Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus opening browsers and redirecting to homepage


  • This topic is locked This topic is locked
19 replies to this topic

#1 gunboundph1

gunboundph1

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 19 September 2013 - 08:44 PM

I have tried scanning for viruses with avg,malwarebytes and windows defender i cant find anything 

 

This virus is opening new windows in my default browser and redirects me into my homepage

and in other browsers it just redirects me to homepage

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686
Run by Mark at 21:39:06 on 2013-09-19
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.5611.2920 [GMT -4:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Malwarebytes Anti-Exploit\mbae64.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\BtwRSupportService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AdobeBridge] <no file>
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{E3027EBE-6F68-456C-AA4A-1D3507B6916A} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL -
FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - ExtSQL: 2013-09-15 01:38; {ab91efd4-6975-4081-8552-1b3922ed79e2}; C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF - ExtSQL: 2013-09-15 13:46; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-5 45880]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2012-9-4 50296]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-9-14 45856]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Program Files\Malwarebytes Anti-Exploit\mbae64.sys [2013-9-14 62168]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-15 204288]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-9-4 1432080]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
R2 BcmBtRSupport;Bluetooth Driver Management Service;C:\Windows\System32\BtwRSupportService.exe [2013-8-9 2252504]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-14 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-14 701512]
R3 bcbtums;Bluetooth USB LD Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-8-9 170712]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-9-14 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-3-14 726160]
S2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [?]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2013-4-12 139592]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2013-4-12 418632]
S3 b06diag;Broadcom NetXtreme II Diag Driver;C:\Windows\System32\drivers\bxdiaga.sys [2013-3-14 88104]
S3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2013-3-14 157288]
S3 btwampfl;btwampfl;C:\Windows\System32\drivers\btwampfl.sys [2013-8-9 166104]
S3 bxfcoe;bxfcoe;C:\Windows\System32\drivers\bxfcoe.sys [2013-3-14 178216]
S3 bxois;bxois;C:\Windows\System32\drivers\bxois.sys [2013-3-14 539176]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-2-27 65152]
S3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;C:\Windows\System32\drivers\EtronSTOR.sys [2013-2-27 32512]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2013-2-27 88832]
S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2013-3-14 40144]
S3 ioatdma2;Intel® QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2013-3-14 42192]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-4-12 366216]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-4-12 786056]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2013-2-27 96768]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2013-2-27 213504]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-16 19456]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-6-16 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-16 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-16 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-16 1255736]
.
=============== Created Last 30 ================
.
2013-09-20 01:32:24 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DD9AE118-A996-4777-A108-DF6557D43748}\offreg.dll
2013-09-20 01:24:22 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DD9AE118-A996-4777-A108-DF6557D43748}\mpengine.dll
2013-09-20 01:12:28 -------- d-----w- C:\Users\Mark\AppData\Local\ElevatedDiagnostics
2013-09-19 02:40:07 -------- d-----w- C:\6023a16f65a5677854
2013-09-15 20:40:47 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2013-09-15 19:33:09 -------- d-----w- C:\Users\Mark\AppData\Local\Adobe Tool
2013-09-15 19:31:13 -------- d-----w- C:\Users\Mark\AppData\Local\Adobe
2013-09-15 18:50:46 -------- d-----w- C:\Users\Mark\AppData\Local\Macromedia
2013-09-15 18:46:46 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-15 18:46:46 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-15 18:13:49 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2013-09-15 18:13:38 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2013-09-15 18:13:20 -------- d-----w- C:\Program Files\Microsoft SQL Server
2013-09-15 18:10:33 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2013-09-15 18:10:33 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-09-15 18:10:19 -------- d-----w- C:\Users\Mark\AppData\Local\Microsoft Help
2013-09-15 18:07:43 -------- d-----r- C:\Users\Mark\Podcasts
2013-09-15 18:07:08 -------- d-----w- C:\Windows\System32\drivers\UMDF\ko-KR
2013-09-15 18:07:06 -------- d-----w- C:\Windows\System32\drivers\UMDF\ms-MY
2013-09-15 18:07:04 -------- d-----w- C:\Windows\System32\drivers\UMDF\id-ID
2013-09-15 18:07:02 -------- d-----w- C:\Windows\System32\drivers\UMDF\sv-SE
2013-09-15 18:04:25 -------- d-----w- C:\Windows\PCHEALTH
2013-09-15 17:32:12 -------- d-----w- C:\Users\Mark\AppData\Roaming\deluge
2013-09-15 17:31:16 -------- d-----w- C:\Program Files (x86)\Deluge
2013-09-15 17:13:03 0 ----a-w- C:\Windows\ativpsrm.bin
2013-09-15 17:07:02 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-15 17:07:01 356864 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2013-09-15 17:07:01 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-15 17:07:01 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2013-09-15 17:07:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-15 17:07:00 278528 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-09-15 17:07:00 236032 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-09-15 17:07:00 217600 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-09-15 17:05:23 -------- d-----w- C:\Windows\System32\MRT
2013-09-15 16:58:30 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-09-15 16:58:26 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-09-15 16:47:56 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-09-15 16:46:54 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-15 16:46:41 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-09-15 16:46:41 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-09-15 16:45:24 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-09-15 16:45:24 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-09-15 16:45:24 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-09-15 16:45:24 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-09-15 16:45:24 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-15 06:06:51 -------- d-sh--w- C:\$RECYCLE.BIN
2013-09-15 06:00:07 98816 ----a-w- C:\Windows\sed.exe
2013-09-15 06:00:07 256000 ----a-w- C:\Windows\PEV.exe
2013-09-15 06:00:07 208896 ----a-w- C:\Windows\MBR.exe
2013-09-15 05:48:02 -------- d-----w- C:\AdwCleaner
2013-09-15 05:39:01 -------- d-----w- C:\Program Files (x86)\HP
2013-09-15 05:05:02 -------- d-----w- C:\Windows\Panther
2013-09-15 03:05:28 743248 ----a-w- C:\Windows\SysWow64\msvcp100d.dll
2013-09-15 03:05:28 1858896 ----a-w- C:\Windows\System32\msvcr100d.dll
2013-09-15 03:05:28 1498960 ----a-w- C:\Windows\SysWow64\msvcr100d.dll
2013-09-15 03:05:28 1014096 ----a-w- C:\Windows\System32\msvcp100d.dll
2013-09-15 03:05:28 -------- d-----w- C:\Program Files\Malwarebytes Anti-Exploit
2013-09-15 03:00:53 -------- d-----w- C:\Users\Mark\AppData\Roaming\Malwarebytes
2013-09-15 03:00:45 -------- d-----w- C:\ProgramData\Malwarebytes
2013-09-15 03:00:43 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-09-15 03:00:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-15 03:00:33 -------- d-----w- C:\Users\Mark\AppData\Local\Programs
2013-09-15 02:44:43 -------- d-----w- C:\Users\Mark\AppData\Roaming\AVG2013
2013-09-15 02:44:36 -------- d-----w- C:\Users\Mark\AppData\Local\AVG SafeGuard toolbar
2013-09-15 02:43:20 -------- d-----w- C:\Users\Mark\AppData\Roaming\TuneUp Software
2013-09-15 02:43:02 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-09-15 02:42:56 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2013-09-15 02:42:50 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2013-09-15 02:41:38 -------- d-----w- C:\Users\Mark\AppData\Local\Google
2013-09-15 02:41:30 -------- d-----w- C:\ProgramData\AVG2013
2013-09-15 02:41:00 -------- d-----w- C:\Users\Mark\AppData\Local\Apps
2013-09-15 02:40:59 -------- d-----w- C:\Users\Mark\AppData\Local\Deployment
2013-09-15 02:40:47 -------- d-----w- C:\Program Files (x86)\AVG
2013-09-15 02:38:21 -------- d-sh--w- C:\Windows\Installer
2013-09-15 02:37:51 -------- d--h--w- C:\ProgramData\Common Files
2013-09-15 02:37:51 -------- d-----w- C:\Users\Mark\AppData\Local\MFAData
2013-09-15 02:37:51 -------- d-----w- C:\Users\Mark\AppData\Local\Avg2013
2013-09-15 02:37:51 -------- d-----w- C:\ProgramData\MFAData
2013-09-15 01:33:31 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-09-15 01:33:05 142336 ----a-w- C:\Windows\System32\poqexec.exe
2013-09-15 01:33:05 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2013-09-15 01:32:10 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-09-15 01:32:02 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-09-15 01:31:52 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-09-15 01:31:52 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-09-05 05:43:42 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-08-23 02:24:10 -------- d-----w- C:\$AVG
.
==================== Find3M  ====================
.
2013-09-15 00:44:36 268435456 --sha-w- C:\swapfile.sys
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-10 00:02:14 66264 ----a-w- C:\Windows\System32\btwdi.dll
2013-08-10 00:02:14 2232024 ----a-w- C:\Windows\System32\BcmBtRSupport.dll
2013-08-10 00:02:14 170712 ----a-w- C:\Windows\System32\drivers\bcbtums.sys
2013-08-10 00:02:14 166104 ----a-w- C:\Windows\System32\drivers\btwampfl.sys
2013-08-10 00:02:12 2252504 ----a-w- C:\Windows\System32\BtwRSupportService.exe
2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-08-07 08:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-20 05:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-07-20 05:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-07-20 05:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-07-20 05:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-01 05:45:28 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 21:39:41.99 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:58 AM

Posted 20 September 2013 - 06:58 PM

Hello and welcome to BleepingComputer! 
 
 
 
I am Elle and I will be helping you out with your problem. Firstly, you should know that we are working with specific tools which are used to identify the possible threats present on your system so I will analyze the results they produce. 
 
 
As a start we need to have some more up-to-date logs than the ones you have already provided. The current state of the files on your system might have changed so we need to get a clear look on that aspect. DO NOT bring any changes to the system except the ones I tell you to as that may produce more damage than helping us. 
 
If you will encounter a delay of over 2 days from me, please don't hesitate and private message me (link in the signature). 
Do not forget to check your topic periodically and subscribe to it so that you can receive notifications regarding my replies.
 
 
 
Please generate other DDS logs (download it from here if you haven't already) and post them in your next reply along with other changes that may have occured since you last posted.
Also download and run GMER from this link: GMER download link.
 
 
 
Thank you very much for your patience. 
 
 
 
 
Regards,
 
Elle

Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#3 gunboundph1

gunboundph1
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:07:58 PM

Posted 20 September 2013 - 11:04 PM

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16686
Run by Mark at 23:57:02 on 2013-09-20
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.5611.3801 [GMT -4:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
C:\Windows\system32\BtwRSupportService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\HitmanPro\HitmanPro.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\AVG\AVG2013\avgui.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Malwarebytes Anti-Exploit\mbae64.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AdobeBridge] <no file>
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{E3027EBE-6F68-456C-AA4A-1D3507B6916A} : DHCPNameServer = 192.168.1.254
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL -
FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npAclmPlugin.dll
FF - plugin: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npPitPlugin.dll
FF - plugin: C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}\plugins\npProductDetectPlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - ExtSQL: 2013-09-15 01:38; {ab91efd4-6975-4081-8552-1b3922ed79e2}; C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF - ExtSQL: 2013-09-15 13:46; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; C:\Users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-7-20 71480]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-7-20 311608]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-7-1 116536]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-5 45880]
R1 Avgfwfd;AVG network filter service;C:\Windows\System32\drivers\avgfwd6a.sys [2012-9-4 50296]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-7-20 246072]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-7-20 206648]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-3-21 240952]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-9-14 45856]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Program Files\Malwarebytes Anti-Exploit\mbae64.sys [2013-9-14 62168]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-9-15 204288]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-9-4 1432080]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-7-23 283136]
R2 BcmBtRSupport;Bluetooth Driver Management Service;C:\Windows\System32\BtwRSupportService.exe [2013-8-9 2252504]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2013-9-19 109352]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2011-5-13 30520]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-9-14 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-9-14 701512]
R3 bcbtums;Bluetooth USB LD Filter;C:\Windows\System32\drivers\bcbtums.sys [2013-8-9 170712]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-9-14 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-3-14 726160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe --> C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [?]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2013-4-12 139592]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2013-4-12 418632]
S3 b06diag;Broadcom NetXtreme II Diag Driver;C:\Windows\System32\drivers\bxdiaga.sys [2013-3-14 88104]
S3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2013-3-14 157288]
S3 btwampfl;btwampfl;C:\Windows\System32\drivers\btwampfl.sys [2013-8-9 166104]
S3 bxfcoe;bxfcoe;C:\Windows\System32\drivers\bxfcoe.sys [2013-3-14 178216]
S3 bxois;bxois;C:\Windows\System32\drivers\bxois.sys [2013-3-14 539176]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-2-27 65152]
S3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;C:\Windows\System32\drivers\EtronSTOR.sys [2013-2-27 32512]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2013-2-27 88832]
S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2013-3-14 40144]
S3 ioatdma2;Intel® QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2013-3-14 42192]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2013-4-12 366216]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2013-4-12 786056]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2013-2-27 96768]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2013-2-27 213504]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2012-10-1 178824]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-16 19456]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-6-16 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-6-16 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-16 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-16 1255736]
.
=============== Created Last 30 ================
.
2013-09-20 02:41:57 12872 ----a-w- C:\Windows\System32\bootdelete.exe
2013-09-20 01:48:08 -------- d-----w- C:\Program Files\HitmanPro
2013-09-20 01:47:45 -------- d-----w- C:\ProgramData\HitmanPro
2013-09-20 01:24:22 9694160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DD9AE118-A996-4777-A108-DF6557D43748}\mpengine.dll
2013-09-20 01:12:28 -------- d-----w- C:\Users\Mark\AppData\Local\ElevatedDiagnostics
2013-09-19 02:40:07 -------- d-----w- C:\6023a16f65a5677854
2013-09-15 20:40:47 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2013-09-15 19:33:09 -------- d-----w- C:\Users\Mark\AppData\Local\Adobe Tool
2013-09-15 19:31:13 -------- d-----w- C:\Users\Mark\AppData\Local\Adobe
2013-09-15 18:50:46 -------- d-----w- C:\Users\Mark\AppData\Local\Macromedia
2013-09-15 18:46:46 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-15 18:46:46 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-09-15 18:13:49 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server
2013-09-15 18:13:38 -------- d-----w- C:\ProgramData\regid.1991-06.com.microsoft
2013-09-15 18:13:20 -------- d-----w- C:\Program Files\Microsoft SQL Server
2013-09-15 18:10:33 -------- d-----w- C:\Program Files\Microsoft Analysis Services
2013-09-15 18:10:33 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2013-09-15 18:10:19 -------- d-----w- C:\Users\Mark\AppData\Local\Microsoft Help
2013-09-15 18:07:43 -------- d-----r- C:\Users\Mark\Podcasts
2013-09-15 18:07:08 -------- d-----w- C:\Windows\System32\drivers\UMDF\ko-KR
2013-09-15 18:07:06 -------- d-----w- C:\Windows\System32\drivers\UMDF\ms-MY
2013-09-15 18:07:04 -------- d-----w- C:\Windows\System32\drivers\UMDF\id-ID
2013-09-15 18:07:02 -------- d-----w- C:\Windows\System32\drivers\UMDF\sv-SE
2013-09-15 18:04:25 -------- d-----w- C:\Windows\PCHEALTH
2013-09-15 17:32:12 -------- d-----w- C:\Users\Mark\AppData\Roaming\deluge
2013-09-15 17:31:16 -------- d-----w- C:\Program Files (x86)\Deluge
2013-09-15 17:13:03 0 ----a-w- C:\Windows\ativpsrm.bin
2013-09-15 17:07:02 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-09-15 17:07:01 356864 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2013-09-15 17:07:01 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-09-15 17:07:01 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2013-09-15 17:07:00 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2013-09-15 17:07:00 278528 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-09-15 17:07:00 236032 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-09-15 17:07:00 217600 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-09-15 17:05:23 -------- d-----w- C:\Windows\System32\MRT
2013-09-15 16:58:30 1620992 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL
2013-09-15 16:58:26 1888768 ----a-w- C:\Windows\System32\WMVDECOD.DLL
2013-09-15 16:47:56 1472512 ----a-w- C:\Windows\System32\crypt32.dll
2013-09-15 16:46:54 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-09-15 16:46:41 1643520 ----a-w- C:\Windows\System32\DWrite.dll
2013-09-15 16:46:41 1247744 ----a-w- C:\Windows\SysWow64\DWrite.dll
2013-09-15 16:45:24 936448 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2013-09-15 16:45:24 1732608 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2013-09-15 16:45:24 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2013-09-15 16:45:24 1393152 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2013-09-15 16:45:24 1367040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2013-09-15 06:06:51 -------- d-sh--w- C:\$RECYCLE.BIN
2013-09-15 06:00:07 98816 ----a-w- C:\Windows\sed.exe
2013-09-15 06:00:07 256000 ----a-w- C:\Windows\PEV.exe
2013-09-15 06:00:07 208896 ----a-w- C:\Windows\MBR.exe
2013-09-15 05:48:02 -------- d-----w- C:\AdwCleaner
2013-09-15 05:39:01 -------- d-----w- C:\Program Files (x86)\HP
2013-09-15 05:05:02 -------- d-----w- C:\Windows\Panther
2013-09-15 03:05:28 743248 ----a-w- C:\Windows\SysWow64\msvcp100d.dll
2013-09-15 03:05:28 1858896 ----a-w- C:\Windows\System32\msvcr100d.dll
2013-09-15 03:05:28 1498960 ----a-w- C:\Windows\SysWow64\msvcr100d.dll
2013-09-15 03:05:28 1014096 ----a-w- C:\Windows\System32\msvcp100d.dll
2013-09-15 03:05:28 -------- d-----w- C:\Program Files\Malwarebytes Anti-Exploit
2013-09-15 03:00:53 -------- d-----w- C:\Users\Mark\AppData\Roaming\Malwarebytes
2013-09-15 03:00:45 -------- d-----w- C:\ProgramData\Malwarebytes
2013-09-15 03:00:43 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-09-15 03:00:43 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-15 03:00:33 -------- d-----w- C:\Users\Mark\AppData\Local\Programs
2013-09-15 02:44:43 -------- d-----w- C:\Users\Mark\AppData\Roaming\AVG2013
2013-09-15 02:44:36 -------- d-----w- C:\Users\Mark\AppData\Local\AVG SafeGuard toolbar
2013-09-15 02:43:20 -------- d-----w- C:\Users\Mark\AppData\Roaming\TuneUp Software
2013-09-15 02:43:02 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys
2013-09-15 02:42:56 -------- d-----w- C:\ProgramData\AVG SafeGuard toolbar
2013-09-15 02:42:50 -------- d-----w- C:\Program Files (x86)\AVG SafeGuard toolbar
2013-09-15 02:41:38 -------- d-----w- C:\Users\Mark\AppData\Local\Google
2013-09-15 02:41:30 -------- d-----w- C:\ProgramData\AVG2013
2013-09-15 02:41:00 -------- d-----w- C:\Users\Mark\AppData\Local\Apps
2013-09-15 02:40:59 -------- d-----w- C:\Users\Mark\AppData\Local\Deployment
2013-09-15 02:40:47 -------- d-----w- C:\Program Files (x86)\AVG
2013-09-15 02:38:21 -------- d-sh--w- C:\Windows\Installer
2013-09-15 02:37:51 -------- d--h--w- C:\ProgramData\Common Files
2013-09-15 02:37:51 -------- d-----w- C:\Users\Mark\AppData\Local\MFAData
2013-09-15 02:37:51 -------- d-----w- C:\Users\Mark\AppData\Local\Avg2013
2013-09-15 02:37:51 -------- d-----w- C:\ProgramData\MFAData
2013-09-15 01:33:31 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-09-15 01:33:05 142336 ----a-w- C:\Windows\System32\poqexec.exe
2013-09-15 01:33:05 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2013-09-15 01:32:10 2622464 ----a-w- C:\Windows\System32\wucltux.dll
2013-09-15 01:32:02 99840 ----a-w- C:\Windows\System32\wudriver.dll
2013-09-15 01:31:52 36864 ----a-w- C:\Windows\System32\wuapp.exe
2013-09-15 01:31:52 186752 ----a-w- C:\Windows\System32\wuwebv.dll
2013-09-05 05:43:42 45880 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2013-08-23 02:24:10 -------- d-----w- C:\$AVG
.
==================== Find3M  ====================
.
2013-09-15 00:44:36 268435456 --sha-w- C:\swapfile.sys
2013-08-10 05:22:18 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-08-10 05:20:59 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2013-08-10 05:20:55 67072 ----a-w- C:\Windows\System32\iesetup.dll
2013-08-10 05:20:55 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2013-08-10 03:59:10 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-08-10 03:58:09 2876928 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-08-10 03:58:06 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2013-08-10 02:27:59 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-08-10 02:17:19 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-08-10 00:02:14 66264 ----a-w- C:\Windows\System32\btwdi.dll
2013-08-10 00:02:14 2232024 ----a-w- C:\Windows\System32\BcmBtRSupport.dll
2013-08-10 00:02:14 170712 ----a-w- C:\Windows\System32\drivers\bcbtums.sys
2013-08-10 00:02:14 166104 ----a-w- C:\Windows\System32\drivers\btwampfl.sys
2013-08-10 00:02:12 2252504 ----a-w- C:\Windows\System32\BtwRSupportService.exe
2013-08-08 01:20:43 3155456 ----a-w- C:\Windows\System32\win32k.sys
2013-08-07 08:22:02 278800 ------w- C:\Windows\System32\MpSigStub.exe
2013-08-05 02:25:45 155584 ----a-w- C:\Windows\System32\drivers\ataport.sys
2013-08-02 02:23:53 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-08-02 02:15:44 1732032 ----a-w- C:\Windows\System32\ntdll.dll
2013-08-02 02:15:03 362496 ----a-w- C:\Windows\System32\wow64win.dll
2013-08-02 02:15:03 243712 ----a-w- C:\Windows\System32\wow64.dll
2013-08-02 02:15:03 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2013-08-02 02:14:57 215040 ----a-w- C:\Windows\System32\winsrv.dll
2013-08-02 02:14:11 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2013-08-02 02:13:34 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2013-08-02 01:59:30 3968960 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-08-02 01:59:30 3913664 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-08-02 01:51:23 1292192 ----a-w- C:\Windows\SysWow64\ntdll.dll
2013-08-02 01:50:42 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2013-08-02 01:50:42 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2013-08-02 01:09:17 338432 ----a-w- C:\Windows\System32\conhost.exe
2013-08-02 00:59:09 112640 ----a-w- C:\Windows\System32\smss.exe
2013-08-02 00:45:37 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2013-08-02 00:45:36 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2013-08-02 00:45:35 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2013-08-02 00:45:34 2048 ----a-w- C:\Windows\SysWow64\user.exe
2013-08-02 00:43:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-08-02 00:43:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-08-02 00:43:05 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-08-02 00:43:05 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-07-20 05:51:00 311608 ----a-w- C:\Windows\System32\drivers\avgloga.sys
2013-07-20 05:50:56 71480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2013-07-20 05:50:56 246072 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
2013-07-20 05:50:50 206648 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
2013-07-19 01:58:42 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-07-19 01:41:01 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-07-09 05:52:52 224256 ----a-w- C:\Windows\System32\wintrust.dll
2013-07-09 05:51:16 1217024 ----a-w- C:\Windows\System32\rpcrt4.dll
2013-07-09 05:46:20 184320 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-07-09 05:46:20 139776 ----a-w- C:\Windows\System32\cryptnet.dll
2013-07-09 04:52:33 663552 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2013-07-09 04:52:10 175104 ----a-w- C:\Windows\SysWow64\wintrust.dll
2013-07-09 04:46:31 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll
2013-07-09 04:46:31 1166848 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-07-09 04:46:31 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-07-01 05:45:28 116536 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 23:57:40.60 ===============

