenovo\System Update\SUService.exe
09:09:44.0791 0x11f0 SUService - detected UnsignedFile.Multi.Generic ( 1 )
09:09:44.0791 0x11f0 SUService ( UnsignedFile.Multi.Generic ) - warning
09:09:44.0791 0x11f0 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
09:09:44.0807 0x11f0 swenum - ok
09:09:44.0900 0x11f0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:09:44.0947 0x11f0 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
09:09:44.0947 0x11f0 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
09:09:44.0947 0x11f0 Force sending object to P2P due to detect: SwitchBoard
09:09:44.0947 0x11f0 Object send P2P result: false
09:09:44.0978 0x11f0 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
09:09:45.0009 0x11f0 swprv - detected UnsignedFile.Multi.Generic ( 1 )
09:09:45.0009 0x11f0 Object is SCO, delete is not allowed
09:09:45.0009 0x11f0 swprv ( UnsignedFile.Multi.Generic ) - warning
09:09:45.0072 0x11f0 [ FFFA898575A8A16665429AFAE3D55302, 4241268D45E86D797250A996C014F7F4F701DF023A64669217C1EBE2555836BE ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
09:09:45.0087 0x11f0 SynTP - ok
09:09:45.0134 0x11f0 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
09:09:45.0212 0x11f0 SysMain - detected UnsignedFile.Multi.Generic ( 1 )
09:09:45.0212 0x11f0 Object is SCO, delete is not allowed
09:09:45.0212 0x11f0 SysMain ( UnsignedFile.Multi.Generic ) - warning
09:09:45.0275 0x11f0 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
09:09:45.0306 0x11f0 TabletInputService - detected UnsignedFile.Multi.Generic ( 1 )
09:09:45.0306 0x11f0 Object is SCO, delete is not allowed
09:09:45.0306 0x11f0 TabletInputService ( UnsignedFile.Multi.Generic ) - warning
09:09:45.0306 0x11f0 Force sending object to P2P due to detect: TabletInputService
09:09:45.0306 0x11f0 Object send P2P result: false
09:09:45.0321 0x11f0 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
09:09:45.0353 0x11f0 TapiSrv - detected UnsignedFile.Multi.Generic ( 1 )
09:09:45.0353 0x11f0 TapiSrv ( UnsignedFile.Multi.Generic ) - warning
09:09:45.0384 0x11f0 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
09:09:45.0415 0x11f0 TBS - detected UnsignedFile.Multi.Generic ( 1 )
09:09:45.0415 0x11f0 Object is SCO, delete is not allowed
09:09:45.0415 0x11f0 TBS ( UnsignedFile.Multi.Generic ) - warning
09:09:45.0415 0x11f0 Force sending object to P2P due to detect: TBS
09:09:45.0415 0x11f0 Object send P2P result: false
09:09:45.0493 0x11f0 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:09:45.0555 0x11f0 Tcpip - ok
09:09:45.0633 0x11f0 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:09:45.0680 0x11f0 TCPIP6 - ok
09:09:45.0727 0x11f0 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:09:45.0743 0x11f0 tcpipreg - detected UnsignedFile.Multi.Generic ( 1 )
09:09:45.0743 0x11f0 Object is SCO, delete is not allowed
09:09:45.0743 0x11f0 tcpipreg ( UnsignedFile.Multi.Generic ) - warning
09:09:45.0774 0x11f0 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:09:45.0805 0x11f0 TDPIPE - detected UnsignedFile.Multi.Generic ( 1 )
09:09:45.0805 0x11f0 Object is SCO, delete is not allowed
09:09:45.0805 0x11f0 TDPIPE ( UnsignedFile.Multi.Generic ) - warning
09:09:45.0852 0x11f0 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:09:45.0883 0x11f0 TDTCP - detected UnsignedFile.Multi.Generic ( 1 )
09:09:45.0883 0x11f0 Object is SCO, delete is not allowed
09:09:45.0883 0x11f0 TDTCP ( UnsignedFile.Multi.Generic ) - warning
09:09:45.0945 0x11f0 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:09:45.0977 0x11f0 tdx - detected UnsignedFile.Multi.Generic ( 1 )
09:09:45.0977 0x11f0 Object is SCO, delete is not allowed
09:09:45.0977 0x11f0 tdx ( UnsignedFile.Multi.Generic ) - warning
09:09:46.0008 0x11f0 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:09:46.0023 0x11f0 TermDD - ok
09:09:46.0086 0x11f0 [ E05E31F7BF577228E27CFFCA5B54ABBD, BF053DE7FA6DF33E15D0DD421F34962D92575ED163E4A605FE6B8DA9CEA5CF55 ] TermService C:\Windows\System32\termsrv.dll
09:09:46.0148 0x11f0 TermService - detected UnsignedFile.Multi.Generic ( 1 )
09:09:46.0148 0x11f0 Object is SCO, delete is not allowed
09:09:46.0148 0x11f0 TermService ( UnsignedFile.Multi.Generic ) - warning
09:09:46.0164 0x11f0 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
09:09:46.0179 0x11f0 Themes - detected UnsignedFile.Multi.Generic ( 1 )
09:09:46.0195 0x11f0 Themes ( UnsignedFile.Multi.Generic ) - warning
09:09:46.0195 0x11f0 Force sending object to P2P due to detect: Themes
09:09:46.0195 0x11f0 Object send P2P result: false
09:09:46.0289 0x11f0 [ 82C4830AB23A7AB125F38DA9A46B6A6D, 6A1DAA4E5E366142EA3E26DBAB005E88D9C0FB207331F1E11E6F2B06B4CECFF6 ] ThinkVantage Registry Monitor Service C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
09:09:46.0335 0x11f0 ThinkVantage Registry Monitor Service - ok
09:09:46.0351 0x11f0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
09:09:46.0382 0x11f0 THREADORDER - detected UnsignedFile.Multi.Generic ( 1 )
09:09:46.0382 0x11f0 Detect skipped due to KSN trusted
09:09:46.0382 0x11f0 THREADORDER - ok
09:09:46.0398 0x11f0 [ 20A439D6475D6FE1909159C0143D0466, 98C3627D084F75E751ABA25145FEE2C824B6978B49B763FC6B58EEDCA3CF4EB7 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM86.sys
09:09:46.0413 0x11f0 TPDIGIMN - ok
09:09:46.0429 0x11f0 [ 3775E4AA5F72264DBAB7A578DD913ECF, 9050B068C2E45311CFAAC49CC504E17C7E05759646B3231A647FED536B3D0D1F ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG.exe
09:09:46.0445 0x11f0 TPHDEXLGSVC - ok
09:09:46.0538 0x11f0 [ 9CD364ECB3A10B24C7CAC8FF89993A67, 5801E40BAF7F0F7AC7D3EC1CD785D4745B8FEFF9038CDD7EAC44B13744F4F72C ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
09:09:46.0554 0x11f0 TPHKLOAD - ok
09:09:46.0601 0x11f0 [ C04BB65441913AB621C58A8BD3169B23, 2EC3DD6A154CA9751F560960F5CD9659C8EFF7DF57505A165AFBB0EF45137082 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
09:09:46.0616 0x11f0 TPHKSVC - ok
09:09:46.0647 0x11f0 [ 5AD05191DC8B444A7BA4D79B76C42A30, 6166E939A5A240388EBA5AF7FF335DC413F2BBCF74C2E1D310F4BE2A5454A610 ] TPM C:\Windows\system32\drivers\tpm.sys
09:09:46.0663 0x11f0 TPM - detected UnsignedFile.Multi.Generic ( 1 )
09:09:46.0663 0x11f0 TPM ( UnsignedFile.Multi.Generic ) - warning
09:09:46.0679 0x11f0 [ 6412DA2B8D079D821B99B3A99943284E, DE6B2E31C8AEE9FC0AE2D22C4145E3BF11715279A1725020BBB4C585586E18B2 ] TPPWRIF C:\Windows\system32\drivers\Tppwr32v.sys
09:09:46.0694 0x11f0 TPPWRIF - ok
09:09:46.0694 0x11f0 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
09:09:46.0725 0x11f0 TrkWks - detected UnsignedFile.Multi.Generic ( 1 )
09:09:46.0725 0x11f0 Object is SCO, delete is not allowed
09:09:46.0725 0x11f0 TrkWks ( UnsignedFile.Multi.Generic ) - warning
09:09:46.0757 0x11f0 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:09:46.0788 0x11f0 TrustedInstaller - detected UnsignedFile.Multi.Generic ( 1 )
09:09:46.0788 0x11f0 Object is SCO, delete is not allowed
09:09:46.0788 0x11f0 TrustedInstaller ( UnsignedFile.Multi.Generic ) - warning
09:09:46.0835 0x11f0 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:09:46.0866 0x11f0 tssecsrv - detected UnsignedFile.Multi.Generic ( 1 )
09:09:46.0866 0x11f0 Object is SCO, delete is not allowed
09:09:46.0866 0x11f0 tssecsrv ( UnsignedFile.Multi.Generic ) - warning
09:09:46.0944 0x11f0 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:09:46.0959 0x11f0 TsUsbFlt - detected UnsignedFile.Multi.Generic ( 1 )
09:09:46.0959 0x11f0 TsUsbFlt ( UnsignedFile.Multi.Generic ) - warning
09:09:47.0131 0x11f0 [ F88A177FA51674CE8EAF43DA56DF5D36, D565C86BAAE8431D139C7FF79F9F365FE2361FCA302B9AB7E33169D08483F28B ] TuneUp.UtilitiesSvc C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
09:09:47.0256 0x11f0 TuneUp.UtilitiesSvc - ok
09:09:47.0334 0x11f0 [ E5049C43601473B5A909058596111229, 96CFE481F767C66FA2877594384086C1BE8B2BADBF12DBF4CB72CF73898D0876 ] TuneUpUtilitiesDrv C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
09:09:47.0349 0x11f0 TuneUpUtilitiesDrv - ok
09:09:47.0412 0x11f0 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:09:47.0443 0x11f0 tunnel - detected UnsignedFile.Multi.Generic ( 1 )
09:09:47.0443 0x11f0 Object is SCO, delete is not allowed
09:09:47.0443 0x11f0 tunnel ( UnsignedFile.Multi.Generic ) - warning
09:09:47.0490 0x11f0 [ C0847EDCCCEF8D4F5354E82EC9E90159, 1A16A1734A6E7652F78186D1B3B60E08D8CB27560C023E9348ED2BE30722679E ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
09:09:47.0490 0x11f0 TurboB - ok
09:09:47.0568 0x11f0 [ 8629F69817902D9D0F00EB3247AABA51, 43AD174B1029BAF62C5BBB3AA022EB02EFC0BBE3F76571C22BF96C35D895D9E6 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:09:47.0583 0x11f0 TurboBoost - ok
09:09:47.0708 0x11f0 [ B56DA1AA776C15043D10F82B32AA000D, F9AC51F63994343D454168FACE284411A5F63CF98A253171C62FB8B1A06E1529 ] TVT Backup Service C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
09:09:47.0755 0x11f0 TVT Backup Service - detected UnsignedFile.Multi.Generic ( 1 )
09:09:47.0755 0x11f0 TVT Backup Service ( UnsignedFile.Multi.Generic ) - warning
09:09:47.0755 0x11f0 Force sending object to P2P due to detect: TVT Backup Service
09:09:47.0755 0x11f0 Object send P2P result: false
09:09:47.0786 0x11f0 [ 3078906E991F29305E8066911153717E, 697779A867D8BDE2A1ACDC04F73D799595067E0CD82D1535F149025AD1F6B741 ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
09:09:47.0786 0x11f0 TVTI2C - ok
09:09:47.0817 0x11f0 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:09:47.0833 0x11f0 uagp35 - ok
09:09:47.0849 0x11f0 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:09:47.0880 0x11f0 udfs - detected UnsignedFile.Multi.Generic ( 1 )
09:09:47.0880 0x11f0 Object is SCO, delete is not allowed
09:09:47.0880 0x11f0 udfs ( UnsignedFile.Multi.Generic ) - warning
09:09:47.0911 0x11f0 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:09:47.0958 0x11f0 UI0Detect - detected UnsignedFile.Multi.Generic ( 1 )
09:09:47.0958 0x11f0 Object is SCO, delete is not allowed
09:09:47.0958 0x11f0 UI0Detect ( UnsignedFile.Multi.Generic ) - warning
09:09:47.0973 0x11f0 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:09:47.0989 0x11f0 uliagpkx - ok
09:09:48.0020 0x11f0 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:09:48.0051 0x11f0 umbus - detected UnsignedFile.Multi.Generic ( 1 )
09:09:48.0051 0x11f0 Object is SCO, delete is not allowed
09:09:48.0051 0x11f0 umbus ( UnsignedFile.Multi.Generic ) - warning
09:09:48.0067 0x11f0 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:09:48.0098 0x11f0 UmPass - detected UnsignedFile.Multi.Generic ( 1 )
09:09:48.0098 0x11f0 Object is SCO, delete is not allowed
09:09:48.0098 0x11f0 UmPass ( UnsignedFile.Multi.Generic ) - warning
09:09:48.0145 0x11f0 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
09:09:48.0192 0x11f0 UmRdpService - detected UnsignedFile.Multi.Generic ( 1 )
09:09:48.0192 0x11f0 Object is SCO, delete is not allowed
09:09:48.0192 0x11f0 UmRdpService ( UnsignedFile.Multi.Generic ) - warning
09:09:48.0301 0x11f0 [ CCC28FA0DFDFDB161624F1C63296418C, 65E0C7D63BF398F697A54F076078CABB028C05C280C3309B22E4C40E8B556E66 ] UNS C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:09:48.0379 0x11f0 UNS - ok
09:09:48.0395 0x11f0 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
09:09:48.0441 0x11f0 upnphost - detected UnsignedFile.Multi.Generic ( 1 )
09:09:48.0441 0x11f0 upnphost ( UnsignedFile.Multi.Generic ) - warning
09:09:48.0441 0x11f0 Force sending object to P2P due to detect: upnphost
09:09:48.0441 0x11f0 Object send P2P result: false
09:09:48.0504 0x11f0 [ A1977C315BF5691DA99235AA4A6907AF, 34B52FBA83F0E1C6B001D0AD1808B00152F731D18AAECC3C53B9918AA89BACEC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
09:09:48.0551 0x11f0 usbaudio - detected UnsignedFile.Multi.Generic ( 1 )
09:09:48.0551 0x11f0 usbaudio ( UnsignedFile.Multi.Generic ) - warning
09:09:48.0551 0x11f0 Force sending object to P2P due to detect: usbaudio
09:09:48.0551 0x11f0 Object send P2P result: false
09:09:48.0582 0x11f0 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:09:48.0613 0x11f0 usbccgp - detected UnsignedFile.Multi.Generic ( 1 )
09:09:48.0613 0x11f0 Object is SCO, delete is not allowed
09:09:48.0613 0x11f0 usbccgp ( UnsignedFile.Multi.Generic ) - warning
09:09:48.0660 0x11f0 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:09:48.0691 0x11f0 usbcir - detected UnsignedFile.Multi.Generic ( 1 )
09:09:48.0691 0x11f0 Object is SCO, delete is not allowed
09:09:48.0691 0x11f0 usbcir ( UnsignedFile.Multi.Generic ) - warning
09:09:48.0738 0x11f0 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:09:48.0753 0x11f0 usbehci - detected UnsignedFile.Multi.Generic ( 1 )
09:09:48.0753 0x11f0 Object is SCO, delete is not allowed
09:09:48.0753 0x11f0 usbehci ( UnsignedFile.Multi.Generic ) - warning
09:09:48.0785 0x11f0 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:09:48.0816 0x11f0 usbhub - detected UnsignedFile.Multi.Generic ( 1 )
09:09:48.0816 0x11f0 Object is SCO, delete is not allowed
09:09:48.0816 0x11f0 usbhub ( UnsignedFile.Multi.Generic ) - warning
09:09:48.0816 0x11f0 Force sending object to P2P due to detect: usbhub
09:09:48.0816 0x11f0 Object send P2P result: false
09:09:48.0863 0x11f0 [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:09:48.0894 0x11f0 usbohci - detected UnsignedFile.Multi.Generic ( 1 )
