Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan generating multiple iexplore.exe


  • This topic is locked This topic is locked
10 replies to this topic

#1 TFrieday

TFrieday

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:04 PM

Posted 17 November 2014 - 09:24 PM

Windows 7 64-bit

 

I have a nasty virus or something that is generating iexplore.exe files taking up all kinds of memory.

I put a temporary bandaid on it by editing the registry so iexplore.exe could not run.

My internet works, but my network center says I have no network connection, so i cant use my printer or use my homegroup.

Just ran a scan with AVG and had 90 threats found and removed, but nothing seems fixed.

 

Please help me get through this.



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 18 November 2014 - 07:44 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

  • Important: To help me reviewing your logs, please post them in code boxes. You can create them by clicking on the <>-symbol on top of the reply window.

 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
  
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please attach this file to your next reply.
 


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 TFrieday

TFrieday
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:04 PM

Posted 18 November 2014 - 04:18 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-11-2014
Ran by Tim (administrator) on TIM-PC on 18-11-2014 16:13:46
Running from C:\Users\Tim\Downloads
Loaded Profile: Tim (Available profiles: Tim & Mcx1-TIM-PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(National Instruments, Inc.) C:\Windows\SysWOW64\lkcitdl.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lkads.exe
(National Instruments Corporation) C:\Windows\SysWOW64\lktsrv.exe
( ) C:\Windows\System32\lxeacoms.exe
(National Instruments Corporation) C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
(National Instruments Corporation) C:\Windows\SysWOW64\nisvcloc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
(MicroStudio) C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
(MicroTools) C:\Program Files (x86)\YouTube Downloader Services\P2\youtubeserv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
() C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [lxeamon.exe] => C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe [770728 2011-01-23] ()
HKLM\...\Run: [EzPrint] => C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe [148280 2011-01-23] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-999253832-2327500951-877020514-1001\...\Run: [.tluafed** <*>] => C:\Users\Tim\Application Data\{0000271D-77F2-7502-9931-3ECC6E562457}.ex <===== ATTENTION (Value Name with invalid characters)
HKU\S-1-5-21-999253832-2327500951-877020514-1001\...\Run: [{53093771-cbca-4a34-cd70-aafa07e3cec7}] => "C:\Users\Tim\AppData\Local\{53093771-cbca-4a34-cd70-aafa07e3cec7}\{53093771-cbca-4a34-cd70-aafa07e3cec7}.exe"
HKU\S-1-5-21-999253832-2327500951-877020514-1001\...\Run: [SogaCoyv] => regsvr32.exe "C:\ProgramData\SogaCoyv\SogaCoyv.dat"
HKU\S-1-5-21-999253832-2327500951-877020514-1001\...\Run: [CewzAlyo] => regsvr32.exe "C:\ProgramData\CewzAlyo\CewzAlyo.dat"
HKU\S-1-5-21-999253832-2327500951-877020514-1001\...\Policies\Explorer\DisallowRun: [1] iexplore.exe
HKU\S-1-5-21-999253832-2327500951-877020514-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-999253832-2327500951-877020514-1001\...A8F59079A8D5}\localserver32:  <==== ATTENTION!
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-06-15] (Microsoft Corporation)
AppInit_DLLs: C:\Users\Tim\AppData\Local\Linkey\IEEXTE~1\ietlb64.dll => C:\Users\Tim\AppData\Local\Linkey\IEExtension\ietlb64.dll [148496 2014-10-22] ()
AppInit_DLLs-x32: C:\Users\Tim\AppData\Local\Linkey\IEEXTE~1\ietlb.dll => C:\Users\Tim\AppData\Local\Linkey\IEExtension\ietlb.dll [129040 2014-10-22] ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-999253832-2327500951-877020514-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.default-search.net?sid=498&aid=160&itype=n&ver=14440&tm=532&src=hmp
HKU\S-1-5-21-999253832-2327500951-877020514-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-999253832-2327500951-877020514-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x94685BACDE5FCE01
HKU\S-1-5-21-999253832-2327500951-877020514-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = http://www.default-search.net/search?sid=498&aid=160&itype=n&ver=14440&tm=532&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = http://www.default-search.net/search?sid=498&aid=160&itype=n&ver=14440&tm=532&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-999253832-2327500951-877020514-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={F65898FE-153F-4DD6-987F-982373D39538}&mid=bd21900a779a47d2900ad1544fcc1ef6-cc240f9136b5f9d7bcee659fb424c93738d6968a&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 19:50:06&v=4.0.0.19&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-999253832-2327500951-877020514-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2498} URL = http://www.default-search.net/search?sid=498&aid=160&itype=n&ver=14440&tm=532&src=ds&p={searchTerms}
BHO: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\Tim\AppData\Local\Linkey\IEExtension\iedll64.dll (Aztec Media Inc)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Linkey -> {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} -> C:\Users\Tim\AppData\Local\Linkey\IEExtension\iedll.dll (Aztec Media Inc)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\xdjoqdtj.default
FF DefaultSearchEngine: default-search.net
FF SelectedSearchEngine: default-search.net
FF Homepage: hxxp://www.default-search.net?sid=498&aid=160&itype=n&ver=14440&tm=532&src=hmp
FF SearchEngineOrder.1: default-search.net
FF Keyword.URL: hxxp://www.default-search.net/search?sid=498&aid=160&itype=n&ver=14440&tm=532&src=ds&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.10\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-999253832-2327500951-877020514-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\xdjoqdtj.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv86win32.dll (National Instruments)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nplv90win32.dll (National Instruments)
FF SearchPlugin: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\xdjoqdtj.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\xdjoqdtj.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF Extension: AVG Web TuneUp - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\xdjoqdtj.default\Extensions\avg@toolbar [2014-11-06]
FF Extension: Linkey for Firefox - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\xdjoqdtj.default\Extensions\extension@linkeyproject.com [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-06-02]