 

 

 

 

 

GMER

GMER 2.1.19163 - http://www.gmer.net
Rootkit scan 2013-09-21 00:24:20
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-4 ST9500424AS rev.0001BSM1 465.76GB
Running: gmer.exe; Driver: C:\Users\Mark\AppData\Local\Temp\kxldypoc.sys

---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\AVG\AVG2013\avgfws.exe[1980] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69   0000000074d61465 2 bytes [D6, 74]
.text   C:\Program Files (x86)\AVG\AVG2013\avgfws.exe[1980] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155  0000000074d614bb 2 bytes [D6, 74]
.text   ...                                                                                                           * 2
.text   C:\Program Files (x86)\AVG\AVG2013\avgui.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69    0000000074d61465 2 bytes [D6, 74]
.text   C:\Program Files (x86)\AVG\AVG2013\avgui.exe[3088] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155   0000000074d614bb 2 bytes [D6, 74]
.text   ...                                                                                                           * 2

---- Threads - GMER 2.1 ----

Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1636:2792]                                        00000000771e3e85
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1636:3076]                                        00000000771e3e85
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1636:2664]                                        0000000075ba7587
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1636:3464]                                        000000006b5c0cb3
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1636:3936]                                        00000000771e2e65
Thread  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [1636:5172]                                        00000000771e3e85

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\cc52aff27b1c                                  
Reg     HKLM\SYSTEM\CurrentControlSet\services\HitmanProScheduler@Type                                                16
Reg     HKLM\SYSTEM\CurrentControlSet\services\HitmanProScheduler@Start                                               2
Reg     HKLM\SYSTEM\CurrentControlSet\services\HitmanProScheduler@ErrorControl                                        1
Reg     HKLM\SYSTEM\CurrentControlSet\services\HitmanProScheduler@ImagePath                                           C:\Program Files\HitmanPro\hmpsched.exe
Reg     HKLM\SYSTEM\CurrentControlSet\services\HitmanProScheduler@DisplayName                                         HitmanPro Scheduler
Reg     HKLM\SYSTEM\CurrentControlSet\services\HitmanProScheduler@Group                                               PNP_TDI
Reg     HKLM\SYSTEM\CurrentControlSet\services\HitmanProScheduler@ObjectName                                          LocalSystem
Reg     HKLM\SYSTEM\CurrentControlSet\services\HitmanProScheduler@Description                                         HitmanPro Scheduler controls scheduled scans
Reg     HKLM\SYSTEM\CurrentControlSet\services\HitmanProScheduler                                                    
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\cc52aff27b1c (not active ControlSet)              

---- EOF - GMER 2.1 ----

Attached Files


Edited by gunboundph1, 20 September 2013 - 11:25 PM.


#4 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:58 AM

Posted 21 September 2013 - 01:51 PM

Hi there,

 

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it. 
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
  •  

     

     

     