09:09:48.0894 0x11f0 Object is SCO, delete is not allowed
09:09:48.0894 0x11f0 usbohci ( UnsignedFile.Multi.Generic ) - warning
09:09:48.0894 0x11f0 Force sending object to P2P due to detect: usbohci
09:09:48.0894 0x11f0 Object send P2P result: false
09:09:48.0956 0x11f0 [ 41B758CFF0A3C10A69E088F440677399, E3E22275410AA7489A6FBE49DAD7C30751F27D537DCAFEBA7BF22D8ECE91471B ] USBPNPA C:\Windows\system32\drivers\CM108.sys
09:09:49.0050 0x11f0 USBPNPA - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0050 0x11f0 USBPNPA ( UnsignedFile.Multi.Generic ) - warning
09:09:49.0065 0x11f0 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:09:49.0097 0x11f0 usbprint - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0097 0x11f0 Object is SCO, delete is not allowed
09:09:49.0097 0x11f0 usbprint ( UnsignedFile.Multi.Generic ) - warning
09:09:49.0097 0x11f0 Force sending object to P2P due to detect: usbprint
09:09:49.0097 0x11f0 Object send P2P result: false
09:09:49.0159 0x11f0 [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan C:\Windows\system32\drivers\usbscan.sys
09:09:49.0175 0x11f0 usbscan - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0175 0x11f0 usbscan ( UnsignedFile.Multi.Generic ) - warning
09:09:49.0175 0x11f0 Force sending object to P2P due to detect: usbscan
09:09:49.0175 0x11f0 Object send P2P result: false
09:09:49.0221 0x11f0 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:09:49.0253 0x11f0 USBSTOR - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0253 0x11f0 USBSTOR ( UnsignedFile.Multi.Generic ) - warning
09:09:49.0299 0x11f0 [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:09:49.0331 0x11f0 usbuhci - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0331 0x11f0 Object is SCO, delete is not allowed
09:09:49.0331 0x11f0 usbuhci ( UnsignedFile.Multi.Generic ) - warning
09:09:49.0393 0x11f0 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:09:49.0440 0x11f0 usbvideo - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0440 0x11f0 usbvideo ( UnsignedFile.Multi.Generic ) - warning
09:09:49.0440 0x11f0 Force sending object to P2P due to detect: usbvideo
09:09:49.0440 0x11f0 Object send P2P result: false
09:09:49.0455 0x11f0 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
09:09:49.0487 0x11f0 UxSms - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0487 0x11f0 Object is SCO, delete is not allowed
09:09:49.0487 0x11f0 UxSms ( UnsignedFile.Multi.Generic ) - warning
09:09:49.0487 0x11f0 Force sending object to P2P due to detect: UxSms
09:09:49.0502 0x11f0 Object send P2P result: false
09:09:49.0580 0x11f0 [ 78AD1693A685FA570C36E65B6708E16F, 111CC856C630C2C8A7AF456688201227A2DC97D3BF7A038F160A8BB1803E5515 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
09:09:49.0580 0x11f0 UxTuneUp - ok
09:09:49.0596 0x11f0 [ DD17E1573651293D4ED31053795B3471, 94F7D1BB1C3B0C1FAAEED07375DB0F3BC995394FB5C26983548D946C8D229D54 ] VaultSvc C:\Windows\system32\lsass.exe
09:09:49.0627 0x11f0 VaultSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0627 0x11f0 Detect skipped due to KSN trusted
09:09:49.0627 0x11f0 VaultSvc - ok
09:09:49.0643 0x11f0 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:09:49.0643 0x11f0 vdrvroot - ok
09:09:49.0674 0x11f0 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
09:09:49.0736 0x11f0 vds - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0736 0x11f0 Object is SCO, delete is not allowed
09:09:49.0736 0x11f0 vds ( UnsignedFile.Multi.Generic ) - warning
09:09:49.0752 0x11f0 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:09:49.0783 0x11f0 vga - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0783 0x11f0 Object is SCO, delete is not allowed
09:09:49.0783 0x11f0 vga ( UnsignedFile.Multi.Generic ) - warning
09:09:49.0830 0x11f0 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:09:49.0845 0x11f0 VgaSave - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0845 0x11f0 Object is SCO, delete is not allowed
09:09:49.0845 0x11f0 VgaSave ( UnsignedFile.Multi.Generic ) - warning
09:09:49.0877 0x11f0 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:09:49.0892 0x11f0 vhdmp - ok
09:09:49.0892 0x11f0 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:09:49.0923 0x11f0 viaagp - ok
09:09:49.0923 0x11f0 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
09:09:49.0955 0x11f0 ViaC7 - detected UnsignedFile.Multi.Generic ( 1 )
09:09:49.0955 0x11f0 Object is SCO, delete is not allowed
09:09:49.0955 0x11f0 ViaC7 ( UnsignedFile.Multi.Generic ) - warning
09:09:50.0001 0x11f0 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
09:09:50.0017 0x11f0 viaide - ok
09:09:50.0033 0x11f0 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:09:50.0095 0x11f0 vmbus - ok
09:09:50.0111 0x11f0 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:09:50.0142 0x11f0 VMBusHID - detected UnsignedFile.Multi.Generic ( 1 )
09:09:50.0142 0x11f0 VMBusHID ( UnsignedFile.Multi.Generic ) - warning
09:09:50.0173 0x11f0 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:09:50.0189 0x11f0 volmgr - ok
09:09:50.0189 0x11f0 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:09:50.0220 0x11f0 volmgrx - ok
09:09:50.0235 0x11f0 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:09:50.0251 0x11f0 volsnap - ok
09:09:50.0282 0x11f0 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:09:50.0313 0x11f0 vsmraid - ok
09:09:50.0345 0x11f0 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
09:09:50.0423 0x11f0 VSS - detected UnsignedFile.Multi.Generic ( 1 )
09:09:50.0423 0x11f0 Object is SCO, delete is not allowed
09:09:50.0423 0x11f0 VSS ( UnsignedFile.Multi.Generic ) - warning
09:09:50.0438 0x11f0 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:09:50.0469 0x11f0 vwifibus - detected UnsignedFile.Multi.Generic ( 1 )
09:09:50.0469 0x11f0 vwifibus ( UnsignedFile.Multi.Generic ) - warning
09:09:50.0516 0x11f0 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:09:50.0532 0x11f0 vwififlt - detected UnsignedFile.Multi.Generic ( 1 )
09:09:50.0532 0x11f0 vwififlt ( UnsignedFile.Multi.Generic ) - warning
09:09:50.0547 0x11f0 [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:09:50.0579 0x11f0 vwifimp - detected UnsignedFile.Multi.Generic ( 1 )
09:09:50.0579 0x11f0 vwifimp ( UnsignedFile.Multi.Generic ) - warning
09:09:50.0610 0x11f0 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
09:09:50.0657 0x11f0 W32Time - detected UnsignedFile.Multi.Generic ( 1 )
09:09:50.0657 0x11f0 Object is SCO, delete is not allowed
09:09:50.0657 0x11f0 W32Time ( UnsignedFile.Multi.Generic ) - warning
09:09:50.0657 0x11f0 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:09:50.0688 0x11f0 WacomPen - detected UnsignedFile.Multi.Generic ( 1 )
09:09:50.0688 0x11f0 Object is SCO, delete is not allowed
09:09:50.0688 0x11f0 WacomPen ( UnsignedFile.Multi.Generic ) - warning
09:09:50.0703 0x11f0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:09:50.0735 0x11f0 WANARP - detected UnsignedFile.Multi.Generic ( 1 )
09:09:50.0735 0x11f0 Object is SCO, delete is not allowed
09:09:50.0735 0x11f0 WANARP ( UnsignedFile.Multi.Generic ) - warning
09:09:50.0735 0x11f0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:09:50.0766 0x11f0 Wanarpv6 - detected UnsignedFile.Multi.Generic ( 1 )
09:09:50.0766 0x11f0 Object is SCO, delete is not allowed
09:09:50.0766 0x11f0 Wanarpv6 ( UnsignedFile.Multi.Generic ) - warning
09:09:50.0766 0x11f0 Force sending object to P2P due to detect: Wanarpv6
09:09:50.0766 0x11f0 Object send P2P result: false
09:09:50.0828 0x11f0 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:09:50.0891 0x11f0 WatAdminSvc - ok
09:09:50.0922 0x11f0 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
09:09:51.0031 0x11f0 wbengine - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0031 0x11f0 Object is SCO, delete is not allowed
09:09:51.0031 0x11f0 wbengine ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0031 0x11f0 Force sending object to P2P due to detect: wbengine
09:09:51.0031 0x11f0 Object send P2P result: false
09:09:51.0078 0x11f0 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:09:51.0109 0x11f0 WbioSrvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0109 0x11f0 WbioSrvc ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0140 0x11f0 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:09:51.0171 0x11f0 wcncsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0171 0x11f0 Object is SCO, delete is not allowed
09:09:51.0171 0x11f0 wcncsvc ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0171 0x11f0 Force sending object to P2P due to detect: wcncsvc
09:09:51.0171 0x11f0 Object send P2P result: false
09:09:51.0187 0x11f0 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:09:51.0218 0x11f0 WcsPlugInService - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0218 0x11f0 Object is SCO, delete is not allowed
09:09:51.0218 0x11f0 WcsPlugInService ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0218 0x11f0 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:09:51.0234 0x11f0 Wd - ok
09:09:51.0296 0x11f0 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:09:51.0327 0x11f0 Wdf01000 - ok
09:09:51.0343 0x11f0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:09:51.0359 0x11f0 WdiServiceHost - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0359 0x11f0 Object is SCO, delete is not allowed
09:09:51.0359 0x11f0 WdiServiceHost ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0374 0x11f0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:09:51.0390 0x11f0 WdiSystemHost - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0390 0x11f0 Object is SCO, delete is not allowed
09:09:51.0390 0x11f0 WdiSystemHost ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0421 0x11f0 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
09:09:51.0452 0x11f0 WebClient - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0452 0x11f0 Object is SCO, delete is not allowed
09:09:51.0452 0x11f0 WebClient ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0468 0x11f0 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:09:51.0515 0x11f0 Wecsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0515 0x11f0 Object is SCO, delete is not allowed
09:09:51.0515 0x11f0 Wecsvc ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0515 0x11f0 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:09:51.0546 0x11f0 wercplsupport - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0546 0x11f0 Object is SCO, delete is not allowed
09:09:51.0546 0x11f0 wercplsupport ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0546 0x11f0 Force sending object to P2P due to detect: wercplsupport
09:09:51.0546 0x11f0 Object send P2P result: false
09:09:51.0608 0x11f0 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
09:09:51.0639 0x11f0 WerSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0639 0x11f0 Object is SCO, delete is not allowed
09:09:51.0639 0x11f0 WerSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0702 0x11f0 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:09:51.0717 0x11f0 WfpLwf - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0717 0x11f0 WfpLwf ( UnsignedFile.Multi.Generic ) - warning
09:09:51.0717 0x11f0 Force sending object to P2P due to detect: WfpLwf
09:09:51.0717 0x11f0 Object send P2P result: false
09:09:51.0780 0x11f0 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:09:51.0795 0x11f0 WIMMount - ok
09:09:51.0873 0x11f0 [ 253A9C2DF9A2A7B3B23146014959F2CD, DC9AEF4F5085C52930EE7523FB8FF209D1EF6A8333FAAB043269C18AD029112A ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:09:51.0951 0x11f0 winachsf - detected UnsignedFile.Multi.Generic ( 1 )
09:09:51.0951 0x11f0 winachsf ( UnsignedFile.Multi.Generic ) - warning
09:09:52.0045 0x11f0 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:09:52.0107 0x11f0 WinDefend - detected UnsignedFile.Multi.Generic ( 1 )
09:09:52.0107 0x11f0 Object is SCO, delete is not allowed
09:09:52.0107 0x11f0 WinDefend ( UnsignedFile.Multi.Generic ) - warning
09:09:52.0154 0x11f0 WinHttpAutoProxySvc - ok
09:09:52.0217 0x11f0 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:09:52.0248 0x11f0 Winmgmt - detected UnsignedFile.Multi.Generic ( 1 )
09:09:52.0248 0x11f0 Object is SCO, delete is not allowed
09:09:52.0248 0x11f0 Winmgmt ( UnsignedFile.Multi.Generic ) - warning
09:09:52.0341 0x11f0 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
09:09:52.0451 0x11f0 WinRM - detected UnsignedFile.Multi.Generic ( 1 )
09:09:52.0451 0x11f0 Object is SCO, delete is not allowed
09:09:52.0451 0x11f0 WinRM ( UnsignedFile.Multi.Generic ) - warning
09:09:52.0451 0x11f0 Force sending object to P2P due to detect: WinRM
09:09:52.0466 0x11f0 Object send P2P result: false
09:09:52.0513 0x11f0 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:09:52.0529 0x11f0 WinUsb - detected UnsignedFile.Multi.Generic ( 1 )
09:09:52.0529 0x11f0 WinUsb ( UnsignedFile.Multi.Generic ) - warning
09:09:52.0591 0x11f0 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:09:52.0638 0x11f0 Wlansvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:52.0638 0x11f0 Object is SCO, delete is not allowed
09:09:52.0638 0x11f0 Wlansvc ( UnsignedFile.Multi.Generic ) - warning