Chrome: 
=======
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-06-02]
CHR Extension: (Google Drive) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-06-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-08]
CHR Extension: (YouTube) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-02]
CHR Extension: (Google Search) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-02]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-06-03]
CHR Extension: (Gmail) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-02]
CHR HKLM-x32\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\Tim\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [2014-11-14]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)
R2 LkCitadelServer; C:\Windows\SysWOW64\lkcitdl.exe [695136 2009-09-29] (National Instruments, Inc.)
R2 lkClassAds; C:\Windows\SysWOW64\lkads.exe [43056 2010-03-10] (National Instruments Corporation)
R2 lkTimeSync; C:\Windows\SysWOW64\lktsrv.exe [53808 2010-03-10] (National Instruments Corporation)
S2 lxeaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe [45736 2010-04-14] (Lexmark International, Inc.)
R2 lxea_device; C:\Windows\system32\lxeacoms.exe [1052328 2010-04-14] ( )
R2 lxea_device; C:\Windows\SysWOW64\lxeacoms.exe [598696 2010-04-14] ( )
R2 NIDomainService; C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe [358448 2010-03-10] (National Instruments Corporation)
S4 NILM License Manager; C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe [1007616 2010-05-17] (Macrovision Corporation) [File not signed]
R2 niSvcLoc; C:\Windows\SysWOW64\nisvcloc.exe [13896 2009-10-20] (National Instruments Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)
S3 odserv; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [440696 2011-07-20] () [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2010-11-20] () [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-03] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-21] ()
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2014-02-08] (SolidWorks) [File not signed]
R2 vToolbarUpdater18.1.10; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [1849368 2014-11-06] (AVG Secure Search)
R2 WindowsVNT_R3; C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe [2973600 2014-10-20] (MicroStudio) [File not signed]
R2 YouTubeDownload_P2; C:\Program Files (x86)\YouTube Downloader Services\P2\youtubeserv.exe [2967160 2014-11-01] (MicroTools)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-11-06] (AVG Technologies)
S3 LazerUsb; C:\Windows\System32\DRIVERS\LazerUsb.sys [5736448 2007-10-16] (Lumanate Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 VST64HWBS2; C:\Windows\System32\DRIVERS\VSTBS26.SYS [411136 2009-06-10] (Conexant Systems, Inc.)
R3 VST64_DPV; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Conexant Systems, Inc.)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-18 16:13 - 2014-11-18 16:14 - 00021044 _____ () C:\Users\Tim\Downloads\FRST.txt
2014-11-18 16:13 - 2014-11-18 16:13 - 00000000 ____D () C:\FRST
2014-11-18 16:12 - 2014-11-18 16:12 - 02117120 _____ (Farbar) C:\Users\Tim\Downloads\FRST64.exe
2014-11-17 21:08 - 2014-11-17 21:08 - 00691220 _____ () C:\ProgramData\SPLBC8D.tmp
2014-11-17 18:57 - 2014-11-17 18:57 - 00013349 _____ () C:\Users\Tim\Downloads\[kickass.so]homeland.s04e08.hdtv.x264.killers.mp4.torrent
2014-11-17 16:24 - 2014-11-17 16:24 - 00121080 _____ () C:\Users\Tim\Desktop\reg.reg
2014-11-16 20:31 - 2014-11-16 20:32 - 06650944 _____ () C:\Users\Tim\Downloads\Lexmark_S300-S400_Series_H011712_00_FWUpdate.exe
2014-11-16 20:26 - 2014-11-17 21:24 - 00000000 ____D () C:\ProgramData\Lx_cats
2014-11-16 20:26 - 2014-11-16 20:26 - 00000252 _____ () C:\ProgramData\FastPics.log
2014-11-16 20:26 - 2014-11-16 20:26 - 00000000 ____D () C:\ProgramData\Ezprint
2014-11-16 20:20 - 2009-02-20 03:48 - 00381440 _____ () C:\Windows\system32\lxeasm.dll
2014-11-16 20:20 - 2009-02-20 03:48 - 00299008 _____ () C:\Windows\SysWOW64\lxeasm.dll
2014-11-16 20:20 - 2009-02-20 03:48 - 00023552 _____ () C:\Windows\SysWOW64\lxeasmr.dll
2014-11-16 20:20 - 2009-02-20 03:48 - 00023552 _____ () C:\Windows\system32\lxeasmr.dll
2014-11-16 20:19 - 2014-11-18 16:10 - 00004598 _____ () C:\ProgramData\lxeascan.log
2014-11-16 20:19 - 2010-04-14 15:45 - 00295592 _____ (Lexmark International, Inc.) C:\Windows\system32\LXEAwupd.exe
2014-11-16 20:19 - 2010-04-13 14:41 - 00836608 _____ ( ) C:\Windows\system32\lxeacoin.dll
2014-11-16 20:19 - 2010-02-22 05:09 - 00510464 _____ (Lexmark International, Inc.) C:\Windows\system32\LXEAwupd.dll
2014-11-16 20:19 - 2009-11-26 03:45 - 00008694 _____ () C:\Windows\system32\lxeacommuilogo_rtl.bmp
2014-11-16 20:19 - 2009-11-26 03:45 - 00008694 _____ () C:\Windows\system32\lxeacommuilogo.bmp
2014-11-16 20:19 - 2009-11-09 03:06 - 00065536 _____ () C:\Windows\system32\lxeagcfg.dll
2014-11-16 20:19 - 2009-10-21 05:06 - 00399360 _____ () C:\Windows\system32\lxeacui.dll
2014-11-16 20:19 - 2009-10-21 05:06 - 00148480 _____ () C:\Windows\system32\lxeacuir.dll
2014-11-16 20:19 - 2009-01-20 04:32 - 00065106 _____ () C:\Windows\system32\lxeaprpr.chm
2014-11-16 20:19 - 2008-04-30 01:32 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lxk_g.dll
2014-11-16 20:19 - 2008-04-30 01:32 - 00983121 _____ (Microsoft Corporation) C:\Windows\system32\lxk_gf.dll
2014-11-16 20:19 - 2008-03-04 21:55 - 00109056 _____ () C:\Windows\system32\lxeavs.dll
2014-11-16 20:18 - 2014-11-16 20:19 - 00000000 ____D () C:\Program Files\Lexmark
2014-11-16 20:18 - 2014-11-16 20:18 - 00002001 _____ () C:\Users\Public\Desktop\Launch Lexmark Printer Home.LNK
2014-11-16 20:18 - 2014-11-16 20:18 - 00000000 ____D () C:\Program Files (x86)\Lexmark Toolbar
2014-11-16 20:17 - 2014-11-16 20:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark
2014-11-16 20:17 - 2010-04-14 15:45 - 00598696 _____ ( ) C:\Windows\SysWOW64\lxeacoms.exe
2014-11-16 20:17 - 2010-04-14 15:45 - 00373416 _____ ( ) C:\Windows\SysWOW64\lxeacfg.exe
2014-11-16 20:17 - 2010-04-14 15:45 - 00324264 _____ ( ) C:\Windows\SysWOW64\lxeaih.exe
2014-11-16 20:17 - 2010-04-14 13:33 - 00002106 _____ () C:\Windows\SysWOW64\lxea.loc
2014-11-16 20:17 - 2010-03-09 03:58 - 00344064 _____ () C:\Windows\SysWOW64\lxeacomx.dll
2014-11-16 20:17 - 2009-12-09 14:47 - 00643072 _____ ( ) C:\Windows\SysWOW64\lxeapmui.dll
2014-11-16 20:17 - 2009-12-09 14:43 - 01048576 _____ ( ) C:\Windows\SysWOW64\lxeaserv.dll
2014-11-16 20:17 - 2009-12-09 14:41 - 00688128 _____ ( ) C:\Windows\SysWOW64\lxeahbn3.dll
2014-11-16 20:17 - 2009-12-09 14:40 - 00847872 _____ ( ) C:\Windows\SysWOW64\lxeausb1.dll
2014-11-16 20:17 - 2009-12-09 14:36 - 00577536 _____ ( ) C:\Windows\SysWOW64\lxealmpm.dll
2014-11-16 20:17 - 2009-12-09 14:36 - 00372736 _____ ( ) C:\Windows\SysWOW64\lxeacomm.dll
2014-11-16 20:17 - 2009-12-09 14:35 - 00802816 _____ ( ) C:\Windows\SysWOW64\lxeacomc.dll
2014-11-16 20:17 - 2009-12-09 14:35 - 00364544 _____ ( ) C:\Windows\SysWOW64\lxeainpa.dll
2014-11-16 20:17 - 2009-12-09 14:35 - 00344064 _____ ( ) C:\Windows\SysWOW64\lxeaiesc.dll
2014-11-16 20:17 - 2009-12-09 14:34 - 00331776 _____ () C:\Windows\SysWOW64\LXEAinst.dll
2014-11-16 20:17 - 2009-11-26 03:52 - 00086186 _____ (Lexmark International) C:\Windows\SysWOW64\LXEAcfg.dll
2014-11-16 20:17 - 2009-11-09 03:06 - 00262144 _____ () C:\Windows\SysWOW64\lxeainsb.dll
2014-11-16 20:17 - 2009-11-09 03:06 - 00253952 _____ () C:\Windows\SysWOW64\lxeacu.dll
2014-11-16 20:17 - 2009-11-09 03:06 - 00106496 _____ () C:\Windows\SysWOW64\lxeainsr.dll
2014-11-16 20:17 - 2009-11-09 03:06 - 00090112 _____ () C:\Windows\SysWOW64\lxeacub.dll
2014-11-16 20:17 - 2009-11-09 03:06 - 00057344 _____ () C:\Windows\SysWOW64\lxeajswr.dll
2014-11-16 20:17 - 2009-11-09 03:06 - 00036864 _____ () C:\Windows\SysWOW64\lxeacur.dll
2014-11-16 20:17 - 2009-11-09 03:05 - 00323584 _____ () C:\Windows\SysWOW64\lxeains.dll
2014-11-16 20:17 - 2006-12-06 22:28 - 00126976 _____ (Lexmark International Inc.) C:\Windows\SysWOW64\lxealnks.dll
2014-11-16 20:16 - 2014-11-16 20:23 - 00213090 _____ () C:\Windows\system32\LexFiles.ulf
2014-11-16 20:16 - 2014-11-16 20:22 - 00000000 ____D () C:\Program Files\Lexmark S300-S400 Series
2014-11-16 20:16 - 2014-11-16 20:19 - 00000000 ____D () C:\Program Files (x86)\Lexmark S300-S400 Series
2014-11-16 20:16 - 2010-04-14 15:45 - 01052328 _____ ( ) C:\Windows\system32\lxeacoms.exe
2014-11-16 20:16 - 2010-04-14 15:45 - 00612008 _____ ( ) C:\Windows\system32\lxeacfg.exe
2014-11-16 20:16 - 2010-04-14 15:45 - 00520872 _____ ( ) C:\Windows\system32\lxeaih.exe
2014-11-16 20:16 - 2010-04-14 13:33 - 00002106 _____ () C:\Windows\system32\lxea.loc
2014-11-16 20:16 - 2009-12-09 15:32 - 00979968 _____ ( ) C:\Windows\system32\lxeapmui.dll
2014-11-16 20:16 - 2009-12-09 15:28 - 01631744 _____ ( ) C:\Windows\system32\lxeaserv.dll
2014-11-16 20:16 - 2009-12-09 15:27 - 01104384 _____ ( ) C:\Windows\system32\lxeahbn3.dll
2014-11-16 20:16 - 2009-12-09 15:26 - 01331712 _____ ( ) C:\Windows\system32\lxeausb1.dll
2014-11-16 20:16 - 2009-12-09 15:25 - 00547840 _____ ( ) C:\Windows\system32\LXEAhcp.dll
2014-11-16 20:16 - 2009-12-09 15:24 - 01371648 _____ ( ) C:\Windows\system32\lxeacomc.dll
2014-11-16 20:16 - 2009-12-09 15:24 - 00892416 _____ ( ) C:\Windows\system32\lxealmpm.dll
2014-11-16 20:16 - 2009-12-09 15:24 - 00579584 _____ ( ) C:\Windows\system32\lxeacomm.dll
2014-11-16 20:16 - 2009-12-09 15:23 - 00557568 _____ ( ) C:\Windows\system32\lxeainpa.dll
2014-11-16 20:16 - 2009-12-09 15:23 - 00515584 _____ ( ) C:\Windows\system32\lxeaiesc.dll
2014-11-16 20:16 - 2009-12-09 15:23 - 00495616 _____ () C:\Windows\system32\LXEAinst.dll
2014-11-16 20:16 - 2009-11-26 03:57 - 00075264 _____ (Lexmark International) C:\Windows\system32\LXEAcfg.dll
2014-11-16 20:16 - 2009-11-09 03:36 - 00245248 _____ () C:\Windows\system32\lxeainsb.dll
2014-11-16 20:16 - 2009-11-09 03:36 - 00090624 _____ () C:\Windows\system32\lxeainsr.dll
2014-11-16 20:16 - 2009-11-09 03:36 - 00073216 _____ () C:\Windows\system32\lxeacub.dll
2014-11-16 20:16 - 2009-11-09 03:36 - 00040448 _____ () C:\Windows\system32\lxeajswr.dll
2014-11-16 20:16 - 2009-11-09 03:36 - 00022016 _____ () C:\Windows\system32\lxeacur.dll
2014-11-16 20:16 - 2009-11-09 03:35 - 00450048 _____ () C:\Windows\system32\lxeains.dll
2014-11-16 20:16 - 2009-11-09 03:35 - 00378368 _____ () C:\Windows\system32\lxeacu.dll
2014-11-16 20:16 - 2009-11-09 03:35 - 00298496 _____ () C:\Windows\system32\lxeagrd.dll
2014-11-16 20:13 - 2014-11-16 20:13 - 00000000 ____D () C:\Lexmark
2014-11-16 20:05 - 2014-11-16 20:13 - 78368368 _____ () C:\Users\Tim\Downloads\LEXMARK_S300_wcr_64_en.exe
2014-11-14 23:25 - 2014-11-14 23:25 - 00000000 ____D () C:\ProgramData\Windows VXM
2014-11-14 23:25 - 2014-11-14 23:25 - 00000000 ____D () C:\Program Files (x86)\Windows Network Accelerater
2014-11-14 23:24 - 2014-11-17 16:25 - 00000000 ____D () C:\ProgramData\Optimizer
2014-11-14 23:24 - 2014-11-14 23:24 - 00001272 _____ () C:\Users\Public\Desktop\Solid YouTube Downloader and Converter.lnk
2014-11-14 23:24 - 2014-11-14 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Solid YouTube Downloader and Converter
2014-11-14 23:24 - 2014-11-14 23:24 - 00000000 ____D () C:\Program Files (x86)\YouTube Downloader Services
2014-11-14 23:23 - 2014-11-14 23:24 - 00000000 ____D () C:\Program Files (x86)\Solid YouTube Downloader and Converter
2014-11-14 23:23 - 2014-11-14 23:23 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\youtube-downloader-and-converter
2014-11-14 23:23 - 2014-11-14 23:23 - 00000000 ____D () C:\Users\Tim\AppData\Local\Linkey
2014-11-14 23:21 - 2014-11-14 23:21 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\FirefoxToolbar
2014-11-14 23:21 - 2014-11-14 23:21 - 00000000 ____D () C:\ProgramData\smdmf
2014-11-14 23:21 - 2014-11-14 23:21 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-11-14 23:19 - 2014-11-14 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Mouse Auto Clicker
2014-11-14 23:19 - 2014-11-14 23:19 - 00000000 ____D () C:\Program Files (x86)\Free Mouse Auto Clicker
2014-11-14 23:18 - 2014-11-14 23:18 - 00537084 _____ (Advanced Mouse Auto Clicker ltd. ) C:\Users\Tim\Downloads\FreeMouseAutoClickerSetup.exe
2014-11-10 20:56 - 2014-09-13 15:13 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-10 20:36 - 2014-11-03 19:04 - 17259848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\SET2688.tmp
2014-11-10 20:07 - 2014-11-10 20:07 - 00245208 _____ () C:\Users\Tim\Desktop\MGlogs.zip
2014-11-10 19:48 - 2014-11-10 20:07 - 00245208 _____ () C:\MGlogs.zip
2014-11-10 19:42 - 2014-11-10 20:07 - 00000000 ____D () C:\MGtools
2014-11-10 19:42 - 2014-11-10 19:42 - 01990615 _____ () C:\Users\Tim\Downloads\MGtools.exe
2014-11-10 19:23 - 2014-11-10 19:23 - 00044607 _____ () C:\Users\Tim\Downloads\bootkit_remover.zip
2014-11-10 18:58 - 2014-11-17 20:13 - 00000000 ____D () C:\ProgramData\GolhOnit
2014-11-10 18:58 - 2014-11-17 20:13 - 00000000 ____D () C:\ProgramData\DomnuFmica
2014-11-10 18:09 - 2014-11-10 18:09 - 00014109 _____ () C:\Users\Tim\Downloads\[kickass.to]homeland.s04e07.hdtv.x264.killers.mp4 (2).torrent
2014-11-10 18:04 - 2014-11-10 18:04 - 00014109 _____ () C:\Users\Tim\Downloads\[kickass.to]homeland.s04e07.hdtv.x264.killers.mp4 (1).torrent
2014-11-10 18:01 - 2014-11-10 18:01 - 00014109 _____ () C:\Users\Tim\Downloads\[kickass.to]homeland.s04e07.hdtv.x264.killers.mp4.torrent
2014-11-09 12:06 - 2014-11-09 12:06 - 00008518 _____ () C:\Users\Tim\AppData\Roaming\DECRYPT_INSTRUCTION.HTML
2014-11-09 12:06 - 2014-11-09 12:06 - 00008518 _____ () C:\Users\Tim\AppData\DECRYPT_INSTRUCTION.HTML
2014-11-09 12:06 - 2014-11-09 12:06 - 00004200 _____ () C:\Users\Tim\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-11-09 12:06 - 2014-11-09 12:06 - 00004200 _____ () C:\Users\Tim\AppData\DECRYPT_INSTRUCTION.TXT
2014-11-09 12:06 - 2014-11-09 12:06 - 00000274 _____ () C:\Users\Tim\AppData\Roaming\DECRYPT_INSTRUCTION.URL
2014-11-09 12:06 - 2014-11-09 12:06 - 00000274 _____ () C:\Users\Tim\AppData\DECRYPT_INSTRUCTION.URL
2014-11-09 11:58 - 2014-11-09 11:58 - 00008518 _____ () C:\Users\Tim\AppData\Local\DECRYPT_INSTRUCTION.HTML
2014-11-09 11:58 - 2014-11-09 11:58 - 00004200 _____ () C:\Users\Tim\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-11-09 11:58 - 2014-11-09 11:58 - 00000274 _____ () C:\Users\Tim\AppData\Local\DECRYPT_INSTRUCTION.URL
2014-11-09 11:41 - 2014-10-29 23:53 - 20922696 _____ (NVIDIA Corporation) C:\Windows\system32\SET3920.tmp
2014-11-09 09:04 - 2014-11-09 09:04 - 00000000 ____D () C:\temp
2014-11-09 08:40 - 2014-10-29 23:53 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434460.dll
2014-11-09 08:40 - 2014-10-29 23:53 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434460.dll
2014-11-09 01:45 - 2014-11-10 20:11 - 00000424 _____ () C:\ProgramData\@system.temp
2014-11-09 01:45 - 2014-11-10 20:11 - 00000160 ____H () C:\ProgramData\@system3.att
2014-11-09 01:45 - 2014-11-09 01:45 - 00000448 ____H () C:\Users\Tim\AppData\Roaming\麽鎒駓覜
2014-11-09 01:43 - 2014-11-17 20:13 - 00000000 ____D () C:\ProgramData\EipikNogow
2014-11-09 01:43 - 2014-11-17 20:13 - 00000000 ____D () C:\ProgramData\CewzAlyo
2014-11-09 01:43 - 2014-11-09 01:43 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\FrameworkUpdate7
2014-11-08 20:58 - 2014-11-08 20:58 - 09490432 _____ () C:\Users\Tim\Downloads\Heat+Exchanger+Design.ppt
2014-11-08 20:53 - 2014-11-08 20:54 - 13263582 _____ () C:\Users\Tim\Downloads\Chapter+8+PPT.pptx
2014-11-08 20:51 - 2014-11-08 20:51 - 05470428 _____ () C:\Users\Tim\Downloads\TFS+II+Chapter+7.pptx
2014-11-08 20:50 - 2014-11-08 20:51 - 01460359 _____ () C:\Users\Tim\Downloads\TFS+II+Chapter+6.pptx
2014-11-08 09:59 - 2014-11-08 09:59 - 00687195 _____ () C:\Users\Tim\Downloads\XPerl-r879.zip
2014-11-08 09:59 - 2014-11-08 09:59 - 00687195 _____ () C:\Users\Tim\Downloads\XPerl-r879 (1).zip
2014-11-08 09:50 - 2014-11-17 20:13 - 00000000 ____D () C:\ProgramData\VahoRikic
2014-11-08 09:50 - 2014-11-17 20:13 - 00000000 ____D () C:\ProgramData\BacvUkpux
2014-11-08 08:05 - 2014-11-17 20:18 - 00000000 ____D () C:\Users\Tim\AppData\Local\YXDPack
2014-11-08 08:00 - 2014-11-17 20:18 - 00000000 ____D () C:\Users\Tim\AppData\Local\Udmedia
2014-11-08 07:59 - 2014-11-17 20:13 - 00000000 ____D () C:\ProgramData\PesbErux
2014-11-08 07:58 - 2014-11-17 20:13 - 00000000 ____D () C:\ProgramData\SogaCoyv
2014-11-08 07:58 - 2014-11-10 18:58 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-11-08 06:51 - 2014-11-14 12:40 - 00000000 ____D () C:\Users\Tim\AppData\Local\{53093771-cbca-4a34-cd70-aafa07e3cec7}
2014-11-07 20:38 - 2014-11-07 20:38 - 00286360 _____ () C:\Windows\Minidump\110714-24804-01.dmp
2014-11-06 22:00 - 2014-11-06 22:00 - 00291904 _____ () C:\Windows\Minidump\110614-28626-01.dmp
2014-11-06 19:50 - 2014-11-08 00:39 - 00000000 ____D () C:\Users\Tim\AppData\Local\AVG Web TuneUp
2014-11-06 19:50 - 2014-11-07 20:42 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-11-06 19:49 - 2014-11-06 19:50 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-11-06 19:49 - 2014-11-06 19:49 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-11-06 19:49 - 2014-11-06 19:49 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-11-06 19:49 - 2014-11-06 19:48 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-11-05 06:08 - 2014-11-05 06:08 - 00286360 _____ () C:\Windows\Minidump\110514-23946-01.dmp
2014-11-04 22:31 - 2014-11-04 22:31 - 00291856 _____ () C:\Windows\Minidump\110414-23743-01.dmp
2014-11-04 21:01 - 2014-11-04 21:01 - 00710690 _____ () C:\Users\Tim\Downloads\Advanced (1).zip
2014-11-04 20:59 - 2014-11-04 21:00 - 00686531 _____ () C:\Users\Tim\Downloads\XPerl-r860 (1).zip
2014-11-04 19:29 - 2014-11-04 19:29 - 00291856 _____ () C:\Windows\Minidump\110414-54101-01.dmp
2014-11-03 20:08 - 2014-11-03 20:08 - 00028476 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e10.appalachian.trail.hdtv.x264.fum.ettv.torrent
2014-11-03 20:08 - 2014-11-03 20:08 - 00027556 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e09.weekend.race.cars.hdtv.x264.fum.ettv.torrent
2014-11-03 20:07 - 2014-11-03 20:07 - 00035581 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e06.cool.cars.for.grownups.hdtv.xvid.afg.torrent
2014-11-03 20:07 - 2014-11-03 20:07 - 00026690 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e08.need.for.speed.hdtv.x264.fum.ettv.torrent
2014-11-03 20:07 - 2014-11-03 20:07 - 00025554 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e07.what.can.it.take.hdtv.x264.fum.ettv.torrent
2014-11-03 20:06 - 2014-11-03 20:07 - 00039529 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e05.off.road.big.rigs.hdtv.x264.fum.ettv.torrent
2014-11-03 20:06 - 2014-11-03 20:06 - 00032316 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e03.80s.power.hdtv.x264.fum.ettv (1).torrent
2014-11-03 20:06 - 2014-11-03 20:06 - 00029136 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e04.snow.show.hdtv.x264.fum.ettv.torrent
2014-11-03 20:05 - 2014-11-03 20:05 - 00040473 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e02.desert.trailblazers.hdtv.x264.fum.ettv (1).torrent
2014-11-03 18:27 - 2014-11-03 18:27 - 00032316 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e03.80s.power.hdtv.x264.fum.ettv.torrent
2014-11-03 18:26 - 2014-11-03 18:26 - 00040473 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e02.desert.trailblazers.hdtv.x264.fum.ettv.torrent
2014-11-03 18:22 - 2014-11-03 18:22 - 00029005 _____ () C:\Users\Tim\Downloads\[kickass.to]homeland.s04e06.hdtv.x264.killers.ettv.torrent
2014-11-02 14:29 - 2014-10-16 11:54 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434448.dll
2014-11-02 14:29 - 2014-10-16 11:54 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434448.dll
2014-11-01 19:19 - 2014-11-01 19:19 - 00057438 _____ () C:\Users\Tim\Downloads\[kickass.to]22.jump.street.2014.ts.xvid.sumo.torrent
2014-10-29 21:35 - 2014-10-29 21:35 - 00263960 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-10-27 17:12 - 2014-10-27 17:12 - 00011649 _____ () C:\Users\Tim\Downloads\[kickass.to]homeland.s04e05.hdtv.x264.killers.mp4.torrent
2014-10-25 17:50 - 2014-10-25 17:50 - 00043279 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e10.hdtv.x264.killers.ettv.torrent
2014-10-25 17:50 - 2014-10-25 17:50 - 00028605 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s05e01.american.muscle.hdtv.x264.fum.ettv.torrent
2014-10-25 17:49 - 2014-10-25 17:49 - 00036463 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e08.american.supercars.hdtv.xvid.afg.torrent
2014-10-25 17:49 - 2014-10-25 17:49 - 00036427 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e09.hdtv.xvid.afg.torrent
2014-10-25 17:48 - 2014-10-25 17:48 - 00036488 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e07.fully.charged.hdtv.xvid.afg.torrent
2014-10-25 17:48 - 2014-10-25 17:48 - 00036488 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e07.fully.charged.hdtv.xvid.afg (1).torrent
2014-10-25 17:48 - 2014-10-25 17:48 - 00036158 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e06.hdtv.xvid.afg.torrent
2014-10-25 17:47 - 2014-10-25 17:47 - 00047370 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e02.hdtv.x264.killers.ettv.torrent
2014-10-25 17:47 - 2014-10-25 17:47 - 00036755 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e04.hdtv.x264.killers.ettv.torrent
2014-10-25 17:47 - 2014-10-25 17:47 - 00036346 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e03.proper.hdtv.xvid.afg.torrent
2014-10-25 17:47 - 2014-10-25 17:47 - 00031600 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e05.sturgis.hdtv.x264.fum.ettv.torrent
2014-10-25 17:46 - 2014-10-25 17:46 - 00027488 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s04e01.hdtv.xvid.afg.torrent
2014-10-25 17:43 - 2014-10-25 17:43 - 00037776 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s03e09.real.hdtv.x264.killers.torrent
2014-10-25 17:43 - 2014-10-25 17:43 - 00036497 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s03e07.college.cars.real.hdtv.xvid.afg.torrent
2014-10-25 17:43 - 2014-10-25 17:43 - 00036477 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s03e08.real.hdtv.xvid.afg.torrent
2014-10-25 17:43 - 2014-10-25 17:43 - 00036443 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s03e06.real.hdtv.xvid.afg.ettv.torrent
2014-10-25 17:42 - 2014-10-25 17:42 - 00039780 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s03e04.continental.divide.hdtv.x264.momentum.ettv.torrent
2014-10-25 17:42 - 2014-10-25 17:42 - 00029672 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s03e05.supercars.hdtv.x264.momentum.ettv.torrent
2014-10-25 17:42 - 2014-10-25 17:42 - 00009607 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s03e02.real.hdtv.xvid.afg.torrent
2014-10-25 17:41 - 2014-10-25 17:41 - 00028856 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s03e01.big.rigs.hdtv.xvid.momentum.torrent
2014-10-24 18:48 - 2014-10-24 18:48 - 00029456 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s02e04.death.valley.hdtv.xvid.momentum (2).torrent
2014-10-24 18:48 - 2014-10-24 18:48 - 00029456 _____ () C:\Users\Tim\Downloads\[kickass.to]top.gear.us.s02e04.death.valley.hdtv.xvid.momentum (1).torrent
2014-10-24 18:46 - 2014-10-24 18:46 - 00008308 _____ () C:\Users\Tim\Downloads\[kickass.to]brooklyn.nine.nine.s02e04.hdtv.x264.killers.eztv.torrent
2014-10-24 08:09 - 2014-10-24 08:09 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-10-24 08:09 - 2014-10-24 08:09 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-10-20 17:29 - 2014-10-20 17:29 - 00012595 _____ () C:\Users\Tim\Downloads\[kickass.to]homeland.s04e04.hdtv.x264.lol.eztv.torrent
2014-10-19 10:19 - 2014-10-19 10:19 - 00045056 _____ () C:\Users\Tim\Downloads\capitalprojects.xls
2014-10-19 10:19 - 2014-10-19 10:19 - 00019968 _____ () C:\Users\Tim\Downloads\budgetchangetemplate2014.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-18 16:13 - 2014-09-21 07:04 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-18 16:10 - 2013-06-02 17:15 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-18 16:10 - 2013-06-02 16:43 - 01096620 _____ () C:\Windows\WindowsUpdate.log
2014-11-18 00:34 - 2013-06-02 17:15 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-18 00:32 - 2009-07-13 23:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-18 00:32 - 2009-07-13 23:45 - 00015008 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-18 00:30 - 2009-07-14 00:13 - 00779266 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-18 00:25 - 2009-07-13 23:51 - 00096028 _____ () C:\Windows\setupact.log
2014-11-18 00:24 - 2013-06-02 17:03 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-18 00:24 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-17 20:49 - 2013-06-02 17:17 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\uTorrent
2014-11-17 20:18 - 2013-06-10 19:23 - 00000000 ____D () C:\Users\Tim\AppData\Local\Windows Live
2014-11-17 17:11 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-16 21:46 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-11-15 16:26 - 2009-07-14 00:08 - 00032634 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-14 12:53 - 2013-06-03 20:45 - 00023690 _____ () C:\Windows\PFRO.log
2014-11-14 09:42 - 2014-09-21 07:16 - 00000965 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2014-11-14 09:42 - 2014-09-21 07:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-11-13 23:20 - 2014-10-14 21:51 - 00000000 ___HD () C:\5ad5611
2014-11-12 15:29 - 2013-06-02 17:15 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-12 15:29 - 2013-06-02 17:15 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-10 20:58 - 2013-06-02 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-10 20:57 - 2013-06-02 16:53 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-10 19:43 - 2013-06-02 16:43 - 00000000 ____D () C:\Users\Tim\AppData\Local\VirtualStore
2014-11-10 18:01 - 2013-06-04 18:33 - 00000258 __RSH () C:\ProgramData\ntuser.pol
2014-11-09 12:12 - 2014-10-12 18:33 - 00000000 ____D () C:\Users\Tim\Desktop\Brooks 10-12-2014
2014-11-09 12:06 - 2014-02-08 08:36 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\SolidWorks
2014-11-09 12:04 - 2014-09-01 10:13 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Skype
2014-11-09 12:04 - 2013-12-26 10:21 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Nikon
2014-11-09 12:04 - 2013-06-04 17:05 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Mozilla
2014-11-09 12:04 - 2013-06-02 17:33 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Origin
2014-11-09 11:59 - 2013-12-26 10:19 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Dropbox
2014-11-09 11:59 - 2013-10-05 23:56 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Arduino
2014-11-09 11:59 - 2013-06-10 18:56 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Apple Computer
2014-11-09 11:58 - 2014-09-01 10:14 - 00000000 ____D () C:\Users\Tim\AppData\Local\Skype
2014-11-09 11:58 - 2014-02-09 13:45 - 00000000 ____D () C:\Users\Tim\AppData\Local\SolidWorks
2014-11-09 11:58 - 2013-06-03 19:49 - 00000000 ____D () C:\Users\Tim\AppData\Local\PunkBuster
2014-11-09 11:58 - 2013-06-02 19:22 - 00000000 ____D () C:\Users\Tim\AppData\Roaming\Adobe
2014-11-09 11:58 - 2013-06-02 17:33 - 00000000 ____D () C:\Users\Tim\AppData\Local\Origin
2014-11-09 11:58 - 2013-06-02 17:19 - 00000000 ____D () C:\Users\Tim\AppData\Local\PMB Files
2014-11-09 11:51 - 2013-06-02 17:15 - 00000000 ____D () C:\Users\Tim\AppData\Local\Google
2014-11-08 20:50 - 2013-07-03 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-11-08 20:50 - 2013-07-03 19:35 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-08 08:21 - 2014-06-08 17:18 - 00000000 ____D () C:\Users\Mcx1-TIM-PC
2014-11-07 20:38 - 2013-06-08 08:00 - 00000000 ____D () C:\Windows\Minidump
2014-11-06 19:50 - 2013-08-17 05:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-04 21:01 - 2013-10-30 18:14 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-11-04 20:29 - 2014-08-16 13:30 - 00000000 ____D () C:\World of Warcraft
2014-11-02 12:21 - 2013-10-30 18:10 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-29 21:10 - 2011-01-20 18:26 - 02558792 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-10-27 18:38 - 2013-06-02 17:16 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-25 11:06 - 2014-09-21 07:11 - 00000000 ____D () C:\ProgramData\AVG2015

