Jump to content

The Setup Files Are Corrupted. Please obtain a new copy of the program.


Recommended Posts

Hello friends!

I'm trying to install Malware Bytes into my PC as I keep getting this advertisement on my brosers called Trolatunt, but everytime I try and install Malware Bytes the titled message keeps coming up. I've downloaded it 9 times from different websites and it happens everytime, I was wondering if you could help a brother out.

Thanks in advance

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Kevin..

Link to post
Share on other sites

Please download RKill from here: http://www.bleepingcomputer.com/download/rkill/

 

There are three buttons to choose from with different names on, select the first one and save it to your desktop.

 

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply.
  • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
  • If the tool does not run from any of the links provided, please let me know.

 

If RKill runs and completes try FRST again...

 

Thanks,

 

Kevin

Link to post
Share on other sites

Hi again Kevin

 

When I click on RKill.exe normally this message comes up:

'The application was unable to start correctly (0xc000005). Click OK to close the application.'

 

Nothing happens when I run it as administrator

 

When I downloaded the 2nd one nothing happened when I ran it normally or as administrator

 

On the 3rd one I wasnt able to run it as administrator as the option wasn't there, when I ran it normally this came up:

'C:\Users\Curt\Desktop\rkill.com

 

The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log ot use the command-line sxstrace.exe tool for more detail.'

Link to post
Share on other sites

Download TDSSKiller and save it to your Desktop.

 

Make sure TDSSKiller.exe  is on the Desktop itself, not within a folder on the desktop.

 

Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

 

"%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt

 

If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.

If Malicious objects are found, do NOT select Delete or Cure. Change the action to Skip, When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

Link to post
Share on other sites

17:54:34.0109 0x16f0  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54

17:54:48.0440 0x16f0  ============================================================

17:54:48.0440 0x16f0  Current date / time: 2014/06/13 17:54:48.0440

17:54:48.0440 0x16f0  SystemInfo:

17:54:48.0440 0x16f0  

17:54:48.0440 0x16f0  OS Version: 6.1.7601 ServicePack: 1.0

17:54:48.0440 0x16f0  Product type: Workstation

17:54:48.0440 0x16f0  ComputerName: CURT-PC

17:54:48.0440 0x16f0  UserName: Curt

17:54:48.0441 0x16f0  Windows directory: C:\Windows

17:54:48.0441 0x16f0  System windows directory: C:\Windows

17:54:48.0441 0x16f0  Running under WOW64

17:54:48.0441 0x16f0  Processor architecture: Intel x64

17:54:48.0441 0x16f0  Number of processors: 4

17:54:48.0441 0x16f0  Page size: 0x1000

17:54:48.0441 0x16f0  Boot type: Normal boot

17:54:48.0441 0x16f0  ============================================================

17:54:50.0576 0x16f0  KLMD registered as C:\Windows\system32\drivers\33496738.sys

17:54:50.0870 0x16f0  System UUID: {CB5F546E-B4A6-9F29-2127-51C94DF64492}

17:54:51.0443 0x16f0  Drive \Device\Harddisk1\DR1 - Size: 0x12A05F2000 ( 74.51 Gb ), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:54:51.0470 0x16f0  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

17:54:51.0493 0x16f0  ============================================================

17:54:51.0494 0x16f0  \Device\Harddisk1\DR1:

17:54:51.0501 0x16f0  MBR partitions:

17:54:51.0501 0x16f0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

17:54:51.0501 0x16f0  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94CF800

17:54:51.0501 0x16f0  \Device\Harddisk0\DR0:

17:54:51.0503 0x16f0  MBR partitions:

17:54:51.0503 0x16f0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800

17:54:51.0503 0x16f0  ============================================================

17:54:51.0532 0x16f0  C: <-> \Device\Harddisk1\DR1\Partition2

17:54:51.0536 0x16f0  D: <-> \Device\Harddisk0\DR0\Partition1

17:54:51.0536 0x16f0  ============================================================

17:54:51.0537 0x16f0  Initialize success

17:54:51.0537 0x16f0  ============================================================

17:55:00.0507 0x171c  ============================================================

17:55:00.0507 0x171c  Scan started

17:55:00.0507 0x171c  Mode: Manual; 

17:55:00.0507 0x171c  ============================================================

17:55:00.0507 0x171c  KSN ping started

17:55:14.0206 0x171c  KSN ping finished: true

17:55:15.0618 0x171c  ================ Scan system memory ========================

17:55:15.0619 0x171c  System memory - ok

17:55:15.0619 0x171c  ================ Scan services =============================

17:55:15.0751 0x171c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys

17:55:15.0769 0x171c  1394ohci - ok

17:55:15.0813 0x171c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

17:55:15.0830 0x171c  ACPI - ok

17:55:15.0849 0x171c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

17:55:15.0851 0x171c  AcpiPmi - ok

17:55:15.0912 0x171c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

17:55:15.0953 0x171c  adp94xx - ok

17:55:15.0993 0x171c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys

17:55:16.0008 0x171c  adpahci - ok

17:55:16.0025 0x171c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

17:55:16.0034 0x171c  adpu320 - ok

17:55:16.0060 0x171c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

17:55:16.0062 0x171c  AeLookupSvc - ok

17:55:16.0109 0x171c  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys

17:55:16.0154 0x171c  AFD - ok

17:55:16.0181 0x171c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys

17:55:16.0183 0x171c  agp440 - ok

17:55:16.0207 0x171c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe

17:55:16.0209 0x171c  ALG - ok

17:55:16.0249 0x171c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys

17:55:16.0250 0x171c  aliide - ok

17:55:16.0270 0x171c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys

17:55:16.0271 0x171c  amdide - ok

17:55:16.0299 0x171c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

17:55:16.0303 0x171c  AmdK8 - ok

17:55:16.0328 0x171c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys

17:55:16.0332 0x171c  AmdPPM - ok

17:55:16.0389 0x171c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

17:55:16.0396 0x171c  amdsata - ok

17:55:16.0424 0x171c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

17:55:16.0441 0x171c  amdsbs - ok

17:55:16.0468 0x171c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys

17:55:16.0470 0x171c  amdxata - ok

17:55:16.0566 0x171c  [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll

17:55:16.0571 0x171c  AppHostSvc - ok

17:55:16.0617 0x171c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys

17:55:16.0621 0x171c  AppID - ok

17:55:16.0652 0x171c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

17:55:16.0656 0x171c  AppIDSvc - ok

17:55:16.0708 0x171c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll

17:55:16.0712 0x171c  Appinfo - ok

17:55:16.0751 0x171c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys

17:55:16.0756 0x171c  arc - ok

17:55:16.0772 0x171c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys

17:55:16.0778 0x171c  arcsas - ok

17:55:16.0894 0x171c  [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe

17:55:16.0953 0x171c  asComSvc - ok

17:55:17.0017 0x171c  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys

17:55:17.0019 0x171c  AsIO - ok

17:55:17.0280 0x171c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

17:55:17.0282 0x171c  aspnet_state - ok

17:55:17.0367 0x171c  [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys

17:55:17.0369 0x171c  aswHwid - ok

17:55:17.0384 0x171c  [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys

17:55:17.0387 0x171c  aswMonFlt - ok

17:55:17.0408 0x171c  [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys

17:55:17.0411 0x171c  aswRdr - ok

17:55:17.0425 0x171c  [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys

17:55:17.0427 0x171c  aswRvrt - ok

17:55:17.0510 0x171c  [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys

17:55:17.0529 0x171c  aswSnx - ok

17:55:17.0555 0x171c  [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP           C:\Windows\system32\drivers\aswSP.sys

17:55:17.0560 0x171c  aswSP - ok

17:55:17.0576 0x171c  [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm          C:\Windows\system32\drivers\aswStm.sys

17:55:17.0577 0x171c  aswStm - ok

17:55:17.0596 0x171c  [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys

17:55:17.0604 0x171c  aswVmm - ok

17:55:17.0644 0x171c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

17:55:17.0646 0x171c  AsyncMac - ok

17:55:17.0681 0x171c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys

17:55:17.0683 0x171c  atapi - ok

17:55:17.0743 0x171c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

17:55:17.0777 0x171c  AudioEndpointBuilder - ok

17:55:17.0810 0x171c  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

17:55:17.0820 0x171c  AudioSrv - ok

17:55:17.0944 0x171c  [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

17:55:17.0948 0x171c  avast! Antivirus - ok

17:55:17.0979 0x171c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll

17:55:17.0986 0x171c  AxInstSV - ok

17:55:18.0060 0x171c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

17:55:18.0085 0x171c  b06bdrv - ok

17:55:18.0142 0x171c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

17:55:18.0168 0x171c  b57nd60a - ok

17:55:18.0207 0x171c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll

17:55:18.0211 0x171c  BDESVC - ok

17:55:18.0220 0x171c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys

17:55:18.0221 0x171c  Beep - ok

17:55:18.0275 0x171c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll

17:55:18.0309 0x171c  BFE - ok

17:55:18.0362 0x171c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll

17:55:18.0390 0x171c  BITS - ok

17:55:18.0410 0x171c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

17:55:18.0411 0x171c  blbdrive - ok

17:55:18.0460 0x171c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

17:55:18.0462 0x171c  bowser - ok

17:55:18.0550 0x171c  [ D4F84730BE7FEB435D119792F84EA934, AE66026CEF3E3F71A210C903E55C327955872B22F01E80FC3410B0AA1355062C ] BRDriver64      C:\ProgramData\BitRaider\BRDriver64.sys