09:09:52.0794 0x11f0 [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:09:52.0841 0x11f0 wlidsvc - ok
09:09:52.0903 0x11f0 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:09:52.0919 0x11f0 WmiAcpi - detected UnsignedFile.Multi.Generic ( 1 )
09:09:52.0919 0x11f0 Object is SCO, delete is not allowed
09:09:52.0919 0x11f0 WmiAcpi ( UnsignedFile.Multi.Generic ) - warning
09:09:52.0934 0x11f0 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:09:52.0965 0x11f0 wmiApSrv - detected UnsignedFile.Multi.Generic ( 1 )
09:09:52.0965 0x11f0 Object is SCO, delete is not allowed
09:09:52.0965 0x11f0 wmiApSrv ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0012 0x11f0 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:09:53.0090 0x11f0 WMPNetworkSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0090 0x11f0 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0090 0x11f0 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:09:53.0121 0x11f0 WPCSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0121 0x11f0 Object is SCO, delete is not allowed
09:09:53.0121 0x11f0 WPCSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0121 0x11f0 Force sending object to P2P due to detect: WPCSvc
09:09:53.0121 0x11f0 Object send P2P result: false
09:09:53.0153 0x11f0 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:09:53.0184 0x11f0 WPDBusEnum - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0184 0x11f0 Object is SCO, delete is not allowed
09:09:53.0184 0x11f0 WPDBusEnum ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0199 0x11f0 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:09:53.0231 0x11f0 ws2ifsl - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0231 0x11f0 Object is SCO, delete is not allowed
09:09:53.0231 0x11f0 ws2ifsl ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0246 0x11f0 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
09:09:53.0277 0x11f0 wscsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0277 0x11f0 Object is SCO, delete is not allowed
09:09:53.0277 0x11f0 wscsvc ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0324 0x11f0 [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:09:53.0355 0x11f0 WSDPrintDevice - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0355 0x11f0 WSDPrintDevice ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0402 0x11f0 [ 7DC0270CFD4A05B4112E3EBBF083B595, DF4FCDE511F0B68B6C6E28C820EB722C34710F31A16023A9A297EAD228E00137 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
09:09:53.0433 0x11f0 WSDScan - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0433 0x11f0 WSDScan ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0433 0x11f0 WSearch - ok
09:09:53.0543 0x11f0 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
09:09:53.0621 0x11f0 wuauserv - ok
09:09:53.0667 0x11f0 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:09:53.0714 0x11f0 WudfPf - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0714 0x11f0 Object is SCO, delete is not allowed
09:09:53.0714 0x11f0 WudfPf ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0714 0x11f0 Force sending object to P2P due to detect: WudfPf
09:09:53.0714 0x11f0 Object send P2P result: false
09:09:53.0745 0x11f0 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:09:53.0777 0x11f0 WUDFRd - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0777 0x11f0 Object is SCO, delete is not allowed
09:09:53.0777 0x11f0 WUDFRd ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0823 0x11f0 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:09:53.0855 0x11f0 wudfsvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0855 0x11f0 Object is SCO, delete is not allowed
09:09:53.0855 0x11f0 wudfsvc ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0855 0x11f0 Force sending object to P2P due to detect: wudfsvc
09:09:53.0855 0x11f0 Object send P2P result: false
09:09:53.0870 0x11f0 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
09:09:53.0917 0x11f0 WwanSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0917 0x11f0 WwanSvc ( UnsignedFile.Multi.Generic ) - warning
09:09:53.0917 0x11f0 Force sending object to P2P due to detect: WwanSvc
09:09:53.0917 0x11f0 Object send P2P result: false
09:09:53.0964 0x11f0 [ 894F963BE999BA9DB5AAC3AED55B115D, F4ECDD57FC5F6E295414745C2B8A2D9F9074C7035A6902456EE4447560863710 ] XAudio C:\Windows\system32\DRIVERS\XAudio32.sys
09:09:53.0979 0x11f0 XAudio - detected UnsignedFile.Multi.Generic ( 1 )
09:09:53.0979 0x11f0 XAudio ( UnsignedFile.Multi.Generic ) - warning
09:09:54.0104 0x11f0 [ 0812F65CA33A76E080336E07F65C61C6, 654BDC41171C2A3F874F5FEE19CB391522732923427F6B9F77407F8D4765A26C ] XmppAuth C:\Program Files\AVG\CloudCare\XmppAuth.exe
09:09:54.0135 0x11f0 XmppAuth - ok
09:09:54.0151 0x11f0 ================ Scan global ===============================
09:09:54.0213 0x11f0 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
09:09:54.0276 0x11f0 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
09:09:54.0291 0x11f0 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
09:09:54.0307 0x11f0 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:09:54.0338 0x11f0 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
09:09:54.0354 0x11f0 [ Global ] - ok
09:09:54.0354 0x11f0 ================ Scan MBR ==================================
09:09:54.0369 0x11f0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:09:54.0775 0x11f0 \Device\Harddisk0\DR0 - ok
09:09:54.0775 0x11f0 ================ Scan VBR ==================================
09:09:54.0791 0x11f0 [ 9865380EBB1B1C543A66352016E35E3E ] \Device\Harddisk0\DR0\Partition1
09:09:54.0791 0x11f0 \Device\Harddisk0\DR0\Partition1 - ok
09:09:54.0791 0x11f0 [ F96DF2677595D3D854F1A86E13CE51BC ] \Device\Harddisk0\DR0\Partition2
09:09:54.0791 0x11f0 \Device\Harddisk0\DR0\Partition2 - ok
09:09:54.0806 0x11f0 [ F6E1041D1C9F436BA79E564A6CDC6457 ] \Device\Harddisk0\DR0\Partition3
09:09:54.0806 0x11f0 \Device\Harddisk0\DR0\Partition3 - ok
09:09:54.0806 0x11f0 ================ Scan generic autorun ======================
09:09:54.0853 0x11f0 [ 7BA157B8D3CAFDAB7557A1958295FBA8, 77C8DC6BADBB58765C2E8577DFE8489EE2104BF64A006215A2DE818D20446F4B ] C:\Windows\system32\TpShocks.exe
09:09:54.0869 0x11f0 TpShocks - ok
09:09:54.0900 0x11f0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:09:54.0947 0x11f0 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
09:09:54.0947 0x11f0 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
09:09:54.0947 0x11f0 Force sending object to P2P due to detect: C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:09:54.0947 0x11f0 Object send P2P result: false
09:09:54.0947 0x11f0 PWMTRV - ok
09:09:55.0009 0x11f0 [ FD334D8C75FA3AD04B0211E4F99BDDFD, 3A1BFF26EDD7E4E2CE4B92FA7331E3160D4CF606122CAC7C02B34656CE0A7983 ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
09:09:55.0025 0x11f0 LENOVO.TPKNRRES - ok
09:09:55.0040 0x11f0 [ 1A73D7D5766BC5DDE3BCDEA0F59DF59B, 66F7097912272A9D7D8751BC7597FC6E780D194A0587BD669CFBF5E38A91DD65 ] C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
09:09:55.0056 0x11f0 IMSS - ok
09:09:55.0087 0x11f0 [ BB73B4A6D4A9F1410563D1BA4D53E7CA, 38641DF5215C770B30FEC045D930835CF8DC72F2F6CA30A85AD08B5D6B26AD33 ] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
09:09:55.0103 0x11f0 IJNetworkScanUtility - ok
09:09:55.0181 0x11f0 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
09:09:55.0181 0x11f0 BCSSync - ok
09:09:55.0259 0x11f0 [ 27CFFB1E41A2BE2A25957A679BD84E10, 521DC8F3439EAA780AE0DA68B0FC6E671963AF76E165590EA83D2F6896B1C941 ] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
09:09:55.0305 0x11f0 AdobeCS5ServiceManager - detected UnsignedFile.Multi.Generic ( 1 )
09:09:55.0305 0x11f0 AdobeCS5ServiceManager ( UnsignedFile.Multi.Generic ) - warning
09:09:55.0305 0x11f0 Force sending object to P2P due to detect: C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
09:09:55.0321 0x11f0 Object send P2P result: false
09:09:55.0368 0x11f0 [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
09:09:55.0399 0x11f0 AdobeAAMUpdater-1.0 - ok
09:09:55.0446 0x11f0 [ A5880BCCB8D36AB9EC35ADDAC2773A4F, 2D050447F42A2B8CB9A9AC705F72E8EDF7671E3ACDC141EC332A406928D56E2B ] C:\Program Files\Lenovo\Access Connections\ACWLIcon.exe
09:09:55.0446 0x11f0 ACWLIcon - ok
09:09:55.0477 0x11f0 [ DD07FE0128204206DAFE16EA6739396F, A452E786248FD3EAD0D88A4FEB6C3883E89A2C33CD060EFFD68C76FEE413C450 ] C:\Program Files\Lenovo\Access Connections\ACTray.exe
09:09:55.0508 0x11f0 ACTray - ok
09:09:55.0524 0x11f0 [ B64449927444E3C2B6D969D04601FCCF, C0294A6B1967CDED820229F39D3A273C107F6487943D9FDFB3FBE26F4EA3737D ] C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe
09:09:55.0555 0x11f0 AcWin7Hlpr - detected UnsignedFile.Multi.Generic ( 1 )
09:09:55.0555 0x11f0 AcWin7Hlpr ( UnsignedFile.Multi.Generic ) - warning
09:09:55.0555 0x11f0 Force sending object to P2P due to detect: C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe
09:09:55.0555 0x11f0 Object send P2P result: false
09:09:55.0586 0x11f0 [ 16843BD5B2C3A1FE581045E176E0298B, 7AF9F9A258DFD526BB4CAAAE4250177B5DC9C5967453B838F3867C1F9E1E1D43 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
09:09:55.0602 0x11f0 SmartAudio - ok
09:09:55.0695 0x11f0 [ 38E330A28E034CE632F218AD2AD6452B, A0394688DD698A315EB1A40B0278B660D6EBB47E150A760649204945B703F640 ] C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
09:09:55.0742 0x11f0 Trend Micro RUBotted V2.0 Beta - ok
09:09:55.0976 0x11f0 [ 28D29874E6B31DCB68A01127EF3D4DB5, 3D79C53FEF5C4CE17E155D92B59BB868378EA2A69A28B92FAF882020D48D57F5 ] C:\Program Files\AVG\AVG2014\avgui.exe
09:09:56.0117 0x11f0 AVG_UI - ok
09:09:56.0351 0x11f0 [ AF49D1C79EA49A7833017F290EE63B82, FFE98E8F6AE3BFAB324B3A7C6C6C00545C597A6861CBDD82ACE97591C6A1D287 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
09:09:56.0491 0x11f0 SDTray - ok
09:09:56.0507 0x11f0 [ DFE0702C5065EC62DC9B8B08997C1A85, 5C658208BAC41BF8570A01176B5F5DC14FCCB9525924D2FA9C2FBCD7ACB90FD6 ] C:\Program Files\AVG\CloudCare\AvgTrayApp.exe
09:09:56.0522 0x11f0 AVG CloudCare - ok
09:09:56.0647 0x11f0 [ 52B9FA60C8B60932AABFAE73CF3BA61C, 01A364D22603B852E9FB659CCBBB637A27DA78D01EE9F4288A78310EF56C8D2C ] C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe
09:09:56.0678 0x11f0 racontrol - ok
09:09:56.0756 0x11f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:09:56.0803 0x11f0 Sidebar - detected UnsignedFile.Multi.Generic ( 1 )
09:09:56.0819 0x11f0 Object is SCO, delete is not allowed
09:09:56.0819 0x11f0 Sidebar ( UnsignedFile.Multi.Generic ) - warning
09:09:56.0834 0x11f0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:09:56.0850 0x11f0 mctadmin - detected UnsignedFile.Multi.Generic ( 1 )
09:09:56.0850 0x11f0 mctadmin ( UnsignedFile.Multi.Generic ) - warning
09:09:56.0897 0x11f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:09:56.0959 0x11f0 Sidebar - detected UnsignedFile.Multi.Generic ( 1 )
09:09:56.0959 0x11f0 Object is SCO, delete is not allowed
09:09:56.0959 0x11f0 Sidebar ( UnsignedFile.Multi.Generic ) - warning
09:09:56.0959 0x11f0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:09:56.0990 0x11f0 mctadmin - detected UnsignedFile.Multi.Generic ( 1 )
09:09:56.0990 0x11f0 mctadmin ( UnsignedFile.Multi.Generic ) - warning
09:09:57.0021 0x11f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\sidebar.exe
09:09:57.0068 0x11f0 Sidebar - detected UnsignedFile.Multi.Generic ( 1 )
09:09:57.0068 0x11f0 Object is SCO, delete is not allowed
09:09:57.0068 0x11f0 Sidebar ( UnsignedFile.Multi.Generic ) - warning
09:09:57.0068 0x11f0 Force sending object to P2P due to detect: C:\Program Files\Windows Sidebar\sidebar.exe
09:09:57.0084 0x11f0 Object send P2P result: false
09:09:57.0146 0x11f0 [ C948AC73822CA662CF44185B909EA18B, 75895AA3AAED47D50D178CF064F939ED1EB345E9ADD12527F9F5737395A9AFB4 ] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
09:09:57.0193 0x11f0 OfficeSyncProcess - ok
09:09:57.0224 0x11f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
09:09:57.0287 0x11f0 Sidebar - detected UnsignedFile.Multi.Generic ( 1 )
09:09:57.0287 0x11f0 Object is SCO, delete is not allowed
09:09:57.0287 0x11f0 Sidebar ( UnsignedFile.Multi.Generic ) - warning
09:09:57.0287 0x11f0 AVG-Secure-Search-Update_JUNE2013_TB - ok
09:09:57.0318 0x11f0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
09:09:57.0333 0x11f0 mctadmin - detected UnsignedFile.Multi.Generic ( 1 )
09:09:57.0333 0x11f0 mctadmin ( UnsignedFile.Multi.Generic ) - warning
09:09:57.0443 0x11f0 [ E9A1828AE398AE48EF6FC39953B7B5D5, E4439C75F67A2B4D8015327C5DC6D77ECF6E7893E54261704DEB5A5F400DCC61 ] C:\Program Files\Windows Live\Installer\wlstart.exe
09:09:57.0489 0x11f0 WLStart - ok
09:09:57.0489 0x11f0 AVG-Secure-Search-Update_JUNE2013_TB - ok
09:09:57.0567 0x11f0 AV detected via SS2: AVG CloudCare AntiVirus 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4800 ), 0x41000 ( enabled : updated )
09:09:57.0567 0x11f0 FW detected via SS2: AVG CloudCare AntiVirus 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4800 ), 0x41010 ( enabled )
09:09:57.0567 0x11f0 ============================================================
09:09:57.0567 0x11f0 Scan finished
09:09:57.0567 0x11f0 ============================================================