Some content of TEMP:
====================
C:\Users\Tim\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Tim\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Tim\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Tim\AppData\Local\Temp\MSIAFTERBURNERSETUP.EXE
C:\Users\Tim\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Tim\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Tim\AppData\Local\Temp\nvSCPAPISvr.exe
C:\Users\Tim\AppData\Local\Temp\nvStInst.exe
C:\Users\Tim\AppData\Local\Temp\ose00000.exe
C:\Users\Tim\AppData\Local\Temp\SETUP_AFTERBURNER.EXE
C:\Users\Tim\AppData\Local\Temp\sonarinst.exe
C:\Users\Tim\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Tim\AppData\Local\Temp\utt5070.tmp.exe
C:\Users\Tim\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-17 17:45

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-11-2014
Ran by Tim at 2014-11-18 16:14:42
Running from C:\Users\Tim\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-999253832-2327500951-877020514-1001\...\uTorrent) (Version: 3.4.2.34944 - BitTorrent Inc.)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.03) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5 - Arduino LLC)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
AVG 2015 (Version: 15.0.4213 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.0.19 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.2 - Electronic Arts)
Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bootstrapper (x32 Version: 1.1.2.0 - Minitab, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dropbox (HKU\S-1-5-21-999253832-2327500951-877020514-1001\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Free Mouse Auto Clicker 3.4.3 (HKLM-x32\...\{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1) (Version:  - Advanced Mouse Auto Clicker ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HI-TECH C51-lite V9.60PL0 (HKLM-x32\...\HC51 9.60PL0) (Version: 9.60 - HI-TECH Software)
HI-TECH PICC lite V9.60PL0 (HKLM-x32\...\PICC 9.60PL0) (Version: 9.60 - HI-TECH Software)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.650 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Lexmark S300-S400 Series (HKLM\...\Lexmark S300-S400 Series) (Version:  - Lexmark International, Inc.)
Linkey (HKU\S-1-5-21-999253832-2327500951-877020514-1001\...\Linkey) (Version: 0.0.0.599 - Aztec Media Inc) <==== ATTENTION
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-999253832-2327500951-877020514-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version:  - Microsoft Corporation)
Minitab 16 (HKLM-x32\...\Minitab16) (Version: 16.2.4 - Minitab, Inc.)
Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.1.0.0 - Minitab, Inc.)
Minitab16 (x32 Version: 16.2.4.0 - Minitab Inc) Hidden
Minitab16 (x32 Version: 16.2.4.0 - Minitab, Inc.) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 23.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSI Afterburner 2.1.0 (HKLM-x32\...\Afterburner) (Version: 2.1.0 - MSI Co., LTD)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NI Circuit Design Suite 11.0.1 Core (x32 Version: 11.0.691 - National Instruments) Hidden
NI Circuit Design Suite 11.0.1 Pro (x32 Version: 11.0.691 - National Instruments) Hidden
NI Circuit Design Suite 11.0.1 Pro Licenses (x32 Version: 11.0.691 - National Instruments) Hidden
NI EULA Depot (x32 Version: 2.71.130 - National Instruments) Hidden
NI Example Finder 9.0 (x32 Version: 9.0.136.0 - National Instruments) Hidden
NI Help Assistant (64bit) (Version: 1.0.10 - National Instruments) Hidden
NI Help Assistant (x32 Version: 1.0.10 - National Instruments) Hidden
NI LabVIEW 2009 SP1 Run-Time Engine Web Services (x32 Version: 9.0.234.0 - National Instruments) Hidden
NI LabVIEW Real-Time NBFifo (x32 Version: 8.6.348.0 - National Instruments) Hidden
NI LabVIEW Real-Time NBFifo (x32 Version: 9.0.319.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 2009 SP1 (x32 Version: 9.0.1074.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine 8.6.1 (x32 Version: 8.6.426.0 - National Instruments) Hidden
NI LabVIEW Run-Time Engine Interop 2009 (x32 Version: 9.0.146.0 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 8.6.41.0 - National Instruments) Hidden
NI LabVIEW Web Server for Run-Time Engine (x32 Version: 9.0.185.0 - National Instruments) Hidden
NI LabVIEW Web Services Runtime (x32 Version: 8.6.48.0 - National Instruments) Hidden
NI License Manager (x32 Version: 3.5.23 - National Instruments) Hidden
NI Logos 5.1.3 (x32 Version: 5.1.131.0 - National Instruments) Hidden
NI Logos XT Support (x32 Version: 5.1.69.0 - National Instruments) Hidden
NI Logos64 5.1.3 (Version: 5.1.84.0 - National Instruments) Hidden
NI Logos64 XT Support (Version: 5.1.66.0 - National Instruments) Hidden
NI Math Kernel Libraries (64-bit) (Version: 1.0.14.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.28.0 - National Instruments) Hidden
NI Math Kernel Libraries (x32 Version: 1.0.861.0 - National Instruments) Hidden
NI MDF Support (x32 Version: 2.71.130 - National Instruments) Hidden
NI MetaSuite Installer (x32 Version: 2.71.130 - National Instruments) Hidden
NI Service Locator (x32 Version: 9.0.262.0 - National Instruments) Hidden
NI TDMS (64-bit) (Version: 2.0.173.0 - National Instruments) Hidden
NI TDMS (x32 Version: 2.0.173.0 - National Instruments) Hidden
NI Trace Engine (64-bit) (Version: 9.0.128.0 - National Instruments) Hidden
NI Trace Engine (x32 Version: 9.0.146.0 - National Instruments) Hidden
NI Update Service (x32 Version: 1.12.3.0 - National Instruments) Hidden
NI Update Service Full (x32 Version: 1.12.3.0 - National Instruments) Hidden
NI USI 1.7.0 (x32 Version: 1.7.03805 - National Instruments) Hidden
NI USI 1.7.0 64-Bit (Version: 1.7.03805 - National Instruments) Hidden
NI Web Pipeline 2.0.1 (x32 Version: 2.0.128.0 - National Instruments) Hidden
NI Web Pipeline 2.0.1 64-bit support (Version: 2.0.122.0 - National Instruments) Hidden
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.3.0 - Nikon)
NVIDIA 3D Vision Controller Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.2 - Nikon)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Settings Manager (HKLM-x32\...\Settings Manager) (Version: 5.0.0.14440 - Aztec Media Inc) <==== ATTENTION
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SoftwareManager (x32 Version: 1.1.0.0 - Minitab, Inc.) Hidden
Solid YouTube Downloader and Converter 6.1.9.0 (HKLM-x32\...\{66732EEE-ECBC-4CA6-A474-ytd}_is1) (Version:  - DreamVideoSoft,Inc.)
SolidWorks 2014 x64 Edition SP0 (HKLM-x32\...\SolidWorks Installation Manager 20140-40000-1100-100) (Version: 22.0.0.5018 - SolidWorks Corporation)
SolidWorks 2014 x64 Edition SP0 (Version: 22.100.5018 - SolidWorks) Hidden
SolidWorks Composer Player 2014 SP0 x64 Edition (Version: 22.00.5018 - Dassault Systemes SolidWorks) Hidden
SolidWorks eDrawings 2014 x64 Edition SP0 (Version: 14.0.5006 - Dassault Systèmes SolidWorks Corp) Hidden
SolidWorks Explorer 2014 SP0 x64 Edition (Version: 22.00.5018 - SolidWorks Corporation) Hidden
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 2.0.9.26147 - Blizzard Entertainment)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.3.0 - Nikon)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-04-2014 23:57:05 Windows Update
18-07-2014 21:09:41 Windows Update
19-07-2014 07:00:28 Windows Update
17-11-2014 22:52:10 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {D135AD4E-1D23-4232-98CB-696AB66EA6EA} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2010-11-05] (Minitab)
Task: {DC944723-F177-400F-8C09-E98CD0B6E97B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-02] (Google Inc.)
Task: {FA130BAA-EFAE-4BA9-9977-D8B2A383C932} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-TIM-PC => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
Task: {FC33A433-EB6D-495C-B23F-3A268374D782} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-02] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-06-02 17:31 - 2014-09-13 16:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-16 20:22 - 2009-11-04 08:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxeadrpp.dll
2014-07-03 23:08 - 2014-07-03 23:08 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-11-06 19:49 - 2014-11-06 19:48 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\loggingserver.exe
2014-11-16 20:18 - 2011-01-23 20:08 - 00770728 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
2014-11-16 20:18 - 2011-01-23 20:08 - 00148280 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
2014-11-16 20:19 - 2009-12-16 06:42 - 00205824 _____ () C:\Program Files\Lexmark\S300-S400 Series\lxeamicro.dll
2014-11-16 20:19 - 2010-04-01 12:30 - 01558528 _____ () C:\Program Files\Lexmark\S300-S400 Series\lxeadrs64.dll
2014-11-16 20:19 - 2009-03-10 00:44 - 00015360 _____ () C:\Program Files\Lexmark\S300-S400 Series\lxeacaps64.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-06 19:49 - 2014-11-06 19:48 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\log4cplusU.dll
2014-11-16 20:18 - 2010-04-01 12:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeascw.dll
2014-11-16 20:17 - 2009-05-27 07:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeadatr.dll
2014-11-16 20:17 - 2009-05-27 07:13 - 00081920 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacats.dll
2014-11-16 20:18 - 2010-04-01 12:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaDRS.dll
2014-11-16 20:18 - 2009-03-10 00:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeacaps.dll
2014-11-16 20:20 - 2009-02-20 03:48 - 00381440 _____ () C:\Windows\system32\lxeasm.dll
2014-11-16 20:20 - 2009-02-20 03:48 - 00023552 _____ () C:\Windows\system32\lxeasmr.dll
2014-11-16 20:18 - 2010-04-05 05:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Epwizard.DLL
2014-11-16 20:18 - 2010-04-05 05:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\customui.dll
2014-11-16 20:18 - 2010-04-05 05:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Eputil.DLL
2014-11-16 20:18 - 2010-04-05 05:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Imagutil.DLL
2014-11-16 20:18 - 2010-04-05 05:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\Epfunct.DLL
2014-11-16 20:18 - 2010-04-05 05:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\EPWizRes.dll
2014-11-16 20:18 - 2010-04-05 05:56 - 00045221 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\epstring.dll
2014-11-16 20:18 - 2010-04-05 05:56 - 00094359 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\EPOEMDll.dll
2014-11-16 20:18 - 2009-04-07 14:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\iptk.dll
2014-11-16 20:18 - 2009-03-02 09:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark S300-S400 Series\lxeaptp.dll
2013-06-09 14:59 - 2013-06-09 14:59 - 05619784 _____ () C:\Windows\system32\mfc110u.dll
2014-11-06 19:49 - 2014-11-06 19:48 - 01685528 _____ () C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll
2014-10-27 18:37 - 2014-10-21 23:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-27 18:37 - 2014-10-21 23:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-27 18:37 - 2014-10-21 23:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-27 18:37 - 2014-10-21 23:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks 2014 Fast Start.lnk => C:\Windows\pss\SolidWorks 2014 Fast Start.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SolidWorks Background Downloader.lnk => C:\Windows\pss\SolidWorks Background Downloader.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: Ebynrctjy => regsvr32.exe /s "C:\Users\Tim\AppData\Local\Windows Live\Ebynrctjy.dll"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NI Background Service => C:\Program Files (x86)\National Instruments\Shared\Update Service\niupdate.exe
MSCONFIG\startupreg: Nikon Message Center 2 => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: PesbErux => regsvr32.exe "C:\ProgramData\PesbErux\PesbErux.dat"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SogaCoyv => regsvr32.exe "C:\ProgramData\SogaCoyv\SogaCoyv.dat"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\Tim\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: VahoRikic => regsvr32.exe "C:\ProgramData\VahoRikic\VahoRikic.dat"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
MSCONFIG\startupreg: YXDPack => regsvr32.exe C:\Users\Tim\AppData\Local\YXDPack\sfxcab.dll
MSCONFIG\startupreg: {53093771-cbca-4a34-cd70-aafa07e3cec7} => "C:\Users\Tim\AppData\Local\{53093771-cbca-4a34-cd70-aafa07e3cec7}\{53093771-cbca-4a34-cd70-aafa07e3cec7}.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-999253832-2327500951-877020514-500 - Administrator - Disabled)
Guest (S-1-5-21-999253832-2327500951-877020514-501 - Limited - Disabled)
Mcx1-TIM-PC (S-1-5-21-999253832-2327500951-877020514-1007 - Limited - Enabled) => C:\Users\Mcx1-TIM-PC
Tim (S-1-5-21-999253832-2327500951-877020514-1001 - Administrator - Enabled) => C:\Users\Tim