17:55:18.0552 0x171c  BRDriver64 - ok

17:55:18.0597 0x171c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

17:55:18.0598 0x171c  BrFiltLo - ok

17:55:18.0618 0x171c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

17:55:18.0619 0x171c  BrFiltUp - ok

17:55:18.0659 0x171c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys

17:55:18.0661 0x171c  BridgeMP - ok

17:55:18.0715 0x171c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll

17:55:18.0723 0x171c  Browser - ok

17:55:18.0752 0x171c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

17:55:18.0769 0x171c  Brserid - ok

17:55:18.0787 0x171c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

17:55:18.0789 0x171c  BrSerWdm - ok

17:55:18.0865 0x171c  [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc        C:\ProgramData\BitRaider\BRSptSvc.exe

17:55:18.0895 0x171c  BRSptSvc - ok

17:55:18.0931 0x171c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

17:55:18.0934 0x171c  BrUsbMdm - ok

17:55:18.0954 0x171c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

17:55:18.0957 0x171c  BrUsbSer - ok

17:55:18.0984 0x171c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

17:55:18.0988 0x171c  BTHMODEM - ok

17:55:19.0034 0x171c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll

17:55:19.0039 0x171c  bthserv - ok

17:55:19.0250 0x171c  [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

17:55:19.0305 0x171c  c2cautoupdatesvc - ok

17:55:19.0461 0x171c  [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

17:55:19.0497 0x171c  c2cpnrsvc - ok

17:55:19.0516 0x171c  catchme - ok

17:55:19.0548 0x171c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

17:55:19.0551 0x171c  cdfs - ok

17:55:19.0597 0x171c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

17:55:19.0614 0x171c  cdrom - ok

17:55:19.0651 0x171c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll

17:55:19.0655 0x171c  CertPropSvc - ok

17:55:19.0688 0x171c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys

17:55:19.0690 0x171c  circlass - ok

17:55:19.0731 0x171c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys

17:55:19.0756 0x171c  CLFS - ok

17:55:19.0826 0x171c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

17:55:19.0830 0x171c  clr_optimization_v2.0.50727_32 - ok

17:55:19.0859 0x171c  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

17:55:19.0864 0x171c  clr_optimization_v2.0.50727_64 - ok

17:55:19.0964 0x171c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

17:55:19.0990 0x171c  clr_optimization_v4.0.30319_32 - ok

17:55:20.0011 0x171c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

17:55:20.0013 0x171c  clr_optimization_v4.0.30319_64 - ok

17:55:20.0034 0x171c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys

17:55:20.0035 0x171c  CmBatt - ok

17:55:20.0066 0x171c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys

17:55:20.0066 0x171c  cmdide - ok

17:55:20.0140 0x171c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys

17:55:20.0171 0x171c  CNG - ok

17:55:20.0206 0x171c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

17:55:20.0208 0x171c  Compbatt - ok

17:55:20.0248 0x171c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

17:55:20.0251 0x171c  CompositeBus - ok

17:55:20.0270 0x171c  COMSysApp - ok

17:55:20.0287 0x171c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

17:55:20.0289 0x171c  crcdisk - ok

17:55:20.0348 0x171c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll

17:55:20.0365 0x171c  CryptSvc - ok

17:55:20.0421 0x171c  [ AF5F50B2F20438EC929418C9AD0F5D21, 3AFEE1941339D2633A1C5CEF08656831D276B7FF77E468865D138185E0DB03A5 ] D-Vitec         C:\Windows\system32\DRIVERS\dvitdcnt.sys

17:55:20.0437 0x171c  D-Vitec - ok

17:55:20.0480 0x171c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll

17:55:20.0503 0x171c  DcomLaunch - ok

17:55:20.0530 0x171c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll

17:55:20.0552 0x171c  defragsvc - ok

17:55:20.0578 0x171c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

17:55:20.0581 0x171c  DfsC - ok

17:55:20.0606 0x171c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll

17:55:20.0623 0x171c  Dhcp - ok

17:55:20.0634 0x171c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys

17:55:20.0635 0x171c  discache - ok

17:55:20.0663 0x171c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys

17:55:20.0665 0x171c  Disk - ok

17:55:20.0720 0x171c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

17:55:20.0733 0x171c  Dnscache - ok

17:55:20.0769 0x171c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll

17:55:20.0786 0x171c  dot3svc - ok

17:55:20.0794 0x171c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll

17:55:20.0799 0x171c  DPS - ok

17:55:20.0847 0x171c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

17:55:20.0848 0x171c  drmkaud - ok

17:55:20.0916 0x171c  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys

17:55:20.0924 0x171c  dtsoftbus01 - ok

17:55:21.0003 0x171c  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

17:55:21.0016 0x171c  DXGKrnl - ok

17:55:21.0052 0x171c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll

17:55:21.0055 0x171c  EapHost - ok

17:55:21.0542 0x171c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys

17:55:21.0709 0x171c  ebdrv - ok

17:55:21.0744 0x171c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe

17:55:21.0745 0x171c  EFS - ok

17:55:21.0853 0x171c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

17:55:21.0906 0x171c  ehRecvr - ok

17:55:21.0922 0x171c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe

17:55:21.0928 0x171c  ehSched - ok

17:55:21.0988 0x171c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

17:55:22.0022 0x171c  elxstor - ok

17:55:22.0042 0x171c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys

17:55:22.0044 0x171c  ErrDev - ok

17:55:22.0105 0x171c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll

17:55:22.0130 0x171c  EventSystem - ok

17:55:22.0170 0x171c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys

17:55:22.0188 0x171c  exfat - ok

17:55:22.0217 0x171c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

17:55:22.0232 0x171c  fastfat - ok

17:55:22.0289 0x171c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe

17:55:22.0323 0x171c  Fax - ok

17:55:22.0351 0x171c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys

17:55:22.0353 0x171c  fdc - ok

17:55:22.0365 0x171c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll

17:55:22.0367 0x171c  fdPHost - ok

17:55:22.0379 0x171c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll

17:55:22.0382 0x171c  FDResPub - ok

17:55:22.0395 0x171c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

17:55:22.0397 0x171c  FileInfo - ok

17:55:22.0406 0x171c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

17:55:22.0408 0x171c  Filetrace - ok

17:55:22.0428 0x171c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

17:55:22.0429 0x171c  flpydisk - ok

17:55:22.0464 0x171c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

17:55:22.0481 0x171c  FltMgr - ok

17:55:22.0582 0x171c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll

17:55:22.0655 0x171c  FontCache - ok

17:55:22.0713 0x171c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

17:55:22.0718 0x171c  FontCache3.0.0.0 - ok

17:55:22.0744 0x171c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

17:55:22.0748 0x171c  FsDepends - ok

17:55:22.0791 0x171c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

17:55:22.0793 0x171c  Fs_Rec - ok

17:55:22.0852 0x171c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

17:55:22.0868 0x171c  fvevol - ok

17:55:22.0900 0x171c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

17:55:22.0904 0x171c  gagp30kx - ok

17:55:22.0962 0x171c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll

17:55:23.0006 0x171c  gpsvc - ok

17:55:23.0059 0x171c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:55:23.0062 0x171c  gupdate - ok