 

[spypcsense]

TDSS report part 2

Just noticed that it exceeded capacity

09:09:57.0583 0x1510 Detected object count: 198
09:09:57.0583 0x1510 Actual detected object count: 198
09:11:43.0025 0x1510 MSiSCSI ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0056 0x1510 MSKSSRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0072 0x1510 MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0072 0x1510 MSPQM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0088 0x1510 MSTEE ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0103 0x1510 C:\Windows\system32\DRIVERS\MTConfig.sys - copied to quarantine
09:11:43.0103 0x1510 MTConfig ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0150 0x1510 napagent ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0181 0x1510 NativeWifiP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0197 0x1510 C:\Windows\system32\DRIVERS\ndiscap.sys - copied to quarantine
09:11:43.0197 0x1510 NdisCap ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0212 0x1510 NdisTapi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0244 0x1510 Ndisuio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0275 0x1510 NdisWan ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0290 0x1510 NDProxy ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0306 0x1510 NetBIOS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0353 0x1510 NetBT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0384 0x1510 C:\Windows\System32\netman.dll - copied to quarantine
09:11:43.0384 0x1510 Netman ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0415 0x1510 netprofm ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:43.0774 0x1510 C:\Windows\system32\DRIVERS\NETw5s32.sys - copied to quarantine
09:11:43.0774 0x1510 NETw5s32 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0086 0x1510 C:\Windows\system32\DRIVERS\netw5v32.sys - copied to quarantine
09:11:44.0086 0x1510 netw5v32 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0460 0x1510 C:\Windows\system32\DRIVERS\NETwNs32.sys - copied to quarantine
09:11:44.0460 0x1510 NETwNs32 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0538 0x1510 NlaSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0538 0x1510 Npfs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0570 0x1510 nsi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0585 0x1510 nsiproxy ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0601 0x1510 Null ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0632 0x1510 ohci1394 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0663 0x1510 C:\Windows\system32\pnrpsvc.dll - copied to quarantine
09:11:44.0663 0x1510 p2pimsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0710 0x1510 p2psvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0726 0x1510 Parport ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0741 0x1510 C:\Windows\system32\DRIVERS\parvdm.sys - copied to quarantine
09:11:44.0741 0x1510 Parvdm ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0819 0x1510 C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe - copied to quarantine
09:11:44.0819 0x1510 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0850 0x1510 PcaSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0897 0x1510 PEAUTH ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:44.0960 0x1510 C:\Windows\system32\peerdistsvc.dll - copied to quarantine
09:11:44.0960 0x1510 PeerDistSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0069 0x1510 pla ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0147 0x1510 PlugPlay ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0162 0x1510 C:\Windows\system32\pnrpauto.dll - copied to quarantine
09:11:45.0162 0x1510 PNRPAutoReg ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0240 0x1510 C:\Windows\system32\pnrpsvc.dll - copied to quarantine
09:11:45.0240 0x1510 PNRPsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0272 0x1510 PolicyAgent ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0318 0x1510 C:\Windows\system32\umpo.dll - copied to quarantine
09:11:45.0318 0x1510 Power ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0350 0x1510 PptpMiniport ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0365 0x1510 Processor ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0412 0x1510 ProfSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0428 0x1510 Psched ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0521 0x1510 C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe - copied to quarantine
09:11:45.0521 0x1510 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0599 0x1510 C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe - copied to quarantine
09:11:45.0599 0x1510 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0646 0x1510 QWAVE ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0662 0x1510 QWAVEdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0693 0x1510 RasAcd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0708 0x1510 C:\Windows\system32\DRIVERS\AgileVpn.sys - copied to quarantine
09:11:45.0708 0x1510 RasAgileVpn ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0724 0x1510 RasAuto ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0755 0x1510 Rasl2tp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0786 0x1510 RasMan ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0802 0x1510 RasPppoe ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0818 0x1510 RasSstp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0849 0x1510 rdbss ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0942 0x1510 C:\Windows\system32\DRIVERS\rdpbus.sys - copied to quarantine
09:11:45.0942 0x1510 rdpbus ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0974 0x1510 RDPCDD ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:45.0989 0x1510 RDPDR ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0005 0x1510 RDPENCDD ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0036 0x1510 C:\Windows\system32\drivers\rdprefmp.sys - copied to quarantine
09:11:46.0036 0x1510 RDPREFMP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0067 0x1510 C:\Windows\system32\drivers\rdpvideominiport.sys - copied to quarantine
09:11:46.0083 0x1510 RdpVideoMiniport ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0114 0x1510 RDPWD ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0176 0x1510 RemoteAccess ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0223 0x1510 C:\Windows\system32\regsvc.dll - copied to quarantine
09:11:46.0223 0x1510 RemoteRegistry ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0301 0x1510 C:\Windows\system32\DRIVERS\rfcomm.sys - copied to quarantine
09:11:46.0301 0x1510 RFCOMM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0379 0x1510 C:\Windows\system32\DRIVERS\rimspe86.sys - copied to quarantine
09:11:46.0379 0x1510 rimspci ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0442 0x1510 C:\Windows\System32\RpcEpMap.dll - copied to quarantine
09:11:46.0442 0x1510 RpcEptMapper ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0473 0x1510 C:\Windows\system32\locator.exe - copied to quarantine
09:11:46.0473 0x1510 RpcLocator ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0504 0x1510 rspndr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0535 0x1510 C:\Windows\system32\drivers\vms3cap.sys - copied to quarantine
09:11:46.0535 0x1510 s3cap ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0551 0x1510 SCardSvr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0566 0x1510 C:\Windows\system32\DRIVERS\scfilter.sys - copied to quarantine
09:11:46.0566 0x1510 scfilter ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0629 0x1510 C:\Windows\system32\schedsvc.dll - copied to quarantine
09:11:46.0629 0x1510 Schedule ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0660 0x1510 C:\Windows\system32\drivers\sdbus.sys - copied to quarantine
09:11:46.0660 0x1510 sdbus ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0691 0x1510 SDRSVC ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0707 0x1510 C:\Windows\system32\drivers\secdrv.sys - copied to quarantine
09:11:46.0707 0x1510 secdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0769 0x1510 seclogon ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0800 0x1510 SENS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0816 0x1510 C:\Windows\system32\sensrsvc.dll - copied to quarantine
09:11:46.0816 0x1510 SensrSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0863 0x1510 Serenum ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0941 0x1510 Serial ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:46.0972 0x1510 sermouse ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0019 0x1510 SessionEnv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0034 0x1510 sffdisk ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0066 0x1510 sffp_mmc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0097 0x1510 sffp_sd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0128 0x1510 sfloppy ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0175 0x1510 SharedAccess ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0222 0x1510 C:\Windows\System32\shsvcs.dll - copied to quarantine
09:11:47.0222 0x1510 ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0253 0x1510 Smb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0284 0x1510 SNMPTRAP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0331 0x1510 C:\Windows\System32\spoolsv.exe - copied to quarantine
09:11:47.0331 0x1510 Spooler ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0518 0x1510 C:\Windows\system32\sppsvc.exe - copied to quarantine
09:11:47.0518 0x1510 sppsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0549 0x1510 C:\Windows\system32\sppuinotify.dll - copied to quarantine
09:11:47.0549 0x1510 sppuinotify ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0627 0x1510 srv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0674 0x1510 srv2 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0721 0x1510 C:\Windows\system32\DRIVERS\VSTAZL3.SYS - copied to quarantine
09:11:47.0721 0x1510 SrvHsfHDA ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0799 0x1510 C:\Windows\system32\DRIVERS\VSTDPV3.SYS - copied to quarantine
09:11:47.0799 0x1510 SrvHsfV92 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:47.0986 0x1510 C:\Windows\system32\DRIVERS\VSTCNXT3.SYS - copied to quarantine
09:11:47.0986 0x1510 SrvHsfWinac ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0017 0x1510 srvnet ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0064 0x1510 C:\Windows\System32\ssdpsrv.dll - copied to quarantine
09:11:48.0064 0x1510 SSDPSRV ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0111 0x1510 SstpSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0220 0x1510 StiSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0282 0x1510 C:\Windows\system32\storsvc.dll - copied to quarantine
09:11:48.0282 0x1510 StorSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0376 0x1510 C:\Program Files\Lenovo\System Update\SUService.exe - copied to quarantine
09:11:48.0376 0x1510 SUService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0454 0x1510 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - copied to quarantine
09:11:48.0470 0x1510 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0501 0x1510 swprv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0579 0x1510 SysMain ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0626 0x1510 TabletInputService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0672 0x1510 C:\Windows\System32\tapisrv.dll - copied to quarantine
09:11:48.0672 0x1510 TapiSrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0704 0x1510 TBS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0766 0x1510 tcpipreg ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0797 0x1510 TDPIPE ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0860 0x1510 TDTCP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0906 0x1510 tdx ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:48.0984 0x1510 TermService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0031 0x1510 C:\Windows\system32\themeservice.dll - copied to quarantine
09:11:49.0031 0x1510 Themes ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0062 0x1510 C:\Windows\system32\drivers\tpm.sys - copied to quarantine
09:11:49.0062 0x1510 TPM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0109 0x1510 TrkWks ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0172 0x1510 TrustedInstaller ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0250 0x1510 tssecsrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0312 0x1510 C:\Windows\system32\drivers\tsusbflt.sys - copied to quarantine
09:11:49.0312 0x1510 TsUsbFlt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0359 0x1510 tunnel ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0546 0x1510 C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe - copied to quarantine
09:11:49.0546 0x1510 TVT Backup Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0593 0x1510 udfs ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0624 0x1510 UI0Detect ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0655 0x1510 umbus ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0702 0x1510 UmPass ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0733 0x1510 UmRdpService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0764 0x1510 C:\Windows\System32\upnphost.dll - copied to quarantine
09:11:49.0764 0x1510 upnphost ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0811 0x1510 C:\Windows\system32\drivers\usbaudio.sys - copied to quarantine
09:11:49.0811 0x1510 usbaudio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0858 0x1510 usbccgp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:49.0967 0x1510 usbcir ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0030 0x1510 usbehci ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0092 0x1510 usbhub ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0154 0x1510 usbohci ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0264 0x1510 C:\Windows\system32\drivers\CM108.sys - copied to quarantine
09:11:50.0264 0x1510 USBPNPA ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0295 0x1510 usbprint ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0357 0x1510 C:\Windows\system32\drivers\usbscan.sys - copied to quarantine
09:11:50.0357 0x1510 usbscan ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0388 0x1510 C:\Windows\system32\DRIVERS\USBSTOR.SYS - copied to quarantine
09:11:50.0388 0x1510 USBSTOR ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0466 0x1510 usbuhci ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0529 0x1510 C:\Windows\System32\Drivers\usbvideo.sys - copied to quarantine
09:11:50.0529 0x1510 usbvideo ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0560 0x1510 UxSms ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0607 0x1510 vds ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0654 0x1510 vga ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0685 0x1510 VgaSave ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0716 0x1510 ViaC7 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0747 0x1510 C:\Windows\system32\drivers\VMBusHID.sys - copied to quarantine
09:11:50.0747 0x1510 VMBusHID ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0825 0x1510 VSS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0856 0x1510 C:\Windows\system32\DRIVERS\vwifibus.sys - copied to quarantine
09:11:50.0856 0x1510 vwifibus ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0903 0x1510 C:\Windows\system32\DRIVERS\vwififlt.sys - copied to quarantine
09:11:50.0903 0x1510 vwififlt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0934 0x1510 C:\Windows\system32\DRIVERS\vwifimp.sys - copied to quarantine
09:11:50.0934 0x1510 vwifimp ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:50.0997 0x1510 W32Time ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0028 0x1510 WacomPen ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0075 0x1510 WANARP ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0106 0x1510 Wanarpv6 ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0200 0x1510 wbengine ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0246 0x1510 C:\Windows\System32\wbiosrvc.dll - copied to quarantine
09:11:51.0246 0x1510 WbioSrvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0293 0x1510 wcncsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0340 0x1510 WcsPlugInService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0371 0x1510 WdiServiceHost ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0402 0x1510 WdiSystemHost ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0449 0x1510 WebClient ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0480 0x1510 Wecsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0527 0x1510 wercplsupport ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0558 0x1510 WerSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0590 0x1510 C:\Windows\system32\DRIVERS\wfplwf.sys - copied to quarantine
09:11:51.0590 0x1510 WfpLwf ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0683 0x1510 C:\Windows\system32\DRIVERS\HSX_CNXT.sys - copied to quarantine
09:11:51.0683 0x1510 winachsf ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0808 0x1510 WinDefend ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:51.0917 0x1510 Winmgmt ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0026 0x1510 WinRM ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0073 0x1510 C:\Windows\system32\DRIVERS\WinUsb.sys - copied to quarantine
09:11:52.0073 0x1510 WinUsb ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0167 0x1510 Wlansvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0229 0x1510 WmiAcpi ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0307 0x1510 wmiApSrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0416 0x1510 C:\Program Files\Windows Media Player\wmpnetwk.exe - copied to quarantine
09:11:52.0416 0x1510 WMPNetworkSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0448 0x1510 WPCSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0494 0x1510 WPDBusEnum ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0541 0x1510 ws2ifsl ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0588 0x1510 wscsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0650 0x1510 C:\Windows\system32\DRIVERS\WSDPrint.sys - copied to quarantine
09:11:52.0650 0x1510 WSDPrintDevice ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0713 0x1510 C:\Windows\system32\DRIVERS\WSDScan.sys - copied to quarantine
09:11:52.0713 0x1510 WSDScan ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0775 0x1510 WudfPf ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0806 0x1510 WUDFRd ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0869 0x1510 wudfsvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0916 0x1510 C:\Windows\System32\wwansvc.dll - copied to quarantine
09:11:52.0916 0x1510 WwanSvc ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:52.0978 0x1510 C:\Windows\system32\DRIVERS\XAudio32.sys - copied to quarantine
09:11:52.0978 0x1510 XAudio ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:53.0072 0x1510 C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - copied to quarantine
09:11:53.0072 0x1510 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:53.0196 0x1510 C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe - copied to quarantine
09:11:53.0196 0x1510 AdobeCS5ServiceManager ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:53.0259 0x1510 C:\Program Files\Lenovo\Access Connections\AcTBenabler.exe - copied to quarantine
09:11:53.0259 0x1510 AcWin7Hlpr ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:53.0352 0x1510 Sidebar ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:53.0399 0x1510 C:\Windows\System32\mctadmin.exe - copied to quarantine
09:11:53.0399 0x1510 mctadmin ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:53.0493 0x1510 Sidebar ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:53.0508 0x1510 C:\Windows\System32\mctadmin.exe - copied to quarantine
09:11:53.0508 0x1510 mctadmin ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:53.0586 0x1510 Sidebar ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:53.0664 0x1510 Sidebar ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:11:53.0696 0x1510 C:\Windows\System32\mctadmin.exe - copied to quarantine
09:11:53.0696 0x1510 mctadmin ( UnsignedFile.Multi.Generic ) - User select action: Quarantine
09:12:30.0465 0x0548 Deinitialize success

 

[Juliet]

Also please download Windows Repair (all in one) from here

Install the program then go to step 4 and create a new system restore point and new registry backup.

Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

NEXT
On the the Start Repairs tab => Click the Start

Please ensure that ONLY items seen in the image below are ticked as indicated (they're all checked by default):

Click on box next to the Restart System when Finished. Then click on Start.

After running this tool tell me what the computer is doing now.

 

[spypcsense]

Finished Windows Repair - BTW there are a couple of new versions out.
Running Malwarebytes and Spybot S&D (Spybot says I haven't scanned for 115 days but I've scanned several times and there is a log from Jan. 9) May take a couple of hours to finish. then I will try to run Windows Update and see if that works or I get the "you ain't genuine" message again. I'll let you know. Really appreciate all your efforts.

 

[Juliet]

your welcome

 

[spypcsense]

Well I guess we're not out of the woods yet.
Malwarebytes found and quarantined PUP.optional.spigot.A, .MyEmoticons.A
Spybot found 21 items which I fixed - they are all low level
will post the logs if you want
Update says the service isn't running but it is.
2nd time I clicked on control panel got message with long string of characters that says "The remote procedure call failed and did not execute"
Rebooted and tried update again - no luck even though service is running.
Downloaded MS Fixit, loaded the troubleshooter and then came up with message that it couldn't proceed. Microsoft support has all kinds of troubleshooting tips .....except for a troubleshooting error.http://forums.spybot.info/images/smilies/sad.gif

 

[spypcsense]

Success - Maybe

Downloaded and installed an upgrade from Lenovo. The computer is now installing updates!!!

 

[Juliet]

Downloaded and installed an upgrade from Lenovo. The computer is now installing updates!!!

your kidding me!

kinda unfair to me that a computer needing something as simple as a driver update (if thats what it was) was holding this process up.
Lenovo or Microsoft should had sent something saying it was required.

 

[spypcsense]

Wasn't just that. There was malware in the computer and it took all those scans to get it out to where I could upgrade and update. That being said - if an MS forum suggested upgrading drivers or removing malware, I couldn't find it. Their search engine sucks - even if you put something in quotes.

your kidding me!

kinda unfair to me that a computer needing something as simple as a driver update (if thats what it was) was holding this process up.
Lenovo or Microsoft should had sent something saying it was required.

 

[Juliet]

I'm not thinking we'll find much more but to be on the safe side let's run a new FRST log

• Right-Click FRST.exe / FRST64.exe and select
  
  Run as administrator to run the programme.
• Click Yes to the disclaimer.
• Ensure the Addition.txt box is checked.
• Click the Scan button and let the programme run.
• Upon completion, click OK, then OK on the Addition.txt pop up screen.
• Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.
  

 

[spypcsense]

Hello Juliet - Hope you got some time to relax this weekend. Here's where we are at: The Genuine windows error still pops up. A system check shows Windows as being activated. The MS program to resolve the issue loads and runs instead of erroring out like it did before but it doesn't finish - just keeps going and going. One other little tidbit - I changed the home page and the default search engine to Google. I had been using Bing but in all this mess it got changed to Yahoo. Now default search has gone back to Yahoo.
Here are the logs - if they both fit.
FRST:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo.msn.com
HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {5C8E242B-D9CA-487E-BCF8-56FAB52B4D3A} URL = http://www.bing.com/search?q={searchTerms}&form=LEMDF8&pc=MALC&src=IE-SearchBox;
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> {8B8759FD-D298-4DA4-9E65-1537394A49E4} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=523482&p={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: IePasswordManagerHelper Class -> {BF468356-BB7E-42D7-9F15-4F3B9BCFCED2} -> C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll (Lenovo Group Limited)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_65-windows-i586.cab
DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} http://10.0.0.26:85/HiDvrOcx.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: intu-help-qb2 - {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Yahoo!
FF Homepage: google.com
FF Keyword.URL: https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=523482&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @Musicnotes.com/Musicnotes Viewer,version=1.18.9 -> C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
FF Plugin: @Sibelius.com/Scorch Plugin,version=6.2.0.88 -> C:\Program Files\Musicnotes\npsibelius.dll ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2701720504-2077786656-4262629455-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bruce\AppData\Local\Citrix\Plugins\94\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Bruce\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Extension: DownloadHelper - C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-05]
FF Extension: Quick Translator - C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\dyc1xnox.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-03-16]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-17]