    Elle 


    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #5 gunboundph1

    gunboundph1
    • Topic Starter

    • Members
    • 16 posts
    • OFFLINE
    •  
    • Local time:07:58 PM

    Posted 22 September 2013 - 12:20 AM

    01:15:30.0328 0x0640  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
    01:15:30.0685 0x0640  ============================================================
    01:15:30.0685 0x0640  Current date / time: 2013/09/22 01:15:30.0685
    01:15:30.0685 0x0640  SystemInfo:
    01:15:30.0685 0x0640 
    01:15:30.0685 0x0640  OS Version: 6.1.7601 ServicePack: 1.0
    01:15:30.0685 0x0640  Product type: Workstation
    01:15:30.0685 0x0640  ComputerName: MARK-PC
    01:15:30.0686 0x0640  UserName: Mark
    01:15:30.0686 0x0640  Windows directory: C:\Windows
    01:15:30.0686 0x0640  System windows directory: C:\Windows
    01:15:30.0686 0x0640  Running under WOW64
    01:15:30.0686 0x0640  Processor architecture: Intel x64
    01:15:30.0686 0x0640  Number of processors: 4
    01:15:30.0686 0x0640  Page size: 0x1000
    01:15:30.0686 0x0640  Boot type: Normal boot
    01:15:30.0686 0x0640  ============================================================
    01:15:32.0061 0x0640  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    01:15:32.0078 0x0640  ============================================================
    01:15:32.0078 0x0640  \Device\Harddisk0\DR0:
    01:15:32.0078 0x0640  MBR partitions:
    01:15:32.0078 0x0640  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
    01:15:32.0078 0x0640  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
    01:15:32.0078 0x0640  ============================================================
    01:15:32.0101 0x0640  C: <-> \Device\Harddisk0\DR0\Partition2
    01:15:32.0108 0x0640  E: <-> \Device\Harddisk0\DR0\Partition1
    01:15:32.0108 0x0640  ============================================================
    01:15:32.0108 0x0640  Initialize success
    01:15:32.0108 0x0640  ============================================================
    01:15:56.0084 0x13f0  ============================================================
    01:15:56.0084 0x13f0  Scan started
    01:15:56.0084 0x13f0  Mode: Manual;
    01:15:56.0084 0x13f0  ============================================================
    01:15:57.0506 0x13f0  ================ Scan system memory ========================
    01:15:57.0506 0x13f0  System memory - ok
    01:15:57.0507 0x13f0  ================ Scan services =============================
    01:15:57.0649 0x13f0  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
    01:15:57.0654 0x13f0  1394ohci - ok
    01:15:57.0677 0x13f0  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
    01:15:57.0678 0x13f0  Accelerometer - ok
    01:15:57.0706 0x13f0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
    01:15:57.0712 0x13f0  ACPI - ok
    01:15:57.0738 0x13f0  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
    01:15:57.0740 0x13f0  AcpiPmi - ok
    01:15:57.0759 0x13f0  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
    01:15:57.0767 0x13f0  adp94xx - ok
    01:15:57.0789 0x13f0  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
    01:15:57.0796 0x13f0  adpahci - ok
    01:15:57.0811 0x13f0  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
    01:15:57.0815 0x13f0  adpu320 - ok
    01:15:57.0839 0x13f0  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
    01:15:57.0840 0x13f0  AeLookupSvc - ok
    01:15:57.0892 0x13f0  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
    01:15:57.0907 0x13f0  AFD - ok
    01:15:57.0926 0x13f0  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
    01:15:57.0929 0x13f0  agp440 - ok
    01:15:57.0944 0x13f0  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
    01:15:57.0948 0x13f0  ALG - ok
    01:15:57.0972 0x13f0  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
    01:15:57.0979 0x13f0  aliide - ok
    01:15:58.0014 0x13f0  [ 3DE8DC285540733818588CC94E7FC96E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    01:15:58.0018 0x13f0  AMD External Events Utility - ok
    01:15:58.0035 0x13f0  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
    01:15:58.0038 0x13f0  amdide - ok
    01:15:58.0061 0x13f0  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
    01:15:58.0063 0x13f0  AmdK8 - ok
    01:15:58.0465 0x13f0  [ 42D53DAF85F948C39CE1351A8F5B5808 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
    01:15:58.0688 0x13f0  amdkmdag - ok
    01:15:58.0724 0x13f0  [ 75182B5784015B271932088551616A96 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
    01:15:58.0727 0x13f0  amdkmdap - ok
    01:15:58.0760 0x13f0  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
    01:15:58.0761 0x13f0  AmdPPM - ok
    01:15:58.0798 0x13f0  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
    01:15:58.0801 0x13f0  amdsata - ok
    01:15:58.0813 0x13f0  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
    01:15:58.0818 0x13f0  amdsbs - ok
    01:15:58.0836 0x13f0  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
    01:15:58.0837 0x13f0  amdxata - ok
    01:15:58.0870 0x13f0  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
    01:15:58.0873 0x13f0  AppID - ok
    01:15:58.0894 0x13f0  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
    01:15:58.0896 0x13f0  AppIDSvc - ok
    01:15:58.0925 0x13f0  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
    01:15:58.0926 0x13f0  Appinfo - ok
    01:15:58.0962 0x13f0  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
    01:15:58.0969 0x13f0  AppMgmt - ok
    01:15:58.0995 0x13f0  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
    01:15:58.0998 0x13f0  arc - ok
    01:15:59.0006 0x13f0  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
    01:15:59.0009 0x13f0  arcsas - ok
    01:15:59.0039 0x13f0  [ 236023DAC93037A8DDE9539F36D7F3EE ] asmthub3        C:\Windows\system32\drivers\asmthub3.sys
    01:15:59.0044 0x13f0  asmthub3 - ok
    01:15:59.0079 0x13f0  [ 1390ABD16ADE1F2443B5749D06C4C8F2 ] asmtxhci        C:\Windows\system32\drivers\asmtxhci.sys
    01:15:59.0089 0x13f0  asmtxhci - ok
    01:15:59.0113 0x13f0  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
    01:15:59.0115 0x13f0  AsyncMac - ok
    01:15:59.0137 0x13f0  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
    01:15:59.0138 0x13f0  atapi - ok
    01:15:59.0194 0x13f0  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    01:15:59.0205 0x13f0  AudioEndpointBuilder - ok
    01:15:59.0220 0x13f0  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
    01:15:59.0226 0x13f0  AudioSrv - ok
    01:15:59.0257 0x13f0  [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
    01:15:59.0258 0x13f0  Avgfwfd - ok
    01:15:59.0430 0x13f0  [ 51782A3D230D0337853B43D0810D0193 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
    01:15:59.0445 0x13f0  avgfws - ok
    01:15:59.0638 0x13f0  [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
    01:15:59.0677 0x13f0  AVGIDSAgent - ok
    01:15:59.0718 0x13f0  [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
    01:15:59.0720 0x13f0  AVGIDSDriver - ok
    01:15:59.0731 0x13f0  [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
    01:15:59.0735 0x13f0  AVGIDSHA - ok
    01:15:59.0761 0x13f0  [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
    01:15:59.0764 0x13f0  Avgldx64 - ok
    01:15:59.0797 0x13f0  [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
    01:15:59.0802 0x13f0  Avgloga - ok
    01:15:59.0814 0x13f0  [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
    01:15:59.0818 0x13f0  Avgmfx64 - ok
    01:15:59.0841 0x13f0  [ 4494718783294ECFFBA7E89D82BAE6E1 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
    01:15:59.0843 0x13f0  Avgrkx64 - ok
    01:15:59.0864 0x13f0  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
    01:15:59.0866 0x13f0  Avgtdia - ok
    01:15:59.0891 0x13f0  [ 0B2520AA90C20971BDB45AE6F3047E0F ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
    01:15:59.0893 0x13f0  avgtp - ok
    01:15:59.0934 0x13f0  [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
    01:15:59.0940 0x13f0  avgwd - ok
    01:15:59.0994 0x13f0  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
    01:15:59.0997 0x13f0  AxInstSV - ok
    01:16:00.0037 0x13f0  [ 1FED668A08CD871ED317A0388CDD4537 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
    01:16:00.0046 0x13f0  b06bdrv - ok
    01:16:00.0074 0x13f0  [ CFE42B9C72CD047E478C3B7F4B1FAFFD ] b06diag         C:\Windows\system32\drivers\bxdiaga.sys
    01:16:00.0077 0x13f0  b06diag - ok
    01:16:00.0113 0x13f0  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
    01:16:00.0118 0x13f0  b57nd60a - ok
    01:16:00.0172 0x13f0  [ 70433F7A216BD0B5EC7DA1202EE53E65 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
    01:16:00.0174 0x13f0  bcbtums - ok
    01:16:00.0367 0x13f0  [ FBC76C8D561D0AD159EF9452D9F328F6 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
    01:16:00.0406 0x13f0  BCM43XX - ok
    01:16:00.0490 0x13f0  [ 18B186BCC56EC611DE519CBA7D4F65B0 ] BcmBtRSupport   C:\Windows\system32\BtwRSupportService.exe
    01:16:00.0553 0x13f0  BcmBtRSupport - ok
    01:16:00.0590 0x13f0  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
    01:16:00.0593 0x13f0  BDESVC - ok
    01:16:00.0623 0x13f0  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
    01:16:00.0625 0x13f0  Beep - ok
    01:16:00.0670 0x13f0  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
    01:16:00.0694 0x13f0  BFE - ok
    01:16:00.0736 0x13f0  [ 33B114FC0394358DB521828B6F6ACC54 ] BFN7x64         C:\Windows\system32\drivers\Xeno7x64.sys
    01:16:00.0741 0x13f0  BFN7x64 - ok
    01:16:00.0790 0x13f0  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
    01:16:00.0807 0x13f0  BITS - ok
    01:16:00.0845 0x13f0  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
    01:16:00.0848 0x13f0  blbdrive - ok
    01:16:00.0863 0x13f0  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
    01:16:00.0867 0x13f0  bowser - ok
    01:16:00.0891 0x13f0  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
    01:16:00.0894 0x13f0  BrFiltLo - ok
    01:16:00.0910 0x13f0  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
    01:16:00.0914 0x13f0  BrFiltUp - ok
    01:16:00.0928 0x13f0  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
    01:16:00.0932 0x13f0  BridgeMP - ok
    01:16:00.0957 0x13f0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
    01:16:00.0959 0x13f0  Browser - ok
    01:16:00.0982 0x13f0  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
    01:16:00.0990 0x13f0  Brserid - ok
    01:16:01.0010 0x13f0  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
    01:16:01.0014 0x13f0  BrSerWdm - ok
    01:16:01.0042 0x13f0  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
    01:16:01.0045 0x13f0  BrUsbMdm - ok
    01:16:01.0057 0x13f0  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
    01:16:01.0060 0x13f0  BrUsbSer - ok
    01:16:01.0102 0x13f0  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
    01:16:01.0105 0x13f0  BthEnum - ok
    01:16:01.0118 0x13f0  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
    01:16:01.0122 0x13f0  BTHMODEM - ok
    01:16:01.0142 0x13f0  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
    01:16:01.0145 0x13f0  BthPan - ok
    01:16:01.0178 0x13f0  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
    01:16:01.0190 0x13f0  BTHPORT - ok
    01:16:01.0232 0x13f0  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
    01:16:01.0235 0x13f0  bthserv - ok
    01:16:01.0243 0x13f0  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
    01:16:01.0245 0x13f0  BTHUSB - ok
    01:16:01.0284 0x13f0  [ BC279FCEE9FC8CBF991D5DE539771AA9 ] btwampfl        C:\Windows\system32\DRIVERS\btwampfl.sys
    01:16:01.0292 0x13f0  btwampfl - ok
    01:16:01.0325 0x13f0  [ 96858ECF6D017E33A5A1A87E7A1E3206 ] bxfcoe          C:\Windows\system32\drivers\bxfcoe.sys
    01:16:01.0331 0x13f0  bxfcoe - ok
    01:16:01.0389 0x13f0  [ 33B60616D5DE1D7FE8B5939D437BC74F ] bxois           C:\Windows\system32\drivers\bxois.sys
    01:16:01.0401 0x13f0  bxois - ok
    01:16:01.0432 0x13f0  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
    01:16:01.0436 0x13f0  cdfs - ok
    01:16:01.0482 0x13f0  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
    01:16:01.0488 0x13f0  cdrom - ok
    01:16:01.0515 0x13f0  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
    01:16:01.0519 0x13f0  CertPropSvc - ok
    01:16:01.0553 0x13f0  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
    01:16:01.0558 0x13f0  circlass - ok
    01:16:01.0603 0x13f0  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
    01:16:01.0613 0x13f0  CLFS - ok
    01:16:01.0695 0x13f0  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    01:16:01.0698 0x13f0  clr_optimization_v2.0.50727_32 - ok
    01:16:01.0742 0x13f0  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    01:16:01.0745 0x13f0  clr_optimization_v2.0.50727_64 - ok
    01:16:01.0859 0x13f0  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    01:16:01.0863 0x13f0  clr_optimization_v4.0.30319_32 - ok
    01:16:01.0926 0x13f0  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    01:16:01.0930 0x13f0  clr_optimization_v4.0.30319_64 - ok
    01:16:01.0959 0x13f0  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
    01:16:01.0961 0x13f0  CmBatt - ok
    01:16:01.0978 0x13f0  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
    01:16:01.0980 0x13f0  cmdide - ok
    01:16:02.0034 0x13f0  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
    01:16:02.0055 0x13f0  CNG - ok
    01:16:02.0071 0x13f0  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
    01:16:02.0073 0x13f0  Compbatt - ok
    01:16:02.0083 0x13f0  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
    01:16:02.0085 0x13f0  CompositeBus - ok
    01:16:02.0089 0x13f0  COMSysApp - ok
    01:16:02.0110 0x13f0  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
    01:16:02.0112 0x13f0  crcdisk - ok
    01:16:02.0139 0x13f0  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
    01:16:02.0143 0x13f0  CryptSvc - ok
    01:16:02.0178 0x13f0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
    01:16:02.0187 0x13f0  CSC - ok
    01:16:02.0208 0x13f0  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
    01:16:02.0221 0x13f0  CscService - ok
    01:16:02.0261 0x13f0  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
    01:16:02.0271 0x13f0  DcomLaunch - ok
    01:16:02.0299 0x13f0  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
    01:16:02.0305 0x13f0  defragsvc - ok
    01:16:02.0323 0x13f0  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
    01:16:02.0326 0x13f0  DfsC - ok
    01:16:02.0353 0x13f0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
    01:16:02.0359 0x13f0  Dhcp - ok
    01:16:02.0365 0x13f0  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
    01:16:02.0366 0x13f0  discache - ok
    01:16:02.0391 0x13f0  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
    01:16:02.0394 0x13f0  Disk - ok
    01:16:02.0432 0x13f0  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
    01:16:02.0442 0x13f0  dmvsc - ok
    01:16:02.0472 0x13f0  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
    01:16:02.0479 0x13f0  Dnscache - ok
    01:16:02.0507 0x13f0  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
    01:16:02.0516 0x13f0  dot3svc - ok
    01:16:02.0529 0x13f0  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
    01:16:02.0534 0x13f0  DPS - ok
    01:16:02.0574 0x13f0  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
    01:16:02.0577 0x13f0  drmkaud - ok
    01:16:02.0621 0x13f0  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
    01:16:02.0630 0x13f0  DXGKrnl - ok
    01:16:02.0667 0x13f0  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
    01:16:02.0669 0x13f0  EapHost - ok
    01:16:02.0750 0x13f0  [ 8947C98CC212AEEE1FABEC4582F652EE ] ebdrv           C:\Windows\system32\drivers\evbda.sys
    01:16:02.0814 0x13f0  ebdrv - ok
    01:16:02.0840 0x13f0  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
    01:16:02.0842 0x13f0  EFS - ok
    01:16:02.0904 0x13f0  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
    01:16:02.0915 0x13f0  ehRecvr - ok
    01:16:02.0921 0x13f0  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
    01:16:02.0924 0x13f0  ehSched - ok
    01:16:02.0959 0x13f0  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
    01:16:02.0985 0x13f0  elxstor - ok
    01:16:02.0998 0x13f0  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
    01:16:03.0002 0x13f0  ErrDev - ok
    01:16:03.0097 0x13f0  [ 7DFAD0FB752A51B047A0870FD7255FD0 ] ESProtectionDriver C:\Program Files\Malwarebytes Anti-Exploit\MBAE64.sys
    01:16:03.0098 0x13f0  ESProtectionDriver - ok
    01:16:03.0133 0x13f0  [ 3DBC10CBC436288801FAEE66DE91AE47 ] EtronHub3       C:\Windows\System32\Drivers\EtronHub3.sys
    01:16:03.0136 0x13f0  EtronHub3 - ok
    01:16:03.0159 0x13f0  [ 1EDF0CF390B84266FD7FFED38AB7DCAC ] EtronSTOR       C:\Windows\System32\Drivers\EtronSTOR.sys
    01:16:03.0161 0x13f0  EtronSTOR - ok
    01:16:03.0177 0x13f0  [ DE261095A2220D400D9603E1E42D4185 ] EtronXHCI       C:\Windows\System32\Drivers\EtronXHCI.sys
    01:16:03.0179 0x13f0  EtronXHCI - ok
    01:16:03.0208 0x13f0  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
    01:16:03.0216 0x13f0  EventSystem - ok
    01:16:03.0242 0x13f0  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
    01:16:03.0247 0x13f0  exfat - ok
    01:16:03.0272 0x13f0  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
    01:16:03.0277 0x13f0  fastfat - ok
    01:16:03.0366 0x13f0  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
    01:16:03.0378 0x13f0  Fax - ok
    01:16:03.0396 0x13f0  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
    01:16:03.0397 0x13f0  fdc - ok
    01:16:03.0429 0x13f0  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
    01:16:03.0433 0x13f0  fdPHost - ok
    01:16:03.0449 0x13f0  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
    01:16:03.0454 0x13f0  FDResPub - ok
    01:16:03.0472 0x13f0  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
    01:16:03.0475 0x13f0  FileInfo - ok
    01:16:03.0482 0x13f0  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
    01:16:03.0484 0x13f0  Filetrace - ok
    01:16:03.0501 0x13f0  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
    01:16:03.0504 0x13f0  flpydisk - ok
    01:16:03.0533 0x13f0  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
    01:16:03.0539 0x13f0  FltMgr - ok
    01:16:03.0769 0x13f0  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
    01:16:03.0827 0x13f0  FontCache - ok
    01:16:03.0923 0x13f0  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    01:16:03.0929 0x13f0  FontCache3.0.0.0 - ok
    01:16:03.0952 0x13f0  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
    01:16:03.0955 0x13f0  FsDepends - ok
    01:16:03.0968 0x13f0  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
    01:16:03.0969 0x13f0  Fs_Rec - ok
    01:16:03.0996 0x13f0  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
    01:16:04.0001 0x13f0  fvevol - ok
    01:16:04.0030 0x13f0  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
    01:16:04.0039 0x13f0  gagp30kx - ok
    01:16:04.0133 0x13f0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
    01:16:04.0173 0x13f0  gpsvc - ok
    01:16:04.0224 0x13f0  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    01:16:04.0228 0x13f0  gupdate - ok
    01:16:04.0237 0x13f0  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    01:16:04.0239 0x13f0  gupdatem - ok
    01:16:04.0275 0x13f0  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
    01:16:04.0278 0x13f0  hcw85cir - ok
    01:16:04.0313 0x13f0  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    01:16:04.0320 0x13f0  HdAudAddService - ok
    01:16:04.0341 0x13f0  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
    01:16:04.0344 0x13f0  HDAudBus - ok
    01:16:04.0365 0x13f0  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
    01:16:04.0369 0x13f0  HidBatt - ok
    01:16:04.0386 0x13f0  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
    01:16:04.0390 0x13f0  HidBth - ok
    01:16:04.0406 0x13f0  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
    01:16:04.0410 0x13f0  HidIr - ok
    01:16:04.0429 0x13f0  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
    01:16:04.0432 0x13f0  hidserv - ok
    01:16:04.0457 0x13f0  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
    01:16:04.0459 0x13f0  HidUsb - ok
    01:16:04.0492 0x13f0  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
    01:16:04.0495 0x13f0  hkmsvc - ok
    01:16:04.0512 0x13f0  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    01:16:04.0518 0x13f0  HomeGroupListener - ok
    01:16:04.0544 0x13f0  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    01:16:04.0550 0x13f0  HomeGroupProvider - ok
    01:16:04.0570 0x13f0  [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
    01:16:04.0571 0x13f0  hpdskflt - ok
    01:16:04.0604 0x13f0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
    01:16:04.0607 0x13f0  HpSAMD - ok
    01:16:04.0614 0x13f0  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv           C:\Windows\system32\Hpservice.exe
    01:16:04.0616 0x13f0  hpsrv - ok
    01:16:04.0640 0x13f0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
    01:16:04.0654 0x13f0  HTTP - ok
    01:16:04.0661 0x13f0  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
    01:16:04.0662 0x13f0  hwpolicy - ok
    01:16:04.0689 0x13f0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
    01:16:04.0692 0x13f0  i8042prt - ok
    01:16:04.0735 0x13f0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
    01:16:04.0744 0x13f0  iaStorV - ok
    01:16:04.0811 0x13f0  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    01:16:04.0844 0x13f0  idsvc - ok
    01:16:04.0882 0x13f0  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
    01:16:04.0885 0x13f0  iirsp - ok
    01:16:04.0945 0x13f0  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
    01:16:04.0961 0x13f0  IKEEXT - ok
    01:16:04.0993 0x13f0  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
    01:16:04.0995 0x13f0  intelide - ok
    01:16:05.0055 0x13f0  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
    01:16:05.0058 0x13f0  intelppm - ok
    01:16:05.0222 0x13f0  [ E45575812630B049CE0F679D87561A4D ] ioatdma1        C:\Windows\System32\Drivers\qd162x64.sys
    01:16:05.0226 0x13f0  ioatdma1 - ok
    01:16:05.0254 0x13f0  [ 2C23820DD9E81199E60F553EB50BC449 ] ioatdma2        C:\Windows\System32\Drivers\qd262x64.sys
    01:16:05.0257 0x13f0  ioatdma2 - ok
    01:16:05.0285 0x13f0  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
    01:16:05.0290 0x13f0  IPBusEnum - ok
    01:16:05.0310 0x13f0  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
    01:16:05.0314 0x13f0  IpFilterDriver - ok
    01:16:05.0372 0x13f0  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
    01:16:05.0384 0x13f0  iphlpsvc - ok
    01:16:05.0397 0x13f0  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
    01:16:05.0400 0x13f0  IPMIDRV - ok
    01:16:05.0424 0x13f0  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
    01:16:05.0426 0x13f0  IPNAT - ok
    01:16:05.0453 0x13f0  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
    01:16:05.0455 0x13f0  IRENUM - ok
    01:16:05.0467 0x13f0  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
    01:16:05.0469 0x13f0  isapnp - ok
    01:16:05.0489 0x13f0  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
    01:16:05.0494 0x13f0  iScsiPrt - ok
    01:16:05.0511 0x13f0  [ 2D15CEDF619796002E8640F73A4BF920 ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
    01:16:05.0519 0x13f0  iusb3hub - ok
    01:16:05.0565 0x13f0  [ F1E93FE111924D0BC853155AADF8048B ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
    01:16:05.0579 0x13f0  iusb3xhc - ok
    01:16:05.0601 0x13f0  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
    01:16:05.0602 0x13f0  kbdclass - ok
    01:16:05.0630 0x13f0  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
    01:16:05.0633 0x13f0  kbdhid - ok
    01:16:05.0656 0x13f0  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
    01:16:05.0660 0x13f0  KeyIso - ok
    01:16:05.0678 0x13f0  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
    01:16:05.0682 0x13f0  KSecDD - ok
    01:16:05.0697 0x13f0  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
    01:16:05.0701 0x13f0  KSecPkg - ok
    01:16:05.0719 0x13f0  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
    01:16:05.0722 0x13f0  ksthunk - ok
    01:16:05.0757 0x13f0  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
    01:16:05.0766 0x13f0  KtmRm - ok
    01:16:05.0792 0x13f0  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
    01:16:05.0798 0x13f0  LanmanServer - ok
    01:16:05.0816 0x13f0  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    01:16:05.0821 0x13f0  LanmanWorkstation - ok
    01:16:05.0844 0x13f0  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
    01:16:05.0848 0x13f0  lltdio - ok
    01:16:05.0871 0x13f0  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
    01:16:05.0878 0x13f0  lltdsvc - ok
    01:16:05.0894 0x13f0  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
    01:16:05.0898 0x13f0  lmhosts - ok
    01:16:05.0924 0x13f0  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
    01:16:05.0927 0x13f0  LSI_FC - ok
    01:16:05.0942 0x13f0  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
    01:16:05.0945 0x13f0  LSI_SAS - ok
    01:16:05.0961 0x13f0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
    01:16:05.0964 0x13f0  LSI_SAS2 - ok
    01:16:05.0970 0x13f0  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
    01:16:05.0972 0x13f0  LSI_SCSI - ok
    01:16:05.0991 0x13f0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
    01:16:05.0994 0x13f0  luafv - ok
    01:16:06.0015 0x13f0  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
    01:16:06.0016 0x13f0  MBAMProtector - ok
    01:16:06.0104 0x13f0  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    01:16:06.0116 0x13f0  MBAMScheduler - ok
    01:16:06.0146 0x13f0  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    01:16:06.0164 0x13f0  MBAMService - ok
    01:16:06.0211 0x13f0  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
    01:16:06.0214 0x13f0  Mcx2Svc - ok
    01:16:06.0230 0x13f0  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
    01:16:06.0233 0x13f0  megasas - ok
    01:16:06.0262 0x13f0  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
    01:16:06.0267 0x13f0  MegaSR - ok
    01:16:06.0292 0x13f0  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
    01:16:06.0298 0x13f0  MMCSS - ok
    01:16:06.0313 0x13f0  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
    01:16:06.0314 0x13f0  Modem - ok
    01:16:06.0331 0x13f0  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
    01:16:06.0332 0x13f0  monitor - ok
    01:16:06.0337 0x13f0  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
    01:16:06.0338 0x13f0  mouclass - ok
    01:16:06.0354 0x13f0  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
    01:16:06.0356 0x13f0  mouhid - ok
    01:16:06.0361 0x13f0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
    01:16:06.0363 0x13f0  mountmgr - ok
    01:16:06.0402 0x13f0  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    01:16:06.0405 0x13f0  MozillaMaintenance - ok
    01:16:06.0421 0x13f0  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
    01:16:06.0425 0x13f0  mpio - ok
    01:16:06.0431 0x13f0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
    01:16:06.0433 0x13f0  mpsdrv - ok
    01:16:06.0467 0x13f0  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
    01:16:06.0481 0x13f0  MpsSvc - ok
    01:16:06.0498 0x13f0  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
    01:16:06.0502 0x13f0  MRxDAV - ok
    01:16:06.0522 0x13f0  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
    01:16:06.0523 0x13f0  mrxsmb - ok
    01:16:06.0544 0x13f0  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
    01:16:06.0549 0x13f0  mrxsmb10 - ok
    01:16:06.0556 0x13f0  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
    01:16:06.0558 0x13f0  mrxsmb20 - ok
    01:16:06.0584 0x13f0  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
    01:16:06.0585 0x13f0  msahci - ok
    01:16:06.0604 0x13f0  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
    01:16:06.0607 0x13f0  msdsm - ok