17:55:23.0066 0x171c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

17:55:23.0068 0x171c  gupdatem - ok

17:55:23.0085 0x171c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

17:55:23.0086 0x171c  hcw85cir - ok

17:55:23.0128 0x171c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

17:55:23.0145 0x171c  HdAudAddService - ok

17:55:23.0251 0x171c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

17:55:23.0254 0x171c  HDAudBus - ok

17:55:23.0273 0x171c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

17:55:23.0274 0x171c  HidBatt - ok

17:55:23.0293 0x171c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys

17:55:23.0296 0x171c  HidBth - ok

17:55:23.0320 0x171c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys

17:55:23.0322 0x171c  HidIr - ok

17:55:23.0346 0x171c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll

17:55:23.0351 0x171c  hidserv - ok

17:55:23.0395 0x171c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

17:55:23.0397 0x171c  HidUsb - ok

17:55:23.0435 0x171c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll

17:55:23.0445 0x171c  hkmsvc - ok

17:55:23.0466 0x171c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

17:55:23.0483 0x171c  HomeGroupListener - ok

17:55:23.0518 0x171c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

17:55:23.0527 0x171c  HomeGroupProvider - ok

17:55:23.0547 0x171c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

17:55:23.0549 0x171c  HpSAMD - ok

17:55:23.0613 0x171c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

17:55:23.0640 0x171c  HTTP - ok

17:55:23.0663 0x171c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

17:55:23.0663 0x171c  hwpolicy - ok

17:55:23.0706 0x171c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys

17:55:23.0710 0x171c  i8042prt - ok

17:55:23.0752 0x171c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

17:55:23.0773 0x171c  iaStorV - ok

17:55:23.0848 0x171c  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

17:55:23.0914 0x171c  idsvc - ok

17:55:23.0933 0x171c  IEEtwCollectorService - ok

17:55:23.0960 0x171c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

17:55:23.0963 0x171c  iirsp - ok

17:55:24.0043 0x171c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll

17:55:24.0101 0x171c  IKEEXT - ok

17:55:24.0123 0x171c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys

17:55:24.0125 0x171c  intelide - ok

17:55:24.0166 0x171c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

17:55:24.0169 0x171c  intelppm - ok

17:55:24.0203 0x171c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

17:55:24.0209 0x171c  IPBusEnum - ok

17:55:24.0236 0x171c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:55:24.0240 0x171c  IpFilterDriver - ok

17:55:24.0330 0x171c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

17:55:24.0365 0x171c  iphlpsvc - ok

17:55:24.0382 0x171c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

17:55:24.0386 0x171c  IPMIDRV - ok

17:55:24.0401 0x171c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

17:55:24.0406 0x171c  IPNAT - ok

17:55:24.0435 0x171c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys

17:55:24.0437 0x171c  IRENUM - ok

17:55:24.0470 0x171c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

17:55:24.0472 0x171c  isapnp - ok

17:55:24.0528 0x171c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

17:55:24.0553 0x171c  iScsiPrt - ok

17:55:24.0583 0x171c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

17:55:24.0586 0x171c  kbdclass - ok

17:55:24.0605 0x171c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

17:55:24.0607 0x171c  kbdhid - ok

17:55:24.0618 0x171c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe

17:55:24.0621 0x171c  KeyIso - ok

17:55:24.0660 0x171c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

17:55:24.0663 0x171c  KSecDD - ok

17:55:24.0678 0x171c  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

17:55:24.0686 0x171c  KSecPkg - ok

17:55:24.0701 0x171c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

17:55:24.0702 0x171c  ksthunk - ok

17:55:24.0739 0x171c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll

17:55:24.0757 0x171c  KtmRm - ok

17:55:24.0794 0x171c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll

17:55:24.0811 0x171c  LanmanServer - ok

17:55:24.0838 0x171c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

17:55:24.0844 0x171c  LanmanWorkstation - ok

17:55:24.0876 0x171c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

17:55:24.0879 0x171c  lltdio - ok

17:55:24.0911 0x171c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

17:55:24.0934 0x171c  lltdsvc - ok

17:55:24.0956 0x171c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll

17:55:24.0959 0x171c  lmhosts - ok

17:55:24.0995 0x171c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

17:55:25.0002 0x171c  LSI_FC - ok

17:55:25.0039 0x171c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

17:55:25.0043 0x171c  LSI_SAS - ok

17:55:25.0062 0x171c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

17:55:25.0064 0x171c  LSI_SAS2 - ok

17:55:25.0088 0x171c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

17:55:25.0090 0x171c  LSI_SCSI - ok

17:55:25.0111 0x171c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys

17:55:25.0114 0x171c  luafv - ok

17:55:25.0137 0x171c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

17:55:25.0140 0x171c  Mcx2Svc - ok

17:55:25.0151 0x171c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys

17:55:25.0152 0x171c  megasas - ok

17:55:25.0224 0x171c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

17:55:25.0262 0x171c  MegaSR - ok

17:55:25.0398 0x171c  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys

17:55:25.0402 0x171c  MEIx64 - ok

17:55:25.0437 0x171c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll

17:55:25.0442 0x171c  MMCSS - ok

17:55:25.0455 0x171c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys

17:55:25.0458 0x171c  Modem - ok

17:55:25.0491 0x171c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

17:55:25.0492 0x171c  monitor - ok

17:55:25.0522 0x171c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

17:55:25.0524 0x171c  mouclass - ok

17:55:25.0551 0x171c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

17:55:25.0552 0x171c  mouhid - ok

17:55:25.0582 0x171c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

17:55:25.0585 0x171c  mountmgr - ok

17:55:25.0609 0x171c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys

17:55:25.0634 0x171c  mpio - ok

17:55:25.0656 0x171c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

17:55:25.0659 0x171c  mpsdrv - ok

17:55:25.0718 0x171c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll

17:55:25.0760 0x171c  MpsSvc - ok

17:55:25.0814 0x171c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

17:55:25.0830 0x171c  MRxDAV - ok

17:55:25.0875 0x171c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

17:55:25.0891 0x171c  mrxsmb - ok

17:55:25.0913 0x171c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:55:25.0930 0x171c  mrxsmb10 - ok

17:55:25.0954 0x171c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:55:25.0958 0x171c  mrxsmb20 - ok

17:55:25.0995 0x171c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys

17:55:25.0997 0x171c  msahci - ok

17:55:26.0030 0x171c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

17:55:26.0060 0x171c  msdsm - ok

17:55:26.0086 0x171c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe

17:55:26.0102 0x171c  MSDTC - ok

17:55:26.0139 0x171c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

17:55:26.0141 0x171c  Msfs - ok

17:55:26.0185 0x171c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

17:55:26.0187 0x171c  mshidkmdf - ok

17:55:26.0198 0x171c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

17:55:26.0199 0x171c  msisadrv - ok

17:55:26.0231 0x171c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

17:55:26.0248 0x171c  MSiSCSI - ok

17:55:26.0252 0x171c  msiserver - ok

17:55:26.0279 0x171c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

17:55:26.0281 0x171c  MSKSSRV - ok

17:55:26.0289 0x171c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

17:55:26.0290 0x171c  MSPCLOCK - ok

17:55:26.0313 0x171c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

17:55:26.0314 0x171c  MSPQM - ok

17:55:26.0344 0x171c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

17:55:26.0369 0x171c  MsRPC - ok

17:55:26.0386 0x171c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

17:55:26.0388 0x171c  mssmbios - ok

17:55:26.0405 0x171c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

17:55:26.0406 0x171c  MSTEE - ok

17:55:26.0420 0x171c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

17:55:26.0421 0x171c  MTConfig - ok

17:55:26.0438 0x171c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys

17:55:26.0440 0x171c  Mup - ok

17:55:26.0488 0x171c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll

17:55:26.0513 0x171c  napagent - ok

17:55:26.0549 0x171c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

17:55:26.0566 0x171c  NativeWifiP - ok

17:55:26.0648 0x171c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys

17:55:26.0682 0x171c  NDIS - ok

17:55:26.0719 0x171c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

17:55:26.0720 0x171c  NdisCap - ok

17:55:26.0750 0x171c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

17:55:26.0752 0x171c  NdisTapi - ok

17:55:26.0773 0x171c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

17:55:26.0776 0x171c  Ndisuio - ok

17:55:26.0799 0x171c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

17:55:26.0816 0x171c  NdisWan - ok

17:55:26.0838 0x171c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

17:55:26.0841 0x171c  NDProxy - ok

17:55:26.0854 0x171c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

17:55:26.0857 0x171c  NetBIOS - ok

17:55:26.0882 0x171c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

17:55:26.0898 0x171c  NetBT - ok

17:55:26.0916 0x171c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe

17:55:26.0919 0x171c  Netlogon - ok

17:55:26.0964 0x171c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll

17:55:26.0990 0x171c  Netman - ok

17:55:27.0031 0x171c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:55:27.0036 0x171c  NetMsmqActivator - ok

17:55:27.0056 0x171c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:55:27.0061 0x171c  NetPipeActivator - ok

17:55:27.0082 0x171c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll

17:55:27.0116 0x171c  netprofm - ok

17:55:27.0125 0x171c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:55:27.0130 0x171c  NetTcpActivator - ok