Chrome:
=======
CHR HomePage: Default -> CF2A1B5DAB7B5315E55715EF8EC5133FC9F72ED56902A51959CDB1A61A4E382D
CHR StartupUrls: Default -> "https://search.yahoo.com/?type=523482&fr=yo-yhp-ch"
CHR DefaultSearchKeyword: Default -> yahoo.com Search
CHR DefaultSearchURL: Default -> https://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=523482&p={searchTerms}
CHR DefaultSuggestURL: Default -> https://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\37.0.2062.124\pdf.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7280_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (Musicnotes) - C:\Program Files\Musicnotes\npmusicn.dll (Musicnotes, Inc.)
CHR Plugin: (ScorchPlugin) - C:\Program Files\Musicnotes\npsibelius.dll ()
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Skype Click to Call) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2011-04-08]
CHR Extension: (Google Wallet) - C:\Users\Bruce\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-07]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AcPrfMgrSvc; C:\Program Files\Lenovo\Access Connections\AcPrfMgrSvc.exe [124264 2009-11-26] (Lenovo)
R2 AcSvc; C:\Program Files\Lenovo\Access Connections\AcSvc.exe [255336 2009-11-26] (Lenovo)
R2 AMPPALR3; C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [948736 2011-08-08] (Intel Corporation)
R2 AvgApiWrapper; C:\Program Files\AVG\CloudCare\AvgApiWrapper.exe [151832 2014-07-25] (AVG Technologies, Inc.)
R2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1417160 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 AvgRemote; C:\Program Files\AVG\CloudCare\AvgRemote\AvgRemote.exe [54960 2013-09-05] (AVG Technologies, Inc.)
R2 AvgUpgrade; C:\Program Files\AVG\CloudCare\AvgUpgrade.exe [78616 2014-07-25] (AVG Technologies, Inc.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 BTHSSecurityMgr; C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [102672 2011-06-03] (Intel(R) Corporation)
R2 LENOVO.CAMMUTE; C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe [50536 2010-07-27] (Lenovo Group Limited)
R2 LENOVO.MICMUTE; C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe [101736 2011-07-12] (Lenovo Group Limited)
R2 LENOVO.TPKNRSVC; C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe [74088 2010-07-27] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [127336 2011-07-12] (Lenovo Group Limited)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [88576 2011-09-15] () [File not signed]
S4 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2010-01-31] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2008-11-18] (Intuit Inc.) [File not signed]
R2 raserver; C:\Program Files\AVG\CloudCare\AvgRemote\raserver.exe [1404080 2013-08-29] (AVG Technologies, Inc.)
R2 RUBotSrv; C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe [443416 2013-07-25] (Trend Micro Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 SUService; C:\Program Files\Lenovo\System Update\SUService.exe [28672 2011-07-25] (Lenovo Group Limited) [File not signed]
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TPHKLOAD; C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe [131432 2011-07-12] (Lenovo Group Limited)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [1858360 2014-07-14] (AVG)
S3 TVT Backup Service; C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [1474560 2009-09-03] (Lenovo Group Limited) [File not signed]
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [35640 2014-07-14] (AVG)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
R2 XmppAuth; C:\Program Files\AVG\CloudCare\XmppAuth.exe [285464 2014-07-25] (AVG Technologies, Inc.)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [46976 2009-07-13] (Microsoft Corporation)
S4 AFS; C:\Windows\system32\Drivers\AFS.sys [79052 2012-12-17] (Oak Technology Inc.) [File not signed]
R3 AMPPAL; C:\Windows\System32\DRIVERS\AMPPAL.sys [243712 2011-08-08] (Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\Windows\System32\DRIVERS\amppal.sys [243712 2011-08-08] (Windows (R) Win 7 DDK provider)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [47928 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [189720 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-10-20] (AVG Technologies CZ, s.r.o.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-19] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R3 NETwNs32; C:\Windows\System32\DRIVERS\NETwNs32.sys [7517696 2011-08-03] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13752 2009-09-29] ()
S3 USBPNPA; C:\Windows\System32\drivers\CM108.sys [1310720 2007-06-28] (C-Media Inc)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 09:34 - 2015-01-19 09:34 - 00000000 ____D () C:\Users\Bruce\Desktop\FRST-OlderVersion
2015-01-17 17:14 - 2015-01-17 17:14 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-17 16:04 - 2015-01-17 16:04 - 00159144 _____ (Microsoft Corporation) C:\Users\Bruce\Downloads\WindowsActivationUpdate(3).exe
2015-01-16 20:56 - 2015-01-16 20:56 - 00000000 ____D () C:\Windows\system32\appraiser
2015-01-16 19:27 - 2014-10-17 17:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-01-16 19:27 - 2014-07-06 17:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-01-16 19:27 - 2014-07-06 17:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-01-16 19:27 - 2014-07-06 17:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-01-16 19:27 - 2014-07-06 17:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-01-16 19:18 - 2014-12-11 21:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-16 19:18 - 2014-12-11 21:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-16 19:18 - 2014-11-26 17:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-01-16 19:18 - 2014-11-21 18:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-01-16 19:18 - 2014-11-21 18:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-01-16 19:18 - 2014-11-21 18:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-01-16 19:18 - 2014-11-21 18:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-01-16 19:18 - 2014-11-21 18:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-01-16 19:18 - 2014-11-21 18:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-01-16 19:18 - 2014-11-21 18:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-01-16 19:18 - 2014-11-21 18:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-01-16 19:18 - 2014-11-21 17:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-01-16 19:18 - 2014-11-21 17:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-01-16 19:18 - 2014-11-21 17:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-01-16 19:18 - 2014-11-21 17:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-01-16 19:18 - 2014-11-21 17:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-01-16 19:18 - 2014-11-21 17:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-01-16 19:18 - 2014-11-21 17:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-01-16 19:18 - 2014-11-21 17:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-01-16 19:18 - 2014-11-21 17:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-01-16 19:18 - 2014-11-21 17:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-01-16 19:18 - 2014-11-21 17:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-01-16 19:18 - 2014-11-21 17:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-01-16 19:18 - 2014-11-21 17:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-01-16 19:18 - 2014-11-21 17:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-01-16 19:18 - 2014-11-21 17:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-01-16 19:18 - 2014-11-21 17:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-01-16 19:18 - 2014-11-21 17:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-01-16 19:18 - 2014-11-21 17:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-01-16 19:18 - 2014-11-21 17:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-01-16 19:18 - 2014-11-21 16:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-01-16 19:18 - 2014-11-21 16:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-01-16 19:18 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-01-16 19:18 - 2014-10-13 17:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-01-16 19:18 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-01-16 19:18 - 2014-10-13 17:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-01-16 19:18 - 2014-10-13 17:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-01-16 19:18 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-01-16 19:18 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-01-16 19:18 - 2014-10-02 17:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-01-16 19:18 - 2014-10-02 17:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-01-16 19:18 - 2014-10-02 17:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-01-16 19:18 - 2014-10-02 17:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-01-16 19:18 - 2014-10-02 17:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-01-16 19:18 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-01-16 19:18 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-01-16 19:18 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-01-16 19:18 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-01-16 19:18 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-01-16 19:18 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-01-16 19:17 - 2014-12-18 18:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-16 19:17 - 2014-12-18 17:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-16 19:17 - 2014-12-11 09:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-16 19:17 - 2014-12-05 19:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-16 19:17 - 2014-12-03 20:38 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-01-16 19:17 - 2014-12-03 20:38 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-01-16 19:17 - 2014-12-03 20:38 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-01-16 19:17 - 2014-12-03 20:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-01-16 19:17 - 2014-12-03 20:38 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-01-16 19:17 - 2014-12-03 20:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-01-16 19:17 - 2014-12-03 20:34 - 00873984 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-01-16 19:17 - 2014-12-01 15:28 - 01160872 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-01-16 19:17 - 2014-11-10 18:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-01-16 19:17 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-01-16 19:17 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-01-16 19:17 - 2014-11-10 17:32 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-01-16 19:17 - 2014-11-07 18:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-01-16 19:17 - 2014-10-29 17:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-01-16 19:17 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-01-16 19:17 - 2014-10-09 16:45 - 02379264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-01-16 19:17 - 2014-10-02 17:44 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-01-16 19:17 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-01-16 19:17 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-01-16 19:17 - 2014-10-02 17:44 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-01-16 19:17 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-01-16 19:17 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-01-16 19:17 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-01-16 19:17 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-01-16 18:44 - 2012-05-30 13:30 - 00471360 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2015-01-16 18:01 - 2015-01-16 18:01 - 00347816 _____ (Microsoft Corporation) C:\Users\Bruce\Downloads\MicrosoftFixit.wu.RNP.Run.exe
2015-01-16 15:25 - 2015-01-16 15:25 - 00000000 ____D () C:\MoTemp
2015-01-16 14:35 - 2015-01-16 14:35 - 00000000 ____D () C:\Users\Bruce\Downloads\tweaking.com_windows_repair_aio
2015-01-16 14:33 - 2015-01-16 14:34 - 07876439 _____ () C:\Users\Bruce\Downloads\tweaking.com_windows_repair_aio.zip
2015-01-16 14:17 - 2015-01-16 14:17 - 00003288 _____ () C:\bootsqm.dat
2015-01-16 13:16 - 2015-01-16 13:16 - 01346048 _____ (Indigo Rose Corporation) C:\Users\Bruce\Desktop\uninstall.exe
2015-01-16 13:16 - 2015-01-16 13:16 - 00325960 _____ () C:\Users\Bruce\Desktop\lua5.1.dll
2015-01-16 13:16 - 2015-01-16 13:16 - 00001386 _____ () C:\Users\Bruce\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2015-01-16 13:16 - 2015-01-16 13:16 - 00000000 ____D () C:\Users\Bruce\Desktop\Uninstall
2015-01-16 13:16 - 2015-01-16 13:16 - 00000000 ____D () C:\Users\Bruce\Desktop\repairs_info
2015-01-16 13:16 - 2015-01-16 13:16 - 00000000 ____D () C:\Users\Bruce\Desktop\files
2015-01-16 13:16 - 2015-01-16 13:16 - 00000000 ____D () C:\Users\Bruce\Desktop\color_presets
2015-01-16 13:16 - 2015-01-16 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-16 13:14 - 2015-01-16 13:15 - 09817304 _____ () C:\Users\Bruce\Downloads\tweaking.com_windows_repair_aio_setup.exe
2015-01-16 13:07 - 2015-01-16 13:07 - 00159144 _____ (Microsoft Corporation) C:\Users\Bruce\Downloads\WindowsActivationUpdate(2).exe
2015-01-16 09:42 - 2015-01-16 09:43 - 00002241 _____ () C:\Users\Bruce\Desktop\FSS.txt
2015-01-16 09:11 - 2015-01-16 09:11 - 00000000 ____D () C:\TDSSKiller_Quarantine
2015-01-16 08:52 - 2015-01-16 08:53 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Bruce\Desktop\tdsskiller.exe
2015-01-16 08:52 - 2015-01-16 08:52 - 00415232 _____ (Farbar) C:\Users\Bruce\Desktop\FSS.exe
2015-01-15 16:01 - 2015-01-15 16:01 - 00000000 ____D () C:\Users\Bruce\AppData\Roaming\PCDr
2015-01-15 16:00 - 2015-01-15 16:00 - 00000000 ____D () C:\ProgramData\PCDr
2015-01-15 14:36 - 2015-01-15 14:36 - 00001731 _____ () C:\Users\Bruce\Desktop\JRT.txt
2015-01-15 14:30 - 2015-01-15 14:30 - 00000000 ____D () C:\Windows\ERUNT
2015-01-15 14:27 - 2015-01-15 19:02 - 00000000 ____D () C:\Users\Bruce\AppData\Roaming\Search Protection
2015-01-15 14:27 - 2015-01-15 14:27 - 01707939 _____ (Thisisu) C:\Users\Bruce\Desktop\JRT(1).exe
2015-01-15 14:25 - 2015-01-15 14:25 - 00236344 _____ () C:\Users\Bruce\Desktop\JRT.exe
2015-01-15 14:03 - 2015-01-15 14:13 - 00000000 ____D () C:\AdwCleaner
2015-01-15 14:00 - 2015-01-15 14:01 - 02191360 _____ () C:\Users\Bruce\Desktop\AdwCleaner.exe
2015-01-15 14:00 - 2015-01-15 14:00 - 00002192 _____ () C:\Users\Bruce\Documents\reply.txt
2015-01-15 10:39 - 2015-01-15 11:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-01-15 10:36 - 2015-01-15 11:03 - 00000000 ____D () C:\Users\Bruce\Desktop\mbar
2015-01-15 10:35 - 2015-01-15 10:36 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Bruce\Downloads\mbar-1.08.2.1001.exe
2015-01-15 10:02 - 2015-01-15 10:26 - 00051749 _____ () C:\Users\Bruce\Desktop\Addition.txt
2015-01-15 10:00 - 2015-01-19 09:38 - 00027682 _____ () C:\Users\Bruce\Desktop\FRST.txt
2015-01-15 10:00 - 2015-01-19 09:34 - 01118208 _____ (Farbar) C:\Users\Bruce\Desktop\FRST.exe
2015-01-13 16:14 - 2015-01-13 16:14 - 00002214 _____ () C:\Users\Bruce\Desktop\aswMBR.txt
2015-01-13 16:14 - 2015-01-13 16:14 - 00000512 _____ () C:\Users\Bruce\Desktop\MBR.dat
2015-01-13 14:10 - 2015-01-13 14:11 - 05198336 _____ (AVAST Software) C:\Users\Bruce\Desktop\aswMBR.exe
2015-01-13 13:46 - 2015-01-13 13:47 - 00051749 _____ () C:\Users\Bruce\Desktop\oldAddition.txt
2015-01-13 13:43 - 2015-01-19 09:35 - 00000000 ____D () C:\FRST
2015-01-13 13:37 - 2015-01-13 13:37 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BRUCE-LENOVO-Microsoft-Windows-7-Professional-(32-bit).dat
2015-01-13 13:36 - 2015-01-13 13:36 - 00000000 ____D () C:\RegBackup
2015-01-13 13:35 - 2015-01-13 13:35 - 00002196 _____ () C:\Users\Bruce\Desktop\Tweaking.com - Registry Backup.lnk
2015-01-13 13:35 - 2015-01-13 13:35 - 00000000 ____D () C:\Users\Bruce\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-01-13 13:35 - 2015-01-13 13:35 - 00000000 ____D () C:\Program Files\Tweaking.com
2015-01-13 13:32 - 2015-01-13 13:32 - 04215584 _____ () C:\Users\Bruce\Downloads\tweaking.com_registry_backup_setup.exe
2015-01-13 13:06 - 2015-01-13 13:06 - 00159144 _____ (Microsoft Corporation) C:\Users\Bruce\Downloads\WindowsActivationUpdate(1).exe
2015-01-09 20:00 - 2015-01-19 09:32 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-09 19:59 - 2015-01-15 10:39 - 00079576 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-09 19:59 - 2015-01-09 19:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-09 19:59 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-09 19:58 - 2015-01-09 19:58 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Malwarebytes
2015-01-09 10:01 - 2015-01-09 10:01 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVG
2015-01-09 10:01 - 2015-01-09 10:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\AVG
2015-01-09 09:28 - 2015-01-09 09:00 - 08994813 _____ () C:\Users\Admin\Documents\CBS.txt.log
2015-01-09 09:18 - 2015-01-09 09:18 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\AVG2014
2015-01-09 09:17 - 2015-01-09 09:29 - 00000000 ____D () C:\Users\Admin\AppData\Local\Avg2014
2015-01-09 09:17 - 2015-01-09 09:17 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2015-01-02 12:53 - 2015-01-07 10:19 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2015-01-02 12:53 - 2015-01-02 12:53 - 00000000 ____D () C:\ProgramData\Intel.sav
2015-01-02 12:47 - 2015-01-02 12:47 - 00000000 ____D () C:\ProgramData\IntelDLM
2015-01-02 12:43 - 2015-01-02 12:43 - 00000000 ____D () C:\Users\Bruce\AppData\Local\Intel
2015-01-02 12:42 - 2015-01-02 12:42 - 00001139 _____ () C:\Users\Public\Desktop\Intel(R) Driver Update Utility 2.0.lnk
2015-01-02 12:42 - 2015-01-02 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2015-01-02 12:42 - 2015-01-02 12:42 - 00000000 ____D () C:\Program Files\Intel Driver Update Utility
2015-01-02 12:41 - 2015-01-02 12:41 - 02333416 _____ (Intel) C:\Users\Bruce\Downloads\Intel Driver Update Utility Installer.exe
2015-01-02 12:26 - 2015-01-02 12:26 - 00159144 _____ (Microsoft Corporation) C:\Users\Bruce\Downloads\WindowsActivationUpdate.exe
2014-12-27 22:41 - 2014-12-27 22:41 - 00011079 _____ () C:\Users\Bruce\Documents\computer.xlsx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-19 09:38 - 2010-06-23 05:46 - 01411414 _____ () C:\Windows\WindowsUpdate.log
2015-01-19 09:34 - 2009-07-20 21:30 - 00800182 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-19 09:34 - 2009-07-13 20:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-19 09:34 - 2009-07-13 20:34 - 00021680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-19 09:33 - 2011-11-01 07:44 - 00000000 ____D () C:\ProgramData\MFAData
2015-01-19 09:28 - 2013-10-17 08:35 - 00000000 ____D () C:\ProgramData\AVGRemoteIT
2015-01-19 09:28 - 2011-05-03 15:00 - 00000466 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-01-19 09:28 - 2009-07-13 20:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-19 09:28 - 2009-07-13 20:39 - 00192315 _____ () C:\Windows\setupact.log
2015-01-18 23:46 - 2010-07-21 11:01 - 00000000 ____D () C:\Users\Bruce\Documents\Outlook Files
2015-01-18 23:46 - 2010-06-24 18:18 - 00000000 ____D () C:\Users\braley\Outlook
2015-01-18 23:42 - 2012-04-08 09:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-17 14:13 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-01-17 13:53 - 2011-04-08 18:25 - 00002140 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-01-16 23:21 - 2010-06-23 06:31 - 00462888 _____ () C:\Users\Bruce\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-16 21:00 - 2009-07-13 20:33 - 03896504 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-16 20:56 - 2014-07-09 11:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-01-16 20:56 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\AppCompat
2015-01-16 19:47 - 2010-06-24 23:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-01-16 19:41 - 2013-08-17 09:12 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-16 18:38 - 2010-06-23 05:44 - 00000000 ____D () C:\swshare
2015-01-16 17:40 - 2013-01-09 04:02 - 00000000 ____D () C:\Users\Bruce\Documents\Technical
2015-01-16 15:25 - 2010-06-23 06:28 - 00000000 ____D () C:\Users\Bruce
2015-01-16 15:12 - 2010-06-23 05:42 - 01868734 _____ () C:\Windows\PFRO.log
2015-01-16 15:12 - 2010-06-23 05:34 - 00000000 ____D () C:\Windows\CSC
2015-01-16 14:32 - 2013-07-18 16:22 - 00001734 _____ () C:\Users\Bruce\Desktop\settings.ini
2015-01-15 13:20 - 2014-04-03 21:57 - 00000000 ____D () C:\Users\Outlook
2015-01-13 14:42 - 2012-04-08 09:24 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-13 14:42 - 2011-05-26 08:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-13 12:59 - 2011-05-03 15:00 - 00000528 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-01-11 00:56 - 2010-10-02 07:35 - 00000000 ____D () C:\Users\Bruce\Documents\Politics
2015-01-10 09:59 - 2009-07-13 20:53 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-09 19:59 - 2011-11-01 13:12 - 00000000 ____D () C:\Program Files\MALWAREBYTES ANTI-MALWARE
2015-01-09 19:59 - 2010-06-22 16:03 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-09 19:59 - 2010-06-22 16:03 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2015-01-09 09:18 - 2012-05-06 10:50 - 00462888 _____ () C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-09 09:17 - 2012-05-06 10:50 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Adobe
2015-01-07 11:01 - 2013-12-14 10:59 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-07 10:39 - 2010-06-24 23:49 - 00000000 ____D () C:\Users\Bruce\AppData\Local\Microsoft Help
2015-01-07 10:19 - 2014-06-21 20:56 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-07 10:19 - 2012-05-06 10:50 - 00000000 ____D () C:\Users\Admin
2015-01-07 10:19 - 2011-11-09 01:58 - 00000000 ____D () C:\ProgramData\Intel
2015-01-07 10:19 - 2010-06-23 06:21 - 00000000 ____D () C:\ProgramData\Lenovo
2015-01-07 10:19 - 2010-06-22 18:22 - 00000000 ____D () C:\Users\braley
2015-01-07 10:19 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-01-07 10:19 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\registration
2015-01-07 10:18 - 2011-11-09 01:57 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-01-07 10:18 - 2011-11-09 01:57 - 00000000 ____D () C:\Program Files\Cisco
2015-01-07 10:18 - 2010-06-23 05:39 - 00000000 ____D () C:\Program Files\Intel
2015-01-02 12:54 - 2013-11-18 07:58 - 00000000 ____D () C:\Users\TEMP
2014-12-31 13:15 - 2010-06-22 22:55 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-26 00:55 - 2011-09-25 21:46 - 00000000 ____D () C:\Users\Bruce\Documents\Melaleuca
2014-12-25 12:35 - 2012-05-21 10:09 - 00000000 ____D () C:\Users\Bruce\Documents\Sean
2014-12-22 20:01 - 2009-07-19 17:04 - 00000000 ____D () C:\Users\Bruce\Documents\Financial

==================== Files in the root of some directories =======
2014-06-14 12:48 - 2014-06-14 12:48 - 6103040 _____ () C:\Program Files\GUT3266.tmp
2012-04-26 10:24 - 2012-05-07 16:17 - 0022616 _____ () C:\Users\Bruce\AppData\Roaming\Comma Separated Values (Windows).ADR
2012-02-15 12:01 - 2014-03-03 21:01 - 0002235 _____ () C:\Users\Bruce\AppData\Roaming\SAS7_000.DAT
2014-02-23 13:04 - 2014-02-23 13:04 - 0000000 _____ () C:\Users\Bruce\AppData\Roaming\SharedSettings.ccs
2011-11-07 10:10 - 2012-05-02 12:01 - 0172925 _____ () C:\Users\Bruce\AppData\Local\ars.cache
2011-11-07 10:10 - 2012-05-02 12:01 - 0417386 _____ () C:\Users\Bruce\AppData\Local\census.cache
2012-11-20 09:16 - 2012-11-20 09:16 - 0005632 _____ () C:\Users\Bruce\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-12-24 10:08 - 2010-12-24 10:08 - 0000036 _____ () C:\Users\Bruce\AppData\Local\housecall.guid.cache
2011-01-10 08:10 - 2011-01-10 08:10 - 0004096 ____H () C:\Users\Bruce\AppData\Local\keyfile3.drm
2010-09-15 08:47 - 2014-09-17 21:48 - 0007604 _____ () C:\Users\Bruce\AppData\Local\resmon.resmoncfg
2011-04-08 18:24 - 2011-04-08 18:24 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2013-02-21 15:28 - 2013-02-21 17:19 - 0000034 _____ () C:\ProgramData\IpAndPort.fig
2013-02-21 15:28 - 2013-09-13 22:30 - 0000225 _____ () C:\ProgramData\RmUserCfg.ini

Some content of TEMP:
====================
C:\Users\Bruce\AppData\Local\Temp\Quarantine.exe
C:\Users\Bruce\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-15 16:45