    01:16:06.0620 0x13f0  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
    01:16:06.0624 0x13f0  MSDTC - ok
    01:16:06.0646 0x13f0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
    01:16:06.0649 0x13f0  Msfs - ok
    01:16:06.0664 0x13f0  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
    01:16:06.0666 0x13f0  mshidkmdf - ok
    01:16:06.0671 0x13f0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
    01:16:06.0672 0x13f0  msisadrv - ok
    01:16:06.0698 0x13f0  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
    01:16:06.0702 0x13f0  MSiSCSI - ok
    01:16:06.0708 0x13f0  msiserver - ok
    01:16:06.0736 0x13f0  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
    01:16:06.0738 0x13f0  MSKSSRV - ok
    01:16:06.0751 0x13f0  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
    01:16:06.0757 0x13f0  MSPCLOCK - ok
    01:16:06.0767 0x13f0  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
    01:16:06.0769 0x13f0  MSPQM - ok
    01:16:06.0790 0x13f0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
    01:16:06.0797 0x13f0  MsRPC - ok
    01:16:06.0806 0x13f0  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
    01:16:06.0807 0x13f0  mssmbios - ok
    01:16:06.0829 0x13f0  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
    01:16:06.0831 0x13f0  MSTEE - ok
    01:16:06.0842 0x13f0  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
    01:16:06.0844 0x13f0  MTConfig - ok
    01:16:06.0850 0x13f0  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
    01:16:06.0851 0x13f0  Mup - ok
    01:16:06.0882 0x13f0  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
    01:16:06.0891 0x13f0  napagent - ok
    01:16:06.0915 0x13f0  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
    01:16:06.0921 0x13f0  NativeWifiP - ok
    01:16:06.0968 0x13f0  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
    01:16:06.0983 0x13f0  NDIS - ok
    01:16:07.0001 0x13f0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
    01:16:07.0004 0x13f0  NdisCap - ok
    01:16:07.0020 0x13f0  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
    01:16:07.0023 0x13f0  NdisTapi - ok
    01:16:07.0028 0x13f0  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
    01:16:07.0030 0x13f0  Ndisuio - ok
    01:16:07.0046 0x13f0  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
    01:16:07.0051 0x13f0  NdisWan - ok
    01:16:07.0057 0x13f0  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
    01:16:07.0059 0x13f0  NDProxy - ok
    01:16:07.0069 0x13f0  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
    01:16:07.0071 0x13f0  NetBIOS - ok
    01:16:07.0079 0x13f0  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
    01:16:07.0083 0x13f0  NetBT - ok
    01:16:07.0097 0x13f0  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
    01:16:07.0099 0x13f0  Netlogon - ok
    01:16:07.0135 0x13f0  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
    01:16:07.0142 0x13f0  Netman - ok
    01:16:07.0165 0x13f0  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
    01:16:07.0173 0x13f0  netprofm - ok
    01:16:07.0193 0x13f0  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    01:16:07.0196 0x13f0  NetTcpPortSharing - ok
    01:16:07.0232 0x13f0  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
    01:16:07.0234 0x13f0  nfrd960 - ok
    01:16:07.0277 0x13f0  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
    01:16:07.0283 0x13f0  NlaSvc - ok
    01:16:07.0298 0x13f0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
    01:16:07.0301 0x13f0  Npfs - ok
    01:16:07.0324 0x13f0  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
    01:16:07.0327 0x13f0  nsi - ok
    01:16:07.0333 0x13f0  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
    01:16:07.0334 0x13f0  nsiproxy - ok
    01:16:07.0390 0x13f0  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
    01:16:07.0427 0x13f0  Ntfs - ok
    01:16:07.0436 0x13f0  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
    01:16:07.0438 0x13f0  Null - ok
    01:16:07.0455 0x13f0  [ B227E75AD10A142DD326B4CC8D73A6D9 ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
    01:16:07.0458 0x13f0  nusb3hub - ok
    01:16:07.0491 0x13f0  [ 55959DB860E4E484681586824D09E52C ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
    01:16:07.0496 0x13f0  nusb3xhc - ok
    01:16:07.0514 0x13f0  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
    01:16:07.0518 0x13f0  nvraid - ok
    01:16:07.0525 0x13f0  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
    01:16:07.0528 0x13f0  nvstor - ok
    01:16:07.0553 0x13f0  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
    01:16:07.0556 0x13f0  nv_agp - ok
    01:16:07.0575 0x13f0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
    01:16:07.0579 0x13f0  ohci1394 - ok
    01:16:07.0675 0x13f0  [ B9C125314A025127FE562C116D614AA3 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    01:16:07.0681 0x13f0  ose64 - ok
    01:16:07.0895 0x13f0  [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    01:16:07.0937 0x13f0  osppsvc - ok
    01:16:07.0971 0x13f0  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
    01:16:07.0978 0x13f0  p2pimsvc - ok
    01:16:08.0006 0x13f0  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
    01:16:08.0016 0x13f0  p2psvc - ok
    01:16:08.0040 0x13f0  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
    01:16:08.0043 0x13f0  Parport - ok
    01:16:08.0067 0x13f0  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
    01:16:08.0070 0x13f0  partmgr - ok
    01:16:08.0310 0x13f0  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
    01:16:08.0317 0x13f0  PcaSvc - ok
    01:16:08.0335 0x13f0  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
    01:16:08.0340 0x13f0  pci - ok
    01:16:08.0360 0x13f0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
    01:16:08.0362 0x13f0  pciide - ok
    01:16:08.0379 0x13f0  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
    01:16:08.0385 0x13f0  pcmcia - ok
    01:16:08.0393 0x13f0  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
    01:16:08.0395 0x13f0  pcw - ok
    01:16:08.0418 0x13f0  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
    01:16:08.0432 0x13f0  PEAUTH - ok
    01:16:08.0486 0x13f0  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
    01:16:08.0512 0x13f0  PeerDistSvc - ok
    01:16:08.0583 0x13f0  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
    01:16:08.0585 0x13f0  PerfHost - ok
    01:16:08.0667 0x13f0  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
    01:16:08.0701 0x13f0  pla - ok
    01:16:08.0744 0x13f0  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
    01:16:08.0752 0x13f0  PlugPlay - ok
    01:16:08.0769 0x13f0  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
    01:16:08.0773 0x13f0  PNRPAutoReg - ok
    01:16:08.0786 0x13f0  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
    01:16:08.0790 0x13f0  PNRPsvc - ok
    01:16:08.0856 0x13f0  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
    01:16:08.0863 0x13f0  PolicyAgent - ok
    01:16:08.0899 0x13f0  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
    01:16:08.0908 0x13f0  Power - ok
    01:16:08.0927 0x13f0  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
    01:16:08.0930 0x13f0  PptpMiniport - ok
    01:16:08.0943 0x13f0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
    01:16:08.0946 0x13f0  Processor - ok
    01:16:09.0000 0x13f0  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
    01:16:09.0007 0x13f0  ProfSvc - ok
    01:16:09.0024 0x13f0  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    01:16:09.0026 0x13f0  ProtectedStorage - ok
    01:16:09.0048 0x13f0  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
    01:16:09.0052 0x13f0  Psched - ok
    01:16:09.0151 0x13f0  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
    01:16:09.0222 0x13f0  ql2300 - ok
    01:16:09.0238 0x13f0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
    01:16:09.0241 0x13f0  ql40xx - ok
    01:16:09.0272 0x13f0  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
    01:16:09.0278 0x13f0  QWAVE - ok
    01:16:09.0287 0x13f0  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
    01:16:09.0289 0x13f0  QWAVEdrv - ok
    01:16:09.0312 0x13f0  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
    01:16:09.0314 0x13f0  RasAcd - ok
    01:16:09.0342 0x13f0  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
    01:16:09.0344 0x13f0  RasAgileVpn - ok
    01:16:09.0356 0x13f0  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
    01:16:09.0360 0x13f0  RasAuto - ok
    01:16:09.0365 0x13f0  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
    01:16:09.0368 0x13f0  Rasl2tp - ok
    01:16:09.0380 0x13f0  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
    01:16:09.0388 0x13f0  RasMan - ok
    01:16:09.0404 0x13f0  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
    01:16:09.0407 0x13f0  RasPppoe - ok
    01:16:09.0423 0x13f0  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
    01:16:09.0427 0x13f0  RasSstp - ok
    01:16:09.0443 0x13f0  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
    01:16:09.0449 0x13f0  rdbss - ok
    01:16:09.0455 0x13f0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
    01:16:09.0456 0x13f0  rdpbus - ok
    01:16:09.0470 0x13f0  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
    01:16:09.0471 0x13f0  RDPCDD - ok
    01:16:09.0501 0x13f0  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
    01:16:09.0504 0x13f0  RDPDR - ok
    01:16:09.0519 0x13f0  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
    01:16:09.0519 0x13f0  RDPENCDD - ok
    01:16:09.0532 0x13f0  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
    01:16:09.0532 0x13f0  RDPREFMP - ok
    01:16:09.0553 0x13f0  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    01:16:09.0555 0x13f0  RdpVideoMiniport - ok
    01:16:09.0573 0x13f0  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
    01:16:09.0578 0x13f0  RDPWD - ok
    01:16:09.0600 0x13f0  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
    01:16:09.0604 0x13f0  rdyboost - ok
    01:16:09.0626 0x13f0  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
    01:16:09.0630 0x13f0  RemoteAccess - ok
    01:16:09.0651 0x13f0  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
    01:16:09.0656 0x13f0  RemoteRegistry - ok
    01:16:09.0686 0x13f0  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
    01:16:09.0691 0x13f0  RFCOMM - ok
    01:16:09.0715 0x13f0  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
    01:16:09.0719 0x13f0  RpcEptMapper - ok
    01:16:09.0739 0x13f0  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
    01:16:09.0742 0x13f0  RpcLocator - ok
    01:16:09.0764 0x13f0  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
    01:16:09.0769 0x13f0  RpcSs - ok
    01:16:09.0775 0x13f0  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
    01:16:09.0777 0x13f0  rspndr - ok
    01:16:09.0805 0x13f0  [ 3713DACCA1025B05A6343104112708D9 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
    01:16:09.0811 0x13f0  RTL8167 - ok
    01:16:09.0846 0x13f0  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
    01:16:09.0848 0x13f0  s3cap - ok
    01:16:09.0865 0x13f0  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
    01:16:09.0868 0x13f0  SamSs - ok
    01:16:09.0887 0x13f0  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
    01:16:09.0891 0x13f0  sbp2port - ok
    01:16:09.0912 0x13f0  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
    01:16:09.0920 0x13f0  SCardSvr - ok
    01:16:09.0930 0x13f0  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
    01:16:09.0934 0x13f0  scfilter - ok
    01:16:09.0968 0x13f0  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
    01:16:10.0004 0x13f0  Schedule - ok
    01:16:10.0030 0x13f0  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
    01:16:10.0032 0x13f0  SCPolicySvc - ok
    01:16:10.0089 0x13f0  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
    01:16:10.0096 0x13f0  SDRSVC - ok
    01:16:10.0128 0x13f0  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
    01:16:10.0130 0x13f0  secdrv - ok
    01:16:10.0146 0x13f0  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
    01:16:10.0150 0x13f0  seclogon - ok
    01:16:10.0156 0x13f0  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
    01:16:10.0159 0x13f0  SENS - ok
    01:16:10.0166 0x13f0  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
    01:16:10.0170 0x13f0  SensrSvc - ok
    01:16:10.0189 0x13f0  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
    01:16:10.0191 0x13f0  Serenum - ok
    01:16:10.0206 0x13f0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
    01:16:10.0209 0x13f0  Serial - ok
    01:16:10.0225 0x13f0  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
    01:16:10.0227 0x13f0  sermouse - ok
    01:16:10.0246 0x13f0  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
    01:16:10.0251 0x13f0  SessionEnv - ok
    01:16:10.0266 0x13f0  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
    01:16:10.0268 0x13f0  sffdisk - ok
    01:16:10.0277 0x13f0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
    01:16:10.0280 0x13f0  sffp_mmc - ok
    01:16:10.0292 0x13f0  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
    01:16:10.0295 0x13f0  sffp_sd - ok
    01:16:10.0307 0x13f0  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
    01:16:10.0309 0x13f0  sfloppy - ok
    01:16:10.0332 0x13f0  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
    01:16:10.0338 0x13f0  SharedAccess - ok
    01:16:10.0361 0x13f0  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    01:16:10.0368 0x13f0  ShellHWDetection - ok
    01:16:10.0399 0x13f0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
    01:16:10.0406 0x13f0  SiSRaid2 - ok
    01:16:10.0417 0x13f0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
    01:16:10.0420 0x13f0  SiSRaid4 - ok
    01:16:10.0448 0x13f0  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
    01:16:10.0451 0x13f0  Smb - ok
    01:16:10.0499 0x13f0  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
    01:16:10.0502 0x13f0  SNMPTRAP - ok
    01:16:10.0515 0x13f0  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
    01:16:10.0516 0x13f0  spldr - ok
    01:16:10.0584 0x13f0  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
    01:16:10.0610 0x13f0  Spooler - ok
    01:16:10.0778 0x13f0  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
    01:16:10.0909 0x13f0  sppsvc - ok
    01:16:10.0918 0x13f0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
    01:16:10.0921 0x13f0  sppuinotify - ok
    01:16:10.0946 0x13f0  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
    01:16:10.0954 0x13f0  srv - ok
    01:16:10.0967 0x13f0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
    01:16:10.0974 0x13f0  srv2 - ok
    01:16:10.0981 0x13f0  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
    01:16:10.0984 0x13f0  srvnet - ok
    01:16:11.0013 0x13f0  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
    01:16:11.0018 0x13f0  SSDPSRV - ok
    01:16:11.0025 0x13f0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
    01:16:11.0028 0x13f0  SstpSvc - ok
    01:16:11.0051 0x13f0  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
    01:16:11.0055 0x13f0  stexstor - ok
    01:16:11.0089 0x13f0  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
    01:16:11.0100 0x13f0  stisvc - ok
    01:16:11.0126 0x13f0  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
    01:16:11.0128 0x13f0  storflt - ok
    01:16:11.0143 0x13f0  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
    01:16:11.0146 0x13f0  storvsc - ok
    01:16:11.0162 0x13f0  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
    01:16:11.0163 0x13f0  swenum - ok
    01:16:11.0248 0x13f0  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    01:16:11.0254 0x13f0  SwitchBoard - ok
    01:16:11.0320 0x13f0  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
    01:16:11.0329 0x13f0  swprv - ok
    01:16:11.0399 0x13f0  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
    01:16:11.0403 0x13f0  Synth3dVsc - ok
    01:16:11.0446 0x13f0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
    01:16:11.0483 0x13f0  SysMain - ok
    01:16:11.0489 0x13f0  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    01:16:11.0495 0x13f0  TabletInputService - ok
    01:16:11.0503 0x13f0  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
    01:16:11.0510 0x13f0  TapiSrv - ok
    01:16:11.0520 0x13f0  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
    01:16:11.0524 0x13f0  TBS - ok
    01:16:11.0575 0x13f0  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
    01:16:11.0621 0x13f0  Tcpip - ok
    01:16:11.0665 0x13f0  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
    01:16:11.0679 0x13f0  TCPIP6 - ok
    01:16:11.0732 0x13f0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
    01:16:11.0734 0x13f0  tcpipreg - ok
    01:16:11.0775 0x13f0  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
    01:16:11.0778 0x13f0  TDPIPE - ok
    01:16:11.0791 0x13f0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
    01:16:11.0794 0x13f0  TDTCP - ok
    01:16:11.0823 0x13f0  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
    01:16:11.0827 0x13f0  tdx - ok
    01:16:11.0835 0x13f0  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
    01:16:11.0836 0x13f0  TermDD - ok
    01:16:11.0857 0x13f0  [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt        C:\Windows\system32\drivers\terminpt.sys
    01:16:11.0860 0x13f0  terminpt - ok
    01:16:11.0896 0x13f0  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
    01:16:11.0908 0x13f0  TermService - ok
    01:16:11.0920 0x13f0  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
    01:16:11.0923 0x13f0  Themes - ok
    01:16:11.0934 0x13f0  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
    01:16:11.0936 0x13f0  THREADORDER - ok
    01:16:11.0946 0x13f0  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
    01:16:11.0948 0x13f0  TrkWks - ok
    01:16:12.0001 0x13f0  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    01:16:12.0005 0x13f0  TrustedInstaller - ok
    01:16:12.0033 0x13f0  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
    01:16:12.0039 0x13f0  tssecsrv - ok
    01:16:12.0071 0x13f0  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
    01:16:12.0075 0x13f0  TsUsbFlt - ok
    01:16:12.0103 0x13f0  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
    01:16:12.0107 0x13f0  TsUsbGD - ok
    01:16:12.0140 0x13f0  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
    01:16:12.0144 0x13f0  tsusbhub - ok
    01:16:12.0187 0x13f0  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
    01:16:12.0192 0x13f0  tunnel - ok
    01:16:12.0217 0x13f0  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
    01:16:12.0220 0x13f0  uagp35 - ok
    01:16:12.0251 0x13f0  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
    01:16:12.0260 0x13f0  udfs - ok
    01:16:12.0298 0x13f0  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
    01:16:12.0303 0x13f0  UI0Detect - ok
    01:16:12.0322 0x13f0  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
    01:16:12.0326 0x13f0  uliagpkx - ok
    01:16:12.0351 0x13f0  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
    01:16:12.0354 0x13f0  umbus - ok
    01:16:12.0368 0x13f0  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
    01:16:12.0370 0x13f0  UmPass - ok
    01:16:12.0396 0x13f0  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
    01:16:12.0403 0x13f0  UmRdpService - ok
    01:16:12.0420 0x13f0  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
    01:16:12.0429 0x13f0  upnphost - ok
    01:16:12.0458 0x13f0  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
    01:16:12.0461 0x13f0  usbccgp - ok
    01:16:12.0481 0x13f0  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
    01:16:12.0484 0x13f0  usbcir - ok
    01:16:12.0491 0x13f0  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
    01:16:12.0493 0x13f0  usbehci - ok
    01:16:12.0512 0x13f0  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
    01:16:12.0519 0x13f0  usbhub - ok
    01:16:12.0532 0x13f0  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
    01:16:12.0535 0x13f0  usbohci - ok
    01:16:12.0549 0x13f0  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
    01:16:12.0554 0x13f0  usbprint - ok
    01:16:12.0571 0x13f0  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
    01:16:12.0575 0x13f0  USBSTOR - ok
    01:16:12.0587 0x13f0  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
    01:16:12.0590 0x13f0  usbuhci - ok
    01:16:12.0628 0x13f0  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
    01:16:12.0633 0x13f0  usbvideo - ok
    01:16:12.0651 0x13f0  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
    01:16:12.0656 0x13f0  UxSms - ok
    01:16:12.0673 0x13f0  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
    01:16:12.0675 0x13f0  VaultSvc - ok
    01:16:12.0689 0x13f0  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
    01:16:12.0691 0x13f0  vdrvroot - ok
    01:16:12.0756 0x13f0  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
    01:16:12.0768 0x13f0  vds - ok
    01:16:12.0784 0x13f0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
    01:16:12.0785 0x13f0  vga - ok
    01:16:12.0791 0x13f0  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
    01:16:12.0792 0x13f0  VgaSave - ok
    01:16:12.0796 0x13f0  VGPU - ok
    01:16:12.0818 0x13f0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
    01:16:12.0823 0x13f0  vhdmp - ok
    01:16:12.0837 0x13f0  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
    01:16:12.0840 0x13f0  viaide - ok
    01:16:12.0864 0x13f0  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
    01:16:12.0869 0x13f0  vmbus - ok
    01:16:12.0884 0x13f0  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
    01:16:12.0886 0x13f0  VMBusHID - ok
    01:16:12.0892 0x13f0  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
    01:16:12.0894 0x13f0  volmgr - ok
    01:16:12.0927 0x13f0  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
    01:16:12.0945 0x13f0  volmgrx - ok
    01:16:12.0961 0x13f0  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
    01:16:12.0970 0x13f0  volsnap - ok
    01:16:12.0999 0x13f0  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
    01:16:13.0005 0x13f0  vsmraid - ok
    01:16:13.0063 0x13f0  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
    01:16:13.0110 0x13f0  VSS - ok
    01:16:13.0116 0x13f0  vToolbarUpdater15.4.0 - ok
    01:16:13.0125 0x13f0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
    01:16:13.0127 0x13f0  vwifibus - ok
    01:16:13.0139 0x13f0  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
    01:16:13.0141 0x13f0  vwififlt - ok
    01:16:13.0155 0x13f0  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
    01:16:13.0156 0x13f0  vwifimp - ok
    01:16:13.0166 0x13f0  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
    01:16:13.0173 0x13f0  W32Time - ok
    01:16:13.0190 0x13f0  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
    01:16:13.0193 0x13f0  WacomPen - ok
    01:16:13.0198 0x13f0  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
    01:16:13.0201 0x13f0  WANARP - ok
    01:16:13.0216 0x13f0  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
    01:16:13.0218 0x13f0  Wanarpv6 - ok
    01:16:13.0284 0x13f0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
    01:16:13.0315 0x13f0  WatAdminSvc - ok
    01:16:13.0377 0x13f0  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
    01:16:13.0422 0x13f0  wbengine - ok
    01:16:13.0433 0x13f0  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
    01:16:13.0440 0x13f0  WbioSrvc - ok
    01:16:13.0451 0x13f0  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
    01:16:13.0458 0x13f0  wcncsvc - ok
    01:16:13.0463 0x13f0  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    01:16:13.0467 0x13f0  WcsPlugInService - ok
    01:16:13.0486 0x13f0  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
    01:16:13.0489 0x13f0  Wd - ok
    01:16:13.0521 0x13f0  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
    01:16:13.0532 0x13f0  Wdf01000 - ok
    01:16:13.0539 0x13f0  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
    01:16:13.0542 0x13f0  WdiServiceHost - ok
    01:16:13.0546 0x13f0  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
    01:16:13.0549 0x13f0  WdiSystemHost - ok
    01:16:13.0566 0x13f0  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
    01:16:13.0572 0x13f0  WebClient - ok
    01:16:13.0585 0x13f0  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
    01:16:13.0592 0x13f0  Wecsvc - ok
    01:16:13.0601 0x13f0  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
    01:16:13.0605 0x13f0  wercplsupport - ok
    01:16:13.0619 0x13f0  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
    01:16:13.0622 0x13f0  WerSvc - ok
    01:16:13.0638 0x13f0  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
    01:16:13.0639 0x13f0  WfpLwf - ok
    01:16:13.0651 0x13f0  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
    01:16:13.0653 0x13f0  WIMMount - ok
    01:16:13.0670 0x13f0  WinDefend - ok
    01:16:13.0686 0x13f0  WinHttpAutoProxySvc - ok
    01:16:13.0721 0x13f0  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
    01:16:13.0726 0x13f0  Winmgmt - ok
    01:16:13.0771 0x13f0  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
    01:16:13.0815 0x13f0  WinRM - ok
    01:16:13.0850 0x13f0  [ FE88B288356E7B47B74B13372ADD906D ] winusb          C:\Windows\system32\DRIVERS\winusb.sys
    01:16:13.0853 0x13f0  winusb - ok
    01:16:13.0882 0x13f0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
    01:16:13.0898 0x13f0  Wlansvc - ok
    01:16:13.0926 0x13f0  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
    01:16:13.0927 0x13f0  WmiAcpi - ok
    01:16:13.0992 0x13f0  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
    01:16:13.0998 0x13f0  wmiApSrv - ok
    01:16:14.0016 0x13f0  WMPNetworkSvc - ok
    01:16:14.0083 0x13f0  [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
    01:16:14.0090 0x13f0  WMZuneComm - ok
    01:16:14.0129 0x13f0  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
    01:16:14.0134 0x13f0  WPCSvc - ok
    01:16:14.0152 0x13f0  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
    01:16:14.0159 0x13f0  WPDBusEnum - ok
    01:16:14.0182 0x13f0  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
    01:16:14.0183 0x13f0  ws2ifsl - ok
    01:16:14.0203 0x13f0  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
    01:16:14.0212 0x13f0  wscsvc - ok
    01:16:14.0218 0x13f0  WSearch - ok
    01:16:14.0409 0x13f0  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
    01:16:14.0503 0x13f0  wuauserv - ok
    01:16:14.0532 0x13f0  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
    01:16:14.0535 0x13f0  WudfPf - ok
    01:16:14.0568 0x13f0  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
    01:16:14.0576 0x13f0  WUDFRd - ok
    01:16:14.0601 0x13f0  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
    01:16:14.0608 0x13f0  wudfsvc - ok
    01:16:14.0625 0x13f0  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
    01:16:14.0635 0x13f0  WwanSvc - ok
    01:16:14.0880 0x13f0  [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
    01:16:15.0040 0x13f0  ZuneNetworkSvc - ok
    01:16:15.0105 0x13f0  [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
    01:16:15.0109 0x13f0  ZuneWlanCfgSvc - ok
    01:16:15.0128 0x13f0  ================ Scan global ===============================
    01:16:15.0155 0x13f0  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    01:16:15.0197 0x13f0  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
    01:16:15.0213 0x13f0  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
    01:16:15.0232 0x13f0  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    01:16:15.0277 0x13f0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    01:16:15.0284 0x13f0  [Global] - ok
    01:16:15.0285 0x13f0  ================ Scan MBR ==================================
    01:16:15.0304 0x13f0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    01:16:15.0565 0x13f0  \Device\Harddisk0\DR0 - ok
    01:16:15.0566 0x13f0  ================ Scan VBR ==================================
    01:16:15.0572 0x13f0  [ DDD32E101228A332FCAB7BD063AFBBCB ] \Device\Harddisk0\DR0\Partition1
    01:16:15.0575 0x13f0  \Device\Harddisk0\DR0\Partition1 - ok