==================== Faulty Device Manager Devices =============

Name: Lumanate Lazer USB
Description: Lumanate Lazer USB
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Lumanate, Inc.
Service: LazerUsb
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Hauppauge WinTV HVR-1250 (Model 79xxx, Hybrid ATSC/QAM)
Description: Hauppauge WinTV HVR-1250 (Model 79xxx, Hybrid ATSC/QAM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Hauppauge
Service: HCW85BDA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/18/2014 00:43:11 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/18/2014 00:43:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/18/2014 00:43:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161"1".
Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.6161" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/18/2014 00:43:05 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/18/2014 00:43:04 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/18/2014 00:25:00 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/18/2014 00:25:00 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [1008]

Error: (11/17/2014 08:59:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (11/17/2014 08:59:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (11/17/2014 08:59:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [1008]


System errors:
=============
Error: (11/18/2014 04:08:27 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a171\??\Volume{b7995201-cbe5-11e2-b2d6-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{086D7393-A820-4C9F-AD03-C28C68663D41}

Error: (11/18/2014 04:07:28 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.

Error: (11/18/2014 00:24:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error: 
%%1053

Error: (11/18/2014 00:24:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the lxeaCATSCustConnectService service to connect.

Error: (11/18/2014 00:24:56 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WWAN AutoConfig service terminated with the following error: 
%%5

Error: (11/18/2014 00:24:33 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a36\SystemRoot\System32\Config\SOFTWARE

Error: (11/18/2014 00:00:37 AM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a171\??\Volume{b7995201-cbe5-11e2-b2d6-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{A393D31F-EDE6-44EF-9EDA-6A06289E2727}

Error: (11/17/2014 09:51:39 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 5) (User: NT AUTHORITY)
Description: 0x8000002a171\??\Volume{b7995201-cbe5-11e2-b2d6-806e6f6e6963}\System Volume Information\SPP\SppCbsHiveStore\{cd42efe1-f6f1-427c-b004-033192c625a4}{F6C44E6F-0BA5-4B79-AE98-14C9F42E57F1}

Error: (11/17/2014 09:01:04 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: WMPNetworkSvc0x80070006

Error: (11/17/2014 08:58:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The lxeaCATSCustConnectService service failed to start due to the following error: 
%%1053


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Percentage of memory in use: 29%
Total physical RAM: 6077.92 MB
Available physical RAM: 4282.65 MB
Total Pagefile: 12154.02 MB
Available Pagefile: 9593.51 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.24 GB) (Free:5.83 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive e: detected.
Drive f: (OLD INTERNAL) (Fixed) (Total:931.41 GB) (Free:764.66 GB) NTFS
Drive l: (Large EXT) (Fixed) (Total:931.51 GB) (Free:0.09 GB) NTFS
Drive m: (Really Large EXT) (Fixed) (Total:1863.01 GB) (Free:1190.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 155C759E)
Partition 1: (Active) - (Size=119.2 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 02565BA3)
Partition 00: (Active) - (Size=0) - (Type=00) ATTENTION ===> 0 byte partition bootkit.
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: CBCE2081)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0024A9D5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================


#4 TFrieday

TFrieday
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:04 PM

Posted 18 November 2014 - 04:30 PM

ark.txt from GMER was blank.