==================== End Of Log ============================
ADDITION.TXT
=================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG CloudCare AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG CloudCare AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG CloudCare AntiVirus 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Access Help (HKLM\...\{C6FA39A7-26B1-480A-BC74-6D17531AC222}) (Version: 3.00 - Lenovo)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.1.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Connect Add-in (HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\Adobe Connect Add-in) (Version: - )
Adobe Creative Suite 5 Production Premium (HKLM\...\{53BC789D-073D-47B6-AA9F-DE05990AF07A}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Digital Editions (HKLM\...\Digital Editions) (Version: - )
Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Amazon Kindle (HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\Amazon Kindle) (Version: - Amazon)
Amazon MP3 Downloader 1.0.10 (HKLM\...\Amazon MP3 Downloader) (Version: - )
AnswerWorks 5.0 English Runtime (HKLM\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.6 - Vantage Software Technologies)
AT&T Service Activation (HKLM\...\{D81486A1-2371-4059-AC70-1AB894AC96E6}) (Version: 1.8.7.0 - AT&T)
AVG 2014 (Version: 14.0.4257 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
AVG CloudCare (HKLM\...\AVG CloudCare) (Version: 3.2.1 - AVG Technologies)
AVG PC TuneUp 2014 (en-US) (Version: 14.0.1001.519 - AVG) Hidden
AVG PC TuneUp 2014 (HKLM\...\AVG PC TuneUp) (Version: 14.0.1001.519 - AVG)
AVG PC TuneUp 2014 (Version: 14.0.1001.519 - AVG) Hidden
AVG PC TuneUp Language Pack (en-US) (Version: 12.0.4020.9 - AVG Technologies) Hidden
Burn.Now 4.5 (Version: 4.5.0 - Corel Corporation) Hidden
Burn.Now Lenovo Edition (HKLM\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP Navigator EX 3.1 (HKLM\...\MP Navigator EX 3.1) (Version: - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - )
Canon MX870 series User Registration (HKLM\...\Canon MX870 series User Registration) (Version: - )
Canon Speed Dial Utility (HKLM\...\Speed Dial Utility) (Version: - )
Client Security - Password Manager (HKLM\...\{18554B3F-46EA-40A9-B4EA-7EEE83C0559D}) (Version: 8.30.0023.00 - Lenovo Group Limited)
Conexant 20585 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.48.50 - Conexant)
Corel DVD MovieFactory (Version: 7.0.0 - Corel Corporation) Hidden
Corel DVD MovieFactory 7 Lenovo Edition (HKLM\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation)
Create Recovery Media (HKLM\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DeLorme Street Atlas USA 2009 (HKLM\...\{AEB95804-A937-49E6-940A-37A606C16D5D}) (Version: 9.00.0000 - DeLorme Publishing)
Digital Picture Recovery (HKLM\...\Digital Picture Recovery) (Version: 2.1.2.8 - dtidata.com)
Direct DiscRecorder (Version: 1.00.0000 - Corel Corporation) Hidden
Dragon NaturallySpeaking 10 (HKLM\...\{E7712E53-7A7F-46EB-AA13-70D5987D30F2}) (Version: 10.10.0 - Nuance Communications Inc.)
Free File Opener v2011.6.0.4 (HKLM\...\Free File Opener_is1) (Version: 2011.6.0.4 - Free File Opener, LLC)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Earth Plug-in (HKLM\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GoToMeeting 5.4.0.1082 (HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\GoToMeeting) (Version: 5.4.0.1082 - CitrixOnline)
HD Writer AE 3.0 (HKLM\...\{5678B15A-504C-4A79-8554-05488A206E41}) (Version: 3.00.019.1033 - Panasonic Corporation)
HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation)
HTC Sync (HKLM\...\{7A3FFA58-876F-489C-B6CF-0503916224DF}) (Version: 3.0.5617 - HTC Corporation)
Integrated Camera Driver Installer Package Ver.1.1.0.17 (HKLM\...\{C3CD17B4-08B0-492D-8A4C-81716D33E520}) (Version: 1.1.0.17 - RICOH)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Intel(R) Turbo Boost Technology Monitor (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.3 - Intel)
Intel® Driver Update Utility (HKLM\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
InterVideo WinDVD 8 (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0.20.157 - InterVideo Inc.)
InterVideo WinDVD 8 (Version: 8.0.20.157 - InterVideo Inc.) Hidden
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Just Cause 2 (HKLM\...\Steam App 8190) (Version: - Avalanche Studios)
K-Lite Codec Pack 6.0.4 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.10 - )
Lenovo Patch Utility (HKLM\...\{24E92E7A-6848-4747-A3EA-3AAC0576BE52}) (Version: 1.0.1.1 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.09.03 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo ThinkVantage Toolbox (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5849.23 - PC-Doctor, Inc.)
Lenovo Warranty Information (HKLM\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0002.00 - Lenovo)
Lenovo Welcome (HKLM\...\Lenovo Welcome_is1) (Version: 2.0.020.0 - Lenovo)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Memorex exPressit Label Design Studio (HKLM\...\MVApplication1) (Version: - )
Message Center Plus (HKLM\...\{FD331A3B-F7A5-4C31-B8D4-DF413C85AF7A}) (Version: 2.0.0012.00 - Lenovo Group Limited)
Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Research AutoCollage Touch 2009 (HKLM\...\{1F8DA253-3C27-4B01-A63A-BA3533120833}) (Version: 2.00.2009 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.52 (HKLM\...\WebPost) (Version: - )
Mobile Broadband Connect (HKLM\...\{9202762E-4B4C-48C9-A6CC-C27F9F85190A}) (Version: 3.5.0010 - Lenovo)
Mozilla Firefox 35.0 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
Mozilla Firefox 4.0 (x86 en-US) (HKLM\...\Mozilla Firefox 4.0 (x86 en-US)) (Version: 4.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Musicnotes Software Suite 1.5.3 (HKLM\...\Musicnotes Combined Installer_is1) (Version: 1.5.3 - Musicnotes Inc.)
NetViewer 2.1.584.0 (HKLM\...\NetViewer) (Version: 2.1.584.0 - )
NVIDIA Graphics Driver 312.69 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 312.69 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.12130 - NVIDIA Corporation)
On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.60.01 - )
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (Version: 1.0 - Adobe Systems Incorporated) Hidden
Premiere Pro CS4 and After Effects CS4, 32-bit support for CS5 (HKLM\...\Adobe_1b5a11fde44351ae0f4c7fd0e4daadc) (Version: 4.4.0 - Adobe Systems Incorporated)
Premiere Pro CS4 and After Effects CS4, 32-bit support for CS5 (Version: 4.4.0 - Adobe Systems Incorporated) Hidden
PxMergeModule (Version: 1.00.0000 - Your Company Name) Hidden
QuickBooks (Version: 19.0.4011.705 - Intuit Inc.) Hidden
QuickBooks Pro 2009 (HKLM\...\{9A2F0810-3622-4E86-9072-973FBE1679C5}) (Version: 19.0.4011.705 - Intuit Inc.)
Quicken 2008 (HKLM\...\{3B0F52AC-EF5C-4831-B221-06C782E41280}) (Version: 17.1.3.7 - Intuit)
Registry Patch to Enable Maximum Power Saving on WiFi Adapters for Windows 7 (HKLM\...\EnablePS) (Version: 1.00 - )
Rescue and Recovery (HKLM\...\{B383F243-0ABC-4E56-AA30-923B8D85076E}) (Version: 4.30.0025.00 - Lenovo Group Limited)
RICOH R5U230 Media Driver ver.2.06.02.02 (HKLM\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.06.02.02 - RICOH)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.22.0 - SAMSUNG Electronics Co., Ltd.)
Samsung_MonSetup (HKLM\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Search Protection (HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\Search Protection) (Version: 10.7.0.1 - Spigot, Inc.) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
SUABnR (HKLM\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
SUABnR (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden
SupportSoft Assisted Service (HKLM\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
System Update (HKLM\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 4.01.0015 - Lenovo)
The Print Shop 22 (HKLM\...\{E34351A4-4B10-4DFF-96BC-84C642D9C625}) (Version: 22.00.0000 - Broderbund Software)
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3200 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad Power Manager (HKLM\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 3.10a - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.7 - )
ThinkPad UltraNav Utility (HKLM\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.11 - Lenovo)
ThinkVantage Access Connections (HKLM\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 5.50 - Lenovo)
ThinkVantage Active Protection System (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.71 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 1.42 - Lenovo)
Trend Micro RUBotted 2.0 Beta (HKLM\...\{54D4EAF5-4C80-4878-B4AC-5AE454A02E3C}_is1) (Version: 2.0.0.1034 - Trend Micro, Inc.)
Tweaking.com - Registry Backup (HKLM\...\Tweaking.com - Registry Backup) (Version: 1.10.1 - Tweaking.com)
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
Verizon Wireless Mobile Broadband Self Activation (HKLM\...\{C64A877E-DF8D-4017-AA82-000A77C6D809}) (Version: 3.1.4 - Smith Micro Software, Inc.)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM\...\{EE296443-E401-43D2-9864-1C63AD8D376E}) (Version: 2.14.0410 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM\...\{69258FD1-F4EE-475A-83D1-BF68C8029592}) (Version: 2.14.0402 - Samsung Electronics Co., Ltd.)
Visual C++ Runtime for Dragon NaturallySpeaking (HKLM\...\{4A5A427F-BA39-4BF0-9A47-9999FBE60C9F}) (Version: 10.00.200.184 - Nuance Communications Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WebEx (HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\2004BB9EB6CEA02846881BEF1F51C11F7A90C9D6) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\B7541EC5F72AA713F557569278EB6273725F5607) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\A6A8668C0A13640CA28FE2A7D9654BE4AE478B13) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Driver Package - Intel (e1kexpress) Net (11/19/2009 11.5.5.0) (HKLM\...\A140D730315E230942517BDDAEC2B1B5FCC45A3F) (Version: 11/19/2009 11.5.5.0 - Intel)
Windows Driver Package - Intel System (06/04/2009 1.0.0.0002) (HKLM\...\E7B58217635B8F723D4744A328A4B3237DB35FA9) (Version: 06/04/2009 1.0.0.0002 - Intel)
Windows Driver Package - Intel System (10/28/2009 9.1.1.1022) (HKLM\...\098EBB26BF07167AB12D1575EC24F883F9435E59) (Version: 10/28/2009 9.1.1.1022 - Intel)
Windows Driver Package - Intel System (10/28/2009 9.1.1.1022) (HKLM\...\573C3C32A1DB5625CA00E633E584E8A0E6383672) (Version: 10/28/2009 9.1.1.1022 - Intel)
Windows Driver Package - Intel USB (08/20/2009 9.1.1.1020) (HKLM\...\A7B0B8D913E4DC2FA0B31E392E1512A901CA66B9) (Version: 08/20/2009 9.1.1.1020 - Intel)
Windows Driver Package - Lenovo 1.60.0.4 (11/18/2009 1.60.0.4) (HKLM\...\114EB224AD576F278686036AA9E1EFB7847E3935) (Version: 11/18/2009 1.60.0.4 - Lenovo)
Windows Driver Package - Ricoh Company MS Host Controller (10/26/2009 6.10.02.07) (HKLM\...\FD5ED5E16405CDAA5385DE461B9E5379F91ACCCF) (Version: 10/26/2009 6.10.02.07 - Ricoh Company)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\ProgramData\WebEx\webex\1026\atucfobj.dll (Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{738CD606-129D-45db-86D6-6C9739C750CA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1082\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2009\qbw32.exe (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