    01:16:15.0585 0x13f0  [ A1B7EE6CDF2A711430276CA2BF6F3403 ] \Device\Harddisk0\DR0\Partition2
    01:16:15.0588 0x13f0  \Device\Harddisk0\DR0\Partition2 - ok
    01:16:15.0589 0x13f0  ============================================================
    01:16:15.0589 0x13f0  Scan finished
    01:16:15.0589 0x13f0  ============================================================
    01:16:15.0602 0x00d4  Detected object count: 0
    01:16:15.0602 0x00d4  Actual detected object count: 0
    01:19:01.0175 0x079c  ============================================================
    01:19:01.0175 0x079c  Scan started
    01:19:01.0175 0x079c  Mode: Manual; SigCheck; TDLFS;
    01:19:01.0175 0x079c  ============================================================
    01:19:01.0986 0x079c  ================ Scan system memory ========================
    01:19:01.0986 0x079c  System memory - ok
    01:19:01.0986 0x079c  ================ Scan services =============================
    01:19:02.0126 0x079c  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
    01:19:02.0282 0x079c  1394ohci - ok
    01:19:02.0314 0x079c  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
    01:19:02.0329 0x079c  Accelerometer - ok
    01:19:02.0392 0x079c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
    01:19:02.0423 0x079c  ACPI - ok
    01:19:02.0438 0x079c  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
    01:19:02.0501 0x079c  AcpiPmi - ok
    01:19:02.0579 0x079c  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
    01:19:02.0610 0x079c  adp94xx - ok
    01:19:02.0626 0x079c  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
    01:19:02.0641 0x079c  adpahci - ok
    01:19:02.0657 0x079c  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
    01:19:02.0672 0x079c  adpu320 - ok
    01:19:02.0704 0x079c  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
    01:19:02.0797 0x079c  AeLookupSvc - ok
    01:19:02.0906 0x079c  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
    01:19:02.0953 0x079c  AFD - ok
    01:19:03.0000 0x079c  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
    01:19:03.0016 0x079c  agp440 - ok
    01:19:03.0047 0x079c  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
    01:19:03.0109 0x079c  ALG - ok
    01:19:03.0140 0x079c  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
    01:19:03.0156 0x079c  aliide - ok
    01:19:03.0203 0x079c  [ 3DE8DC285540733818588CC94E7FC96E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
    01:19:03.0265 0x079c  AMD External Events Utility - ok
    01:19:03.0296 0x079c  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
    01:19:03.0312 0x079c  amdide - ok
    01:19:03.0328 0x079c  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
    01:19:03.0359 0x079c  AmdK8 - ok
    01:19:03.0905 0x079c  [ 42D53DAF85F948C39CE1351A8F5B5808 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
    01:19:04.0076 0x079c  amdkmdag - ok
    01:19:04.0139 0x079c  [ 75182B5784015B271932088551616A96 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
    01:19:04.0170 0x079c  amdkmdap - ok
    01:19:04.0201 0x079c  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
    01:19:04.0232 0x079c  AmdPPM - ok
    01:19:04.0264 0x079c  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
    01:19:04.0295 0x079c  amdsata - ok
    01:19:04.0310 0x079c  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
    01:19:04.0326 0x079c  amdsbs - ok
    01:19:04.0342 0x079c  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
    01:19:04.0357 0x079c  amdxata - ok
    01:19:04.0373 0x079c  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
    01:19:04.0420 0x079c  AppID - ok
    01:19:04.0451 0x079c  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
    01:19:04.0498 0x079c  AppIDSvc - ok
    01:19:04.0544 0x079c  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
    01:19:04.0576 0x079c  Appinfo - ok
    01:19:04.0591 0x079c  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
    01:19:04.0654 0x079c  AppMgmt - ok
    01:19:04.0685 0x079c  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
    01:19:04.0700 0x079c  arc - ok
    01:19:04.0716 0x079c  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
    01:19:04.0716 0x079c  arcsas - ok
    01:19:04.0747 0x079c  [ 236023DAC93037A8DDE9539F36D7F3EE ] asmthub3        C:\Windows\system32\drivers\asmthub3.sys
    01:19:04.0763 0x079c  asmthub3 - ok
    01:19:04.0794 0x079c  [ 1390ABD16ADE1F2443B5749D06C4C8F2 ] asmtxhci        C:\Windows\system32\drivers\asmtxhci.sys
    01:19:04.0810 0x079c  asmtxhci - ok
    01:19:04.0825 0x079c  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
    01:19:04.0872 0x079c  AsyncMac - ok
    01:19:04.0903 0x079c  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
    01:19:04.0919 0x079c  atapi - ok
    01:19:04.0950 0x079c  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
    01:19:05.0012 0x079c  AudioEndpointBuilder - ok
    01:19:05.0028 0x079c  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
    01:19:05.0059 0x079c  AudioSrv - ok
    01:19:05.0090 0x079c  [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
    01:19:05.0106 0x079c  Avgfwfd - ok
    01:19:05.0231 0x079c  [ 51782A3D230D0337853B43D0810D0193 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
    01:19:05.0278 0x079c  avgfws - ok
    01:19:05.0480 0x079c  [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
    01:19:05.0543 0x079c  AVGIDSAgent - ok
    01:19:05.0574 0x079c  [ 241C32E942869FD1351CC5864976C3AC ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
    01:19:05.0590 0x079c  AVGIDSDriver - ok
    01:19:05.0605 0x079c  [ C8D9EEACF266512C1FA52E2ECF5AD944 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
    01:19:05.0621 0x079c  AVGIDSHA - ok
    01:19:05.0652 0x079c  [ FACD18A89FDEBC35C85CAF762B294BE2 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
    01:19:05.0668 0x079c  Avgldx64 - ok
    01:19:05.0714 0x079c  [ 29FCDEAC6086FB7E55344B51E35D99CE ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
    01:19:05.0730 0x079c  Avgloga - ok
    01:19:05.0746 0x079c  [ 85053293DCDE19829E8691A9E9E8A6FF ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
    01:19:05.0761 0x079c  Avgmfx64 - ok
    01:19:05.0777 0x079c  [ 4494718783294ECFFBA7E89D82BAE6E1 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
    01:19:05.0792 0x079c  Avgrkx64 - ok
    01:19:05.0824 0x079c  [ 69BD90E337625F96C718CACE7A9C9E29 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
    01:19:05.0839 0x079c  Avgtdia - ok
    01:19:05.0839 0x079c  [ 0B2520AA90C20971BDB45AE6F3047E0F ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
    01:19:05.0855 0x079c  avgtp - ok
    01:19:05.0870 0x079c  [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
    01:19:05.0886 0x079c  avgwd - ok
    01:19:05.0917 0x079c  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
    01:19:05.0964 0x079c  AxInstSV - ok
    01:19:05.0995 0x079c  [ 1FED668A08CD871ED317A0388CDD4537 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
    01:19:06.0011 0x079c  b06bdrv - ok
    01:19:06.0042 0x079c  [ CFE42B9C72CD047E478C3B7F4B1FAFFD ] b06diag         C:\Windows\system32\drivers\bxdiaga.sys
    01:19:06.0042 0x079c  b06diag - ok
    01:19:06.0073 0x079c  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
    01:19:06.0104 0x079c  b57nd60a - ok
    01:19:06.0167 0x079c  [ 70433F7A216BD0B5EC7DA1202EE53E65 ] bcbtums         C:\Windows\system32\drivers\bcbtums.sys
    01:19:06.0198 0x079c  bcbtums - ok
    01:19:06.0370 0x079c  [ FBC76C8D561D0AD159EF9452D9F328F6 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
    01:19:06.0432 0x079c  BCM43XX - ok
    01:19:06.0557 0x079c  [ 18B186BCC56EC611DE519CBA7D4F65B0 ] BcmBtRSupport   C:\Windows\system32\BtwRSupportService.exe
    01:19:06.0604 0x079c  BcmBtRSupport - ok
    01:19:06.0635 0x079c  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
    01:19:06.0697 0x079c  BDESVC - ok
    01:19:06.0728 0x079c  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
    01:19:06.0806 0x079c  Beep - ok
    01:19:06.0884 0x079c  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
    01:19:06.0978 0x079c  BFE - ok
    01:19:07.0025 0x079c  [ 33B114FC0394358DB521828B6F6ACC54 ] BFN7x64         C:\Windows\system32\drivers\Xeno7x64.sys
    01:19:07.0056 0x079c  BFN7x64 - ok
    01:19:07.0150 0x079c  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
    01:19:07.0228 0x079c  BITS - ok
    01:19:07.0274 0x079c  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
    01:19:07.0321 0x079c  blbdrive - ok
    01:19:07.0352 0x079c  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
    01:19:07.0352 0x079c  bowser - ok
    01:19:07.0368 0x079c  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
    01:19:07.0384 0x079c  BrFiltLo - ok
    01:19:07.0415 0x079c  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
    01:19:07.0430 0x079c  BrFiltUp - ok
    01:19:07.0446 0x079c  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
    01:19:07.0477 0x079c  BridgeMP - ok
    01:19:07.0508 0x079c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
    01:19:07.0524 0x079c  Browser - ok
    01:19:07.0571 0x079c  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
    01:19:07.0618 0x079c  Brserid - ok
    01:19:07.0649 0x079c  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
    01:19:07.0696 0x079c  BrSerWdm - ok
    01:19:07.0711 0x079c  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
    01:19:07.0742 0x079c  BrUsbMdm - ok
    01:19:07.0774 0x079c  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
    01:19:07.0805 0x079c  BrUsbSer - ok
    01:19:07.0836 0x079c  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
    01:19:07.0883 0x079c  BthEnum - ok
    01:19:07.0914 0x079c  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
    01:19:07.0930 0x079c  BTHMODEM - ok
    01:19:07.0945 0x079c  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
    01:19:07.0976 0x079c  BthPan - ok
    01:19:08.0039 0x079c  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
    01:19:08.0101 0x079c  BTHPORT - ok
    01:19:08.0148 0x079c  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
    01:19:08.0210 0x079c  bthserv - ok
    01:19:08.0242 0x079c  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
    01:19:08.0288 0x079c  BTHUSB - ok
    01:19:08.0320 0x079c  [ BC279FCEE9FC8CBF991D5DE539771AA9 ] btwampfl        C:\Windows\system32\DRIVERS\btwampfl.sys
    01:19:08.0335 0x079c  btwampfl - ok
    01:19:08.0366 0x079c  [ 96858ECF6D017E33A5A1A87E7A1E3206 ] bxfcoe          C:\Windows\system32\drivers\bxfcoe.sys
    01:19:08.0366 0x079c  bxfcoe - ok
    01:19:08.0460 0x079c  [ 33B60616D5DE1D7FE8B5939D437BC74F ] bxois           C:\Windows\system32\drivers\bxois.sys
    01:19:08.0476 0x079c  bxois - ok
    01:19:08.0522 0x079c  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
    01:19:08.0585 0x079c  cdfs - ok
    01:19:08.0616 0x079c  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
    01:19:08.0632 0x079c  cdrom - ok
    01:19:08.0663 0x079c  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
    01:19:08.0710 0x079c  CertPropSvc - ok
    01:19:08.0725 0x079c  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
    01:19:08.0756 0x079c  circlass - ok
    01:19:08.0788 0x079c  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
    01:19:08.0803 0x079c  CLFS - ok
    01:19:08.0881 0x079c  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    01:19:08.0912 0x079c  clr_optimization_v2.0.50727_32 - ok
    01:19:08.0959 0x079c  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    01:19:08.0975 0x079c  clr_optimization_v2.0.50727_64 - ok
    01:19:09.0037 0x079c  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    01:19:09.0068 0x079c  clr_optimization_v4.0.30319_32 - ok
    01:19:09.0084 0x079c  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    01:19:09.0084 0x079c  clr_optimization_v4.0.30319_64 - ok
    01:19:09.0115 0x079c  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
    01:19:09.0146 0x079c  CmBatt - ok
    01:19:09.0178 0x079c  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
    01:19:09.0193 0x079c  cmdide - ok
    01:19:09.0224 0x079c  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
    01:19:09.0240 0x079c  CNG - ok
    01:19:09.0240 0x079c  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
    01:19:09.0256 0x079c  Compbatt - ok
    01:19:09.0256 0x079c  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
    01:19:09.0287 0x079c  CompositeBus - ok
    01:19:09.0302 0x079c  COMSysApp - ok
    01:19:09.0318 0x079c  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
    01:19:09.0334 0x079c  crcdisk - ok
    01:19:09.0349 0x079c  [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
    01:19:09.0380 0x079c  CryptSvc - ok
    01:19:09.0474 0x079c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
    01:19:09.0490 0x079c  CSC - ok
    01:19:09.0599 0x079c  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
    01:19:09.0677 0x079c  CscService - ok
    01:19:09.0770 0x079c  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
    01:19:09.0848 0x079c  DcomLaunch - ok
    01:19:09.0880 0x079c  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
    01:19:09.0973 0x079c  defragsvc - ok
    01:19:09.0989 0x079c  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
    01:19:10.0036 0x079c  DfsC - ok
    01:19:10.0082 0x079c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
    01:19:10.0129 0x079c  Dhcp - ok
    01:19:10.0145 0x079c  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
    01:19:10.0192 0x079c  discache - ok
    01:19:10.0192 0x079c  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
    01:19:10.0207 0x079c  Disk - ok
    01:19:10.0238 0x079c  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
    01:19:10.0301 0x079c  dmvsc - ok
    01:19:10.0332 0x079c  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
    01:19:10.0363 0x079c  Dnscache - ok
    01:19:10.0394 0x079c  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
    01:19:10.0457 0x079c  dot3svc - ok
    01:19:10.0488 0x079c  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
    01:19:10.0535 0x079c  DPS - ok
    01:19:10.0566 0x079c  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
    01:19:10.0628 0x079c  drmkaud - ok
    01:19:10.0738 0x079c  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
    01:19:10.0784 0x079c  DXGKrnl - ok
    01:19:10.0816 0x079c  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
    01:19:10.0862 0x079c  EapHost - ok
    01:19:10.0972 0x079c  [ 8947C98CC212AEEE1FABEC4582F652EE ] ebdrv           C:\Windows\system32\drivers\evbda.sys
    01:19:11.0034 0x079c  ebdrv - ok
    01:19:11.0065 0x079c  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
    01:19:11.0112 0x079c  EFS - ok
    01:19:11.0190 0x079c  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
    01:19:11.0268 0x079c  ehRecvr - ok
    01:19:11.0284 0x079c  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
    01:19:11.0299 0x079c  ehSched - ok
    01:19:11.0330 0x079c  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
    01:19:11.0346 0x079c  elxstor - ok
    01:19:11.0362 0x079c  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
    01:19:11.0408 0x079c  ErrDev - ok
    01:19:11.0471 0x079c  [ 7DFAD0FB752A51B047A0870FD7255FD0 ] ESProtectionDriver C:\Program Files\Malwarebytes Anti-Exploit\MBAE64.sys
    01:19:11.0502 0x079c  ESProtectionDriver - ok
    01:19:11.0518 0x079c  [ 3DBC10CBC436288801FAEE66DE91AE47 ] EtronHub3       C:\Windows\System32\Drivers\EtronHub3.sys
    01:19:11.0580 0x079c  EtronHub3 - ok
    01:19:11.0611 0x079c  [ 1EDF0CF390B84266FD7FFED38AB7DCAC ] EtronSTOR       C:\Windows\System32\Drivers\EtronSTOR.sys
    01:19:11.0658 0x079c  EtronSTOR - ok
    01:19:11.0658 0x079c  [ DE261095A2220D400D9603E1E42D4185 ] EtronXHCI       C:\Windows\System32\Drivers\EtronXHCI.sys
    01:19:11.0689 0x079c  EtronXHCI - ok
    01:19:11.0720 0x079c  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
    01:19:11.0783 0x079c  EventSystem - ok
    01:19:11.0814 0x079c  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
    01:19:11.0845 0x079c  exfat - ok
    01:19:11.0876 0x079c  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
    01:19:11.0939 0x079c  fastfat - ok
    01:19:11.0954 0x079c  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
    01:19:12.0032 0x079c  Fax - ok
    01:19:12.0064 0x079c  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
    01:19:12.0095 0x079c  fdc - ok
    01:19:12.0126 0x079c  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
    01:19:12.0173 0x079c  fdPHost - ok
    01:19:12.0173 0x079c  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
    01:19:12.0220 0x079c  FDResPub - ok
    01:19:12.0235 0x079c  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
    01:19:12.0235 0x079c  FileInfo - ok
    01:19:12.0251 0x079c  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
    01:19:12.0298 0x079c  Filetrace - ok
    01:19:12.0313 0x079c  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
    01:19:12.0329 0x079c  flpydisk - ok
    01:19:12.0344 0x079c  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
    01:19:12.0344 0x079c  FltMgr - ok
    01:19:12.0469 0x079c  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
    01:19:12.0532 0x079c  FontCache - ok
    01:19:12.0610 0x079c  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    01:19:12.0610 0x079c  FontCache3.0.0.0 - ok
    01:19:12.0641 0x079c  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
    01:19:12.0641 0x079c  FsDepends - ok
    01:19:12.0656 0x079c  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
    01:19:12.0672 0x079c  Fs_Rec - ok
    01:19:12.0672 0x079c  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
    01:19:12.0688 0x079c  fvevol - ok
    01:19:12.0719 0x079c  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
    01:19:12.0719 0x079c  gagp30kx - ok
    01:19:12.0781 0x079c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
    01:19:12.0828 0x079c  gpsvc - ok
    01:19:12.0875 0x079c  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    01:19:12.0875 0x079c  gupdate - ok
    01:19:12.0890 0x079c  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    01:19:12.0890 0x079c  gupdatem - ok
    01:19:12.0922 0x079c  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
    01:19:12.0984 0x079c  hcw85cir - ok
    01:19:13.0031 0x079c  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
    01:19:13.0062 0x079c  HdAudAddService - ok
    01:19:13.0078 0x079c  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
    01:19:13.0109 0x079c  HDAudBus - ok
    01:19:13.0140 0x079c  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
    01:19:13.0171 0x079c  HidBatt - ok
    01:19:13.0202 0x079c  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
    01:19:13.0234 0x079c  HidBth - ok
    01:19:13.0249 0x079c  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
    01:19:13.0265 0x079c  HidIr - ok
    01:19:13.0280 0x079c  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
    01:19:13.0327 0x079c  hidserv - ok
    01:19:13.0343 0x079c  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
    01:19:13.0343 0x079c  HidUsb - ok
    01:19:13.0374 0x079c  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
    01:19:13.0421 0x079c  hkmsvc - ok
    01:19:13.0436 0x079c  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
    01:19:13.0514 0x079c  HomeGroupListener - ok
    01:19:13.0546 0x079c  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
    01:19:13.0592 0x079c  HomeGroupProvider - ok
    01:19:13.0624 0x079c  [ 4E0BEC0F78096FFD6D3314B497FC49D3 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
    01:19:13.0639 0x079c  hpdskflt - ok
    01:19:13.0670 0x079c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
    01:19:13.0686 0x079c  HpSAMD - ok
    01:19:13.0686 0x079c  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278 ] hpsrv           C:\Windows\system32\Hpservice.exe
    01:19:13.0702 0x079c  hpsrv - ok
    01:19:13.0717 0x079c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
    01:19:13.0780 0x079c  HTTP - ok
    01:19:13.0780 0x079c  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
    01:19:13.0795 0x079c  hwpolicy - ok
    01:19:13.0811 0x079c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
    01:19:13.0811 0x079c  i8042prt - ok
    01:19:13.0858 0x079c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
    01:19:13.0873 0x079c  iaStorV - ok
    01:19:13.0982 0x079c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    01:19:14.0014 0x079c  idsvc - ok
    01:19:14.0029 0x079c  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
    01:19:14.0045 0x079c  iirsp - ok
    01:19:14.0123 0x079c  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
    01:19:14.0170 0x079c  IKEEXT - ok
    01:19:14.0201 0x079c  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
    01:19:14.0216 0x079c  intelide - ok
    01:19:14.0216 0x079c  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
    01:19:14.0263 0x079c  intelppm - ok
    01:19:14.0279 0x079c  [ E45575812630B049CE0F679D87561A4D ] ioatdma1        C:\Windows\System32\Drivers\qd162x64.sys
    01:19:14.0294 0x079c  ioatdma1 - ok
    01:19:14.0310 0x079c  [ 2C23820DD9E81199E60F553EB50BC449 ] ioatdma2        C:\Windows\System32\Drivers\qd262x64.sys
    01:19:14.0310 0x079c  ioatdma2 - ok
    01:19:14.0341 0x079c  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
    01:19:14.0388 0x079c  IPBusEnum - ok
    01:19:14.0419 0x079c  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
    01:19:14.0450 0x079c  IpFilterDriver - ok
    01:19:14.0482 0x079c  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
    01:19:14.0528 0x079c  iphlpsvc - ok
    01:19:14.0575 0x079c  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
    01:19:14.0591 0x079c  IPMIDRV - ok
    01:19:14.0622 0x079c  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
    01:19:14.0716 0x079c  IPNAT - ok
    01:19:14.0731 0x079c  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
    01:19:14.0747 0x079c  IRENUM - ok
    01:19:14.0762 0x079c  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
    01:19:14.0762 0x079c  isapnp - ok
    01:19:14.0794 0x079c  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
    01:19:14.0809 0x079c  iScsiPrt - ok
    01:19:14.0825 0x079c  [ 2D15CEDF619796002E8640F73A4BF920 ] iusb3hub        C:\Windows\system32\drivers\iusb3hub.sys
    01:19:14.0840 0x079c  iusb3hub - ok
    01:19:14.0872 0x079c  [ F1E93FE111924D0BC853155AADF8048B ] iusb3xhc        C:\Windows\system32\drivers\iusb3xhc.sys
    01:19:14.0887 0x079c  iusb3xhc - ok
    01:19:14.0903 0x079c  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
    01:19:14.0918 0x079c  kbdclass - ok
    01:19:14.0934 0x079c  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
    01:19:14.0981 0x079c  kbdhid - ok
    01:19:14.0981 0x079c  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
    01:19:14.0996 0x079c  KeyIso - ok
    01:19:15.0012 0x079c  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
    01:19:15.0028 0x079c  KSecDD - ok
    01:19:15.0043 0x079c  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
    01:19:15.0059 0x079c  KSecPkg - ok
    01:19:15.0074 0x079c  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
    01:19:15.0121 0x079c  ksthunk - ok
    01:19:15.0152 0x079c  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
    01:19:15.0199 0x079c  KtmRm - ok
    01:19:15.0215 0x079c  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
    01:19:15.0246 0x079c  LanmanServer - ok
    01:19:15.0262 0x079c  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
    01:19:15.0324 0x079c  LanmanWorkstation - ok
    01:19:15.0340 0x079c  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
    01:19:15.0418 0x079c  lltdio - ok
    01:19:15.0480 0x079c  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
    01:19:15.0542 0x079c  lltdsvc - ok
    01:19:15.0542 0x079c  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
    01:19:15.0589 0x079c  lmhosts - ok
    01:19:15.0605 0x079c  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
    01:19:15.0620 0x079c  LSI_FC - ok
    01:19:15.0636 0x079c  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
    01:19:15.0652 0x079c  LSI_SAS - ok
    01:19:15.0667 0x079c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
    01:19:15.0683 0x079c  LSI_SAS2 - ok
    01:19:15.0683 0x079c  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
    01:19:15.0698 0x079c  LSI_SCSI - ok
    01:19:15.0714 0x079c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
    01:19:15.0776 0x079c  luafv - ok
    01:19:15.0792 0x079c  [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
    01:19:15.0808 0x079c  MBAMProtector - ok
    01:19:15.0839 0x079c  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    01:19:15.0854 0x079c  MBAMScheduler - ok
    01:19:15.0886 0x079c  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    01:19:15.0901 0x079c  MBAMService - ok
    01:19:15.0917 0x079c  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
    01:19:15.0932 0x079c  Mcx2Svc - ok
    01:19:15.0948 0x079c  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
    01:19:15.0964 0x079c  megasas - ok
    01:19:16.0010 0x079c  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
    01:19:16.0026 0x079c  MegaSR - ok
    01:19:16.0057 0x079c  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
    01:19:16.0104 0x079c  MMCSS - ok
    01:19:16.0120 0x079c  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
    01:19:16.0182 0x079c  Modem - ok
    01:19:16.0198 0x079c  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
    01:19:16.0229 0x079c  monitor - ok
    01:19:16.0244 0x079c  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
    01:19:16.0244 0x079c  mouclass - ok
    01:19:16.0260 0x079c  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
    01:19:16.0276 0x079c  mouhid - ok
    01:19:16.0276 0x079c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
    01:19:16.0291 0x079c  mountmgr - ok
    01:19:16.0322 0x079c  [ A35576A433F4AEB0D48976A004657CB6 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    01:19:16.0354 0x079c  MozillaMaintenance - ok
    01:19:16.0369 0x079c  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
    01:19:16.0385 0x079c  mpio - ok
    01:19:16.0400 0x079c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
    01:19:16.0432 0x079c  mpsdrv - ok
    01:19:16.0463 0x079c  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
    01:19:16.0525 0x079c  MpsSvc - ok
    01:19:16.0556 0x079c  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
    01:19:16.0588 0x079c  MRxDAV - ok
    01:19:16.0619 0x079c  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
    01:19:16.0619 0x079c  mrxsmb - ok
    01:19:16.0650 0x079c  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
    01:19:16.0666 0x079c  mrxsmb10 - ok
    01:19:16.0681 0x079c  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
    01:19:16.0681 0x079c  mrxsmb20 - ok
    01:19:16.0712 0x079c  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
    01:19:16.0712 0x079c  msahci - ok
    01:19:16.0728 0x079c  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
    01:19:16.0744 0x079c  msdsm - ok
    01:19:16.0759 0x079c  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
    01:19:16.0790 0x079c  MSDTC - ok
    01:19:16.0822 0x079c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
    01:19:16.0853 0x079c  Msfs - ok
    01:19:16.0868 0x079c  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
    01:19:16.0915 0x079c  mshidkmdf - ok
    01:19:16.0915 0x079c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
    01:19:16.0931 0x079c  msisadrv - ok
    01:19:16.0962 0x079c  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
    01:19:17.0024 0x079c  MSiSCSI - ok
    01:19:17.0024 0x079c  msiserver - ok
    01:19:17.0056 0x079c  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
    01:19:17.0087 0x079c  MSKSSRV - ok
    01:19:17.0118 0x079c  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
    01:19:17.0149 0x079c  MSPCLOCK - ok
    01:19:17.0149 0x079c  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
    01:19:17.0196 0x079c  MSPQM - ok
    01:19:17.0227 0x079c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
    01:19:17.0243 0x079c  MsRPC - ok
    01:19:17.0243 0x079c  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
    01:19:17.0258 0x079c  mssmbios - ok