#5 TFrieday

TFrieday
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:04 PM

Posted 18 November 2014 - 04:34 PM

16:32:18.0339 0x1114  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:32:21.0607 0x1114  ============================================================
16:32:21.0607 0x1114  Current date / time: 2014/11/18 16:32:21.0607
16:32:21.0607 0x1114  SystemInfo:
16:32:21.0607 0x1114  
16:32:21.0607 0x1114  OS Version: 6.1.7601 ServicePack: 1.0
16:32:21.0607 0x1114  Product type: Workstation
16:32:21.0607 0x1114  ComputerName: TIM-PC
16:32:21.0607 0x1114  UserName: Tim
16:32:21.0607 0x1114  Windows directory: C:\Windows
16:32:21.0607 0x1114  System windows directory: C:\Windows
16:32:21.0608 0x1114  Running under WOW64
16:32:21.0608 0x1114  Processor architecture: Intel x64
16:32:21.0608 0x1114  Number of processors: 4
16:32:21.0608 0x1114  Page size: 0x1000
16:32:21.0608 0x1114  Boot type: Normal boot
16:32:21.0608 0x1114  ============================================================
16:32:21.0978 0x1114  KLMD registered as C:\Windows\system32\drivers\56370524.sys
16:32:22.0096 0x1114  System UUID: {9D714B16-5680-1FDE-ADC2-C86C489C86C4}
16:32:22.0474 0x1114  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:32:22.0490 0x1114  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:32:22.0532 0x1114  Drive \Device\Harddisk6\DR6 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:32:22.0691 0x1114  Drive \Device\Harddisk8\DR8 - Size: 0x1D1C0F00000 ( 1863.01 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:32:22.0692 0x1114  ============================================================
16:32:22.0693 0x1114  \Device\Harddisk0\DR0:
16:32:22.0693 0x1114  MBR partitions:
16:32:22.0693 0x1114  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xEE7B000
16:32:22.0693 0x1114  \Device\Harddisk1\DR1:
16:32:22.0693 0x1114  MBR partitions:
16:32:22.0693 0x1114  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:32:22.0693 0x1114  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
16:32:22.0693 0x1114  \Device\Harddisk6\DR6:
16:32:22.0694 0x1114  MBR partitions:
16:32:22.0694 0x1114  \Device\Harddisk6\DR6\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
16:32:22.0694 0x1114  \Device\Harddisk8\DR8:
16:32:22.0694 0x1114  MBR partitions:
16:32:22.0694 0x1114  \Device\Harddisk8\DR8\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
16:32:22.0694 0x1114  ============================================================
16:32:22.0696 0x1114  C: <-> \Device\Harddisk0\DR0\Partition1
16:32:22.0699 0x1114  E: <-> \Device\Harddisk1\DR1\Partition1
16:32:22.0728 0x1114  F: <-> \Device\Harddisk1\DR1\Partition2
16:32:22.0759 0x1114  L: <-> \Device\Harddisk6\DR6\Partition1
16:32:23.0222 0x1114  M: <-> \Device\Harddisk8\DR8\Partition1
16:32:23.0222 0x1114  ============================================================
16:32:23.0222 0x1114  Initialize success
16:32:23.0222 0x1114  ============================================================
16:32:31.0433 0x1300  ============================================================
16:32:31.0433 0x1300  Scan started
16:32:31.0433 0x1300  Mode: Manual; 
16:32:31.0433 0x1300  ============================================================
16:32:31.0433 0x1300  KSN ping started
16:32:46.0007 0x1300  KSN ping finished: true
16:32:47.0564 0x1300  ================ Scan system memory ========================
16:32:47.0564 0x1300  System memory - ok
16:32:47.0564 0x1300  ================ Scan services =============================
16:32:47.0613 0x1300  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:32:47.0618 0x1300  1394ohci - ok
16:32:47.0643 0x1300  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:32:47.0650 0x1300  ACPI - ok
16:32:47.0655 0x1300  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:32:47.0656 0x1300  AcpiPmi - ok
16:32:47.0663 0x1300  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:32:47.0664 0x1300  AdobeARMservice - ok
16:32:47.0680 0x1300  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:32:47.0689 0x1300  adp94xx - ok
16:32:47.0703 0x1300  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:32:47.0710 0x1300  adpahci - ok
16:32:47.0718 0x1300  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:32:47.0722 0x1300  adpu320 - ok
16:32:47.0730 0x1300  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:32:47.0732 0x1300  AeLookupSvc - ok
16:32:47.0748 0x1300  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
16:32:47.0757 0x1300  AFD - ok
16:32:47.0765 0x1300  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:32:47.0766 0x1300  agp440 - ok
16:32:47.0773 0x1300  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:32:47.0775 0x1300  ALG - ok
16:32:47.0778 0x1300  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:32:47.0779 0x1300  aliide - ok
16:32:47.0783 0x1300  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:32:47.0784 0x1300  amdide - ok
16:32:47.0789 0x1300  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:32:47.0791 0x1300  AmdK8 - ok
16:32:47.0796 0x1300  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:32:47.0797 0x1300  AmdPPM - ok
16:32:47.0803 0x1300  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:32:47.0806 0x1300  amdsata - ok
16:32:47.0814 0x1300  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:32:47.0818 0x1300  amdsbs - ok
16:32:47.0823 0x1300  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:32:47.0824 0x1300  amdxata - ok
16:32:47.0829 0x1300  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
16:32:47.0831 0x1300  AppID - ok
16:32:47.0835 0x1300  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:32:47.0836 0x1300  AppIDSvc - ok
16:32:47.0842 0x1300  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
16:32:47.0843 0x1300  Appinfo - ok
16:32:47.0850 0x1300  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:32:47.0852 0x1300  Apple Mobile Device - ok
16:32:47.0858 0x1300  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:32:47.0860 0x1300  arc - ok
16:32:47.0866 0x1300  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:32:47.0868 0x1300  arcsas - ok
16:32:47.0884 0x1300  [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:32:47.0888 0x1300  aspnet_state - ok
16:32:47.0892 0x1300  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:32:47.0893 0x1300  AsyncMac - ok
16:32:47.0897 0x1300  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:32:47.0898 0x1300  atapi - ok
16:32:47.0918 0x1300  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:32:47.0931 0x1300  AudioEndpointBuilder - ok
16:32:47.0952 0x1300  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:32:47.0966 0x1300  AudioSrv - ok
16:32:47.0978 0x1300  [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska        C:\Windows\system32\DRIVERS\avgdiska.sys
16:32:47.0981 0x1300  Avgdiska - ok
16:32:48.0068 0x1300  [ 11BE8047AF7016C4D814F40CF4E5F1BD, 6E30843985B169D818BE9B0DDFB1841C271E9F58C119A3082286380933943184 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
16:32:48.0132 0x1300  AVGIDSAgent - ok
16:32:48.0152 0x1300  [ 4A989DB4EABAC4297A9DE0D70A9483CB, C739F577988916216A7537D43247FF4FBFEB59531BC02AF92BD7DF5375ED8F6B ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
16:32:48.0157 0x1300  AVGIDSDriver - ok
16:32:48.0167 0x1300  [ 17C34C4B42C8B2EFCF2C065178BF4806, CB28BEE44B7A821EE728EFFD1B1882B57E417292A3A5377F3A98F16B0AF14DC7 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
16:32:48.0171 0x1300  AVGIDSHA - ok
16:32:48.0182 0x1300  [ 7C9E8FD2BFCE60BDF9B5944C0BE47C87, 0F51507BAECDEF7B6F553066621A03832FF070EC6837A8E304AABA1227F779BF ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
16:32:48.0187 0x1300  Avgldx64 - ok
16:32:48.0200 0x1300  [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
16:32:48.0206 0x1300  Avgloga - ok
16:32:48.0214 0x1300  [ B4D589C734D796B5B76E0A0E5DA50397, CACAB2C0D01583CEB55C62334A4E9BB46A2E399BE9B7EDC988AEC785DF1FCC1C ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
16:32:48.0217 0x1300  Avgmfx64 - ok
16:32:48.0221 0x1300  [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
16:32:48.0223 0x1300  Avgrkx64 - ok
16:32:48.0228 0x1300  [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
16:32:48.0229 0x1300  avgtp - ok
16:32:48.0239 0x1300  [ BA5BEC7FB1EABF3FBD38924AB45C7B3A, DF731DB44CDA24F412E72555A0AEB64E7B182BE22C8283CDEA4397DDBE6AA0EE ] avgwd           C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
16:32:48.0245 0x1300  avgwd - ok
16:32:48.0254 0x1300  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:32:48.0257 0x1300  AxInstSV - ok
16:32:48.0273 0x1300  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:32:48.0282 0x1300  b06bdrv - ok
16:32:48.0293 0x1300  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:32:48.0298 0x1300  b57nd60a - ok
16:32:48.0307 0x1300  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:32:48.0309 0x1300  BDESVC - ok
16:32:48.0313 0x1300  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:32:48.0314 0x1300  Beep - ok
16:32:48.0335 0x1300  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:32:48.0349 0x1300  BFE - ok
16:32:48.0376 0x1300  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:32:48.0394 0x1300  BITS - ok
16:32:48.0401 0x1300  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:32:48.0402 0x1300  blbdrive - ok
16:32:48.0419 0x1300  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:32:48.0427 0x1300  Bonjour Service - ok
16:32:48.0435 0x1300  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:32:48.0437 0x1300  bowser - ok
16:32:48.0442 0x1300  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:32:48.0443 0x1300  BrFiltLo - ok
16:32:48.0447 0x1300  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:32:48.0447 0x1300  BrFiltUp - ok
16:32:48.0455 0x1300  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:32:48.0458 0x1300  Browser - ok
16:32:48.0470 0x1300  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:32:48.0475 0x1300  Brserid - ok
16:32:48.0481 0x1300  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:32:48.0482 0x1300  BrSerWdm - ok
16:32:48.0486 0x1300  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:32:48.0487 0x1300  BrUsbMdm - ok
16:32:48.0491 0x1300  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:32:48.0491 0x1300  BrUsbSer - ok
16:32:48.0497 0x1300  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:32:48.0499 0x1300  BTHMODEM - ok
16:32:48.0507 0x1300  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:32:48.0509 0x1300  bthserv - ok
16:32:48.0514 0x1300  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:32:48.0517 0x1300  cdfs - ok
16:32:48.0524 0x1300  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
16:32:48.0527 0x1300  cdrom - ok
16:32:48.0534 0x1300  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:32:48.0536 0x1300  CertPropSvc - ok
16:32:48.0541 0x1300  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:32:48.0542 0x1300  circlass - ok
16:32:48.0556 0x1300  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
16:32:48.0563 0x1300  CLFS - ok
16:32:48.0574 0x1300  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:32:48.0578 0x1300  clr_optimization_v2.0.50727_32 - ok
16:32:48.0587 0x1300  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:32:48.0590 0x1300  clr_optimization_v2.0.50727_64 - ok
16:32:48.0605 0x1300  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:32:48.0612 0x1300  clr_optimization_v4.0.30319_32 - ok
16:32:48.0618 0x1300  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:32:48.0622 0x1300  clr_optimization_v4.0.30319_64 - ok
16:32:48.0626 0x1300  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:32:48.0627 0x1300  CmBatt - ok
16:32:48.0631 0x1300  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:32:48.0632 0x1300  cmdide - ok
16:32:48.0647 0x1300  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
16:32:48.0655 0x1300  CNG - ok
16:32:48.0661 0x1300  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:32:48.0662 0x1300  Compbatt - ok
16:32:48.0667 0x1300  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:32:48.0668 0x1300  CompositeBus - ok
16:32:48.0672 0x1300  COMSysApp - ok
16:32:48.0704 0x1300  [ B2020AFF41BE89261231DB2BEAAFE79F, F5605137175CFE382713425A81F47055A67F9047685EC466B2EF5ED9BD9EB392 ] CoordinatorServiceHost C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe
16:32:48.0706 0x1300  CoordinatorServiceHost - ok
16:32:48.0711 0x1300  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:32:48.0712 0x1300  crcdisk - ok
16:32:48.0721 0x1300  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:32:48.0725 0x1300  CryptSvc - ok
16:32:48.0743 0x1300  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:32:48.0754 0x1300  DcomLaunch - ok
16:32:48.0765 0x1300  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:32:48.0772 0x1300  defragsvc - ok
16:32:48.0778 0x1300  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:32:48.0780 0x1300  DfsC - ok
16:32:48.0793 0x1300  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:32:48.0800 0x1300  Dhcp - ok
16:32:48.0807 0x1300  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:32:48.0808 0x1300  discache - ok
16:32:48.0813 0x1300  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:32:48.0815 0x1300  Disk - ok
16:32:48.0823 0x1300  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:32:48.0827 0x1300  Dnscache - ok
16:32:48.0838 0x1300  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:32:48.0844 0x1300  dot3svc - ok
16:32:48.0853 0x1300  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:32:48.0857 0x1300  DPS - ok
16:32:48.0861 0x1300  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:32:48.0862 0x1300  drmkaud - ok
16:32:48.0889 0x1300  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:32:48.0907 0x1300  DXGKrnl - ok
16:32:48.0921 0x1300  [ BAB7E45E6C6B92B2C71423D1EC376F38, CB9A1765FE60B683363225B9CD85CE5F5D6CE45BB665AE41113A3DD5806C27EC ] e1express       C:\Windows\system32\DRIVERS\e1e6232e.sys
16:32:48.0927 0x1300  e1express - ok
16:32:48.0934 0x1300  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:32:48.0937 0x1300  EapHost - ok
16:32:49.0017 0x1300  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:32:49.0077 0x1300  ebdrv - ok
16:32:49.0090 0x1300  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS             C:\Windows\System32\lsass.exe
16:32:49.0092 0x1300  EFS - ok
16:32:49.0114 0x1300  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:32:49.0127 0x1300  ehRecvr - ok
16:32:49.0134 0x1300  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:32:49.0137 0x1300  ehSched - ok
16:32:49.0154 0x1300  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:32:49.0165 0x1300  elxstor - ok
16:32:49.0170 0x1300  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:32:49.0171 0x1300  ErrDev - ok
16:32:49.0189 0x1300  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:32:49.0197 0x1300  EventSystem - ok
16:32:49.0206 0x1300  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:32:49.0210 0x1300  exfat - ok
16:32:49.0219 0x1300  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:32:49.0223 0x1300  fastfat - ok
16:32:49.0243 0x1300  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:32:49.0256 0x1300  Fax - ok
16:32:49.0263 0x1300  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:32:49.0264 0x1300  fdc - ok
16:32:49.0269 0x1300  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:32:49.0270 0x1300  fdPHost - ok
16:32:49.0274 0x1300  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:32:49.0276 0x1300  FDResPub - ok
16:32:49.0281 0x1300  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:32:49.0283 0x1300  FileInfo - ok
16:32:49.0287 0x1300  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:32:49.0288 0x1300  Filetrace - ok
16:32:49.0317 0x1300  [ 73081CF28F0AE20A52CA4F67CEE6E6B0, 806C769F3638D25FF1892C7223E7250AA3B9F627DF3AD83BC5AE1FEF7016F86A ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:32:49.0337 0x1300  FLEXnet Licensing Service - ok
16:32:49.0377 0x1300  [ 5CEE6CD43AE5844C49300EA0B1E557EE, FBDBF3CA4EF632613E6046EEB506C5050454F8857348E28EB43E60C332EE0262 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
16:32:49.0403 0x1300  FLEXnet Licensing Service 64 - ok
16:32:49.0412 0x1300  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:32:49.0413 0x1300  flpydisk - ok
16:32:49.0425 0x1300  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:32:49.0430 0x1300  FltMgr - ok
16:32:49.0461 0x1300  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
16:32:49.0483 0x1300  FontCache - ok
16:32:49.0492 0x1300  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:32:49.0494 0x1300  FontCache3.0.0.0 - ok
16:32:49.0499 0x1300  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:32:49.0501 0x1300  FsDepends - ok
16:32:49.0509 0x1300  [ B3EB502D2C3F47C47415F85387DFAEF1, 5240D4281BB9FBFBFEB98522D12F0C006BE063C084C2E6E23DACB6606CDC25AE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:32:49.0510 0x1300  fssfltr - ok
16:32:49.0550 0x1300  [ 7B4C82899A967A7EB22DAB502770AE8E, 209FB59669070FCAAACB24B0CE81C375362BF1C519B15FDB5AA3EC2C87E2069B ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:32:49.0578 0x1300  fsssvc - ok
16:32:49.0586 0x1300  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:32:49.0587 0x1300  Fs_Rec - ok
16:32:49.0598 0x1300  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:32:49.0602 0x1300  fvevol - ok
16:32:49.0608 0x1300  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:32:49.0610 0x1300  gagp30kx - ok
16:32:49.0614 0x1300  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:32:49.0615 0x1300  GEARAspiWDM - ok
16:32:49.0647 0x1300  [ A27A06D8359BC5202F2F8E3240DE205F, C2BB64106D6894E6CF45121FE3ECCDE2A00CAE9268CF5ECA11F436C10DBFC6F0 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:32:49.0669 0x1300  GfExperienceService - ok
16:32:49.0694 0x1300  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:32:49.0709 0x1300  gpsvc - ok
16:32:49.0718 0x1300  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:32:49.0720 0x1300  gupdate - ok
16:32:49.0726 0x1300  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:32:49.0729 0x1300  gupdatem - ok
16:32:49.0760 0x1300  [ 9E308D0BC9A9CF6E50AA25639C9CCCB3, 7EA32D1BBC282810A6A7388C321A3B7A4125ADE6302E4C903D3E78B99A68E03F ] HCW85BDA        C:\Windows\system32\drivers\HCW85BDA.sys
16:32:49.0782 0x1300  HCW85BDA - ok
16:32:49.0790 0x1300  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:32:49.0792 0x1300  hcw85cir - ok
16:32:49.0805 0x1300  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:32:49.0811 0x1300  HdAudAddService - ok
16:32:49.0818 0x1300  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:32:49.0821 0x1300  HDAudBus - ok
16:32:49.0825 0x1300  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:32:49.0826 0x1300  HidBatt - ok
16:32:49.0832 0x1300  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:32:49.0835 0x1300  HidBth - ok
16:32:49.0839 0x1300  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:32:49.0841 0x1300  HidIr - ok
16:32:49.0845 0x1300  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:32:49.0847 0x1300  hidserv - ok
16:32:49.0851 0x1300  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:32:49.0852 0x1300  HidUsb - ok
16:32:49.0858 0x1300  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:32:49.0861 0x1300  hkmsvc - ok
16:32:49.0871 0x1300  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:32:49.0876 0x1300  HomeGroupListener - ok