==================== Restore Points =========================

11-12-2014 08:26:30 Scheduled Checkpoint
02-01-2015 12:41:54 Intel® Driver Update Utility
02-01-2015 12:49:03 Intel® PROSet/Wireless Software
15-01-2015 16:52:24 Scheduled Checkpoint
16-01-2015 19:19:34 Windows Update
16-01-2015 23:24:04 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:04 - 2015-01-15 13:20 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {08C60E9B-4AD4-495A-8EC7-40CF1EE8811B} - System32\Tasks\InstallShield Software online update program => c:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-02-16] (InstallShield Software Corporation)
Task: {0D98184E-32AB-4002-B42B-183B6EDE33C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {0F989BE7-FEE9-4162-AE5A-F0A7A78DE8B6} - System32\Tasks\PCDEventLauncher => C:\Program Files\PC-Doctor\sessionchecker.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {19BCC457-29AA-430F-93C8-C6B770EE7692} - System32\Tasks\{A90682E6-3795-4060-AEF9-00A2150BFA68} => pcalua.exe -a "C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\tssmpm.cpl"
Task: {1B29FD60-61DE-403F-897E-94F774D856AF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {1BB0418C-9C6A-40D2-8683-CA6D7982BECB} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {209C7C6C-CBC2-41FC-A757-DE2A25B80416} - System32\Tasks\{CE78F2F9-EEDA-49CB-A1BD-08DE7DE8C0E5} => E:\Setup.exe
Task: {24F6D86F-A55F-4B4E-9D48-6068FF00C60A} - System32\Tasks\{C2405C53-C542-458F-9782-7D4BB17E147C} => E:\ace\SINGLE\SETUP.EXE
Task: {259A12A9-FBB3-4479-A1F1-FE533ABCCBF8} - System32\Tasks\TVT\ChangePWD => %RR%\rrcmd.exe
Task: {259B58CC-1CC0-4F60-8FD4-184FE3DFCE1D} - System32\Tasks\{1540E941-4CD6-4941-B170-D0D20F45E0EA} => E:\autorun.exe
Task: {29A590F7-ED48-4A5D-8364-F25C8A2B21D1} - System32\Tasks\Message Center plus => C:\Program Files\Lenovo\Message Center Plus\MCPLaunch.exe [2009-05-27] ()
Task: {365039BA-D056-4548-A4C1-AFB67518136C} - System32\Tasks\{641FAB8B-0345-4BF5-B407-89A82A9DF934} => pcalua.exe -a "C:\Program Files\HTC\HTC Sync\Mobile Phone Monitor\\tssmpm.cpl"
Task: {46207F1F-8A9D-44C9-9459-533110387C20} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION
Task: {4E2708E9-4E2B-4EBA-88BE-87E01CF4C422} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27] (Adobe Systems Incorporated)
Task: {573C700B-BFB7-4B2D-82E0-C295EA4664E8} - System32\Tasks\{C7870018-95CD-49A1-8511-2FA7DD647873} => E:\ace\SINGLE\SETUP.EXE
Task: {5FA52832-1814-4100-AA81-EB64BEC12DAF} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-04-24] (Synaptics Incorporated)
Task: {5FBD5FCB-2122-4448-9B82-830D2108807B} - System32\Tasks\LaunchCSS => C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [2009-08-26] (Lenovo Group Limited)
Task: {62D0B3DA-2018-48B9-962C-482771543418} - System32\Tasks\{B746EDA9-1EA4-4B66-BAC3-5BF8C299A8A9} => E:\autorun.exe
Task: {693133C6-59A9-4F14-A5B4-E9E8F49197D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {7307B735-7772-49FD-BE2F-36BF96E0ECAB} - System32\Tasks\{8CE865C7-79CA-44DE-B8AE-9993D0236C60} => D:\install.exe
Task: {7A317081-074A-4C61-95C8-6A2DDA1B2437} - System32\Tasks\{35A9C21D-65FC-45D5-9472-346495408226} => E:\ace\SINGLE\SETUP.EXE
Task: {7B925F22-0399-476E-AFE5-C75552BD7A16} - System32\Tasks\AdobeAAMUpdater-1.0-Bruce-Lenovo-Bruce => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {83952255-1DDD-4BDB-920F-A1DFF0AC08DD} - System32\Tasks\{10F11F3A-58FF-4BBC-8168-6105E14410B6} => E:\setup.exe
Task: {897B4F6E-FDF0-43CB-AE03-04E312300C23} - System32\Tasks\PMTask => C:\Program Files\ThinkPad\Utilities\PWMIDTSV.EXE [2009-11-26] (Lenovo Group Limited)
Task: {9314E8F0-AD1C-478B-A2C5-6137608B6FDD} - System32\Tasks\InstallShield Software update service => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16] (InstallShield Software Corporation)
Task: {998D0A65-D9FE-4D67-BFED-C8F4819732F0} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\PC-Doctor\uaclauncher.exe [2011-06-27] (PC-Doctor, Inc.)
Task: {A5F8BFAD-B368-437F-B7AD-456939861D20} - System32\Tasks\TVT\UpdateRnR => %TVTCOMMON%\Scheduler\tvtsetsched.exe
Task: {A954044F-9745-4724-8204-3743B7F5AEDF} - System32\Tasks\{56A271B6-B527-4A59-AF05-1682CC725F72} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {B3500B58-8693-4A86-8951-F362C64A5553} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B400A4B7-0DE1-49DA-83D9-D646D73CCA92} - System32\Tasks\{84AE0A25-3344-4110-87F8-F39AE4C1A56B} => pcalua.exe -a C:\SWTools\skype\Skype_Setup.exe -d C:\SWTools\skype
Task: {B9C075ED-2906-4D73-9811-23DFA22104F3} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {BBBE9FE9-89F6-460F-B3C8-201CFCCEB524} - System32\Tasks\DiskUpdate => C:\SWTOOLS\OSFIXES\DISKUPDT\DiskUpdate.exe [2009-02-09] ()
Task: {CD4068ED-893C-4AA9-99B9-7E5A262B9E32} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe [2014-07-14] (AVG)
Task: {D811F944-863A-4423-803A-C4E084E2332A} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2011-12-20] ()
Task: {D9293844-F489-4397-8BB9-488ACE94A14F} - System32\Tasks\ScanSoft Background Update => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {DA3AEC2B-0BB5-45D9-9C97-879863A2D03B} - System32\Tasks\{2E88491F-1A5F-4A22-B292-ACEA4ED9DC0B} => pcalua.exe -a C:\Users\Bruce\Downloads\MediaToolsProfessional5.1.exe -d C:\Users\Bruce\Downloads
Task: {DF844C5B-A434-4CA2-A6A9-75A739EF1328} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {F50085CF-F530-4CBB-99B3-2DBE91056D68} - System32\Tasks\{76A69476-6ADD-4A19-91A6-0EF971717ED4} => E:\setup.exe
Task: {FF0EB834-16BF-4947-9A96-236DF606E5FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13] (Adobe Systems Incorporated)
Task: {FF7B19BC-F590-446A-B3CB-AE8A5C665E10} - System32\Tasks\TVT\LaunchRnR => C:\Program Files\Lenovo\Rescue and Recovery\rrcmd.exe [2009-08-28] (Lenovo Limited Group Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\PC-Doctor\uaclauncher.exe
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\PC-Doctor\uaclauncher.exe

==================== Loaded Modules (whitelisted) =============

2013-04-04 08:35 - 2013-10-28 14:48 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2009-11-26 17:48 - 2009-11-26 17:48 - 00006656 _____ () C:\Program Files\Lenovo\Access Connections\ACNewBiosHelper.dll
2013-10-17 08:35 - 2014-07-25 06:45 - 00059160 _____ () C:\Program Files\AVG\CloudCare\ZlibStream.dll
2013-10-17 08:35 - 2014-07-25 06:45 - 00073496 _____ () C:\Program Files\AVG\CloudCare\UpdateProxy.dll
2014-09-08 10:12 - 2013-09-05 06:21 - 00179888 _____ () C:\Program Files\AVG\CloudCare\AvgRemote\VIPTunnelDll.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-06-23 05:43 - 2009-11-26 10:10 - 00032768 _____ () C:\Program Files\ThinkPad\Utilities\US\PWMRT32V.DLL
2013-12-14 10:59 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-12-14 10:59 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2011-09-15 12:06 - 2011-09-15 12:06 - 00088576 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2012-01-31 18:13 - 2010-08-24 18:06 - 00085840 _____ () C:\Program Files\Trend Micro\RUBotted\hc_help.dll
2014-07-14 02:26 - 2014-07-14 02:26 - 00585528 _____ () C:\Program Files\AVG\AVG PC TuneUp\avgreplibx.dll
2014-07-14 02:26 - 2014-07-14 02:26 - 00357176 _____ () C:\Program Files\AVG\AVG PC TuneUp\tuavgx.dll
2013-12-14 10:59 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-12-14 10:59 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2013-12-14 10:59 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AvgApiWrapper => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AvgRemote => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AvgUpgrade => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\raserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\XmppAuth => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Admin (S-1-5-21-2701720504-2077786656-4262629455-1006 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2701720504-2077786656-4262629455-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2701720504-2077786656-4262629455-1009 - Limited - Enabled)
braley (S-1-5-21-2701720504-2077786656-4262629455-1003 - Limited - Enabled) => C:\Users\braley
Bruce (S-1-5-21-2701720504-2077786656-4262629455-1001 - Administrator - Enabled) => C:\Users\Bruce
Guest (S-1-5-21-2701720504-2077786656-4262629455-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2701720504-2077786656-4262629455-1005 - Limited - Enabled)
Sean (S-1-5-21-2701720504-2077786656-4262629455-1007 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/18/2015 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (01/18/2015 04:00:27 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7436) Asapi: (16:00:27:3110)(7436) libTonopahClient.UploadManager - Error -- 920 uploadPacket() S3 returned an error(AccessDenied: Invalid according to Policy: Policy expired.) http(403): <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Invalid according to Policy: Policy expired.</Message><RequestId>1E443A609F227DDC</RequestId><HostId>qLc5YYkQbD4y/oQVaus1ehC4XZlAwCWGEMQVlSPXQ2iR6vkh1X6qYAGP4UxwNnPI</HostId></Error>

Error: (01/17/2015 04:00:47 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (8640) Asapi: (16:00:47:9780)(8640) S3LogPusherPlugin.Helper - Error -- 340 Unable to storage the test log to medium

Error: (01/17/2015 04:00:33 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (8640) Asapi: (16:00:33:4540)(8640) libTonopahClient.UploadManager - Error -- 920 uploadPacket() S3 returned an error(AccessDenied: Invalid according to Policy: Policy expired.) http(403): <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Invalid according to Policy: Policy expired.</Message><RequestId>725C8B52BC2BC955</RequestId><HostId>Xswj8O39WBEv3Dvw1/kEHHIPRJMXPDX92DqD/U+2qifqmdfIonjhndgBD8X0sADG</HostId></Error>

Error: (01/16/2015 06:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (01/16/2015 06:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (01/16/2015 06:44:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (01/16/2015 06:44:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (01/16/2015 06:44:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.

Error: (01/16/2015 06:44:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


System errors:
=============
Error: (01/19/2015 09:39:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/19/2015 09:29:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/19/2015 09:29:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (01/19/2015 09:29:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (01/18/2015 11:47:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/18/2015 11:37:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/18/2015 11:27:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/18/2015 11:17:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/18/2015 11:07:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (01/18/2015 10:57:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)


Microsoft Office Sessions:
=========================
Error: (01/18/2015 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: E:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (01/18/2015 04:00:27 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (7436) Asapi: (16:00:27:3110)(7436) libTonopahClient.UploadManager - Error -- 920 uploadPacket() S3 returned an error(AccessDenied: Invalid according to Policy: Policy expired.) http(403): <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Invalid according to Policy: Policy expired.</Message><RequestId>1E443A609F227DDC</RequestId><HostId>qLc5YYkQbD4y/oQVaus1ehC4XZlAwCWGEMQVlSPXQ2iR6vkh1X6qYAGP4UxwNnPI</HostId></Error>

Error: (01/17/2015 04:00:47 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (8640) Asapi: (16:00:47:9780)(8640) S3LogPusherPlugin.Helper - Error -- 340 Unable to storage the test log to medium

Error: (01/17/2015 04:00:33 PM) (Source: PC-Doctor) (EventID: 1) (User: )
Description: (8640) Asapi: (16:00:33:4540)(8640) libTonopahClient.UploadManager - Error -- 920 uploadPacket() S3 returned an error(AccessDenied: Invalid according to Policy: Policy expired.) http(403): <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Invalid according to Policy: Policy expired.</Message><RequestId>725C8B52BC2BC955</RequestId><HostId>Xswj8O39WBEv3Dvw1/kEHHIPRJMXPDX92DqD/U+2qifqmdfIonjhndgBD8X0sADG</HostId></Error>

Error: (01/16/2015 06:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (01/16/2015 06:44:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (01/16/2015 06:44:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (01/16/2015 06:44:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (01/16/2015 06:44:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583

Error: (01/16/2015 06:44:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -583


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Percentage of memory in use: 56%
Total physical RAM: 3059.69 MB
Available physical RAM: 1325.34 MB
Total Pagefile: 6117.66 MB
Available Pagefile: 3920.35 MB
Total Virtual: 2047.88 MB
Available Virtual: 1921.45 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:673.37 GB) (Free:397.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Premiere Pro CS5 CIB) (CDROM) (Total:4.12 GB) (Free:0 GB) UDF
Drive q: (Lenovo_Recovery) (Fixed) (Total:24.09 GB) (Free:18.96 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: B729D094)
Partition 1: (Active) - (Size=1.2 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=673.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

[Juliet]

well damn, burst my bubble why don't ya!


If you can, go to add/remove programs list and delete...If found
Search Protection

This script I'm creating should allow you to afterwards set your homepage and default search engine.

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2701720504-2077786656-4262629455-1001 -> {8B8759FD-D298-4DA4-9E65-1537394A49E4} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=523482&p={searchTerms}
FF SelectedSearchEngine: Yahoo!
FF Keyword.URL: https://search.yahoo.com/search?fr=g...type=523482&p=
CHR StartupUrls: Default -> "https://search.yahoo.com/?type=523482&fr=yo-yhp-ch"
CHR DefaultSearchKeyword: Default -> yahoo.com Search
CHR DefaultSearchURL: Default -> https://search.yahoo.com/search?fr=chr-yo_gc&ei=utf-8&ilc=12&type=523482&p={searchTerms}
CHR DefaultSuggestURL: Default -> https://ff.search.yahoo.com/gossip?output=fxjson&command={searchTerms}
C:\Users\Bruce\AppData\Roaming\Search Protection
C:\Users\Bruce\AppData\Local\Temp\Quarantine.exe
C:\Users\Bruce\AppData\Local\Temp\sqlite3.dll
Search Protection (HKU\S-1-5-21-2701720504-2077786656-4262629455-1001\...\Search Protection) (Version: 10.7.0.1 - Spigot, Inc.) <==== ATTENTION
Task: {46207F1F-8A9D-44C9-9459-533110387C20} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION

EmptyTemp:
Hosts:
End

Open FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


~~~~~~~~~~~~~~~

http://technet.microsoft.com/en-us/library/cc734083(v=ws.10).aspx
And under Application Errors, "The Cryptographic Services service failed to initialize the Catalog Database." The system catalog database ensures your system files haven't been tampered with. Scroll down the link for instructions on how to repair the system catalog database:


~~~~~~~~~~~~~~~`

this nonsense may not ybe our fault.
See here:
http://www.infoworld.com/article/28...nuine-reports-validation-code-0x8004fe21.html
and here:
http://www.infoworld.com/article/28...77-to-eliminate-botched-patch-kb-3004394.html

 

[spypcsense]

The epic continues

Fraid I messed up. Was still having problem with Firefox so uninstalled the older of the two versions that showed up in Programs and Features and lost all my bookmarks, history etc. Some of that info is important for a possible legal problem so I did a system restore to 1pm yesterday and then to 11pm on the 16th when the first restore didn't work. That didn't work either so I went back to the restore on the 19th as just about everything was done then. I'm thinking about attaching my old drive via usb and copying the bookmark and history files back. What is the risk? If there is a high risk I can reinstall the old drive and run through all the scans we have done to clean it before I copy the files. Haven't tried replacing the Crypto catalog yet.
Regards

 

[Juliet]

might have a problem here even with system restore.

Did you in the beginning do registry backup with Tweaking.com?

02-01-2015 12:49:03 Intel® PROSet/Wireless Software <-- you may already used this date

LastRegBack: 2014-12-17 23:49


I think the worse that might happen is more windows alerts that you may have already solved.

 

[spypcsense]

Last registry backup was at 2:36pm Jan 16, 2015 which I can restore thru Tweaking.com. Also did one at 2pm and another on the 13th when we started on this. Not clear on where to go from here - Are you thinking that hooking up the drive via usb might reverse some of the fixes but not cause major harm?

might have a problem here even with system restore.

Did you in the beginning do registry backup with Tweaking.com?

02-01-2015 12:49:03 Intel® PROSet/Wireless Software <-- you may already used this date

LastRegBack: 2014-12-17 23:49


I think the worse that might happen is more windows alerts that you may have already solved.

 

[Juliet]

Are you thinking that hooking up the drive via usb might reverse some of the fixes but not cause major harm?

either or
If some type of infection sets in, then I'm here to help with that.

see if this helps
Recover lost or missing Bookmarks
https://support.mozilla.org/en-US/kb/recover-lost-or-missing-bookmarks

 

[spypcsense]

Got them

Morning
Recovered the bookmarks from a July backup. Thanks.
Will run FRST again and then rebuild the cryptographic catalog.
Will post results when done.

 

[Juliet]

ok
let me know what happens.

 

[Juliet]

Still need help?

 

[Juliet]

Glad we could help.

Since this issue appears resolved ... this Topic is closed.