17:55:27.0139 0x171c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

17:55:27.0144 0x171c  NetTcpPortSharing - ok

17:55:27.0200 0x171c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

17:55:27.0202 0x171c  nfrd960 - ok

17:55:27.0257 0x171c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll

17:55:27.0293 0x171c  NlaSvc - ok

17:55:27.0303 0x171c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

17:55:27.0305 0x171c  Npfs - ok

17:55:27.0330 0x171c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

17:55:27.0332 0x171c  nsi - ok

17:55:27.0342 0x171c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

17:55:27.0343 0x171c  nsiproxy - ok

17:55:27.0484 0x171c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

17:55:27.0578 0x171c  Ntfs - ok

17:55:27.0603 0x171c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

17:55:27.0604 0x171c  Null - ok

17:55:28.0024 0x171c  [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

17:55:28.0170 0x171c  nvlddmkm - ok

17:55:28.0316 0x171c  [ C50CD479FD1BB886244E2663DFFBCF6A, CCFB60425E56A12C097EC05A9E5549B4F4A10379818ABC64945487C16F882E3D ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

17:55:28.0339 0x171c  NvNetworkService - ok

17:55:28.0362 0x171c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

17:55:28.0370 0x171c  nvraid - ok

17:55:28.0403 0x171c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

17:55:28.0411 0x171c  nvstor - ok

17:55:28.0521 0x171c  [ AD7A2F3AF147B2CF302EBF7C1E01E027, B8DAAE7FE4B13C9CA3F1DEE7C98F5CA49D4D1678C82C51D6801210838319BAE5 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys

17:55:28.0524 0x171c  NvStreamKms - ok

17:55:28.0531 0x171c  NvStreamSvc - ok

17:55:28.0629 0x171c  [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc           C:\Windows\system32\nvvsvc.exe

17:55:28.0681 0x171c  nvsvc - ok

17:55:28.0725 0x171c  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys

17:55:28.0727 0x171c  nvvad_WaveExtensible - ok

17:55:28.0776 0x171c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

17:55:28.0781 0x171c  nv_agp - ok

17:55:28.0803 0x171c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

17:55:28.0806 0x171c  ohci1394 - ok

17:55:28.0845 0x171c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

17:55:28.0863 0x171c  p2pimsvc - ok

17:55:28.0892 0x171c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

17:55:28.0918 0x171c  p2psvc - ok

17:55:28.0937 0x171c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys

17:55:28.0941 0x171c  Parport - ok

17:55:28.0986 0x171c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

17:55:28.0992 0x171c  partmgr - ok

17:55:29.0015 0x171c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll

17:55:29.0039 0x171c  PcaSvc - ok

17:55:29.0072 0x171c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys

17:55:29.0088 0x171c  pci - ok

17:55:29.0125 0x171c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys

17:55:29.0127 0x171c  pciide - ok

17:55:29.0161 0x171c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

17:55:29.0195 0x171c  pcmcia - ok

17:55:29.0213 0x171c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

17:55:29.0214 0x171c  pcw - ok

17:55:29.0229 0x171c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

17:55:29.0266 0x171c  PEAUTH - ok

17:55:29.0348 0x171c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

17:55:29.0353 0x171c  PerfHost - ok

17:55:29.0456 0x171c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

17:55:29.0527 0x171c  pla - ok

17:55:29.0603 0x171c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

17:55:29.0636 0x171c  PlugPlay - ok

17:55:29.0658 0x171c  PnkBstrA - ok

17:55:29.0678 0x171c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

17:55:29.0682 0x171c  PNRPAutoReg - ok

17:55:29.0707 0x171c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

17:55:29.0718 0x171c  PNRPsvc - ok

17:55:29.0779 0x171c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

17:55:29.0817 0x171c  PolicyAgent - ok

17:55:29.0853 0x171c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

17:55:29.0869 0x171c  Power - ok

17:55:29.0901 0x171c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

17:55:29.0904 0x171c  PptpMiniport - ok

17:55:29.0924 0x171c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys

17:55:29.0926 0x171c  Processor - ok

17:55:29.0952 0x171c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll

17:55:29.0959 0x171c  ProfSvc - ok

17:55:29.0982 0x171c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe

17:55:29.0984 0x171c  ProtectedStorage - ok

17:55:30.0013 0x171c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

17:55:30.0021 0x171c  Psched - ok

17:55:30.0118 0x171c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

17:55:30.0177 0x171c  ql2300 - ok

17:55:30.0208 0x171c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

17:55:30.0211 0x171c  ql40xx - ok

17:55:30.0252 0x171c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

17:55:30.0277 0x171c  QWAVE - ok

17:55:30.0290 0x171c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

17:55:30.0293 0x171c  QWAVEdrv - ok

17:55:30.0307 0x171c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

17:55:30.0309 0x171c  RasAcd - ok

17:55:30.0345 0x171c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

17:55:30.0347 0x171c  RasAgileVpn - ok

17:55:30.0376 0x171c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

17:55:30.0383 0x171c  RasAuto - ok

17:55:30.0401 0x171c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

17:55:30.0406 0x171c  Rasl2tp - ok

17:55:30.0432 0x171c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll

17:55:30.0458 0x171c  RasMan - ok

17:55:30.0477 0x171c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

17:55:30.0481 0x171c  RasPppoe - ok

17:55:30.0494 0x171c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

17:55:30.0497 0x171c  RasSstp - ok

17:55:30.0531 0x171c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

17:55:30.0548 0x171c  rdbss - ok

17:55:30.0565 0x171c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys

17:55:30.0567 0x171c  rdpbus - ok

17:55:30.0587 0x171c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

17:55:30.0587 0x171c  RDPCDD - ok

17:55:30.0598 0x171c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

17:55:30.0599 0x171c  RDPENCDD - ok

17:55:30.0607 0x171c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

17:55:30.0608 0x171c  RDPREFMP - ok

17:55:30.0651 0x171c  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

17:55:30.0660 0x171c  RDPWD - ok

17:55:30.0675 0x171c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

17:55:30.0680 0x171c  rdyboost - ok

17:55:30.0699 0x171c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

17:55:30.0703 0x171c  RemoteAccess - ok

17:55:30.0732 0x171c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

17:55:30.0749 0x171c  RemoteRegistry - ok

17:55:30.0761 0x171c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

17:55:30.0765 0x171c  RpcEptMapper - ok

17:55:30.0786 0x171c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

17:55:30.0788 0x171c  RpcLocator - ok

17:55:30.0817 0x171c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll

17:55:30.0828 0x171c  RpcSs - ok

17:55:30.0856 0x171c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

17:55:30.0858 0x171c  rspndr - ok

17:55:30.0934 0x171c  [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

17:55:30.0951 0x171c  RTL8167 - ok

17:55:31.0010 0x171c  [ 2ADA9F126235A56EDC9F90C888E4D142, 4CE692D045F6F8A7A1D309376648E81066F6EBAF94580F2ED0B0FFC1FE6FE44E ] RZMAELSTROMVADService C:\Windows\system32\drivers\RzMaelstromVAD.sys

17:55:31.0011 0x171c  RZMAELSTROMVADService - ok

17:55:31.0423 0x171c  [ 0436A7489D3FB6D2BACB37415A6BF4C4, 2938240D828F7F67D51BAB2ACF9B6808013511B98C1AEC0D3755B66655329D31 ] RzMaelstromVADStreamingService C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe

17:55:31.0472 0x171c  RzMaelstromVADStreamingService - ok

17:55:31.0489 0x171c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe

17:55:31.0491 0x171c  SamSs - ok

17:55:31.0514 0x171c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

17:55:31.0516 0x171c  sbp2port - ok

17:55:31.0554 0x171c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

17:55:31.0571 0x171c  SCardSvr - ok

17:55:31.0582 0x171c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

17:55:31.0584 0x171c  scfilter - ok

17:55:31.0628 0x171c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll

17:55:31.0671 0x171c  Schedule - ok

17:55:31.0693 0x171c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll

17:55:31.0695 0x171c  SCPolicySvc - ok

17:55:31.0708 0x171c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

17:55:31.0723 0x171c  SDRSVC - ok

17:55:31.0744 0x171c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

17:55:31.0745 0x171c  secdrv - ok

17:55:31.0758 0x171c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll

17:55:31.0760 0x171c  seclogon - ok

17:55:31.0773 0x171c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll

17:55:31.0776 0x171c  SENS - ok

17:55:31.0785 0x171c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

17:55:31.0788 0x171c  SensrSvc - ok

17:55:31.0822 0x171c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

17:55:31.0823 0x171c  Serenum - ok

17:55:31.0862 0x171c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

17:55:31.0865 0x171c  Serial - ok

17:55:31.0888 0x171c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys

17:55:31.0890 0x171c  sermouse - ok

17:55:31.0914 0x171c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll

17:55:31.0919 0x171c  SessionEnv - ok

17:55:31.0932 0x171c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

17:55:31.0933 0x171c  sffdisk - ok

17:55:31.0940 0x171c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

17:55:31.0941 0x171c  sffp_mmc - ok

17:55:31.0950 0x171c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

17:55:31.0951 0x171c  sffp_sd - ok

17:55:31.0964 0x171c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

17:55:31.0965 0x171c  sfloppy - ok

17:55:32.0000 0x171c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

17:55:32.0017 0x171c  SharedAccess - ok

17:55:32.0038 0x171c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

17:55:32.0055 0x171c  ShellHWDetection - ok

17:55:32.0079 0x171c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

17:55:32.0081 0x171c  SiSRaid2 - ok

17:55:32.0105 0x171c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

17:55:32.0108 0x171c  SiSRaid4 - ok

17:55:32.0285 0x171c  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

17:55:32.0289 0x171c  SkypeUpdate - ok

17:55:32.0411 0x171c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

17:55:32.0454 0x171c  Smb - ok

17:55:32.0529 0x171c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

17:55:32.0534 0x171c  SNMPTRAP - ok

17:55:32.0550 0x171c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

17:55:32.0552 0x171c  spldr - ok

17:55:32.0621 0x171c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe

17:55:32.0664 0x171c  Spooler - ok

17:55:32.0832 0x171c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe

17:55:32.0990 0x171c  sppsvc - ok

17:55:33.0012 0x171c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

17:55:33.0016 0x171c  sppuinotify - ok

17:55:33.0071 0x171c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys

17:55:33.0097 0x171c  srv - ok

17:55:33.0121 0x171c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

17:55:33.0149 0x171c  srv2 - ok

17:55:33.0219 0x171c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

17:55:33.0252 0x171c  srvnet - ok

17:55:33.0349 0x171c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

17:55:33.0378 0x171c  SSDPSRV - ok

17:55:33.0392 0x171c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

17:55:33.0399 0x171c  SstpSvc - ok

17:55:33.0484 0x171c  [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe

17:55:33.0515 0x171c  Steam Client Service - ok

17:55:33.0610 0x171c  [ 718D79F2E7EC3AFFD3661DA81F93BBEA, BA2A4E58E5EE06392EE6F4C2E738DC807EC5A8B9F6DD4B7935FE27CBC648E390 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

17:55:33.0635 0x171c  Stereo Service - ok

17:55:33.0662 0x171c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys

17:55:33.0664 0x171c  stexstor - ok

17:55:33.0723 0x171c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll

17:55:33.0757 0x171c  stisvc - ok

17:55:33.0770 0x171c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

17:55:33.0771 0x171c  swenum - ok

17:55:33.0815 0x171c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

17:55:33.0840 0x171c  swprv - ok

17:55:33.0927 0x171c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll

17:55:33.0990 0x171c  SysMain - ok

17:55:34.0004 0x171c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

17:55:34.0008 0x171c  TabletInputService - ok

17:55:34.0045 0x171c  [ 7B2A2B2D4AFA76C74EB77C5DD13E3011, EC2927200637370F78B7B82EB4EC520CFE1F95C608FED6767DFD665682D7CC6B ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys

17:55:34.0046 0x171c  taphss6 - ok

17:55:34.0080 0x171c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

17:55:34.0098 0x171c  TapiSrv - ok

17:55:34.0110 0x171c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

17:55:34.0113 0x171c  TBS - ok

17:55:34.0234 0x171c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

17:55:34.0310 0x171c  Tcpip - ok

17:55:34.0416 0x171c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

17:55:34.0443 0x171c  TCPIP6 - ok

17:55:34.0489 0x171c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

17:55:34.0491 0x171c  tcpipreg - ok

17:55:34.0519 0x171c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

17:55:34.0520 0x171c  TDPIPE - ok

17:55:34.0551 0x171c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

17:55:34.0552 0x171c  TDTCP - ok

17:55:34.0575 0x171c  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

17:55:34.0581 0x171c  tdx - ok

17:55:34.0598 0x171c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

17:55:34.0601 0x171c  TermDD - ok

17:55:34.0654 0x171c  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll

17:55:34.0689 0x171c  TermService - ok

17:55:34.0701 0x171c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

17:55:34.0705 0x171c  Themes - ok

17:55:34.0731 0x171c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

17:55:34.0733 0x171c  THREADORDER - ok

17:55:34.0745 0x171c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

17:55:34.0749 0x171c  TrkWks - ok

17:55:34.0798 0x171c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

17:55:34.0811 0x171c  TrustedInstaller - ok

17:55:34.0856 0x171c  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

17:55:34.0859 0x171c  tssecsrv - ok

17:55:34.0892 0x171c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

17:55:34.0894 0x171c  TsUsbFlt - ok

17:55:34.0924 0x171c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

17:55:34.0926 0x171c  TsUsbGD - ok

17:55:34.0959 0x171c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

17:55:34.0963 0x171c  tunnel - ok

17:55:34.0979 0x171c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

17:55:34.0981 0x171c  uagp35 - ok

17:55:35.0009 0x171c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

17:55:35.0026 0x171c  udfs - ok

17:55:35.0059 0x171c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

17:55:35.0063 0x171c  UI0Detect - ok

17:55:35.0088 0x171c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

17:55:35.0091 0x171c  uliagpkx - ok

17:55:35.0114 0x171c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

17:55:35.0116 0x171c  umbus - ok

17:55:35.0142 0x171c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys

17:55:35.0144 0x171c  UmPass - ok

17:55:35.0222 0x171c  [ D97EA14DEB32AB92CF0A405F53B9C984, DE66995B59CE24B0499891055BF7F820F5637840C4C47F26D0FACC9EA1E57E15 ] Update trolatunt C:\Program Files (x86)\trolatunt\updatetrolatunt.exe

17:55:35.0226 0x171c  Update trolatunt - ok

17:55:35.0251 0x171c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

17:55:35.0268 0x171c  upnphost - ok

17:55:35.0324 0x171c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

17:55:35.0331 0x171c  usbaudio - ok

17:55:35.0361 0x171c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

17:55:35.0364 0x171c  usbccgp - ok

17:55:35.0408 0x171c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys

17:55:35.0416 0x171c  usbcir - ok

17:55:35.0462 0x171c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

17:55:35.0467 0x171c  usbehci - ok

17:55:35.0541 0x171c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

17:55:35.0567 0x171c  usbhub - ok

17:55:35.0610 0x171c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys

17:55:35.0612 0x171c  usbohci - ok

17:55:35.0649 0x171c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys

17:55:35.0652 0x171c  usbprint - ok

17:55:35.0701 0x171c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:55:35.0707 0x171c  USBSTOR - ok

17:55:35.0735 0x171c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

17:55:35.0738 0x171c  usbuhci - ok

17:55:35.0853 0x171c  [ D97EA14DEB32AB92CF0A405F53B9C984, DE66995B59CE24B0499891055BF7F820F5637840C4C47F26D0FACC9EA1E57E15 ] Util trolatunt  C:\Program Files 
Link to post
Share on other sites

(x86)\trolatunt\bin\utiltrolatunt.exe

17:55:35.0871 0x171c  Util trolatunt - ok

17:55:35.0901 0x171c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

17:55:35.0906 0x171c  UxSms - ok

17:55:35.0920 0x171c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe

17:55:35.0923 0x171c  VaultSvc - ok

17:55:35.0956 0x171c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

17:55:35.0958 0x171c  vdrvroot - ok

17:55:35.0997 0x171c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe

17:55:36.0025 0x171c  vds - ok

17:55:36.0051 0x171c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

17:55:36.0052 0x171c  vga - ok

17:55:36.0066 0x171c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

17:55:36.0067 0x171c  VgaSave - ok

17:55:36.0082 0x171c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

17:55:36.0097 0x171c  vhdmp - ok

17:55:36.0128 0x171c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys

17:55:36.0129 0x171c  viaide - ok

17:55:36.0156 0x171c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

17:55:36.0157 0x171c  volmgr - ok

17:55:36.0179 0x171c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

17:55:36.0196 0x171c  volmgrx - ok

17:55:36.0204 0x171c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys

17:55:36.0210 0x171c  volsnap - ok

17:55:36.0260 0x171c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

17:55:36.0277 0x171c  vsmraid - ok

17:55:36.0361 0x171c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe

17:55:36.0437 0x171c  VSS - ok

17:55:36.0451 0x171c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

17:55:36.0452 0x171c  vwifibus - ok

17:55:36.0495 0x171c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

17:55:36.0525 0x171c  W32Time - ok

17:55:36.0628 0x171c  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC           C:\Windows\system32\inetsrv\iisw3adm.dll