16:32:49.0885 0x1300  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:32:49.0890 0x1300  HomeGroupProvider - ok
16:32:49.0895 0x1300  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:32:49.0897 0x1300  HpSAMD - ok
16:32:49.0918 0x1300  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:32:49.0932 0x1300  HTTP - ok
16:32:49.0939 0x1300  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:32:49.0940 0x1300  hwpolicy - ok
16:32:49.0946 0x1300  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:32:49.0948 0x1300  i8042prt - ok
16:32:49.0962 0x1300  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:32:49.0970 0x1300  iaStorV - ok
16:32:49.0994 0x1300  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:32:50.0011 0x1300  idsvc - ok
16:32:50.0019 0x1300  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:32:50.0020 0x1300  iirsp - ok
16:32:50.0046 0x1300  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:32:50.0063 0x1300  IKEEXT - ok
16:32:50.0077 0x1300  [ B45D80667300D34BF043B421D5D9CD8E, 7481B67DE98CC1B77DFE6B7BBC97B9206E60A60D28A45EC083B9A5D3824202F2 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
16:32:50.0081 0x1300  Intel(R) PROSet Monitoring Service - ok
16:32:50.0086 0x1300  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:32:50.0086 0x1300  intelide - ok
16:32:50.0092 0x1300  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:32:50.0093 0x1300  intelppm - ok
16:32:50.0099 0x1300  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:32:50.0102 0x1300  IPBusEnum - ok
16:32:50.0108 0x1300  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:32:50.0110 0x1300  IpFilterDriver - ok
16:32:50.0127 0x1300  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:32:50.0139 0x1300  iphlpsvc - ok
16:32:50.0147 0x1300  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:32:50.0149 0x1300  IPMIDRV - ok
16:32:50.0156 0x1300  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:32:50.0158 0x1300  IPNAT - ok
16:32:50.0177 0x1300  [ 835FC2EA0631B734BB06C12B0665F01D, B8A8B0148C6C3AFC40835B44E3D6508CB9EEE8AC430A7904711C8B51C2116A8D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:32:50.0190 0x1300  iPod Service - ok
16:32:50.0196 0x1300  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:32:50.0197 0x1300  IRENUM - ok
16:32:50.0202 0x1300  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:32:50.0203 0x1300  isapnp - ok
16:32:50.0214 0x1300  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:32:50.0219 0x1300  iScsiPrt - ok
16:32:50.0224 0x1300  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:32:50.0226 0x1300  kbdclass - ok
16:32:50.0230 0x1300  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:32:50.0231 0x1300  kbdhid - ok
16:32:50.0235 0x1300  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
16:32:50.0236 0x1300  KeyIso - ok
16:32:50.0242 0x1300  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:32:50.0245 0x1300  KSecDD - ok
16:32:50.0252 0x1300  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:32:50.0256 0x1300  KSecPkg - ok
16:32:50.0260 0x1300  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:32:50.0261 0x1300  ksthunk - ok
16:32:50.0274 0x1300  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:32:50.0282 0x1300  KtmRm - ok
16:32:50.0293 0x1300  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:32:50.0299 0x1300  LanmanServer - ok
16:32:50.0306 0x1300  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:32:50.0311 0x1300  LanmanWorkstation - ok
16:32:50.0448 0x1300  [ F0E60CAA1A92553DEC03EDCB49D8695C, 7C49293C72CC47EDAF37EB07C15796769BABCDF92E319613D99AC5B58A46A6DD ] LazerUsb        C:\Windows\system32\DRIVERS\LazerUsb.sys
16:32:50.0553 0x1300  LazerUsb - ok
16:32:50.0614 0x1300  [ 20CDB07017497C94A0BAD253C4BAFCBC, 5633D245525F9B8CAC4E87A95B0E19D1F34839483ED75AC8F7661DA29BC87EE7 ] LkCitadelServer C:\Windows\SysWOW64\lkcitdl.exe
16:32:50.0627 0x1300  LkCitadelServer - ok
16:32:50.0634 0x1300  [ 99121FD465F7A65AC15EEC3B4034C1E4, BBE3D7522AE6B96FB1789A851EB2558194B1388E87687FB289937BE5486E35B2 ] lkClassAds      C:\Windows\SysWOW64\lkads.exe
16:32:50.0636 0x1300  lkClassAds - ok
16:32:50.0641 0x1300  [ 19C8D1B03A5229CBBE1037425701F55F, 545CFE9036CD1D04DAE97800E93C98240C5312AAEEFCEEFBEAF00E753C781D84 ] lkTimeSync      C:\Windows\SysWOW64\lktsrv.exe
16:32:50.0643 0x1300  lkTimeSync - ok
16:32:50.0648 0x1300  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:32:50.0650 0x1300  lltdio - ok
16:32:50.0661 0x1300  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:32:50.0668 0x1300  lltdsvc - ok
16:32:50.0672 0x1300  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:32:50.0674 0x1300  lmhosts - ok
16:32:50.0682 0x1300  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:32:50.0684 0x1300  LSI_FC - ok
16:32:50.0691 0x1300  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:32:50.0694 0x1300  LSI_SAS - ok
16:32:50.0699 0x1300  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:32:50.0700 0x1300  LSI_SAS2 - ok
16:32:50.0707 0x1300  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:32:50.0709 0x1300  LSI_SCSI - ok
16:32:50.0715 0x1300  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:32:50.0718 0x1300  luafv - ok
16:32:50.0727 0x1300  [ 3D1516114F5B1548864D043177F992A6, 3733D5D51EA0DBFB24C408F1C48F8367CEE005EFCEC2860975D5EE2B4445ECF4 ] lxeaCATSCustConnectService C:\Windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe
16:32:50.0730 0x1300  lxeaCATSCustConnectService - ok
16:32:50.0733 0x1300  lxea_device - ok
16:32:50.0740 0x1300  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:32:50.0742 0x1300  Mcx2Svc - ok
16:32:50.0747 0x1300  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:32:50.0748 0x1300  megasas - ok
16:32:50.0759 0x1300  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:32:50.0765 0x1300  MegaSR - ok
16:32:50.0771 0x1300  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:32:50.0773 0x1300  MMCSS - ok
16:32:50.0778 0x1300  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:32:50.0779 0x1300  Modem - ok
16:32:50.0783 0x1300  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:32:50.0784 0x1300  monitor - ok
16:32:50.0789 0x1300  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:32:50.0790 0x1300  mouclass - ok
16:32:50.0795 0x1300  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:32:50.0796 0x1300  mouhid - ok
16:32:50.0802 0x1300  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:32:50.0804 0x1300  mountmgr - ok
16:32:50.0811 0x1300  [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:32:50.0813 0x1300  MozillaMaintenance - ok
16:32:50.0821 0x1300  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:32:50.0825 0x1300  mpio - ok
16:32:50.0831 0x1300  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:32:50.0832 0x1300  mpsdrv - ok
16:32:50.0855 0x1300  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:32:50.0872 0x1300  MpsSvc - ok
16:32:50.0881 0x1300  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:32:50.0884 0x1300  MRxDAV - ok
16:32:50.0892 0x1300  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:32:50.0896 0x1300  mrxsmb - ok
16:32:50.0910 0x1300  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:32:50.0915 0x1300  mrxsmb10 - ok
16:32:50.0923 0x1300  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:32:50.0926 0x1300  mrxsmb20 - ok
16:32:50.0930 0x1300  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:32:50.0931 0x1300  msahci - ok
16:32:50.0939 0x1300  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:32:50.0942 0x1300  msdsm - ok
16:32:50.0949 0x1300  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:32:50.0953 0x1300  MSDTC - ok
16:32:50.0960 0x1300  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:32:50.0961 0x1300  Msfs - ok
16:32:50.0965 0x1300  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:32:50.0966 0x1300  mshidkmdf - ok
16:32:50.0968 0x1300  MSICDSetup - ok
16:32:50.0974 0x1300  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:32:50.0975 0x1300  msisadrv - ok
16:32:50.0983 0x1300  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:32:50.0987 0x1300  MSiSCSI - ok
16:32:50.0991 0x1300  msiserver - ok
16:32:50.0995 0x1300  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:32:50.0996 0x1300  MSKSSRV - ok
16:32:51.0000 0x1300  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:32:51.0000 0x1300  MSPCLOCK - ok
16:32:51.0004 0x1300  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:32:51.0005 0x1300  MSPQM - ok
16:32:51.0018 0x1300  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:32:51.0025 0x1300  MsRPC - ok
16:32:51.0032 0x1300  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:32:51.0033 0x1300  mssmbios - ok
16:32:51.0036 0x1300  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:32:51.0037 0x1300  MSTEE - ok
16:32:51.0042 0x1300  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:32:51.0042 0x1300  MTConfig - ok
16:32:51.0047 0x1300  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:32:51.0049 0x1300  Mup - ok
16:32:51.0064 0x1300  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:32:51.0074 0x1300  napagent - ok
16:32:51.0087 0x1300  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:32:51.0093 0x1300  NativeWifiP - ok
16:32:51.0119 0x1300  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:32:51.0137 0x1300  NDIS - ok
16:32:51.0145 0x1300  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:32:51.0146 0x1300  NdisCap - ok
16:32:51.0151 0x1300  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:32:51.0152 0x1300  NdisTapi - ok
16:32:51.0157 0x1300  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:32:51.0158 0x1300  Ndisuio - ok
16:32:51.0166 0x1300  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:32:51.0170 0x1300  NdisWan - ok
16:32:51.0175 0x1300  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:32:51.0177 0x1300  NDProxy - ok
16:32:51.0181 0x1300  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:32:51.0183 0x1300  NetBIOS - ok
16:32:51.0193 0x1300  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:32:51.0198 0x1300  NetBT - ok
16:32:51.0202 0x1300  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
16:32:51.0204 0x1300  Netlogon - ok
16:32:51.0216 0x1300  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:32:51.0224 0x1300  Netman - ok
16:32:51.0238 0x1300  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:32:51.0241 0x1300  NetMsmqActivator - ok
16:32:51.0247 0x1300  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:32:51.0250 0x1300  NetPipeActivator - ok
16:32:51.0265 0x1300  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:32:51.0274 0x1300  netprofm - ok
16:32:51.0280 0x1300  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:32:51.0283 0x1300  NetTcpActivator - ok
16:32:51.0289 0x1300  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:32:51.0292 0x1300  NetTcpPortSharing - ok
16:32:51.0297 0x1300  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:32:51.0298 0x1300  nfrd960 - ok
16:32:51.0311 0x1300  [ CEEFDE8FACE887D6DDA664940404EA58, F84D6E7F3DF5C1F376ECB7C3286B7435E794878DEC00025597A819E7A5F662F5 ] NIDomainService C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
16:32:51.0318 0x1300  NIDomainService - ok
16:32:51.0345 0x1300  [ B17093B9A2C5F874975C732C1A8BA771, EAF5AF9A5CCBF982D0A4F8ACEDED25588E67981D938FE17A94F1C9B331709FAB ] NILM License Manager C:\Program Files (x86)\National Instruments\Shared\License Manager\Bin\lmgrd.exe
16:32:51.0364 0x1300  NILM License Manager - ok
16:32:51.0370 0x1300  niSvcLoc - ok
16:32:51.0382 0x1300  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:32:51.0389 0x1300  NlaSvc - ok
16:32:51.0394 0x1300  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:32:51.0396 0x1300  Npfs - ok
16:32:51.0400 0x1300  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:32:51.0402 0x1300  nsi - ok
16:32:51.0406 0x1300  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:32:51.0407 0x1300  nsiproxy - ok
16:32:51.0451 0x1300  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:32:51.0482 0x1300  Ntfs - ok
16:32:51.0490 0x1300  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:32:51.0491 0x1300  Null - ok
16:32:51.0501 0x1300  [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:32:51.0505 0x1300  NVHDA - ok
16:32:51.0813 0x1300  [ A6975E0E4BE34667933846DE2F28AEFC, DFCF194C457A80C8222821001626D089FB1D97A37CA4D50D92144CE324911A78 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:32:52.0052 0x1300  nvlddmkm - ok
16:32:52.0134 0x1300  [ 507E699BD36530491BA0F95251B22F06, BDE6EB91FADBCB8CE16C31EF43A97DC6CC5D0F4EBAEA7903810556D0D70F54BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:32:52.0167 0x1300  NvNetworkService - ok
16:32:52.0180 0x1300  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:32:52.0184 0x1300  nvraid - ok
16:32:52.0193 0x1300  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:32:52.0197 0x1300  nvstor - ok
16:32:52.0203 0x1300  [ 7E4C1879248629A2C9CC9ADF52CBB9B7, 856FF60FD111C3C80B137BC62B7EF92D3B95FBA462A29F97D65457A5A507506E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:32:52.0203 0x1300  NvStreamKms - ok
16:32:52.0658 0x1300  [ C3EB27E4BC00283CA166A9FC42B90FC7, FED7F68D1C6EB442292E40DCFAEE7339AE21D5EF726A9DC9BCB6AB5C5873B3E0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
16:32:53.0011 0x1300  NvStreamSvc - ok
16:32:53.0078 0x1300  [ 9AEDEFFFE581D775E70C1C228CCD495E, F31C6DED1292A9392B83F9F557070543984AAB73718785B1C189752B34D4805B ] NVSvc           C:\Windows\system32\nvvsvc.exe
16:32:53.0097 0x1300  NVSvc - ok
16:32:53.0104 0x1300  [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:32:53.0106 0x1300  nvvad_WaveExtensible - ok
16:32:53.0113 0x1300  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:32:53.0116 0x1300  nv_agp - ok
16:32:53.0132 0x1300  [ A78D66664C542712B53CAA68E98D1BB6, 0FB9A70E4B53C523127D2B3F834562B9A1D752CCC017AD2F8C83C49EFB9FAEF0 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:32:53.0140 0x1300  odserv - ok
16:32:53.0146 0x1300  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:32:53.0148 0x1300  ohci1394 - ok
16:32:53.0157 0x1300  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:32:53.0160 0x1300  ose - ok
16:32:53.0172 0x1300  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:32:53.0180 0x1300  p2pimsvc - ok
16:32:53.0195 0x1300  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:32:53.0205 0x1300  p2psvc - ok
16:32:53.0211 0x1300  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:32:53.0213 0x1300  Parport - ok
16:32:53.0219 0x1300  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:32:53.0220 0x1300  partmgr - ok
16:32:53.0229 0x1300  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:32:53.0234 0x1300  PcaSvc - ok
16:32:53.0243 0x1300  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:32:53.0247 0x1300  pci - ok
16:32:53.0251 0x1300  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:32:53.0252 0x1300  pciide - ok
16:32:53.0263 0x1300  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:32:53.0267 0x1300  pcmcia - ok
16:32:53.0272 0x1300  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:32:53.0274 0x1300  pcw - ok
16:32:53.0292 0x1300  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:32:53.0305 0x1300  PEAUTH - ok
16:32:53.0313 0x1300  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:32:53.0315 0x1300  PerfHost - ok
16:32:53.0356 0x1300  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:32:53.0383 0x1300  pla - ok
16:32:53.0401 0x1300  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:32:53.0411 0x1300  PlugPlay - ok
16:32:53.0418 0x1300  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
16:32:53.0421 0x1300  PnkBstrA - ok
16:32:53.0425 0x1300  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:32:53.0427 0x1300  PNRPAutoReg - ok
16:32:53.0439 0x1300  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:32:53.0446 0x1300  PNRPsvc - ok
16:32:53.0464 0x1300  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:32:53.0475 0x1300  PolicyAgent - ok
16:32:53.0485 0x1300  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:32:53.0490 0x1300  Power - ok
16:32:53.0497 0x1300  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:32:53.0500 0x1300  PptpMiniport - ok
16:32:53.0505 0x1300  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:32:53.0507 0x1300  Processor - ok
16:32:53.0516 0x1300  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:32:53.0522 0x1300  ProfSvc - ok
16:32:53.0526 0x1300  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:32:53.0527 0x1300  ProtectedStorage - ok
16:32:53.0534 0x1300  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:32:53.0537 0x1300  Psched - ok
16:32:53.0576 0x1300  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:32:53.0604 0x1300  ql2300 - ok
16:32:53.0615 0x1300  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:32:53.0618 0x1300  ql40xx - ok
16:32:53.0629 0x1300  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:32:53.0635 0x1300  QWAVE - ok
16:32:53.0640 0x1300  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:32:53.0641 0x1300  QWAVEdrv - ok
16:32:53.0645 0x1300  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:32:53.0646 0x1300  RasAcd - ok
16:32:53.0651 0x1300  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:32:53.0653 0x1300  RasAgileVpn - ok
16:32:53.0659 0x1300  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:32:53.0662 0x1300  RasAuto - ok
16:32:53.0669 0x1300  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:32:53.0672 0x1300  Rasl2tp - ok
16:32:53.0685 0x1300  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:32:53.0694 0x1300  RasMan - ok
16:32:53.0701 0x1300  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:32:53.0703 0x1300  RasPppoe - ok
16:32:53.0709 0x1300  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:32:53.0711 0x1300  RasSstp - ok
16:32:53.0722 0x1300  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:32:53.0728 0x1300  rdbss - ok
16:32:53.0733 0x1300  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:32:53.0734 0x1300  rdpbus - ok
16:32:53.0737 0x1300  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:32:53.0738 0x1300  RDPCDD - ok
16:32:53.0743 0x1300  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:32:53.0744 0x1300  RDPENCDD - ok
16:32:53.0749 0x1300  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:32:53.0750 0x1300  RDPREFMP - ok
16:32:53.0758 0x1300  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:32:53.0763 0x1300  RDPWD - ok
16:32:53.0772 0x1300  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:32:53.0776 0x1300  rdyboost - ok
16:32:53.0783 0x1300  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:32:53.0786 0x1300  RemoteAccess - ok
16:32:53.0794 0x1300  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:32:53.0798 0x1300  RemoteRegistry - ok
16:32:53.0804 0x1300  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:32:53.0807 0x1300  RpcEptMapper - ok
16:32:53.0811 0x1300  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:32:53.0812 0x1300  RpcLocator - ok
16:32:53.0828 0x1300  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:32:53.0839 0x1300  RpcSs - ok
16:32:53.0846 0x1300  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:32:53.0848 0x1300  rspndr - ok
16:32:53.0853 0x1300  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs           C:\Windows\system32\lsass.exe
16:32:53.0854 0x1300  SamSs - ok
16:32:53.0861 0x1300  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:32:53.0863 0x1300  sbp2port - ok