    01:19:17.0274 0x079c  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
    01:19:17.0321 0x079c  MSTEE - ok
    01:19:17.0336 0x079c  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
    01:19:17.0352 0x079c  MTConfig - ok
    01:19:17.0368 0x079c  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
    01:19:17.0368 0x079c  Mup - ok
    01:19:17.0399 0x079c  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
    01:19:17.0461 0x079c  napagent - ok
    01:19:17.0477 0x079c  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
    01:19:17.0492 0x079c  NativeWifiP - ok
    01:19:17.0524 0x079c  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
    01:19:17.0555 0x079c  NDIS - ok
    01:19:17.0555 0x079c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
    01:19:17.0617 0x079c  NdisCap - ok
    01:19:17.0617 0x079c  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
    01:19:17.0648 0x079c  NdisTapi - ok
    01:19:17.0648 0x079c  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
    01:19:17.0695 0x079c  Ndisuio - ok
    01:19:17.0695 0x079c  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
    01:19:17.0742 0x079c  NdisWan - ok
    01:19:17.0758 0x079c  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
    01:19:17.0789 0x079c  NDProxy - ok
    01:19:17.0789 0x079c  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
    01:19:17.0820 0x079c  NetBIOS - ok
    01:19:17.0836 0x079c  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
    01:19:17.0867 0x079c  NetBT - ok
    01:19:17.0882 0x079c  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
    01:19:17.0898 0x079c  Netlogon - ok
    01:19:17.0929 0x079c  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
    01:19:17.0960 0x079c  Netman - ok
    01:19:17.0976 0x079c  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
    01:19:18.0038 0x079c  netprofm - ok
    01:19:18.0070 0x079c  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    01:19:18.0101 0x079c  NetTcpPortSharing - ok
    01:19:18.0132 0x079c  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
    01:19:18.0148 0x079c  nfrd960 - ok
    01:19:18.0163 0x079c  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
    01:19:18.0194 0x079c  NlaSvc - ok
    01:19:18.0226 0x079c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
    01:19:18.0257 0x079c  Npfs - ok
    01:19:18.0272 0x079c  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
    01:19:18.0319 0x079c  nsi - ok
    01:19:18.0335 0x079c  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
    01:19:18.0382 0x079c  nsiproxy - ok
    01:19:18.0428 0x079c  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
    01:19:18.0460 0x079c  Ntfs - ok
    01:19:18.0475 0x079c  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
    01:19:18.0522 0x079c  Null - ok
    01:19:18.0538 0x079c  [ B227E75AD10A142DD326B4CC8D73A6D9 ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
    01:19:18.0600 0x079c  nusb3hub - ok
    01:19:18.0631 0x079c  [ 55959DB860E4E484681586824D09E52C ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
    01:19:18.0662 0x079c  nusb3xhc - ok
    01:19:18.0694 0x079c  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
    01:19:18.0709 0x079c  nvraid - ok
    01:19:18.0709 0x079c  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
    01:19:18.0725 0x079c  nvstor - ok
    01:19:18.0740 0x079c  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
    01:19:18.0756 0x079c  nv_agp - ok
    01:19:18.0772 0x079c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
    01:19:18.0787 0x079c  ohci1394 - ok
    01:19:18.0850 0x079c  [ B9C125314A025127FE562C116D614AA3 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    01:19:18.0865 0x079c  ose64 - ok
    01:19:19.0099 0x079c  [ FE9C0029E1AF26350D9985D00520E5C8 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    01:19:19.0146 0x079c  osppsvc - ok
    01:19:19.0193 0x079c  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
    01:19:19.0255 0x079c  p2pimsvc - ok
    01:19:19.0286 0x079c  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
    01:19:19.0318 0x079c  p2psvc - ok
    01:19:19.0349 0x079c  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
    01:19:19.0364 0x079c  Parport - ok
    01:19:19.0380 0x079c  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
    01:19:19.0396 0x079c  partmgr - ok
    01:19:19.0411 0x079c  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
    01:19:19.0458 0x079c  PcaSvc - ok
    01:19:19.0474 0x079c  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
    01:19:19.0489 0x079c  pci - ok
    01:19:19.0505 0x079c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
    01:19:19.0520 0x079c  pciide - ok
    01:19:19.0536 0x079c  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
    01:19:19.0536 0x079c  pcmcia - ok
    01:19:19.0552 0x079c  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
    01:19:19.0567 0x079c  pcw - ok
    01:19:19.0567 0x079c  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
    01:19:19.0630 0x079c  PEAUTH - ok
    01:19:19.0676 0x079c  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
    01:19:19.0754 0x079c  PeerDistSvc - ok
    01:19:19.0832 0x079c  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
    01:19:19.0848 0x079c  PerfHost - ok
    01:19:19.0926 0x079c  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
    01:19:19.0988 0x079c  pla - ok
    01:19:20.0020 0x079c  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
    01:19:20.0098 0x079c  PlugPlay - ok
    01:19:20.0113 0x079c  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
    01:19:20.0144 0x079c  PNRPAutoReg - ok
    01:19:20.0176 0x079c  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
    01:19:20.0207 0x079c  PNRPsvc - ok
    01:19:20.0222 0x079c  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
    01:19:20.0285 0x079c  PolicyAgent - ok
    01:19:20.0316 0x079c  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
    01:19:20.0410 0x079c  Power - ok
    01:19:20.0456 0x079c  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
    01:19:20.0503 0x079c  PptpMiniport - ok
    01:19:20.0519 0x079c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
    01:19:20.0550 0x079c  Processor - ok
    01:19:20.0581 0x079c  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
    01:19:20.0644 0x079c  ProfSvc - ok
    01:19:20.0659 0x079c  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
    01:19:20.0675 0x079c  ProtectedStorage - ok
    01:19:20.0690 0x079c  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
    01:19:20.0722 0x079c  Psched - ok
    01:19:20.0768 0x079c  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
    01:19:20.0800 0x079c  ql2300 - ok
    01:19:20.0815 0x079c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
    01:19:20.0815 0x079c  ql40xx - ok
    01:19:20.0846 0x079c  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
    01:19:20.0878 0x079c  QWAVE - ok
    01:19:20.0878 0x079c  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
    01:19:20.0909 0x079c  QWAVEdrv - ok
    01:19:20.0956 0x079c  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
    01:19:21.0018 0x079c  RasAcd - ok
    01:19:21.0049 0x079c  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
    01:19:21.0080 0x079c  RasAgileVpn - ok
    01:19:21.0096 0x079c  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
    01:19:21.0158 0x079c  RasAuto - ok
    01:19:21.0174 0x079c  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
    01:19:21.0236 0x079c  Rasl2tp - ok
    01:19:21.0252 0x079c  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
    01:19:21.0299 0x079c  RasMan - ok
    01:19:21.0299 0x079c  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
    01:19:21.0346 0x079c  RasPppoe - ok
    01:19:21.0377 0x079c  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
    01:19:21.0424 0x079c  RasSstp - ok
    01:19:21.0455 0x079c  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
    01:19:21.0517 0x079c  rdbss - ok
    01:19:21.0517 0x079c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
    01:19:21.0533 0x079c  rdpbus - ok
    01:19:21.0548 0x079c  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
    01:19:21.0580 0x079c  RDPCDD - ok
    01:19:21.0611 0x079c  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
    01:19:21.0642 0x079c  RDPDR - ok
    01:19:21.0642 0x079c  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
    01:19:21.0689 0x079c  RDPENCDD - ok
    01:19:21.0720 0x079c  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
    01:19:21.0751 0x079c  RDPREFMP - ok
    01:19:21.0767 0x079c  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
    01:19:21.0814 0x079c  RdpVideoMiniport - ok
    01:19:21.0829 0x079c  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
    01:19:21.0876 0x079c  RDPWD - ok
    01:19:21.0892 0x079c  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
    01:19:21.0907 0x079c  rdyboost - ok
    01:19:21.0938 0x079c  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
    01:19:22.0016 0x079c  RemoteAccess - ok
    01:19:22.0032 0x079c  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
    01:19:22.0079 0x079c  RemoteRegistry - ok
    01:19:22.0110 0x079c  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
    01:19:22.0141 0x079c  RFCOMM - ok
    01:19:22.0157 0x079c  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
    01:19:22.0188 0x079c  RpcEptMapper - ok
    01:19:22.0219 0x079c  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
    01:19:22.0250 0x079c  RpcLocator - ok
    01:19:22.0266 0x079c  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
    01:19:22.0297 0x079c  RpcSs - ok
    01:19:22.0328 0x079c  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
    01:19:22.0360 0x079c  rspndr - ok
    01:19:22.0391 0x079c  [ 3713DACCA1025B05A6343104112708D9 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
    01:19:22.0422 0x079c  RTL8167 - ok
    01:19:22.0438 0x079c  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
    01:19:22.0469 0x079c  s3cap - ok
    01:19:22.0484 0x079c  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
    01:19:22.0500 0x079c  SamSs - ok
    01:19:22.0516 0x079c  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
    01:19:22.0531 0x079c  sbp2port - ok
    01:19:22.0578 0x079c  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
    01:19:22.0609 0x079c  SCardSvr - ok
    01:19:22.0625 0x079c  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
    01:19:22.0656 0x079c  scfilter - ok
    01:19:22.0687 0x079c  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
    01:19:22.0750 0x079c  Schedule - ok
    01:19:22.0781 0x079c  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
    01:19:22.0812 0x079c  SCPolicySvc - ok
    01:19:22.0828 0x079c  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
    01:19:22.0859 0x079c  SDRSVC - ok
    01:19:22.0890 0x079c  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
    01:19:22.0921 0x079c  secdrv - ok
    01:19:22.0921 0x079c  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
    01:19:22.0952 0x079c  seclogon - ok
    01:19:22.0968 0x079c  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
    01:19:23.0015 0x079c  SENS - ok
    01:19:23.0046 0x079c  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
    01:19:23.0062 0x079c  SensrSvc - ok
    01:19:23.0077 0x079c  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
    01:19:23.0108 0x079c  Serenum - ok
    01:19:23.0124 0x079c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
    01:19:23.0140 0x079c  Serial - ok
    01:19:23.0140 0x079c  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
    01:19:23.0171 0x079c  sermouse - ok
    01:19:23.0186 0x079c  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
    01:19:23.0233 0x079c  SessionEnv - ok
    01:19:23.0249 0x079c  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
    01:19:23.0264 0x079c  sffdisk - ok
    01:19:23.0296 0x079c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
    01:19:23.0327 0x079c  sffp_mmc - ok
    01:19:23.0342 0x079c  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
    01:19:23.0374 0x079c  sffp_sd - ok
    01:19:23.0389 0x079c  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
    01:19:23.0420 0x079c  sfloppy - ok
    01:19:23.0452 0x079c  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
    01:19:23.0514 0x079c  SharedAccess - ok
    01:19:23.0545 0x079c  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
    01:19:23.0608 0x079c  ShellHWDetection - ok
    01:19:23.0623 0x079c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
    01:19:23.0639 0x079c  SiSRaid2 - ok
    01:19:23.0654 0x079c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
    01:19:23.0670 0x079c  SiSRaid4 - ok
    01:19:23.0686 0x079c  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
    01:19:23.0732 0x079c  Smb - ok
    01:19:23.0748 0x079c  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
    01:19:23.0779 0x079c  SNMPTRAP - ok
    01:19:23.0795 0x079c  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
    01:19:23.0810 0x079c  spldr - ok
    01:19:23.0842 0x079c  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
    01:19:23.0873 0x079c  Spooler - ok
    01:19:23.0966 0x079c  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
    01:19:24.0091 0x079c  sppsvc - ok
    01:19:24.0107 0x079c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
    01:19:24.0138 0x079c  sppuinotify - ok
    01:19:24.0154 0x079c  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
    01:19:24.0200 0x079c  srv - ok
    01:19:24.0200 0x079c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
    01:19:24.0232 0x079c  srv2 - ok
    01:19:24.0232 0x079c  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
    01:19:24.0247 0x079c  srvnet - ok
    01:19:24.0278 0x079c  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
    01:19:24.0325 0x079c  SSDPSRV - ok
    01:19:24.0341 0x079c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
    01:19:24.0372 0x079c  SstpSvc - ok
    01:19:24.0403 0x079c  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
    01:19:24.0419 0x079c  stexstor - ok
    01:19:24.0434 0x079c  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
    01:19:24.0466 0x079c  stisvc - ok
    01:19:24.0481 0x079c  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
    01:19:24.0497 0x079c  storflt - ok
    01:19:24.0512 0x079c  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
    01:19:24.0528 0x079c  storvsc - ok
    01:19:24.0544 0x079c  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
    01:19:24.0544 0x079c  swenum - ok
    01:19:24.0622 0x079c  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    01:19:24.0653 0x079c  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
    01:19:24.0653 0x079c  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
    01:19:24.0684 0x079c  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
    01:19:24.0746 0x079c  swprv - ok
    01:19:24.0778 0x079c  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
    01:19:24.0793 0x079c  Synth3dVsc - ok
    01:19:24.0824 0x079c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
    01:19:24.0887 0x079c  SysMain - ok
    01:19:24.0887 0x079c  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
    01:19:24.0918 0x079c  TabletInputService - ok
    01:19:24.0934 0x079c  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
    01:19:24.0980 0x079c  TapiSrv - ok
    01:19:24.0996 0x079c  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
    01:19:25.0043 0x079c  TBS - ok
    01:19:25.0105 0x079c  [ DB74544B75566C974815E79A62433F29 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
    01:19:25.0136 0x079c  Tcpip - ok
    01:19:25.0183 0x079c  [ DB74544B75566C974815E79A62433F29 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
    01:19:25.0214 0x079c  TCPIP6 - ok
    01:19:25.0246 0x079c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
    01:19:25.0246 0x079c  tcpipreg - ok
    01:19:25.0277 0x079c  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
    01:19:25.0324 0x079c  TDPIPE - ok
    01:19:25.0324 0x079c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
    01:19:25.0370 0x079c  TDTCP - ok
    01:19:25.0386 0x079c  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
    01:19:25.0417 0x079c  tdx - ok
    01:19:25.0433 0x079c  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
    01:19:25.0433 0x079c  TermDD - ok
    01:19:25.0448 0x079c  [ EF4469AB69EB15E5D3754E6AEAFBCD3D ] terminpt        C:\Windows\system32\drivers\terminpt.sys
    01:19:25.0480 0x079c  terminpt - ok
    01:19:25.0558 0x079c  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
    01:19:25.0620 0x079c  TermService - ok
    01:19:25.0620 0x079c  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
    01:19:25.0636 0x079c  Themes - ok
    01:19:25.0651 0x079c  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
    01:19:25.0682 0x079c  THREADORDER - ok
    01:19:25.0698 0x079c  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
    01:19:25.0729 0x079c  TrkWks - ok
    01:19:25.0776 0x079c  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
    01:19:25.0807 0x079c  TrustedInstaller - ok
    01:19:25.0823 0x079c  [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
    01:19:25.0854 0x079c  tssecsrv - ok
    01:19:25.0870 0x079c  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
    01:19:25.0901 0x079c  TsUsbFlt - ok
    01:19:25.0916 0x079c  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
    01:19:25.0932 0x079c  TsUsbGD - ok
    01:19:25.0963 0x079c  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
    01:19:25.0979 0x079c  tsusbhub - ok
    01:19:26.0010 0x079c  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
    01:19:26.0088 0x079c  tunnel - ok
    01:19:26.0104 0x079c  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
    01:19:26.0119 0x079c  uagp35 - ok
    01:19:26.0119 0x079c  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
    01:19:26.0166 0x079c  udfs - ok
    01:19:26.0197 0x079c  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
    01:19:26.0213 0x079c  UI0Detect - ok
    01:19:26.0228 0x079c  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
    01:19:26.0244 0x079c  uliagpkx - ok
    01:19:26.0260 0x079c  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
    01:19:26.0291 0x079c  umbus - ok
    01:19:26.0306 0x079c  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
    01:19:26.0353 0x079c  UmPass - ok
    01:19:26.0384 0x079c  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
    01:19:26.0416 0x079c  UmRdpService - ok
    01:19:26.0416 0x079c  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
    01:19:26.0478 0x079c  upnphost - ok
    01:19:26.0509 0x079c  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
    01:19:26.0525 0x079c  usbccgp - ok
    01:19:26.0556 0x079c  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
    01:19:26.0572 0x079c  usbcir - ok
    01:19:26.0587 0x079c  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
    01:19:26.0603 0x079c  usbehci - ok
    01:19:26.0618 0x079c  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
    01:19:26.0650 0x079c  usbhub - ok
    01:19:26.0665 0x079c  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
    01:19:26.0696 0x079c  usbohci - ok
    01:19:26.0712 0x079c  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
    01:19:26.0743 0x079c  usbprint - ok
    01:19:26.0759 0x079c  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
    01:19:26.0790 0x079c  USBSTOR - ok
    01:19:26.0806 0x079c  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
    01:19:26.0821 0x079c  usbuhci - ok
    01:19:26.0868 0x079c  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
    01:19:26.0899 0x079c  usbvideo - ok
    01:19:26.0930 0x079c  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
    01:19:26.0993 0x079c  UxSms - ok
    01:19:27.0008 0x079c  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
    01:19:27.0008 0x079c  VaultSvc - ok
    01:19:27.0040 0x079c  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
    01:19:27.0040 0x079c  vdrvroot - ok
    01:19:27.0071 0x079c  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
    01:19:27.0102 0x079c  vds - ok
    01:19:27.0118 0x079c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
    01:19:27.0133 0x079c  vga - ok
    01:19:27.0133 0x079c  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
    01:19:27.0180 0x079c  VgaSave - ok
    01:19:27.0180 0x079c  VGPU - ok
    01:19:27.0211 0x079c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
    01:19:27.0227 0x079c  vhdmp - ok
    01:19:27.0227 0x079c  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
    01:19:27.0242 0x079c  viaide - ok
    01:19:27.0274 0x079c  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
    01:19:27.0289 0x079c  vmbus - ok
    01:19:27.0289 0x079c  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
    01:19:27.0305 0x079c  VMBusHID - ok
    01:19:27.0320 0x079c  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
    01:19:27.0336 0x079c  volmgr - ok
    01:19:27.0352 0x079c  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
    01:19:27.0367 0x079c  volmgrx - ok
    01:19:27.0367 0x079c  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
    01:19:27.0383 0x079c  volsnap - ok
    01:19:27.0414 0x079c  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
    01:19:27.0430 0x079c  vsmraid - ok
    01:19:27.0476 0x079c  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
    01:19:27.0554 0x079c  VSS - ok
    01:19:27.0554 0x079c  vToolbarUpdater15.4.0 - ok
    01:19:27.0570 0x079c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
    01:19:27.0586 0x079c  vwifibus - ok
    01:19:27.0586 0x079c  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
    01:19:27.0601 0x079c  vwififlt - ok
    01:19:27.0617 0x079c  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
    01:19:27.0632 0x079c  vwifimp - ok
    01:19:27.0632 0x079c  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
    01:19:27.0679 0x079c  W32Time - ok
    01:19:27.0695 0x079c  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
    01:19:27.0710 0x079c  WacomPen - ok
    01:19:27.0710 0x079c  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
    01:19:27.0757 0x079c  WANARP - ok
    01:19:27.0757 0x079c  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
    01:19:27.0788 0x079c  Wanarpv6 - ok
    01:19:27.0866 0x079c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
    01:19:27.0898 0x079c  WatAdminSvc - ok
    01:19:27.0960 0x079c  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
    01:19:28.0038 0x079c  wbengine - ok
    01:19:28.0054 0x079c  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
    01:19:28.0085 0x079c  WbioSrvc - ok
    01:19:28.0100 0x079c  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
    01:19:28.0132 0x079c  wcncsvc - ok
    01:19:28.0132 0x079c  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
    01:19:28.0194 0x079c  WcsPlugInService - ok
    01:19:28.0225 0x079c  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
    01:19:28.0225 0x079c  Wd - ok
    01:19:28.0256 0x079c  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
    01:19:28.0288 0x079c  Wdf01000 - ok
    01:19:28.0303 0x079c  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
    01:19:28.0366 0x079c  WdiServiceHost - ok
    01:19:28.0366 0x079c  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
    01:19:28.0397 0x079c  WdiSystemHost - ok
    01:19:28.0397 0x079c  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
    01:19:28.0444 0x079c  WebClient - ok
    01:19:28.0475 0x079c  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
    01:19:28.0522 0x079c  Wecsvc - ok
    01:19:28.0537 0x079c  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
    01:19:28.0568 0x079c  wercplsupport - ok
    01:19:28.0584 0x079c  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
    01:19:28.0631 0x079c  WerSvc - ok
    01:19:28.0631 0x079c  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
    01:19:28.0662 0x079c  WfpLwf - ok
    01:19:28.0678 0x079c  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
    01:19:28.0693 0x079c  WIMMount - ok
    01:19:28.0709 0x079c  WinDefend - ok
    01:19:28.0709 0x079c  WinHttpAutoProxySvc - ok
    01:19:28.0771 0x079c  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
    01:19:28.0834 0x079c  Winmgmt - ok
    01:19:28.0896 0x079c  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
    01:19:28.0958 0x079c  WinRM - ok
    01:19:28.0990 0x079c  [ FE88B288356E7B47B74B13372ADD906D ] winusb          C:\Windows\system32\DRIVERS\winusb.sys
    01:19:29.0005 0x079c  winusb - ok
    01:19:29.0036 0x079c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
    01:19:29.0083 0x079c  Wlansvc - ok
    01:19:29.0114 0x079c  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
    01:19:29.0146 0x079c  WmiAcpi - ok
    01:19:29.0177 0x079c  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
    01:19:29.0208 0x079c  wmiApSrv - ok
    01:19:29.0239 0x079c  WMPNetworkSvc - ok
    01:19:29.0270 0x079c  [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
    01:19:29.0286 0x079c  WMZuneComm - ok
    01:19:29.0317 0x079c  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
    01:19:29.0333 0x079c  WPCSvc - ok
    01:19:29.0348 0x079c  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
    01:19:29.0364 0x079c  WPDBusEnum - ok
    01:19:29.0380 0x079c  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
    01:19:29.0411 0x079c  ws2ifsl - ok
    01:19:29.0426 0x079c  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
    01:19:29.0458 0x079c  wscsvc - ok
    01:19:29.0458 0x079c  WSearch - ok
    01:19:29.0567 0x079c  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
    01:19:29.0598 0x079c  wuauserv - ok
    01:19:29.0614 0x079c  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
    01:19:29.0660 0x079c  WudfPf - ok
    01:19:29.0692 0x079c  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
    01:19:29.0707 0x079c  WUDFRd - ok
    01:19:29.0707 0x079c  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
    01:19:29.0738 0x079c  wudfsvc - ok
    01:19:29.0754 0x079c  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
    01:19:29.0785 0x079c  WwanSvc - ok
    01:19:29.0957 0x079c  [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
    01:19:30.0050 0x079c  ZuneNetworkSvc - ok
    01:19:30.0082 0x079c  [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
    01:19:30.0097 0x079c  ZuneWlanCfgSvc - ok
    01:19:30.0113 0x079c  ================ Scan global ===============================
    01:19:30.0128 0x079c  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
    01:19:30.0160 0x079c  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
    01:19:30.0160 0x079c  [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
    01:19:30.0175 0x079c  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
    01:19:30.0206 0x079c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
    01:19:30.0206 0x079c  [Global] - ok
    01:19:30.0206 0x079c  ================ Scan MBR ==================================
    01:19:30.0222 0x079c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
    01:19:30.0596 0x079c  \Device\Harddisk0\DR0 - ok
    01:19:30.0596 0x079c  ================ Scan VBR ==================================
    01:19:30.0612 0x079c  [ DDD32E101228A332FCAB7BD063AFBBCB ] \Device\Harddisk0\DR0\Partition1
    01:19:30.0612 0x079c  \Device\Harddisk0\DR0\Partition1 - ok
    01:19:30.0643 0x079c  [ A1B7EE6CDF2A711430276CA2BF6F3403 ] \Device\Harddisk0\DR0\Partition2
    01:19:30.0643 0x079c  \Device\Harddisk0\DR0\Partition2 - ok
    01:19:30.0643 0x079c  ============================================================
    01:19:30.0643 0x079c  Scan finished
    01:19:30.0643 0x079c  ============================================================
    01:19:30.0659 0x13d8  Detected object count: 1
    01:19:30.0659 0x13d8  Actual detected object count: 1
    01:19:45.0011 0x13d8  C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - copied to quarantine
    01:19:45.0011 0x13d8  HKLM\SYSTEM\ControlSet001\services\SwitchBoard - will be deleted on reboot
    01:19:45.0042 0x13d8  HKLM\SYSTEM\ControlSet002\services\SwitchBoard - will be deleted on reboot
    01:19:45.0214 0x13d8  C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe - will be deleted on reboot
    01:19:45.0214 0x13d8  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Delete