17:55:36.0662 0x171c  W3SVC - ok

17:55:36.0690 0x171c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

17:55:36.0693 0x171c  WacomPen - ok

17:55:36.0728 0x171c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

17:55:36.0732 0x171c  WANARP - ok

17:55:36.0740 0x171c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

17:55:36.0743 0x171c  Wanarpv6 - ok

17:55:36.0793 0x171c  [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll

17:55:36.0808 0x171c  WAS - ok

17:55:36.0933 0x171c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

17:55:36.0991 0x171c  WatAdminSvc - ok

17:55:37.0079 0x171c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe

17:55:37.0158 0x171c  wbengine - ok

17:55:37.0216 0x171c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

17:55:37.0237 0x171c  WbioSrvc - ok

17:55:37.0263 0x171c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

17:55:37.0293 0x171c  wcncsvc - ok

17:55:37.0311 0x171c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

17:55:37.0317 0x171c  WcsPlugInService - ok

17:55:37.0346 0x171c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys

17:55:37.0347 0x171c  Wd - ok

17:55:37.0429 0x171c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

17:55:37.0461 0x171c  Wdf01000 - ok

17:55:37.0497 0x171c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

17:55:37.0503 0x171c  WdiServiceHost - ok

17:55:37.0508 0x171c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

17:55:37.0512 0x171c  WdiSystemHost - ok

17:55:37.0554 0x171c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll

17:55:37.0635 0x171c  WebClient - ok

17:55:37.0711 0x171c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

17:55:37.0738 0x171c  Wecsvc - ok

17:55:37.0757 0x171c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

17:55:37.0765 0x171c  wercplsupport - ok

17:55:37.0793 0x171c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

17:55:37.0800 0x171c  WerSvc - ok

17:55:37.0827 0x171c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

17:55:37.0829 0x171c  WfpLwf - ok

17:55:37.0851 0x171c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

17:55:37.0853 0x171c  WIMMount - ok

17:55:37.0876 0x171c  WinDefend - ok

17:55:37.0884 0x171c  WinHttpAutoProxySvc - ok

17:55:37.0953 0x171c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

17:55:37.0977 0x171c  Winmgmt - ok

17:55:38.0107 0x171c  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll

17:55:38.0192 0x171c  WinRM - ok

17:55:38.0244 0x171c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

17:55:38.0245 0x171c  WinUsb - ok

17:55:38.0306 0x171c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

17:55:38.0344 0x171c  Wlansvc - ok

17:55:38.0524 0x171c  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

17:55:38.0658 0x171c  wlidsvc - ok

17:55:38.0681 0x171c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

17:55:38.0682 0x171c  WmiAcpi - ok

17:55:38.0715 0x171c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

17:55:38.0731 0x171c  wmiApSrv - ok

17:55:38.0745 0x171c  WMPNetworkSvc - ok

17:55:38.0765 0x171c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

17:55:38.0769 0x171c  WPCSvc - ok

17:55:38.0787 0x171c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

17:55:38.0793 0x171c  WPDBusEnum - ok

17:55:38.0818 0x171c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

17:55:38.0819 0x171c  ws2ifsl - ok

17:55:38.0831 0x171c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll

17:55:38.0836 0x171c  wscsvc - ok

17:55:38.0839 0x171c  WSearch - ok

17:55:38.0962 0x171c  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll

17:55:39.0067 0x171c  wuauserv - ok

17:55:39.0092 0x171c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

17:55:39.0096 0x171c  WudfPf - ok

17:55:39.0115 0x171c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

17:55:39.0131 0x171c  WUDFRd - ok

17:55:39.0175 0x171c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

17:55:39.0181 0x171c  wudfsvc - ok

17:55:39.0239 0x171c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll

17:55:39.0259 0x171c  WwanSvc - ok

17:55:39.0301 0x171c  [ 76CAA5E5ACE91F0095934A779CFE0C99, 704B1C76D7E3E693A23C3BA0DD11EC1A7D1F5B3F96E9EF9D6F1EC0BC7C499257 ] {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64 C:\Windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys

17:55:39.0304 0x171c  {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64 - ok

17:55:39.0358 0x171c  [ 3A403CD22F606E8E9327024270FA4C4D, 954B6940414066861CF844684D2B902AAD0B255CD865FAF6EF0666FEAC943829 ] {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64 C:\Windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys

17:55:39.0361 0x171c  {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64 - ok

17:55:39.0380 0x171c  ================ Scan global ===============================

17:55:39.0408 0x171c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

17:55:39.0459 0x171c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

17:55:39.0493 0x171c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

17:55:39.0532 0x171c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

17:55:39.0572 0x171c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

17:55:39.0603 0x171c  [ Global ] - ok

17:55:39.0603 0x171c  ================ Scan MBR ==================================

17:55:39.0618 0x171c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1

17:55:39.0773 0x171c  \Device\Harddisk1\DR1 - ok

17:55:39.0777 0x171c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

17:55:39.0813 0x171c  \Device\Harddisk0\DR0 - ok

17:55:39.0814 0x171c  ================ Scan VBR ==================================

17:55:39.0818 0x171c  [ B8CC7E20D9A32260B568D256A2C71001 ] \Device\Harddisk1\DR1\Partition1

17:55:39.0820 0x171c  \Device\Harddisk1\DR1\Partition1 - ok

17:55:39.0826 0x171c  [ 5D65B3B44E27A06242D778D5F24B045C ] \Device\Harddisk1\DR1\Partition2

17:55:39.0828 0x171c  \Device\Harddisk1\DR1\Partition2 - ok

17:55:39.0833 0x171c  [ B75D63009C4A70505FCFFB595184B60C ] \Device\Harddisk0\DR0\Partition1

17:55:39.0891 0x171c  \Device\Harddisk0\DR0\Partition1 - ok

17:55:39.0892 0x171c  ================ Scan generic autorun ======================

17:55:40.0046 0x171c  [ 5EA707336336DDFADE5FD3726CEA1523, 6136D88012140B3A43C7DC6CD0CBDB867BC6BA62D718269B73ED9F1B340F6768 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

17:55:40.0080 0x171c  NvBackend - ok

17:55:40.0108 0x171c  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe

17:55:40.0110 0x171c  ShadowPlay - ok

17:55:40.0335 0x171c  [ 5CA0EB9538C6ACEBDC3593FC53527B9D, 35AC60899254C7414FF42BCDA4165FB58F6369BD5EDCAC24EBB1B5A095664CAC ] C:\Program Files\AVAST Software\Avast\AvastUI.exe

17:55:40.0491 0x171c  AvastUI.exe - ok

17:55:40.0549 0x171c  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

17:55:40.0558 0x171c  SunJavaUpdateSched - ok

17:55:40.0758 0x171c  [ 05F2602C3F1E68D8B3F91CE47AA49C82, 508B474FEFDC100B3D579786C4D0470BE94DDD3CBFDAA9083B29237EA194C1DE ] C:\Program Files (x86)\RaidCall\raidcall.exe

17:55:40.0798 0x171c  RaidCall - ok

17:55:40.0946 0x171c  [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

17:55:40.0988 0x171c  DAEMON Tools Lite - ok

17:55:40.0991 0x171c  Waiting for KSN requests completion. In queue: 49

17:55:41.0992 0x171c  Waiting for KSN requests completion. In queue: 49

17:55:42.0992 0x171c  Waiting for KSN requests completion. In queue: 49

17:55:44.0043 0x171c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )

17:55:44.0054 0x171c  Win FW state via NFP2: enabled

17:55:46.0733 0x171c  ============================================================

17:55:46.0733 0x171c  Scan finished

17:55:46.0733 0x171c  ============================================================

17:55:46.0746 0x1628  Detected object count: 0

17:55:46.0746 0x1628  Actual detected object count: 0

17:55:52.0733 0x0d2c  Deinitialize success

Link to post
Share on other sites

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

 


Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes Close the program > Don't Fix anything!
Post back the report which should be located on your desktop.