16:32:53.0872 0x1300  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:32:53.0877 0x1300  SCardSvr - ok
16:32:53.0882 0x1300  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:32:53.0883 0x1300  scfilter - ok
16:32:53.0912 0x1300  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:32:53.0934 0x1300  Schedule - ok
16:32:53.0942 0x1300  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:32:53.0944 0x1300  SCPolicySvc - ok
16:32:53.0952 0x1300  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:32:53.0958 0x1300  SDRSVC - ok
16:32:53.0962 0x1300  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:32:53.0963 0x1300  secdrv - ok
16:32:53.0968 0x1300  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:32:53.0970 0x1300  seclogon - ok
16:32:53.0977 0x1300  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:32:53.0980 0x1300  SENS - ok
16:32:53.0985 0x1300  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:32:53.0987 0x1300  SensrSvc - ok
16:32:53.0992 0x1300  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:32:53.0993 0x1300  Serenum - ok
16:32:54.0000 0x1300  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:32:54.0003 0x1300  Serial - ok
16:32:54.0007 0x1300  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:32:54.0008 0x1300  sermouse - ok
16:32:54.0020 0x1300  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:32:54.0024 0x1300  SessionEnv - ok
16:32:54.0028 0x1300  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:32:54.0029 0x1300  sffdisk - ok
16:32:54.0033 0x1300  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:32:54.0033 0x1300  sffp_mmc - ok
16:32:54.0037 0x1300  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:32:54.0038 0x1300  sffp_sd - ok
16:32:54.0042 0x1300  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:32:54.0043 0x1300  sfloppy - ok
16:32:54.0056 0x1300  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:32:54.0064 0x1300  SharedAccess - ok
16:32:54.0078 0x1300  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:32:54.0087 0x1300  ShellHWDetection - ok
16:32:54.0092 0x1300  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:32:54.0094 0x1300  SiSRaid2 - ok
16:32:54.0099 0x1300  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:32:54.0101 0x1300  SiSRaid4 - ok
16:32:54.0114 0x1300  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:32:54.0120 0x1300  SkypeUpdate - ok
16:32:54.0127 0x1300  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:32:54.0129 0x1300  Smb - ok
16:32:54.0137 0x1300  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:32:54.0139 0x1300  SNMPTRAP - ok
16:32:54.0146 0x1300  [ 4945020BC094C322571184A6E8056B3A, 9E09257411F7C3631537D0198E0E64CDD1A697D80430F6379139B15A2BA8A6C9 ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
16:32:54.0148 0x1300  SolidWorks Licensing Service - ok
16:32:54.0152 0x1300  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:32:54.0153 0x1300  spldr - ok
16:32:54.0171 0x1300  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:32:54.0183 0x1300  Spooler - ok
16:32:54.0269 0x1300  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:32:54.0335 0x1300  sppsvc - ok
16:32:54.0349 0x1300  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:32:54.0352 0x1300  sppuinotify - ok
16:32:54.0368 0x1300  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:32:54.0377 0x1300  srv - ok
16:32:54.0391 0x1300  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:32:54.0399 0x1300  srv2 - ok
16:32:54.0407 0x1300  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:32:54.0411 0x1300  srvnet - ok
16:32:54.0420 0x1300  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:32:54.0425 0x1300  SSDPSRV - ok
16:32:54.0431 0x1300  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:32:54.0434 0x1300  SstpSvc - ok
16:32:54.0451 0x1300  [ AD5CE4DBBBAFB82B728BA0548876C5B6, 09022AE357FFBD9F3DF7807BF57704AA8E71767E043E92DA06DB5FE828B3F26F ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:32:54.0458 0x1300  Stereo Service - ok
16:32:54.0464 0x1300  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:32:54.0465 0x1300  stexstor - ok
16:32:54.0483 0x1300  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:32:54.0496 0x1300  stisvc - ok
16:32:54.0502 0x1300  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:32:54.0503 0x1300  swenum - ok
16:32:54.0520 0x1300  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:32:54.0531 0x1300  swprv - ok
16:32:54.0578 0x1300  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:32:54.0612 0x1300  SysMain - ok
16:32:54.0623 0x1300  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:32:54.0627 0x1300  TabletInputService - ok
16:32:54.0639 0x1300  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:32:54.0646 0x1300  TapiSrv - ok
16:32:54.0652 0x1300  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:32:54.0656 0x1300  TBS - ok
16:32:54.0704 0x1300  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:32:54.0739 0x1300  Tcpip - ok
16:32:54.0792 0x1300  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:32:54.0827 0x1300  TCPIP6 - ok
16:32:54.0839 0x1300  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:32:54.0840 0x1300  tcpipreg - ok
16:32:54.0847 0x1300  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:32:54.0848 0x1300  TDPIPE - ok
16:32:54.0851 0x1300  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:32:54.0852 0x1300  TDTCP - ok
16:32:54.0859 0x1300  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:32:54.0862 0x1300  tdx - ok
16:32:54.0867 0x1300  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:32:54.0868 0x1300  TermDD - ok
16:32:54.0889 0x1300  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
16:32:54.0903 0x1300  TermService - ok
16:32:54.0910 0x1300  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:32:54.0913 0x1300  Themes - ok
16:32:54.0919 0x1300  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:32:54.0921 0x1300  THREADORDER - ok
16:32:54.0928 0x1300  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:32:54.0932 0x1300  TrkWks - ok
16:32:54.0941 0x1300  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:32:54.0945 0x1300  TrustedInstaller - ok
16:32:54.0951 0x1300  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:32:54.0952 0x1300  tssecsrv - ok
16:32:54.0958 0x1300  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:32:54.0960 0x1300  TsUsbFlt - ok
16:32:54.0966 0x1300  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:32:54.0969 0x1300  tunnel - ok
16:32:54.0974 0x1300  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:32:54.0976 0x1300  uagp35 - ok
16:32:54.0988 0x1300  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:32:54.0995 0x1300  udfs - ok
16:32:55.0004 0x1300  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:32:55.0007 0x1300  UI0Detect - ok
16:32:55.0012 0x1300  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:32:55.0013 0x1300  uliagpkx - ok
16:32:55.0018 0x1300  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
16:32:55.0020 0x1300  umbus - ok
16:32:55.0024 0x1300  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:32:55.0025 0x1300  UmPass - ok
16:32:55.0037 0x1300  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:32:55.0046 0x1300  upnphost - ok
16:32:55.0051 0x1300  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:32:55.0053 0x1300  USBAAPL64 - ok
16:32:55.0059 0x1300  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:32:55.0062 0x1300  usbaudio - ok
16:32:55.0068 0x1300  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:32:55.0070 0x1300  usbccgp - ok
16:32:55.0077 0x1300  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:32:55.0079 0x1300  usbcir - ok
16:32:55.0084 0x1300  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:32:55.0085 0x1300  usbehci - ok
16:32:55.0098 0x1300  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:32:55.0104 0x1300  usbhub - ok
16:32:55.0109 0x1300  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:32:55.0110 0x1300  usbohci - ok
16:32:55.0115 0x1300  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:32:55.0116 0x1300  usbprint - ok
16:32:55.0121 0x1300  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:32:55.0122 0x1300  usbscan - ok
16:32:55.0128 0x1300  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:32:55.0130 0x1300  USBSTOR - ok
16:32:55.0134 0x1300  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:32:55.0135 0x1300  usbuhci - ok
16:32:55.0140 0x1300  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:32:55.0143 0x1300  UxSms - ok
16:32:55.0147 0x1300  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
16:32:55.0149 0x1300  VaultSvc - ok
16:32:55.0153 0x1300  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:32:55.0155 0x1300  vdrvroot - ok
16:32:55.0171 0x1300  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:32:55.0183 0x1300  vds - ok
16:32:55.0190 0x1300  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:32:55.0191 0x1300  vga - ok
16:32:55.0195 0x1300  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:32:55.0197 0x1300  VgaSave - ok
16:32:55.0206 0x1300  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:32:55.0210 0x1300  vhdmp - ok
16:32:55.0215 0x1300  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:32:55.0215 0x1300  viaide - ok
16:32:55.0221 0x1300  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:32:55.0223 0x1300  volmgr - ok
16:32:55.0235 0x1300  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:32:55.0242 0x1300  volmgrx - ok
16:32:55.0254 0x1300  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:32:55.0260 0x1300  volsnap - ok
16:32:55.0269 0x1300  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:32:55.0272 0x1300  vsmraid - ok
16:32:55.0314 0x1300  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:32:55.0345 0x1300  VSS - ok
16:32:55.0365 0x1300  [ 93132C69394A99D992095D8CFE464801, A76C0371E9E18B038B0745C3F38AC4E958D43CB87EAB358EB88F431A33EE1F6E ] VST64HWBS2      C:\Windows\system32\DRIVERS\VSTBS26.SYS
16:32:55.0373 0x1300  VST64HWBS2 - ok
16:32:55.0412 0x1300  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] VST64_DPV       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:32:55.0440 0x1300  VST64_DPV - ok
16:32:55.0493 0x1300  [ 3E53906E7E054C2703AA584F549B4687, B3F30803A4B79B2259A4E4BF7F8BF8A36B05262146542D4F34878703E2D4186B ] vToolbarUpdater18.1.10 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe
16:32:55.0527 0x1300  vToolbarUpdater18.1.10 - ok
16:32:55.0536 0x1300  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:32:55.0537 0x1300  vwifibus - ok
16:32:55.0551 0x1300  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:32:55.0560 0x1300  W32Time - ok
16:32:55.0566 0x1300  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:32:55.0567 0x1300  WacomPen - ok
16:32:55.0574 0x1300  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:32:55.0576 0x1300  WANARP - ok
16:32:55.0581 0x1300  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:32:55.0583 0x1300  Wanarpv6 - ok
16:32:55.0617 0x1300  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:32:55.0640 0x1300  WatAdminSvc - ok
16:32:55.0682 0x1300  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:32:55.0712 0x1300  wbengine - ok
16:32:55.0725 0x1300  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:32:55.0731 0x1300  WbioSrvc - ok
16:32:55.0745 0x1300  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:32:55.0753 0x1300  wcncsvc - ok
16:32:55.0759 0x1300  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:32:55.0761 0x1300  WcsPlugInService - ok
16:32:55.0766 0x1300  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:32:55.0767 0x1300  Wd - ok
16:32:55.0789 0x1300  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:32:55.0804 0x1300  Wdf01000 - ok
16:32:55.0813 0x1300  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:32:55.0817 0x1300  WdiServiceHost - ok
16:32:55.0822 0x1300  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:32:55.0826 0x1300  WdiSystemHost - ok
16:32:55.0837 0x1300  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:32:55.0843 0x1300  WebClient - ok
16:32:55.0854 0x1300  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:32:55.0860 0x1300  Wecsvc - ok
16:32:55.0866 0x1300  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:32:55.0870 0x1300  wercplsupport - ok
16:32:55.0876 0x1300  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:32:55.0880 0x1300  WerSvc - ok
16:32:55.0884 0x1300  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:32:55.0885 0x1300  WfpLwf - ok
16:32:55.0889 0x1300  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:32:55.0890 0x1300  WIMMount - ok
16:32:55.0912 0x1300  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:32:55.0926 0x1300  winachsf - ok
16:32:55.0931 0x1300  WinDefend - ok
16:32:56.0010 0x1300  [ 3853778242E374E49BDA5EAB72DD8E60, 26BC53AE79161297782743C1A2CC71B7D0FE8338C9763B88EB3F298EB8FA1882 ] WindowsVNT_R3   C:\Program Files (x86)\Windows Network Accelerater\v3\winvxm.exe
16:32:56.0065 0x1300  WindowsVNT_R3 - ok
16:32:56.0075 0x1300  WinHttpAutoProxySvc - ok
16:32:56.0091 0x1300  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:32:56.0097 0x1300  Winmgmt - ok
16:32:56.0149 0x1300  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
16:32:56.0188 0x1300  WinRM - ok
16:32:56.0202 0x1300  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.SYS
16:32:56.0203 0x1300  WinUsb - ok
16:32:56.0228 0x1300  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:32:56.0247 0x1300  Wlansvc - ok
16:32:56.0308 0x1300  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:32:56.0350 0x1300  wlidsvc - ok
16:32:56.0360 0x1300  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:32:56.0362 0x1300  WmiAcpi - ok
16:32:56.0376 0x1300  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:32:56.0381 0x1300  wmiApSrv - ok
16:32:56.0385 0x1300  WMPNetworkSvc - ok
16:32:56.0392 0x1300  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:32:56.0395 0x1300  WPCSvc - ok
16:32:56.0402 0x1300  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:32:56.0407 0x1300  WPDBusEnum - ok
16:32:56.0412 0x1300  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:32:56.0413 0x1300  ws2ifsl - ok
16:32:56.0420 0x1300  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:32:56.0424 0x1300  wscsvc - ok
16:32:56.0428 0x1300  WSearch - ok
16:32:56.0494 0x1300  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:32:56.0542 0x1300  wuauserv - ok
16:32:56.0554 0x1300  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:32:56.0556 0x1300  WudfPf - ok
16:32:56.0566 0x1300  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:32:56.0570 0x1300  WUDFRd - ok
16:32:56.0577 0x1300  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:32:56.0581 0x1300  wudfsvc - ok
16:32:56.0591 0x1300  [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:32:56.0597 0x1300  WwanSvc - ok
16:32:56.0673 0x1300  [ 7066911A64D98FA7F33926A9F2A6DB22, A39B87750D805566C0EBD71DD1361A91E006DC71221694C6151967A440417FCF ] YouTubeDownload_P2 C:\Program Files (x86)\YouTube Downloader Services\P2\youtubeserv.exe
16:32:56.0727 0x1300  YouTubeDownload_P2 - ok
16:32:56.0738 0x1300  ================ Scan global ===============================
16:32:56.0743 0x1300  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:32:56.0753 0x1300  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:32:56.0768 0x1300  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:32:56.0777 0x1300  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:32:56.0790 0x1300  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:32:56.0798 0x1300  [ Global ] - ok
16:32:56.0798 0x1300  ================ Scan MBR ==================================
16:32:56.0801 0x1300  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:32:56.0963 0x1300  \Device\Harddisk0\DR0 - ok
16:32:56.0966 0x1300  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:32:56.0984 0x1300  \Device\Harddisk1\DR1 - detected Rootkit.Boot.Pihar.c ( 0 )
16:32:56.0984 0x1300  \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.c ) - infected
16:32:59.0482 0x1300  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk6\DR6
16:32:59.0489 0x1300  \Device\Harddisk6\DR6 - ok
16:32:59.0494 0x1300  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk8\DR8
16:32:59.0501 0x1300  \Device\Harddisk8\DR8 - ok
16:32:59.0501 0x1300  ================ Scan VBR ==================================
16:32:59.0504 0x1300  [ B32B00C696939A248DDB5DD903439AB9 ] \Device\Harddisk0\DR0\Partition1
16:32:59.0506 0x1300  \Device\Harddisk0\DR0\Partition1 - ok
16:32:59.0509 0x1300  [ 763CD10E2CEC54D9516180C2C2E10E46 ] \Device\Harddisk1\DR1\Partition1
16:32:59.0550 0x1300  \Device\Harddisk1\DR1\Partition1 - ok
16:32:59.0553 0x1300  [ 163B7D5FF388F5925086E068DC6EC2DF ] \Device\Harddisk1\DR1\Partition2
16:32:59.0597 0x1300  \Device\Harddisk1\DR1\Partition2 - ok
16:32:59.0600 0x1300  [ 181EFC0222B36B24131684E8F807451D ] \Device\Harddisk6\DR6\Partition1
16:32:59.0663 0x1300  \Device\Harddisk6\DR6\Partition1 - ok
16:32:59.0666 0x1300  [ 5A18E8A7DECEE513C7717E607BE79C7A ] \Device\Harddisk8\DR8\Partition1
16:33:00.0134 0x1300  \Device\Harddisk8\DR8\Partition1 - ok
16:33:00.0135 0x1300  ================ Scan generic autorun ======================
16:33:00.0157 0x1300  [ 3E48A4D66B5D092FEA1B21328AF08CD3, 5741700DF8A3D363FA398AFA9C26493B420F0B2FDD89EAD398E25B56494E1BC0 ] C:\Program Files (x86)\Lexmark S300-S400 Series\lxeamon.exe
16:33:00.0175 0x1300  lxeamon.exe - ok
16:33:00.0183 0x1300  [ EEC2835879188CE91EFC345DBAEFE6AF, AF77EBFD9869D4D20BABCCD21257088F2C0AD8FAE9AF41A827DA1DE8ACC5D80E ] C:\Program Files (x86)\Lexmark S300-S400 Series\ezprint.exe
16:33:00.0187 0x1300  EzPrint - ok
16:33:00.0277 0x1300  [ 4312B4DD07050FC58146756634058CE8, CD0F85A6C3BAA55F350FAD4523E4F91D94D7B30597BF45E626F608FBF927828D ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
16:33:00.0341 0x1300  AVG_UI - ok
16:33:00.0377 0x1300  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:33:00.0439 0x1300  Sidebar - ok
16:33:00.0446 0x1300  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:33:00.0449 0x1300  mctadmin - ok
16:33:00.0479 0x1300  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:33:00.0500 0x1300  Sidebar - ok
16:33:00.0507 0x1300  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:33:00.0509 0x1300  mctadmin - ok
16:33:00.0513 0x1300  tluafed - ok
16:33:00.0516 0x1300  {53093771-cbca-4a34-cd70-aafa07e3cec7} - ok
16:33:00.0518 0x1300  SogaCoyv - ok
16:33:00.0520 0x1300  CewzAlyo - ok
16:33:00.0520 0x1300  Waiting for KSN requests completion. In queue: 288
16:33:01.0520 0x1300  Waiting for KSN requests completion. In queue: 288
16:33:02.0520 0x1300  Waiting for KSN requests completion. In queue: 7
16:33:03.0534 0x1300  AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5577 ), 0x41000 ( enabled : updated )
16:33:03.0538 0x1300  Win FW state via NFP2: enabled
16:33:06.0032 0x1300  ============================================================
16:33:06.0032 0x1300  Scan finished
16:33:06.0032 0x1300  ============================================================
16:33:06.0042 0x0a98  Detected object count: 1
16:33:06.0042 0x0a98  Actual detected object count: 1
16:33:25.0026 0x0a98  \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.c ) - skipped by user
16:33:25.0026 0x0a98  \Device\Harddisk1\DR1 ( Rootkit.Boot.Pihar.c ) - User select action: Skip 