    #6 gunboundph1

    gunboundph1
    • Topic Starter

    • Members
    • 16 posts
    • OFFLINE
    •  
    • Local time:07:58 PM

    Posted 22 September 2013 - 07:09 PM

    I think there is a problem with my keyboard how would i disable keyboard shortcuts cause it happens when im on linux too



    #7 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • OFFLINE
    •  
    • Gender:Female
    • Local time:02:58 AM

    Posted 23 September 2013 - 12:16 PM

    Hi there,

     

     

    As I can see, there is no way to turn off keyboard shortcuts but see if this helps: Microsoft Article 

     

    Now, I would want us to run ComboFix: 

     

    Please download ComboFix from one of these locations:
     
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  • **Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.
     

    Query_RC.gif

     
     
    Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
     

    RC_successful.gif

     
     
    Click on Yes, to continue scanning for malware.
     
    When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.
     
     
     
     
     
     
     
    Elle 

    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #8 gunboundph1

    gunboundph1
    • Topic Starter

    • Members
    • 16 posts
    • OFFLINE
    •  
    • Local time:07:58 PM

    Posted 23 September 2013 - 02:20 PM

    ComboFix 13-09-23.02 - Mark 09/23/2013  14:45:22.2.4 - x64
    Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.5611.3634 [GMT -4:00]
    Running from: c:\users\Mark\Downloads\ComboFix.exe
    AV: AVG Internet Security 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    FW: AVG Internet Security 2013 *Enabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
    SP: AVG Internet Security 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Created a new restore point
    .
    .
    (((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\users\Mark\AppData\Local\Microsoft\Windows\Temporary Internet Files\{874B7047-C8A5-4794-A841-731A75CF6298}.xps
    .
    .
    (((((((((((((((((((((((((   Files Created from 2013-08-23 to 2013-09-23  )))))))))))))))))))))))))))))))
    .
    .
    2013-09-23 18:54 . 2013-09-23 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp
    2013-09-22 05:33 . 2013-09-22 05:43 -------- d-----w- C:\ubuntu
    2013-09-22 05:19 . 2013-09-22 05:19 -------- d-----w- C:\TDSSKiller_Quarantine
    2013-09-20 02:41 . 2013-09-20 02:41 12872 ----a-w- c:\windows\system32\bootdelete.exe
    2013-09-20 01:47 . 2013-09-20 02:41 -------- d-----w- c:\programdata\HitmanPro
    2013-09-20 01:24 . 2013-09-16 04:50 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD9AE118-A996-4777-A108-DF6557D43748}\mpengine.dll
    2013-09-19 02:40 . 2013-09-19 02:40 -------- d-----w- C:\6023a16f65a5677854
    2013-09-15 20:40 . 2013-09-15 20:40 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
    2013-09-15 20:39 . 2013-09-15 20:40 -------- d-----w- c:\program files\Adobe
    2013-09-15 20:33 . 2013-09-15 20:40 -------- d-----w- c:\program files\Common Files\Adobe
    2013-09-15 19:34 . 2013-09-15 20:46 -------- d-----w- c:\program files (x86)\Common Files\Adobe
    2013-09-15 18:46 . 2013-09-15 18:46 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2013-09-15 18:46 . 2013-09-15 18:46 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2013-09-15 18:46 . 2013-09-15 18:46 -------- d-----w- c:\windows\SysWow64\Macromed
    2013-09-15 18:46 . 2013-09-15 18:46 -------- d-----w- c:\windows\system32\Macromed
    2013-09-15 18:14 . 2013-09-15 18:14 -------- d-----w- c:\program files\Common Files\DESIGNER
    2013-09-15 18:13 . 2013-09-15 18:13 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
    2013-09-15 18:13 . 2013-09-15 18:13 -------- d-----w- c:\program files\Microsoft.NET
    2013-09-15 18:13 . 2013-09-15 18:13 -------- d-----w- c:\programdata\regid.1991-06.com.microsoft
    2013-09-15 18:13 . 2013-09-17 22:32 -------- d-----w- c:\program files (x86)\Microsoft.NET
    2013-09-15 18:13 . 2013-09-15 18:13 -------- d-----w- c:\program files\Microsoft SQL Server
    2013-09-15 18:10 . 2013-09-15 18:10 -------- d-----w- c:\program files\Microsoft Analysis Services
    2013-09-15 18:10 . 2013-09-15 18:10 -------- d-----w- c:\program files (x86)\Microsoft Analysis Services
    2013-09-15 18:10 . 2013-09-15 18:13 -------- d-----w- c:\program files\Microsoft Office
    2013-09-15 18:10 . 2013-09-15 18:17 -------- d-----w- c:\programdata\Microsoft Help
    2013-09-15 18:07 . 2013-09-15 18:07 -------- d-----w- c:\windows\system32\drivers\UMDF\ko-KR
    2013-09-15 18:07 . 2013-09-15 18:07 -------- d-----w- c:\windows\system32\drivers\UMDF\ms-MY
    2013-09-15 18:07 . 2013-09-15 18:07 -------- d-----w- c:\windows\system32\drivers\UMDF\id-ID
    2013-09-15 18:07 . 2013-09-15 18:07 -------- d-----w- c:\windows\system32\drivers\UMDF\sv-SE
    2013-09-15 18:04 . 2013-09-15 18:07 -------- d-----w- c:\program files\Zune
    2013-09-15 18:04 . 2013-09-15 18:04 -------- d-----w- c:\windows\PCHEALTH
    2013-09-15 17:31 . 2013-09-15 17:31 -------- d-----w- c:\program files (x86)\Deluge
    2013-09-15 17:13 . 2013-09-15 17:13 0 ----a-w- c:\windows\ativpsrm.bin
    2013-09-15 17:07 . 2013-08-10 03:17 2706432 ----a-w- c:\windows\system32\mshtml.tlb
    2013-09-15 17:07 . 2013-08-10 05:20 526336 ----a-w- c:\windows\system32\ieui.dll
    2013-09-15 17:07 . 2013-08-10 05:20 356864 ----a-w- c:\program files\Internet Explorer\IEShims.dll
    2013-09-15 17:07 . 2013-08-10 03:58 257536 ----a-w- c:\program files (x86)\Internet Explorer\ieproxy.dll
    2013-09-15 17:07 . 2013-08-10 03:07 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2013-09-15 17:07 . 2013-08-10 05:21 278528 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
    2013-09-15 17:07 . 2013-08-10 03:58 217600 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
    2013-09-15 17:07 . 2013-08-10 03:58 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
    2013-09-15 17:07 . 2013-08-10 03:58 236032 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
    2013-09-15 16:58 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
    2013-09-15 16:58 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
    2013-09-15 16:47 . 2013-07-09 05:46 1472512 ----a-w- c:\windows\system32\crypt32.dll
    2013-09-15 16:46 . 2013-07-06 06:03 1910208 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2013-09-15 16:46 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
    2013-09-15 16:46 . 2013-04-02 22:51 1643520 ----a-w- c:\windows\system32\DWrite.dll
    2013-09-15 16:45 . 2013-04-10 05:48 1732608 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
    2013-09-15 16:45 . 2013-04-10 05:46 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
    2013-09-15 16:45 . 2013-04-10 05:46 1393152 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
    2013-09-15 16:45 . 2013-04-10 05:46 1367040 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
    2013-09-15 16:45 . 2013-04-10 05:03 936448 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
    2013-09-15 05:48 . 2013-09-15 05:49 -------- d-----w- C:\AdwCleaner
    2013-09-15 05:39 . 2013-09-15 05:39 -------- d-----w- c:\program files (x86)\HP
    2013-09-15 05:39 . 2013-09-15 05:39 -------- d-----w- c:\program files (x86)\Hewlett-Packard
    2013-09-15 05:05 . 2013-09-15 01:35 -------- d-----w- c:\windows\Panther
    2013-09-15 03:05 . 2013-09-15 05:34 -------- d-----w- c:\program files\Malwarebytes Anti-Exploit
    2013-09-15 03:05 . 2010-03-18 13:36 1858896 ----a-w- c:\windows\system32\msvcr100d.dll
    2013-09-15 03:05 . 2010-03-18 13:36 1014096 ----a-w- c:\windows\system32\msvcp100d.dll
    2013-09-15 03:05 . 2010-03-18 13:15 743248 ----a-w- c:\windows\SysWow64\msvcp100d.dll
    2013-09-15 03:05 . 2010-03-18 13:15 1498960 ----a-w- c:\windows\SysWow64\msvcr100d.dll
    2013-09-15 03:00 . 2013-09-15 03:00 -------- d-----w- c:\programdata\Malwarebytes
    2013-09-15 03:00 . 2013-09-15 03:00 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2013-09-15 03:00 . 2013-04-04 18:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-09-15 02:43 . 2013-09-15 02:42 45856 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
    2013-09-15 02:42 . 2013-09-15 02:43 -------- d-----w- c:\programdata\AVG SafeGuard toolbar
    2013-09-15 02:42 . 2013-09-15 02:42 -------- d-----w- c:\program files (x86)\AVG SafeGuard toolbar
    2013-09-15 02:42 . 2013-09-15 02:43 -------- d-----w- c:\program files (x86)\Google
    2013-09-15 02:41 . 2013-09-15 02:43 -------- d-----w- c:\programdata\AVG2013
    2013-09-15 02:40 . 2013-09-15 02:40 -------- d-----w- c:\program files (x86)\AVG
    2013-09-15 02:38 . 2013-09-20 01:10 -------- d-sh--w- c:\windows\Installer
    2013-09-15 02:37 . 2013-09-23 18:42 -------- d-----w- c:\programdata\MFAData
    2013-09-15 02:37 . 2013-09-15 02:37 -------- d--h--w- c:\programdata\Common Files
    2013-09-15 01:40 . 2013-09-15 01:40 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
    2013-09-15 01:37 . 2013-09-15 18:07 -------- d-----w- c:\users\Mark
    2013-09-15 01:33 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
    2013-09-15 01:33 . 2011-04-09 05:56 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
    2013-09-15 01:32 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
    2013-09-15 01:32 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
    2013-09-15 01:32 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
    2013-09-15 01:32 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
    2013-09-15 01:32 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
    2013-09-15 01:32 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
    2013-09-15 01:32 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
    2013-09-15 01:31 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
    2013-09-15 01:31 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe
    2013-09-05 05:43 . 2013-09-05 05:43 45880 ----a-w- c:\windows\system32\drivers\avgrkx64.sys
    2013-08-30 01:08 . 2013-08-30 01:08 -------- d-----r- C:\MSOCache
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2013-08-10 00:02 . 2013-08-10 00:02 66264 ----a-w- c:\windows\system32\btwdi.dll
    2013-08-10 00:02 . 2013-08-10 00:02 2232024 ----a-w- c:\windows\system32\BcmBtRSupport.dll
    2013-08-10 00:02 . 2013-08-10 00:02 170712 ----a-w- c:\windows\system32\drivers\bcbtums.sys
    2013-08-10 00:02 . 2013-08-10 00:02 166104 ----a-w- c:\windows\system32\drivers\btwampfl.sys
    2013-08-10 00:02 . 2013-08-10 00:02 2252504 ----a-w- c:\windows\system32\BtwRSupportService.exe
    2013-08-07 08:22 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
    2013-08-02 01:48 . 2013-09-15 16:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
    2013-07-20 05:51 . 2013-07-20 05:51 311608 ----a-w- c:\windows\system32\drivers\avgloga.sys
    2013-07-20 05:50 . 2013-07-20 05:50 71480 ----a-w- c:\windows\system32\drivers\avgidsha.sys
    2013-07-20 05:50 . 2013-07-20 05:50 246072 ----a-w- c:\windows\system32\drivers\avgidsdrivera.sys
    2013-07-20 05:50 . 2013-07-20 05:50 206648 ----a-w- c:\windows\system32\drivers\avgldx64.sys
    2013-07-01 05:45 . 2013-07-01 05:45 116536 ----a-w- c:\windows\system32\drivers\avgmfx64.sys
    .
    .
    (((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
    @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
    [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
    2012-10-02 00:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
    @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
    [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
    2012-10-02 00:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
    @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
    [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
    2012-10-02 00:38 1720976 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2013-08-15 4411440]
    "AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    R1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files\Malwarebytes Anti-Exploit\MBAE64.sys;c:\program files\Malwarebytes Anti-Exploit\MBAE64.sys [x]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
    R2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [x]
    R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
    R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
    R3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiaga.sys;c:\windows\SYSNATIVE\drivers\bxdiaga.sys [x]
    R3 BFN7x64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x64.sys;c:\windows\SYSNATIVE\drivers\Xeno7x64.sys [x]
    R3 btwampfl;btwampfl;c:\windows\system32\DRIVERS\btwampfl.sys;c:\windows\SYSNATIVE\DRIVERS\btwampfl.sys [x]
    R3 bxfcoe;bxfcoe;c:\windows\system32\drivers\bxfcoe.sys;c:\windows\SYSNATIVE\drivers\bxfcoe.sys [x]
    R3 bxois;bxois;c:\windows\system32\drivers\bxois.sys;c:\windows\SYSNATIVE\drivers\bxois.sys [x]
    R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
    R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
    R3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\System32\Drivers\EtronSTOR.sys;c:\windows\SYSNATIVE\Drivers\EtronSTOR.sys [x]
    R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
    R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys;c:\windows\SYSNATIVE\Drivers\qd162x64.sys [x]
    R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys;c:\windows\SYSNATIVE\Drivers\qd262x64.sys [x]
    R3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys;c:\windows\SYSNATIVE\drivers\iusb3hub.sys [x]
    R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys;c:\windows\SYSNATIVE\drivers\iusb3xhc.sys [x]
    R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
    R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
    R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
    R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
    R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
    S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
    S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
    S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
    S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
    S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys;c:\windows\SYSNATIVE\DRIVERS\avgfwd6a.sys [x]
    S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
    S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
    S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
    S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
    S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe;c:\program files (x86)\AVG\AVG2013\avgfws.exe [x]
    S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
    S2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
    S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
    S3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
    S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
    2013-09-23 00:47 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2013-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15 02:42]
    .
    2013-09-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-09-15 02:42]
    .
    2013-09-23 c:\windows\Tasks\Malwarebytes Anti-Exploit.job
    - c:\program files\Malwarebytes Anti-Exploit\mbaeloader64.exe [2013-09-15 20:35]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
    @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
    [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
    2012-10-02 00:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
    @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
    [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
    2012-10-02 00:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
    @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
    [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
    2012-10-02 00:37 2322576 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
    .
    ------- Supplementary Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    mLocal Page = c:\windows\SysWOW64\blank.htm
    IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office15\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office15\ONBttnIE.dll/105
    TCP: DhcpNameServer = 192.168.1.254
    Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
    FF - ProfilePath - c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\
    FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
    FF - prefs.js: keyword.URL -
    FF - ExtSQL: 2013-09-15 01:38; {ab91efd4-6975-4081-8552-1b3922ed79e2}; c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
    FF - ExtSQL: 2013-09-15 13:46; {fe272bd1-5f76-4ea4-8501-a05d35d823fc}; c:\users\Mark\AppData\Roaming\Mozilla\Firefox\Profiles\pkdvdx3e.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Wow6432Node-HKCU-Run-AdobeBridge - (no file)
    Wow6432Node-HKLM-Run-SwitchBoard - c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    SafeBoot-77736818.sys
    .
    .
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Completion time: 2013-09-23  15:06:32
    ComboFix-quarantined-files.txt  2013-09-23 19:06
    ComboFix2.txt  2013-09-15 06:06
    .
    Pre-Run: 443,682,942,976 bytes free
    Post-Run: 443,985,711,104 bytes free
    .
    - - End Of File - - 40A5E5A4C78A248CC3ED9B51C487C8C1
    A36C5E4F47E84449FF07ED3517B43A31



    #9 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • OFFLINE
    •  
    • Gender:Female
    • Local time:02:58 AM

    Posted 24 September 2013 - 01:53 PM

    Hi there,

     

     

    Can you tell me how is the computer working? What are the symptoms?

     

     

     

    Elle 


    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #10 gunboundph1

    gunboundph1
    • Topic Starter

    • Members
    • 16 posts
    • OFFLINE
    •  
    • Local time:07:58 PM

    Posted 24 September 2013 - 03:02 PM

    Sometimes it the virus doesn't start up when I turn on my PC it comes later. But right now just when I turn on my PC my web browser opens up and starts opening up 20 new windows or so and when I try to open a different website I get redirected to my homepage this happens to all my browsers

    I can upload a video if it will help

    #11 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • OFFLINE
    •  
    • Gender:Female
    • Local time:02:58 AM

    Posted 25 September 2013 - 12:59 PM

    20 new browser windows or tabs? And if it tabs, what link are they at? 

     

     

    Elle 


    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #12 gunboundph1

    gunboundph1
    • Topic Starter

    • Members
    • 16 posts
    • OFFLINE
    •  
    • Local time:07:58 PM

    Posted 25 September 2013 - 06:09 PM

    Its not tabs its new windows and its always my homepage if I try other websites I get redirected to my homepage which is yahoo in firefox and in google I get redirected to google.com and internet explorer I get redirected to my homepage msn

    #13 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • OFFLINE
    •  
    • Gender:Female
    • Local time:02:58 AM

    Posted 26 September 2013 - 05:55 PM

    Hi there,

     

     

    We need to create an OTL Report
  • Please download OTL from one of the following mirrors:
  • Save it to your desktop.
  • Double click on the otlicon.png icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the runscan.png button.
  • Two reports will open, copy and paste them in a reply here:
  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized
  •  
     
     
    Elle 

    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #14 gunboundph1

    gunboundph1
    • Topic Starter

    • Members
    • 16 posts
    • OFFLINE
    •  
    • Local time:07:58 PM

    Posted 26 September 2013 - 08:03 PM

    OTL logfile created on: 9/26/2013 8:55:31 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mark\Downloads
    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16686)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    5.48 Gb Total Physical Memory | 3.75 Gb Available Physical Memory | 68.41% Memory free
    10.96 Gb Paging File | 9.21 Gb Available in Paging File | 84.04% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 465.66 Gb Total Space | 433.89 Gb Free Space | 93.18% Space Free | Partition Type: NTFS
     
    Computer Name: MARK-PC | User Name: Mark | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Processes (SafeList) ==========
     
    PRC - [2013/09/26 20:54:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mark\Downloads\OTL.exe
    PRC - [2013/09/17 09:59:21 | 000,262,288 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.2.1\NAV.exe
    PRC - [2013/09/10 22:26:32 | 000,274,840 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    PRC - [2013/08/14 23:25:21 | 000,129,424 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
    PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
     
     
    ========== Modules (No Company Name) ==========
     
    MOD - [2013/09/10 22:26:53 | 003,279,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
     
     
    ========== Services (SafeList) ==========
     
    SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV:64bit: - [2011/09/15 18:12:12 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
    SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
    SRV:64bit: - [2011/03/17 03:14:56 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
    SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
    SRV:64bit: - [2009/03/03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
    SRV - [2013/09/17 09:59:21 | 000,262,288 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.2.1\NAV.exe -- (NAV)
    SRV - [2013/09/10 22:26:44 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/08/14 23:25:21 | 000,129,424 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe -- (NCO)
    SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
    SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
    SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
    SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
     
     
    ========== Driver Services (SafeList) ==========
     
    DRV:64bit: - [2013/09/25 19:49:05 | 000,177,752 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
    DRV:64bit: - [2013/09/11 16:32:42 | 000,590,424 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\symnets.sys -- (SymNetS)
    DRV:64bit: - [2013/08/04 21:33:19 | 001,147,480 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymEFA64.sys -- (SymEFA)
    DRV:64bit: - [2013/07/31 23:19:50 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymDS64.sys -- (SymDS)
    DRV:64bit: - [2013/07/31 00:13:30 | 000,264,280 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\Ironx64.sys -- (SymIRON)
    DRV:64bit: - [2013/07/30 23:44:44 | 000,854,616 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\srtsp64.sys -- (SRTSP)
    DRV:64bit: - [2013/07/30 23:44:44 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\srtspx64.sys -- (SRTSPX)
    DRV:64bit: - [2013/07/29 21:24:22 | 000,150,104 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\7DE05000.043\ccSetx64.sys -- (ccSet_NST)
    DRV:64bit: - [2013/07/29 21:24:22 | 000,150,104 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\ccSetx64.sys -- (ccSet_NAV)
    DRV:64bit: - [2013/06/16 23:21:09 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
    DRV:64bit: - [2013/06/16 23:21:09 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
    DRV:64bit: - [2013/06/16 22:39:20 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
    DRV:64bit: - [2013/06/16 22:33:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV:64bit: - [2013/06/16 22:33:04 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV:64bit: - [2013/06/16 22:33:04 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
    DRV:64bit: - [2013/06/16 22:33:04 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV:64bit: - [2012/12/21 01:44:10 | 000,786,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
    DRV:64bit: - [2012/12/21 01:44:10 | 000,366,216 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
    DRV:64bit: - [2012/11/08 07:41:34 | 000,418,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
    DRV:64bit: - [2012/11/08 07:41:34 | 000,139,592 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
    DRV:64bit: - [2012/07/24 15:58:00 | 000,088,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
    DRV:64bit: - [2012/07/24 15:58:00 | 000,065,152 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
    DRV:64bit: - [2012/07/24 15:58:00 | 000,032,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EtronSTOR.sys -- (EtronSTOR)
    DRV:64bit: - [2012/06/12 17:00:48 | 000,726,160 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
    DRV:64bit: - [2012/03/26 00:24:02 | 003,341,904 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
    DRV:64bit: - [2012/03/08 05:09:30 | 000,088,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxdiaga.sys -- (b06diag)
    DRV:64bit: - [2012/02/22 12:33:36 | 000,539,176 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxois.sys -- (bxois)
    DRV:64bit: - [2012/02/22 12:06:00 | 000,178,216 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxfcoe.sys -- (bxfcoe)
    DRV:64bit: - [2012/02/22 10:27:02 | 000,157,288 | ---- | M] (Bigfoot Networks, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Xeno7x64.sys -- (BFN7x64)
    DRV:64bit: - [2012/01/24 11:44:00 | 000,529,448 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
    DRV:64bit: - [2011/10/27 08:44:48 | 004,746,304 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
    DRV:64bit: - [2011/10/25 13:57:38 | 000,213,504 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
    DRV:64bit: - [2011/10/25 13:57:38 | 000,096,768 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
    DRV:64bit: - [2011/09/15 18:51:12 | 010,206,208 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
    DRV:64bit: - [2011/09/15 17:38:42 | 000,317,952 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
    DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
    DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
    DRV:64bit: - [2011/03/17 03:14:56 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
    DRV:64bit: - [2010/12/16 18:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
    DRV:64bit: - [2010/11/20 23:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
    DRV:64bit: - [2010/11/20 23:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
    DRV:64bit: - [2010/11/20 23:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
    DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
    DRV:64bit: - [2009/11/16 10:45:24 | 000,042,192 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd262x64.sys -- (ioatdma2)
    DRV:64bit: - [2009/11/16 10:45:21 | 000,040,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qd162x64.sys -- (ioatdma1)
    DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
    DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
    DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
    DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
    DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
    DRV - [2013/09/26 15:46:14 | 000,520,280 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.2.1\Definitions\IPSDefs\20130926.001\IDSviA64.sys -- (IDSVia64)
    DRV - [2013/09/25 21:05:26 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.2.1\Definitions\VirusDefs\20130926.004\ex64.sys -- (NAVEX15)
    DRV - [2013/09/25 21:05:26 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
    DRV - [2013/09/25 21:05:26 | 000,140,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
    DRV - [2013/09/25 21:05:26 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.2.1\Definitions\VirusDefs\20130926.004\eng64.sys -- (NAVENG)
    DRV - [2013/09/24 00:37:14 | 001,525,848 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.2.1\Definitions\BASHDefs\20130924.001\BHDrvx64.sys -- (BHDrvx64)
    DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
     
     
    ========== Standard Registry (SafeList) ==========
     
     
    ========== Internet Explorer ==========
     
    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
     
     
     
     
     
     
    IE - HKU\S-1-5-21-3830043719-1258483771-1183304982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    IE - HKU\S-1-5-21-3830043719-1258483771-1183304982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKU\S-1-5-21-3830043719-1258483771-1183304982-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6E F0 8A D9 4A BA CE 01  [binary data]
    IE - HKU\S-1-5-21-3830043719-1258483771-1183304982-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-3830043719-1258483771-1183304982-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    IE - HKU\S-1-5-21-3830043719-1258483771-1183304982-1000\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = http://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=IDSSNAV&chn=retail&geo=US&ver=2014&locale=en_US&gct=kwd&qsrc=2869
    IE - HKU\S-1-5-21-3830043719-1258483771-1183304982-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
     