Link to post
Share on other sites

  RogueKiller V9.0.2.0 [Jun  3 2014] by Adlice Software

 
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Curt [Admin rights]
Mode : Scan -- Date : 06/13/2014  18:42:15
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 6 ¤¤¤
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
 
¤¤¤ Scheduled tasks : 2 ¤¤¤
[suspicious.Path] \\{0E80C62A-70B4-4A3B-A498-304C8BC09F0C} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Curt\Downloads\dotnetfx35setup (2).exe" -d C:\Users\Curt\Downloads) -> FOUND
[suspicious.Path] \\{DE8E483F-6CB4-4008-BD04-0A5781289A15} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Curt\Downloads\vcredist_x86.exe -d C:\Users\Curt\Downloads) -> FOUND
 
¤¤¤ Files : 1 ¤¤¤
[suspicious.Path][File] Curse.lnk -- C:\Users\Curt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [LNK@] C:\Users\Curt\AppData\Roaming\CURSEC~1\Bin\Curse.exe /startup -> FOUND
 
¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost
 
¤¤¤ Antirootkit : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA DT01ACA100 ATA Device +++++
--- User ---
[MBR] 22573ad624aee0641716040eee8103d5
[bSP] 4a38cdfb4c0d50184385f8f7170579d7 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: Maxtor 6L080M0 ATA Device +++++
--- User ---
[MBR] a096714f892896b9854b7f16982d69fa
[bSP] a35c8b04745775ccf1428e71798e6372 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 76191 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive2: Multiple Card  Reader USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )
 
 
============================================
RKreport_SCN_06132014_183907.log
Link to post
Share on other sites

Read the following link before we continue and run Combofix:

 

ComboFix usage, Questions, Help? - Look here

 

Next,

 

Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :-

 

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

http://www.infospyware.net/antimalware/combofix/

 

  • Ensure that Combofix is saved directly to the Desktop <--- Very important
     
  • Disable all security programs as they will have a negative effect on Combofix, instructions available here  http://www.bleepingcomputer.com/forums/topic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask.
     
  • Close any open browsers and any other programs you might have running
     
  • Double click the combofix.gif icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator)
     
  • Instructions for running Combofix available here http://www.bleepingcomputer.com/combofix/how-to-use-combofix if required.
     
  • If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes.
     
  • When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review

 

****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****

 

Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.

Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here  http://thespykiller.co.uk/index.php?page=20 why  disabling autoruns is recommended.

 

*EXTRA NOTES*


    If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so.
    If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal
    If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted)

 

Post the log in next reply please...

 

Kevin

Link to post
Share on other sites

ComboFix 14-06-13.01 - Curt 13/06/2014  19:45:18.2.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.932.81.1033.18.8130.5846 [GMT 1:00]

Running from: c:\users\Curt\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((   Files Created from 2014-05-13 to 2014-06-13  )))))))))))))))))))))))))))))))

.

.

2014-06-13 18:49 . 2014-06-13 18:49 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-06-13 17:33 . 2014-06-13 17:33 -------- d-----w- c:\programdata\RogueKiller

2014-06-13 17:33 . 2014-06-13 17:33 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92A78368-62C8-4F4F-A0DD-901C859AAAF0}\offreg.dll

2014-06-13 12:13 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92A78368-62C8-4F4F-A0DD-901C859AAAF0}\mpengine.dll

2014-06-12 14:41 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll

2014-06-12 14:41 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll

2014-06-12 14:41 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll

2014-06-12 14:41 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll

2014-06-12 14:41 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll

2014-06-12 14:41 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll

2014-06-12 14:41 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll

2014-06-12 14:41 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe

2014-06-12 14:41 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll

2014-06-12 14:41 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll

2014-06-12 14:41 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll

2014-06-12 14:41 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe

2014-06-11 12:45 . 2014-06-11 12:46 -------- d-----w- C:\AdwCleaner

2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\SysWow64\BestPractices

2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\system32\BestPractices

2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- C:\inetpub

2014-06-11 10:56 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll

2014-06-11 10:56 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll

2014-06-11 10:56 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys

2014-06-11 10:56 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2014-06-11 10:56 . 2014-03-26 14:44 2002432 ----a-w- c:\windows\system32\msxml6.dll

2014-06-11 10:56 . 2014-03-26 14:44 1882112 ----a-w- c:\windows\system32\msxml3.dll

2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll

2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll

2014-06-11 10:56 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll

2014-06-11 10:56 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll

2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll

2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll

2014-06-11 10:51 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll

2014-06-11 10:51 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll

2014-06-10 01:05 . 2014-06-09 10:54 61112 ----a-w- c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys

2014-06-08 20:31 . 2014-06-05 13:07 61112 ----a-w- c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys

2014-06-08 19:26 . 2014-06-13 17:09 -------- d-----w- c:\program files (x86)\trolatunt

2014-06-08 19:18 . 2014-06-08 19:26 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2014-06-08 19:18 . 2014-06-08 19:27 -------- d-----w- c:\users\Curt\AppData\Roaming\DAEMON Tools Lite

2014-06-08 19:18 . 2014-06-08 19:18 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2014-06-08 19:17 . 2014-06-08 19:17 -------- d-----w- c:\programdata\DAEMON Tools Lite

2014-05-31 16:49 . 2014-05-31 16:49 -------- d-----w- c:\programdata\RzMaelstromVAD_1.1.58.1854

2014-05-31 16:46 . 2014-05-31 16:46 -------- d-----w- c:\program files (x86)\Razer

2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\users\Curt\AppData\Local\Razer

2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\programdata\Razer

2014-05-26 20:21 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2014-05-26 20:20 . 2014-05-14 23:49 3774821 ----a-w- c:\windows\system32\nvcoproc.bin

2014-05-26 20:03 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys

2014-05-26 20:03 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll

2014-05-25 12:30 . 2014-06-09 12:54 -------- d-----w- c:\programdata\AllSavier

2014-05-23 11:02 . 2014-05-23 11:02 136704 ----a-w- c:\windows\SysWow64\RzVAD.dll

2014-05-23 10:34 . 2014-05-23 10:34 32768 ----a-w- c:\windows\system32\drivers\RzMaelstromVAD.sys

2014-05-23 10:31 . 2014-05-23 10:31 245760 ----a-w- c:\windows\system32\DriverInstallCACMD.exe

2014-05-23 10:31 . 2014-05-23 10:31 69632 ----a-w- c:\windows\system32\DriverInstallCA.dll

2014-05-21 21:40 . 2014-05-21 21:40 -------- d-----w- c:\users\Curt\AppData\Local\Packages

2014-05-21 21:40 . 2014-06-09 12:55 -------- d-----w- c:\programdata\Isaver

2014-05-21 19:02 . 2014-05-21 19:02 -------- d-----w- c:\program files (x86)\Common Files\Skype

2014-05-21 14:37 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\AppData\Local\gtk-2.0

2014-05-21 14:37 . 2014-05-21 14:37 -------- d-----w- c:\users\Curt\.thumbnails

2014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\fontconfig

2014-05-21 14:36 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\.gimp-2.8

2014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\gegl-0.2

2014-05-20 16:12 . 2014-05-26 19:16 -------- d-----w- C:\Ubisoft

2014-05-15 15:35 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll

2014-05-15 15:35 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll

2014-05-15 15:35 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb

2014-05-15 15:35 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb

2014-05-15 10:06 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll

2014-05-15 10:06 . 2014-04-12 02:19 1460736 ----a-w- c:\windows\system32\lsasrv.dll

2014-05-15 10:06 . 2014-03-04 09:44 728064 ----a-w- c:\windows\system32\kerberos.dll

2014-05-15 10:06 . 2014-03-04 09:20 3969984 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2014-05-15 10:06 . 2014-03-04 09:17 550912 ----a-w- c:\windows\SysWow64\kerberos.dll

2014-05-15 10:06 . 2014-03-04 09:20 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2014-05-15 10:06 . 2014-03-04 09:43 455168 ----a-w- c:\windows\system32\winlogon.exe

2014-05-15 10:06 . 2014-03-04 09:44 314880 ----a-w- c:\windows\system32\msv1_0.dll

2014-05-15 10:06 . 2014-03-04 09:17 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll

2014-05-15 10:06 . 2014-03-04 09:44 722944 ----a-w- c:\windows\system32\objsel.dll

2014-05-15 10:06 . 2014-03-04 09:47 5550016 ----a-w- c:\windows\system32\ntoskrnl.exe

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-05-20 02:44 . 2014-03-11 23:14 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll

2014-05-20 02:44 . 2014-01-11 01:55 61216 ----a-w- c:\windows\system32\OpenCL.dll

2014-05-20 02:44 . 2014-01-11 01:55 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll

2014-05-20 02:44 . 2013-10-27 09:12 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2014-05-20 02:44 . 2013-10-27 09:12 3109248 ----a-w- c:\windows\system32\nvapi64.dll

2014-05-20 02:44 . 2013-10-27 09:12 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll

2014-05-20 02:44 . 2009-07-13 21:59 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll

2014-05-20 01:25 . 2014-01-11 01:56 6769096 ----a-w- c:\windows\system32\nvcpl.dll

2014-05-20 01:25 . 2014-01-11 01:56 3514144 ----a-w- c:\windows\system32\nvsvc64.dll