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 21 November 2014 - 06:01 PM

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 TFrieday

TFrieday
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:04 PM

Posted 21 November 2014 - 08:52 PM

ComboFix 14-11-18.01 - Tim 11/21/2014  20:25:25.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.6078.3607 [GMT -5:00]
Running from: c:\users\Tim\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2015 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\SPLBC8D.tmp
c:\users\Tim\AppData\Roaming\FrameworkUpdate7
c:\users\Tim\AppData\Roaming\FrameworkUpdate7\GoogleUpdate.exe
c:\windows\SysWow64\SET2688.tmp
c:\windows\SysWow64\SETAB86.tmp
c:\windows\SysWow64\SETFF2B.tmp
M:\autorun.inf
.
.
(((((((((((((((((((((((((   Files Created from 2014-10-22 to 2014-11-22  )))))))))))))))))))))))))))))))
.
.
2014-11-22 01:37 . 2014-11-22 01:37	--------	d-----w-	c:\users\TEMP\AppData\Local\temp
2014-11-22 01:37 . 2014-11-22 01:37	--------	d-----w-	c:\users\Mcx1-TIM-PC\AppData\Local\temp
2014-11-22 01:37 . 2014-11-22 01:37	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-11-20 03:08 . 2014-11-20 03:08	--------	d-----w-	C:\TDSSKiller_Quarantine
2014-11-18 21:13 . 2014-11-18 21:15	--------	d-----w-	C:\FRST
2014-11-17 01:26 . 2014-11-17 01:26	--------	d-----w-	c:\programdata\Ezprint
2014-11-17 01:26 . 2014-11-19 00:50	--------	d-----w-	c:\programdata\Lx_cats
2014-11-17 01:22 . 2009-11-04 13:17	189440	----a-w-	c:\windows\system32\Spool\prtprocs\x64\lxeadrpp.dll
2014-11-17 01:20 . 2009-02-20 08:48	23552	----a-w-	c:\windows\SysWow64\lxeasmr.dll
2014-11-17 01:20 . 2009-02-20 08:48	23552	----a-w-	c:\windows\system32\lxeasmr.dll
2014-11-17 01:20 . 2009-02-20 08:48	381440	----a-w-	c:\windows\system32\lxeasm.dll
2014-11-17 01:20 . 2009-02-20 08:48	299008	----a-w-	c:\windows\SysWow64\lxeasm.dll
2014-11-17 01:19 . 2008-03-05 02:55	109056	----a-w-	c:\windows\system32\lxeavs.dll
2014-11-17 01:19 . 2010-04-13 19:41	836608	----a-w-	c:\windows\system32\lxeacoin.dll
2014-11-17 01:19 . 2008-04-30 06:32	1462272	----a-w-	c:\windows\system32\lxk_g.dll
2014-11-17 01:19 . 2009-11-09 08:06	65536	----a-w-	c:\windows\system32\lxeagcfg.dll
2014-11-17 01:19 . 2009-10-21 10:06	148480	----a-w-	c:\windows\system32\lxeacuir.dll
2014-11-17 01:19 . 2009-10-21 10:06	399360	----a-w-	c:\windows\system32\lxeacui.dll
2014-11-17 01:19 . 2008-04-30 06:32	983121	----a-w-	c:\windows\system32\lxk_gf.dll
2014-11-17 01:19 . 2010-04-14 20:45	295592	----a-w-	c:\windows\system32\LXEAwupd.exe
2014-11-17 01:19 . 2010-02-22 10:09	510464	----a-w-	c:\windows\system32\LXEAwupd.dll
2014-11-17 01:18 . 2014-11-17 01:19	--------	d-----w-	c:\program files\Lexmark
2014-11-17 01:18 . 2014-11-17 01:18	--------	d-----w-	c:\program files (x86)\Lexmark Toolbar
2014-11-17 01:16 . 2010-04-14 20:45	520872	----a-w-	c:\windows\system32\lxeaih.exe
2014-11-17 01:13 . 2014-11-17 01:13	--------	d-----w-	C:\Lexmark
2014-11-15 04:25 . 2014-11-22 01:13	--------	d-----w-	c:\programdata\Windows VXM
2014-11-15 04:25 . 2014-11-15 04:25	--------	d-----w-	c:\program files (x86)\Windows Network Accelerater
2014-11-15 04:24 . 2014-11-17 21:25	--------	d-----w-	c:\programdata\Optimizer
2014-11-15 04:24 . 2014-11-15 04:24	--------	d-----w-	c:\program files (x86)\YouTube Downloader Services
2014-11-15 04:23 . 2014-11-15 04:23	--------	d-----w-	c:\users\Tim\AppData\Roaming\youtube-downloader-and-converter
2014-11-15 04:23 . 2014-11-15 04:24	--------	d-----w-	c:\program files (x86)\Solid YouTube Downloader and Converter
2014-11-15 04:23 . 2014-11-15 04:23	--------	d-----w-	c:\users\Tim\AppData\Local\Linkey
2014-11-15 04:21 . 2014-11-15 04:21	--------	d-----w-	c:\users\Tim\AppData\Roaming\FirefoxToolbar
2014-11-15 04:21 . 2014-11-15 04:21	--------	d-----w-	c:\programdata\smdmf
2014-11-15 04:21 . 2014-11-15 04:21	--------	d-----w-	c:\program files (x86)\Settings Manager
2014-11-15 04:19 . 2014-11-15 04:19	--------	d-----w-	c:\program files (x86)\Free Mouse Auto Clicker
2014-11-15 04:18 . 2014-11-15 04:18	--------	d-----w-	c:\users\Tim\AppData\Local\Programs
2014-11-11 01:56 . 2014-09-13 20:13	613696	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-11-11 00:42 . 2014-11-11 01:07	--------	d-----w-	C:\MGtools
2014-11-10 23:58 . 2014-11-18 01:13	--------	d-----w-	c:\programdata\GolhOnit
2014-11-10 23:58 . 2014-11-18 01:13	--------	d-----w-	c:\programdata\DomnuFmica
2014-11-09 16:41 . 2014-10-30 04:53	20922696	----a-w-	c:\windows\system32\SET3920.tmp
2014-11-09 14:04 . 2014-11-09 14:04	--------	d-----w-	C:\temp
2014-11-09 13:40 . 2014-10-30 04:53	1539272	----a-w-	c:\windows\system32\nvdispgenco6434460.dll
2014-11-09 13:40 . 2014-10-30 04:53	1876296	----a-w-	c:\windows\system32\nvdispco6434460.dll
2014-11-09 06:43 . 2014-11-18 01:13	--------	d-----w-	c:\programdata\EipikNogow
2014-11-09 06:43 . 2014-11-18 01:13	--------	d-----w-	c:\programdata\CewzAlyo
2014-11-08 14:50 . 2014-11-18 01:13	--------	d-----w-	c:\programdata\VahoRikic
2014-11-08 14:50 . 2014-11-18 01:13	--------	d-----w-	c:\programdata\BacvUkpux
2014-11-08 13:05 . 2014-11-18 01:18	--------	d-----w-	c:\users\Tim\AppData\Local\YXDPack
2014-11-08 13:00 . 2014-11-18 01:18	--------	d-----w-	c:\users\Tim\AppData\Local\Udmedia
2014-11-08 12:59 . 2014-11-18 01:13	--------	d-----w-	c:\programdata\PesbErux
2014-11-08 12:58 . 2014-11-18 01:13	--------	d-----w-	c:\programdata\SogaCoyv
2014-11-07 00:50 . 2014-11-08 05:39	--------	d-----w-	c:\users\Tim\AppData\Local\AVG Web TuneUp
2014-11-07 00:50 . 2014-11-08 01:42	--------	d-----w-	c:\programdata\AVG Security Toolbar
2014-11-07 00:49 . 2014-11-07 00:48	50976	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2014-11-07 00:49 . 2014-11-07 00:49	--------	d-----w-	c:\programdata\AVG Secure Search
2014-11-07 00:49 . 2014-11-07 00:49	--------	d-----w-	c:\program files (x86)\Common Files\AVG Secure Search
2014-11-07 00:49 . 2014-11-07 00:49	--------	d-----w-	c:\program files (x86)\AVG Web TuneUp
2014-11-07 00:49 . 2014-11-07 00:50	--------	d-----w-	c:\programdata\AVG Web TuneUp
2014-11-02 19:29 . 2014-10-16 16:54	1876296	----a-w-	c:\windows\system32\nvdispco6434448.dll
2014-11-02 19:29 . 2014-10-16 16:54	1539272	----a-w-	c:\windows\system32\nvdispgenco6434448.dll
2014-10-30 02:35 . 2014-10-30 02:35	263960	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2014-10-24 13:09 . 2014-10-24 13:09	--------	d-----w-	c:\users\Default\AppData\Roaming\TuneUp Software
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-11-11 01:07 . 2014-11-11 00:48	245208	----a-w-	C:\MGlogs.zip
2014-11-01 01:27 . 2013-07-20 21:23	736952	----a-w-	c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore-2\Microsoft.MediaCenter.Sports.UI.dll
2014-10-30 03:06 . 2013-06-16 01:35	2876528	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2014-10-30 03:06 . 2013-06-16 01:34	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2014-10-30 02:10 . 2011-01-20 23:26	2558792	----a-w-	c:\windows\system32\nvsvcr.dll
2014-10-30 02:05 . 2013-06-04 23:34	736952	----a-w-	c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2014-10-06 01:41 . 2014-10-06 01:41	124184	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2014-09-26 00:58 . 2013-06-04 23:33	2876528	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-09-26 00:58 . 2013-06-04 23:33	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-09-24 02:29 . 2013-06-04 23:33	539984	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2014-09-20 02:37 . 2013-06-18 01:58	539984	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-09-17 04:51 . 2014-09-22 00:17	31520	----a-w-	c:\windows\system32\nvhdap64.dll
2014-09-17 04:51 . 2014-09-22 00:17	197408	----a-w-	c:\windows\system32\drivers\nvhda64v.sys
2014-09-17 04:51 . 2014-02-02 14:00	1538880	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2014-09-17 02:13 . 2014-06-25 23:12	1291280	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2014-09-17 02:13 . 2013-10-30 00:14	2193560	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-09-17 02:12 . 2013-10-30 00:14	2799784	----a-w-	c:\windows\system32\nvspcap64.dll
2014-09-17 02:12 . 2014-06-25 23:12	1715224	----a-w-	c:\windows\system32\nvspbridge64.dll
2014-09-13 23:48 . 2014-09-22 00:17	984424	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-09-13 23:48 . 2014-09-22 00:17	957584	----a-w-	c:\windows\system32\NvIFR64.dll
2014-09-13 23:48 . 2014-09-22 00:17	925896	----a-w-	c:\windows\system32\NvFBC64.dll
2014-09-13 23:48 . 2014-09-22 00:17	919240	----a-w-	c:\windows\SysWow64\NvIFR.dll
2014-09-13 23:48 . 2014-09-22 00:17	894096	----a-w-	c:\windows\SysWow64\NvFBC.dll
2014-09-13 23:48 . 2014-09-22 00:17	867528	----a-w-	c:\windows\SysWow64\nvumdshim.dll
2014-09-13 23:48 . 2014-09-22 00:17	4287296	----a-w-	c:\windows\system32\nvcuvid.dll
2014-09-13 23:48 . 2014-09-22 00:17	4008592	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2014-09-13 23:48 . 2014-09-22 00:17	352016	----a-w-	c:\windows\system32\nvoglshim64.dll
2014-09-13 23:48 . 2014-09-22 00:17	31887680	----a-w-	c:\windows\system32\nvoglv64.dll
2014-09-13 23:48 . 2014-09-22 00:17	303600	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2014-09-13 23:48 . 2014-09-22 00:17	24552592	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2014-09-13 23:48 . 2014-09-22 00:17	20589536	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-09-13 23:48 . 2014-09-22 00:17	19954520	----a-w-	c:\windows\system32\nvd3dumx.dll
2014-09-13 23:48 . 2014-09-22 00:17	1876296	----a-w-	c:\windows\system32\nvdispco6434411.dll
2014-09-13 23:48 . 2014-09-22 00:17	18106152	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2014-09-13 23:48 . 2014-09-22 00:17	174856	----a-w-	c:\windows\system32\nvinitx.dll
2014-09-13 23:48 . 2014-09-22 00:17	16875856	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-09-13 23:48 . 2014-09-22 00:17	156840	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-09-13 23:48 . 2014-09-22 00:17	1539272	----a-w-	c:\windows\system32\nvdispgenco6434411.dll
2014-09-13 23:48 . 2014-09-22 00:17	14026304	----a-w-	c:\windows\system32\nvopencl.dll
2014-09-13 23:48 . 2014-09-22 00:17	13939272	----a-w-	c:\windows\system32\SET831.tmp
2014-09-13 23:48 . 2014-09-22 00:17	13939272	----a-w-	c:\windows\system32\nvcuda.dll
2014-09-13 23:48 . 2014-09-22 00:17	13157696	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2014-09-13 23:48 . 2014-09-22 00:17	11392576	----a-w-	c:\windows\SysWow64\nvopencl.dll
2014-09-13 23:48 . 2014-09-22 00:17	11330776	----a-w-	c:\windows\SysWow64\nvcuda.dll
2014-09-13 23:48 . 2014-09-22 00:17	3223120	----a-w-	c:\windows\system32\nvapi64.dll
2014-09-13 23:48 . 2014-09-22 00:17	2838424	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-09-13 23:48 . 2014-09-22 00:17	20922512	----a-w-	c:\windows\system32\nvcompiler.dll
2014-09-13 23:48 . 2014-09-22 00:17	17259664	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2014-09-13 21:53 . 2011-01-20 23:26	6890696	----a-w-	c:\windows\system32\nvcpl.dll
2014-09-13 21:53 . 2011-01-20 23:25	3529872	----a-w-	c:\windows\system32\nvsvc64.dll
2014-09-13 21:53 . 2011-01-20 23:26	934216	----a-w-	c:\windows\system32\nvvsvc.exe
2014-09-13 21:53 . 2011-01-20 23:26	62608	----a-w-	c:\windows\system32\nvshext.dll
2014-09-13 21:53 . 2011-01-20 23:26	385168	----a-w-	c:\windows\system32\nvmctray.dll
2014-09-11 22:55 . 2012-07-17 18:37	23256	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-09-11 15:37 . 2013-06-02 22:31	3961833	----a-w-	c:\windows\system32\nvcoproc.bin
2014-09-04 19:14 . 2014-09-22 00:06	38048	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-09-04 19:14 . 2014-09-22 00:06	32416	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-09-04 19:14 . 2013-08-29 23:13	34976	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-08-29 01:47 . 2014-08-29 01:47	243480	----a-w-	c:\windows\system32\drivers\avgldx64.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]
2014-10-22 08:11	138256	----a-w-	c:\users\Tim\AppData\Local\Linkey\IEExtension\iedll.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-11-07 00:48	2369560	----a-w-	c:\program files (x86)\AVG Web TuneUp\4.0.0.19\AVG Web TuneUp.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-06-25 00:22	223432	----a-w-	c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-06-25 00:22	223432	----a-w-	c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-06-25 00:22	223432	----a-w-	c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2015\avgui.exe" [2014-11-10 3653136]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe;c:\program files (x86)\AVG\AVG2015\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 lxeaCATSCustConnectService;lxeaCATSCustConnectService;c:\windows\system32\spool\DRIVERS\x64\3\\lxeaserv.exe;c:\windows\SYSNATIVE\spool\DRIVERS\x64\3\\lxeaserv.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe;c:\program files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;c:\windows\system32\drivers\HCW85BDA.sys;c:\windows\SYSNATIVE\drivers\HCW85BDA.sys [x]
R3 LazerUsb;Lumanate Lazer USB;c:\windows\system32\DRIVERS\LazerUsb.sys;c:\windows\SYSNATIVE\DRIVERS\LazerUsb.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2015\avgwdsvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 lxea_device;lxea_device;c:\windows\system32\lxeacoms.exe;c:\windows\SYSNATIVE\lxeacoms.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 vToolbarUpdater18.1.10;vToolbarUpdater18.1.10;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.10\ToolbarUpdater.exe [x]
S2 WindowsVNT_R3;Windows Virtual Network (WVN3);c:\program files (x86)\Windows Network Accelerater\v3\winvxm.exe;c:\program files (x86)\Windows Network Accelerater\v3\winvxm.exe [x]
S2 YouTubeDownload_P2;YouTube Downloader Services (P2);c:\program files (x86)\YouTube Downloader Services\P2\youtubeserv.exe;c:\program files (x86)\YouTube Downloader Services\P2\youtubeserv.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S3 VST64_DPV;VST64_DPV;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
S3 VST64HWBS2;VST64HWBS2;c:\windows\system32\DRIVERS\VSTBS26.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTBS26.SYS [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 33224688
*Deregistered* - 33224688
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-10-27 23:28	1089352	----a-w-	c:\program files (x86)\Google\Chrome\Application\38.0.2125.111\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-02 22:15]
.
2014-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-06-02 22:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-06-25 00:23	262344	----a-w-	c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-06-25 00:23	262344	----a-w-	c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-06-25 00:23	262344	----a-w-	c:\users\Tim\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Tim\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lxeamon.exe"="c:\program files (x86)\Lexmark S300-S400 Series\lxeamon.exe" [2011-01-24 770728]
"EzPrint"="c:\program files (x86)\Lexmark S300-S400 Series\ezprint.exe" [2011-01-24 148280]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.default-search.net?sid=498&aid=160&itype=n&ver=14440&tm=532&src=hmp
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.10\ViProtocol.dll
FF - ProfilePath - c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\xdjoqdtj.default\
FF - prefs.js: browser.search.selectedEngine - default-search.net
FF - prefs.js: browser.startup.homepage - hxxp://www.default-search.net?sid=498&aid=160&itype=n&ver=14440&tm=532&src=hmp
FF - prefs.js: keyword.URL - hxxp://www.default-search.net/search?sid=498&aid=160&itype=n&ver=14440&tm=532&src=ds&p=
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKCU-Run-{53093771-cbca-4a34-cd70-aafa07e3cec7} - c:\users\Tim\AppData\Local\{53093771-cbca-4a34-cd70-aafa07e3cec7}\{53093771-cbca-4a34-cd70-aafa07e3cec7}.exe
Wow6432Node-HKCU-Run-SogaCoyv - c:\programdata\SogaCoyv\SogaCoyv.dat
Wow6432Node-HKCU-Run-CewzAlyo - c:\programdata\CewzAlyo\CewzAlyo.dat
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
SafeBoot-33224688.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\Battlefield 4\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-999253832-2327500951-877020514-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-999253832-2327500951-877020514-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-999253832-2327500951-877020514-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32\*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-11-21  20:50:46
ComboFix-quarantined-files.txt  2014-11-22 01:50
.
Pre-Run: 11,213,348,864 bytes free
Post-Run: 18,234,281,984 bytes free
.
- - End Of File - - AABA5AB43D4E1E555E8C6619A013F19B
A36C5E4F47E84449FF07ED3517B43A31



#8 TFrieday

TFrieday
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:04:04 PM

Posted 23 November 2014 - 08:46 AM

During the Combofix scan, my network icon did say I had access to the network.  But after the scan was complete it went right back to having no access to the network but just like before I still have internet access.



#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 04 December 2014 - 07:42 AM

Do you still need help?


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 05 January 2015 - 10:29 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:04 PM

Posted 05 January 2015 - 10:29 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users