    ========== FireFox ==========
     
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
    FF - user.js - File not found
     
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
     
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.2.1\IPSFFPlgn\ [2013/09/25 19:49:30 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F04D2D30-776C-4d02-8627-8E4385ECA58D}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\ [2013/09/26 20:49:25 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
     
    [2013/09/25 21:40:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mark\AppData\Roaming\Mozilla\Extensions
    [2013/09/25 21:39:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/09/25 21:39:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
     
    O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.2.1\IPS\IPSBHO.dll (Symantec Corporation)
    O2 - BHO: (Norton Identity Protection) - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll (Symantec Corporation)
    O3 - HKLM\..\Toolbar: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll (Symantec Corporation)
    O3 - HKU\S-1-5-21-3830043719-1258483771-1183304982-1000\..\Toolbar\WebBrowser: (Norton Identity Safe Toolbar) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\CoIEPlg.dll (Symantec Corporation)
    O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
    O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O1364bit: - gopher Prefix: missing
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4F0B7A52-D968-4652-94E6-B574B21F1522}: DhcpNameServer = 192.168.1.254
    O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
    O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
     
    ========== Files/Folders - Created Within 30 Days ==========
     
    [2013/09/26 19:45:55 | 000,000,000 | -HSD | C] -- C:\Config.Msi
    [2013/09/26 18:22:19 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\WinRAR
    [2013/09/25 23:11:46 | 000,000,000 | ---D | C] -- C:\Windows\Panther
    [2013/09/25 22:15:20 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
    [2013/09/25 22:13:11 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
    [2013/09/25 22:12:27 | 000,000,000 | -HSD | C] -- C:\System Volume Information
    [2013/09/25 22:05:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
    [2013/09/25 21:51:34 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
    [2013/09/25 21:51:33 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
    [2013/09/25 21:51:31 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
    [2013/09/25 21:51:31 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
    [2013/09/25 21:51:31 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
    [2013/09/25 21:51:31 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
    [2013/09/25 21:51:31 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
    [2013/09/25 21:51:30 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
    [2013/09/25 21:51:30 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
    [2013/09/25 21:51:30 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
    [2013/09/25 21:51:30 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
    [2013/09/25 21:51:27 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
    [2013/09/25 21:51:27 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
    [2013/09/25 21:51:27 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
    [2013/09/25 21:51:26 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
    [2013/09/25 21:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2013/09/25 21:44:16 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
    [2013/09/25 21:44:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
    [2013/09/25 21:40:01 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Mozilla
    [2013/09/25 21:39:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
    [2013/09/25 21:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [2013/09/25 21:08:04 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KeyTweak
    [2013/09/25 21:08:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyTweak
    [2013/09/25 21:08:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyTweak
    [2013/09/25 21:02:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
    [2013/09/25 20:59:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    [2013/09/25 20:58:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
    [2013/09/25 20:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Hewlett-Packard
    [2013/09/25 20:58:16 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\hpqLog
    [2013/09/25 20:58:01 | 000,000,000 | ---D | C] -- C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
    [2013/09/25 20:44:11 | 003,968,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
    [2013/09/25 20:44:10 | 005,550,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
    [2013/09/25 20:44:10 | 003,913,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
    [2013/09/25 20:44:10 | 001,732,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
    [2013/09/25 20:44:10 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
    [2013/09/25 20:44:10 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
    [2013/09/25 20:44:10 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
    [2013/09/25 20:44:10 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
    [2013/09/25 20:44:10 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
    [2013/09/25 20:44:10 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
    [2013/09/25 20:44:10 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
    [2013/09/25 20:44:10 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
    [2013/09/25 20:44:10 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
    [2013/09/25 20:44:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
    [2013/09/25 20:44:10 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
    [2013/09/25 20:44:10 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
    [2013/09/25 20:44:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
    [2013/09/25 20:44:10 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
    [2013/09/25 20:44:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
    [2013/09/25 20:44:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
    [2013/09/25 20:44:09 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\apisetschema.dll
    [2013/09/25 20:44:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
    [2013/09/25 20:44:09 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
    [2013/09/25 20:43:30 | 001,472,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
    [2013/09/25 20:43:30 | 000,224,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
    [2013/09/25 20:43:29 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
    [2013/09/25 20:43:23 | 001,888,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
    [2013/09/25 20:43:23 | 001,620,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
    [2013/09/25 20:43:22 | 001,217,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rpcrt4.dll
    [2013/09/25 20:43:15 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
    [2013/09/25 20:43:14 | 001,643,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
    [2013/09/25 20:43:10 | 000,155,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\ataport.sys
    [2013/09/25 20:42:26 | 000,624,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
    [2013/09/25 20:42:26 | 000,509,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
    [2013/09/25 20:30:14 | 000,000,000 | ---D | C] -- C:\Program Files\Validity Sensors
    [2013/09/25 20:16:01 | 000,000,000 | ---D | C] -- C:\f373e490fcfc78087c4b6773
    [2013/09/25 20:15:29 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\input.dll
    [2013/09/25 20:15:29 | 000,202,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\input.dll
    [2013/09/25 20:14:13 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbrpm.sys
    [2013/09/25 20:12:12 | 000,442,368 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTEC64.dll
    [2013/09/25 20:12:12 | 000,221,184 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\HPToneCtrls64.dll
    [2013/09/25 20:12:12 | 000,162,304 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAC64.dll
    [2013/09/25 20:12:12 | 000,068,608 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTAR64.dll
    [2013/09/25 20:12:11 | 006,351,872 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\IDTNGUI.exe
    [2013/09/25 20:12:11 | 004,642,816 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll
    [2013/09/25 20:12:11 | 003,293,184 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\IDTNHP.dll
    [2013/09/25 20:12:11 | 001,523,712 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\IDTNC64.cpl
    [2013/09/25 20:12:11 | 001,128,448 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray64.exe
    [2013/09/25 20:12:11 | 001,020,416 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\IDTNX.dll
    [2013/09/25 20:12:11 | 000,212,480 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\IDTNJ.exe
    [2013/09/25 20:12:11 | 000,090,624 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AESTCo64.dll
    [2013/09/25 20:12:10 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs
    [2013/09/25 20:11:32 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
    [2013/09/25 20:11:31 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
    [2013/09/25 20:11:18 | 001,500,672 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll
    [2013/09/25 20:11:18 | 000,652,288 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll
    [2013/09/25 20:11:18 | 000,521,728 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys
    [2013/09/25 20:11:18 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll
    [2013/09/25 20:11:18 | 000,220,160 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\staco64.dll
    [2013/09/25 20:11:14 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
    [2013/09/25 20:11:14 | 000,000,000 | ---D | C] -- C:\Program Files\IDT
    [2013/09/25 20:02:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
    [2013/09/25 20:02:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hewlett-Packard
    [2013/09/25 20:02:55 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
    [2013/09/25 20:02:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
    [2013/09/25 20:01:13 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Mozilla
    [2013/09/25 20:01:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
    [2013/09/25 19:56:51 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
    [2013/09/25 19:56:51 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
    [2013/09/25 19:56:51 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
    [2013/09/25 19:56:40 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
    [2013/09/25 19:56:40 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
    [2013/09/25 19:56:40 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
    [2013/09/25 19:56:14 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
    [2013/09/25 19:56:14 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
    [2013/09/25 19:52:34 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Synaptics
    [2013/09/25 19:51:02 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
    [2013/09/25 19:50:33 | 000,000,000 | ---D | C] -- C:\SWSetup
    [2013/09/25 19:49:15 | 000,150,104 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSTx64\7DE05000.043\ccSetx64.sys
    [2013/09/25 19:49:11 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Identity Safe
    [2013/09/25 19:49:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64
    [2013/09/25 19:49:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Identity Safe
    [2013/09/25 19:49:11 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64\7DE05000.043
    [2013/09/25 19:49:05 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2013/09/25 19:49:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
    [2013/09/25 19:48:50 | 000,590,424 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\symnets.sys
    [2013/09/25 19:48:50 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymELAM.sys
    [2013/09/25 19:48:49 | 001,147,480 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymEFA64.sys
    [2013/09/25 19:48:49 | 000,854,616 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\srtsp64.sys
    [2013/09/25 19:48:49 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymDS64.sys
    [2013/09/25 19:48:49 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\Ironx64.sys
    [2013/09/25 19:48:49 | 000,150,104 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\ccSetx64.sys
    [2013/09/25 19:48:49 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\srtspx64.sys
    [2013/09/25 19:48:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64
    [2013/09/25 19:48:24 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NAVx64\1500020.001
    [2013/09/25 19:48:22 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
    [2013/09/25 19:48:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton AntiVirus
    [2013/09/25 19:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
    [2013/09/25 19:48:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
    [2013/09/25 19:48:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
    [2013/09/25 19:27:49 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Adobe
    [2013/09/25 19:27:47 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    [2013/09/25 19:27:47 | 000,000,000 | R--D | C] -- C:\Users\Mark\Searches
    [2013/09/25 19:27:47 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    [2013/09/25 19:27:46 | 000,000,000 | -H-D | C] -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
    [2013/09/25 19:27:38 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Identities
    [2013/09/25 19:27:35 | 000,000,000 | R--D | C] -- C:\Users\Mark\Contacts
    [2013/09/25 19:27:33 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\VirtualStore
    [2013/09/25 19:27:29 | 000,000,000 | --SD | C] -- C:\Users\Mark\AppData\Roaming\Microsoft
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\Videos
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\Saved Games
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\Pictures
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\Music
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\Links
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\Favorites
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\Downloads
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\Documents
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\Desktop
    [2013/09/25 19:27:29 | 000,000,000 | R--D | C] -- C:\Users\Mark\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\Temporary Internet Files
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Templates
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Start Menu
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\SendTo
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Recent
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\PrintHood
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\NetHood
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Documents\My Videos
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Documents\My Pictures
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Documents\My Music
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\My Documents
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Local Settings
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\History
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Cookies
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\Application Data
    [2013/09/25 19:27:29 | 000,000,000 | -HSD | C] -- C:\Users\Mark\AppData\Local\Application Data
    [2013/09/25 19:27:29 | 000,000,000 | -H-D | C] -- C:\Users\Mark\AppData
    [2013/09/25 19:27:29 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Temp
    [2013/09/25 19:27:29 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Local\Microsoft
    [2013/09/25 19:27:29 | 000,000,000 | ---D | C] -- C:\Users\Mark\AppData\Roaming\Media Center Programs
    [2013/09/25 19:26:04 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
    [2013/09/25 19:26:04 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
    [2013/09/25 19:25:43 | 000,000,000 | -HSD | C] -- C:\Recovery
     
    ========== Files - Modified Within 30 Days ==========
     
    [2013/09/26 20:55:22 | 000,743,352 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/09/26 20:55:22 | 000,636,630 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/09/26 20:55:22 | 000,110,746 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/09/26 20:51:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/09/26 20:49:05 | 117,624,831 | -HS- | M] () -- C:\hiberfil.sys
    [2013/09/26 20:41:47 | 000,001,471 | ---- | M] () -- C:\Users\Mark\Desktop\iexplore - Shortcut.lnk
    [2013/09/26 20:14:56 | 000,016,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/09/26 20:14:56 | 000,016,832 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/09/25 22:17:38 | 000,116,385 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
    [2013/09/25 22:17:38 | 000,116,385 | ---- | M] () -- C:\Windows\SysNative\license.rtf
    [2013/09/25 22:15:04 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
    [2013/09/25 21:52:33 | 001,805,715 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\Cat.DB
    [2013/09/25 21:39:54 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/09/25 21:36:45 | 000,001,152 | ---- | M] () -- C:\Users\Mark\Desktop\Downloads - Shortcut.lnk
    [2013/09/25 21:26:20 | 000,275,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/09/25 21:26:10 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
    [2013/09/25 20:58:55 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
    [2013/09/25 20:30:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_wbf_vfs_0018_01_09_00.Wdf
    [2013/09/25 19:51:10 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
    [2013/09/25 19:49:05 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
    [2013/09/25 19:49:05 | 000,008,222 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2013/09/25 19:49:05 | 000,000,854 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2013/09/25 19:48:58 | 000,002,464 | ---- | M] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
    [2013/09/17 10:11:35 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\isolate.ini
    [2013/09/16 17:22:55 | 000,008,192 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\symnet64.cat
    [2013/09/11 16:32:42 | 000,590,424 | R--- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\symnets.sys
    [2013/09/11 14:35:35 | 000,001,440 | R--- | M] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymNet.inf
     
    ========== Files Created - No Company Name ==========
     
    [2013/09/26 20:41:47 | 000,001,471 | ---- | C] () -- C:\Users\Mark\Desktop\iexplore - Shortcut.lnk
    [2013/09/25 22:17:06 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
    [2013/09/25 22:16:53 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
    [2013/09/25 22:15:34 | 001,071,192 | ---- | C] () -- C:\Windows\SysNative\oem60.inf
    [2013/09/25 22:15:04 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
    [2013/09/25 22:12:27 | 117,624,831 | -HS- | C] () -- C:\hiberfil.sys
    [2013/09/25 21:39:52 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
    [2013/09/25 21:39:49 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    [2013/09/25 21:36:45 | 000,001,152 | ---- | C] () -- C:\Users\Mark\Desktop\Downloads - Shortcut.lnk
    [2013/09/25 21:26:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2013/09/25 20:58:54 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\HP Support Assistant.lnk
    [2013/09/25 20:30:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_wbf_vfs_0018_01_09_00.Wdf
    [2013/09/25 19:51:10 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf
    [2013/09/25 19:49:24 | 001,805,715 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\Cat.DB
    [2013/09/25 19:49:12 | 000,000,855 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DE05000.043\ccSetx64.inf
    [2013/09/25 19:49:11 | 000,008,202 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DE05000.043\ccsetx64.cat
    [2013/09/25 19:49:11 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\7DE05000.043\isolate.ini
    [2013/09/25 19:49:05 | 000,008,222 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
    [2013/09/25 19:49:05 | 000,000,854 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
    [2013/09/25 19:48:58 | 000,002,464 | ---- | C] () -- C:\Users\Public\Desktop\Norton AntiVirus.lnk
    [2013/09/25 19:48:39 | 000,003,434 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymEFA.inf
    [2013/09/25 19:48:39 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymDS.inf
    [2013/09/25 19:48:39 | 000,001,440 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymNet.inf
    [2013/09/25 19:48:39 | 000,001,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\srtsp64.inf
    [2013/09/25 19:48:39 | 000,001,420 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\srtspx64.inf
    [2013/09/25 19:48:39 | 000,001,098 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\symELAM.inf
    [2013/09/25 19:48:39 | 000,000,855 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\ccSetx64.inf
    [2013/09/25 19:48:39 | 000,000,767 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\Iron.inf
    [2013/09/25 19:48:24 | 000,014,818 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymVTcer.dat
    [2013/09/25 19:48:24 | 000,009,939 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymELAM64.cat
    [2013/09/25 19:48:24 | 000,008,202 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\ccSetx64.cat
    [2013/09/25 19:48:24 | 000,008,196 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\srtspx64.cat
    [2013/09/25 19:48:24 | 000,008,194 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymEFA64.cat
    [2013/09/25 19:48:24 | 000,008,192 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\symnet64.cat
    [2013/09/25 19:48:24 | 000,008,192 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\srtsp64.cat
    [2013/09/25 19:48:24 | 000,008,188 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\SymDS64.cat
    [2013/09/25 19:48:24 | 000,008,184 | R--- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\iron.cat
    [2013/09/25 19:48:24 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NAVx64\1500020.001\isolate.ini
    [2013/09/25 19:27:29 | 000,000,290 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
    [2013/09/25 19:27:29 | 000,000,272 | ---- | C] () -- C:\Users\Mark\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
     
    ========== ZeroAccess Check ==========
     
    [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
     
    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
     
    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free
     
    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both
     
    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    < End of report >









    OTL Extras logfile created on: 9/26/2013 8:55:31 PM - Run 1
    OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Mark\Downloads
    64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16686)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
     
    5.48 Gb Total Physical Memory | 3.75 Gb Available Physical Memory | 68.41% Memory free
    10.96 Gb Paging File | 9.21 Gb Available in Paging File | 84.04% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]
     
    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 465.66 Gb Total Space | 433.89 Gb Free Space | 93.18% Space Free | Partition Type: NTFS
     
    Computer Name: MARK-PC | User Name: Mark | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
     
    ========== Extra Registry (SafeList) ==========
     
     
    ========== File Associations ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
     
    [HKEY_USERS\S-1-5-21-3830043719-1258483771-1183304982-1000\SOFTWARE\Classes\<extension>]
    .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
     
    ========== Shell Spawning ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    htmlfile [edit] -- Reg Error: Key error.
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
     
    ========== Security Center Settings ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
     
    ========== Firewall Settings ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0
     
    ========== Authorized Applications List ==========
     
     
    ========== Vista Active Open Ports Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
     
    ========== Vista Active Application Exception List ==========
     
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "TCP Query User{825B36DD-71FB-43F7-A422-95C0BE4915B0}C:\program files (x86)\hp\common\hpdevicedetection3.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hp\common\hpdevicedetection3.exe |
    "UDP Query User{D9524110-E5E6-4F64-9116-06C6A8834790}C:\program files (x86)\hp\common\hpdevicedetection3.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hp\common\hpdevicedetection3.exe |
     
    ========== HKEY_LOCAL_MACHINE Uninstall List ==========
     
    64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{79174AF2-6CB1-42F5-981E-66DCA49391D0}" = Validity WBF DDK
    "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "SynTPDeinstKey" = Synaptics Pointing Device Driver
     
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
    "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
    "{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
    "{8A9FC225-75F6-4B5D-911C-0ED230565643}" = HP Product Detection
    "{9945F35E-85EF-4759-A95C-2E10AA34EA58}" = ESU for Microsoft Windows 7 SP1
    "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
    "KeyTweak" = KeyTweak - Keyboard Remapper (remove only)
    "Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "NAV" = Norton AntiVirus
    "NST" = Norton Identity Safe
    "WinRAR archiver" = WinRAR 5.00 (32-bit)
     
    ========== Last 20 Event Log Errors ==========
     
    [ Application Events ]
    Error - 9/25/2013 9:27:45 PM | Computer Name = Mark-PC | Source = WinMgmt | ID = 10
    Description =
     
    Error - 9/25/2013 9:56:24 PM | Computer Name = Mark-PC | Source = WinMgmt | ID = 10
    Description =
     
    Error - 9/25/2013 10:10:44 PM | Computer Name = Mark-PC | Source = WinMgmt | ID = 10
    Description =
     
    Error - 9/25/2013 10:58:34 PM | Computer Name = Mark-PC | Source = WinMgmt | ID = 10
    Description =
     
    Error - 9/26/2013 6:22:08 PM | Computer Name = Mark-PC | Source = WinMgmt | ID = 10
    Description =
     
    Error - 9/26/2013 6:28:59 PM | Computer Name = Mark-PC | Source = WinMgmt | ID = 10
    Description =
     
    Error - 9/26/2013 8:30:32 PM | Computer Name = Mark-PC | Source = WinMgmt | ID = 10
    Description =
     
    Error - 9/26/2013 8:38:58 PM | Computer Name = Mark-PC | Source = WinMgmt | ID = 10
    Description =
     
    Error - 9/26/2013 8:47:41 PM | Computer Name = Mark-PC | Source = WinMgmt | ID = 10
    Description =
     
    Error - 9/26/2013 8:50:50 PM | Computer Name = Mark-PC | Source = WinMgmt | ID = 10
    Description =
     
    [ System Events ]
    Error - 9/25/2013 9:06:07 PM | Computer Name = Mark-PC | Source = Service Control Manager | ID = 7032
    Description = The Service Control Manager tried to take a corrective action (Restart
     the service) after the unexpected termination of the Windows Modules Installer
    service, but this action failed with the following error:   %%1056
     
    Error - 9/25/2013 9:24:36 PM | Computer Name = Mark-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
    Description = Installation Failure: Windows failed to install the following update
     with error 0x800706be: Cumulative Security Update for Internet Explorer 10 for
    Windows 7 Service Pack 1 for x64-based Systems (KB2870699).
     
    Error - 9/25/2013 9:31:04 PM | Computer Name = Mark-PC | Source = DCOM | ID = 10010
    Description =
     
    Error - 9/26/2013 8:46:13 PM | Computer Name = Mark-PC | Source = EventLog | ID = 6008
    Description = The previous system shutdown at 8:45:10 PM on ?9/?26/?2013 was unexpected.
     
    Error - 9/26/2013 8:46:21 PM | Computer Name = Mark-PC | Source = Service Control Manager | ID = 7026
    Description = The following boot-start or system-start driver(s) failed to load:
       BHDrvx64  ccSet_NAV  ccSet_NST  discache  eeCtrl  IDSVia64  spldr  SRTSPX  SymIRON  SymNetS  Wanarpv6
     
    Error - 9/26/2013 8:46:32 PM | Computer Name = Mark-PC | Source = DCOM | ID = 10005
    Description =
     
    Error - 9/26/2013 8:46:38 PM | Computer Name = Mark-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
    Description = WLAN Extensibility Module has failed to start.    Module Path: C:\Windows\System32\bcmihvsrv64.dll
    Error
     Code: 21 
     
    Error - 9/26/2013 8:46:40 PM | Computer Name = Mark-PC | Source = DCOM | ID = 10005
    Description =
     
    Error - 9/26/2013 8:46:42 PM | Computer Name = Mark-PC | Source = DCOM | ID = 10005
    Description =
     
    Error - 9/26/2013 8:46:43 PM | Computer Name = Mark-PC | Source = DCOM | ID = 10005
    Description =
     
     
    < End of report >



    #15 gunboundph1

    gunboundph1
    • Topic Starter

    • Members
    • 16 posts
    • OFFLINE
    •  
    • Local time:07:58 PM

    Posted 26 September 2013 - 08:36 PM

    i think i found the problem my laptop keyboard is broken

    i turned on my filter keys and disable repeated strokes and the problem stopped and when filter keys are on it makes a sound when keys are pressed and i keep hearing that right now when im not even touching the keyboard

     

    im using on-screen keyboard to type this


    Edited by gunboundph1, 26 September 2013 - 08:37 PM.





    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users