2014-05-20 01:25 . 2014-01-11 01:56 927520 ----a-w- c:\windows\system32\nvvsvc.exe

2014-05-20 01:25 . 2014-01-11 01:56 62808 ----a-w- c:\windows\system32\nvshext.dll

2014-05-20 01:25 . 2014-01-11 01:56 387528 ----a-w- c:\windows\system32\nvmctray.dll

2014-05-14 11:35 . 2014-01-09 23:28 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys

2014-05-14 11:35 . 2014-01-09 23:28 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys

2014-05-14 11:35 . 2014-01-09 23:28 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys

2014-05-14 11:34 . 2014-01-09 23:28 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2014-05-14 11:34 . 2014-05-14 11:35 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys

2014-05-14 11:34 . 2014-01-09 23:28 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2014-05-14 11:34 . 2014-01-09 23:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2014-05-14 11:34 . 2014-01-09 23:28 334648 ----a-w- c:\windows\system32\aswBoot.exe

2014-05-14 11:34 . 2014-01-09 23:28 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2014-05-14 11:34 . 2014-05-14 11:34 43152 ----a-w- c:\windows\avastSS.scr

2014-05-13 19:57 . 2014-05-13 19:57 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys

2014-04-30 18:29 . 2014-01-11 02:16 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll

2014-04-30 18:29 . 2014-01-11 02:16 1225920 ----a-w- c:\windows\system32\nvspcap64.dll

2014-04-14 19:13 . 2014-05-06 11:28 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-03-31 16:42 . 2014-01-11 02:06 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll

2014-03-31 08:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-06 3890208]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2014-03-13 3444424]

"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2014-04-17 585048]

.

c:\users\Curt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Curse.lnk - c:\users\Curt\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-5-11 8529160]

CurseClientStartup.ccip [2014-1-20 0]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R2 Update trolatunt;Update trolatunt;c:\program files (x86)\trolatunt\updatetrolatunt.exe;c:\program files (x86)\trolatunt\updatetrolatunt.exe [x]

R2 Util trolatunt;Util trolatunt;c:\program files (x86)\trolatunt\bin\utiltrolatunt.exe;c:\program files (x86)\trolatunt\bin\utiltrolatunt.exe [x]

R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]

R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]

R3 D-Vitec;D-Vitec Driver;c:\windows\system32\DRIVERS\dvitdcnt.sys;c:\windows\SYSNATIVE\DRIVERS\dvitdcnt.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 aswRvrt;avast! Revert; [x]

S0 aswVmm;avast! VM Monitor; [x]

S1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64;{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64;c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys;c:\windows\SYSNATIVE\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys [x]

S1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64;{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64;c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys;c:\windows\SYSNATIVE\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys [x]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]

S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]

S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]

S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]

S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]

S2 RzMaelstromVADStreamingService;Razer Surround Audio Service;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]

S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;c:\windows\system32\drivers\RzMaelstromVAD.sys;c:\windows\SYSNATIVE\drivers\RzMaelstromVAD.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

iissvcs REG_MULTI_SZ   w3svc was

apphost REG_MULTI_SZ   apphostsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-03-15 13:39 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20]

.

2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2014-05-14 11:34 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]

"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com


mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 194.168.4.100 194.168.8.100

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{B5967BB4-884D-4973-10D2-8E5DE7B40D10} - (no file)

BHO-{F1A6A5DC-6A35-5092-BF41-2D1F10F09C75} - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

AddRemove-{F1422DAA-0829-09A1-7536-73936CAB8FFA} - c:\programdata\Isaver\7kvU.exe

AddRemove-{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} - c:\programdata\AllSavier\AppG.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2477598826-2005863196-3422311147-1000\Software\SecuROM\License information*]

"datasecu"=hex:01,c2,ad,f1,dd,51,0c,7f,e4,ad,99,51,36,f0,c2,a0,5a,fd,b8,96,7a,

   10,4c,f9,f6,54,3a,5a,5a,73,e3,fa,df,b7,9c,67,bc,64,f2,83,ae,e9,ba,e4,34,5c,\

"rkeysecu"=hex:10,51,70,1f,da,82,73,90,5a,cb,79,1e,13,b7,af,d0

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2014-06-13  19:50:28

ComboFix-quarantined-files.txt  2014-06-13 18:50

ComboFix2.txt  2014-06-12 22:29

.

Pre-Run: 17,596,764,160 bytes free

Post-Run: 17,543,696,384 bytes free

.

- - End Of File - - 805B4A0241DF7555B012E115B63CC33E

A36C5E4F47E84449FF07ED3517B43A31
Link to post
Share on other sites

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the Codebox below into it:
 

ClearJavaCache::File::c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sysc:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sysFolder::c:\program files (x86)\trolatuntDriver::Update trolatuntUtil trolatunt{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64

Save this as CFScript.txt, and as Type: All Files (*.*) in the same location as ComboFix.exe

CF3.jpg

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Next,

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

 

  •  

     

  • Turn off the real time scanner of any existing antivirus program while performing the online scan

     

     

  • click on the Run ESET Online Scanner button

     

     

  • Tick the box next to YES, I accept the Terms of Use.

     

    Click Start

     

  • When asked, allow the add/on to be installed

     

    Click Start

     

  • Make sure that the option "Remove found threats"  is UNticked

     

     

  • Click on Advanced Settings, ensure the options

     

     

  • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

     

    Click Scan

     

  • wait for the virus definitions to be downloaded

     

     

  • Wait for the scan to finish

     

     

 

 

When the scan is complete

 

 

  •  

     

  • If no threats were found

     

     

  • put a checkmark in "Uninstall application on close"

     

     

  • close program

     

     

  • report to me that nothing was found

     

     

 

 

If threats were found

 

 

  •  

     

  • click on "list of threats found"

     

     

  • click on "export to text file" and save it as ESET SCAN and save to the desktop

     

     

  • Click on back

     

     

  • put a checkmark in "Uninstall application on close"

     

     

  • click on finish

     

     

 

 

close program

 

Copy and paste the report in next reply.

 

Let me see those two logs, also give an update on any remaining issues or concerns...

 

Kevin

Link to post
Share on other sites

ComboFix 14-06-13.01 - Curt 13/06/2014  20:27:25.3.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.932.81.1033.18.8130.5926 [GMT 1:00]

Running from: c:\users\Curt\Desktop\ComboFix.exe

Command switches used :: c:\users\Curt\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys"

"c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys"

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\trolatunt

c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys

c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys

.

.

(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_{0C0BB4A8-45A4-4685-9C1D-08D98AF4B926}GW64

-------\Legacy_{0C0BB4A8-45A4-4685-9C1D-08D98AF4B926}W64

-------\Service_{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64

-------\Service_{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64

-------\Service_Update trolatunt

-------\Service_Util trolatunt

.

.

(((((((((((((((((((((((((   Files Created from 2014-05-13 to 2014-06-13  )))))))))))))))))))))))))))))))

.

.

2014-06-13 19:30 . 2014-06-13 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-06-13 17:33 . 2014-06-13 17:33 -------- d-----w- c:\programdata\RogueKiller

2014-06-13 12:13 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92A78368-62C8-4F4F-A0DD-901C859AAAF0}\mpengine.dll

2014-06-12 14:41 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll

2014-06-12 14:41 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll

2014-06-12 14:41 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll

2014-06-12 14:41 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll

2014-06-12 14:41 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll

2014-06-12 14:41 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll

2014-06-12 14:41 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll

2014-06-12 14:41 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe

2014-06-12 14:41 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll

2014-06-12 14:41 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll

2014-06-12 14:41 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll

2014-06-12 14:41 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe

2014-06-11 12:45 . 2014-06-11 12:46 -------- d-----w- C:\AdwCleaner

2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\SysWow64\BestPractices

2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\system32\BestPractices

2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- C:\inetpub

2014-06-11 10:56 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll

2014-06-11 10:56 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll

2014-06-11 10:56 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys

2014-06-11 10:56 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2014-06-11 10:56 . 2014-03-26 14:44 2002432 ----a-w- c:\windows\system32\msxml6.dll

2014-06-11 10:56 . 2014-03-26 14:44 1882112 ----a-w- c:\windows\system32\msxml3.dll

2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll

2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll

2014-06-11 10:56 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll

2014-06-11 10:56 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll

2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll

2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll

2014-06-11 10:51 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll

2014-06-11 10:51 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll

2014-06-08 19:18 . 2014-06-08 19:26 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2014-06-08 19:18 . 2014-06-08 19:27 -------- d-----w- c:\users\Curt\AppData\Roaming\DAEMON Tools Lite

2014-06-08 19:18 . 2014-06-08 19:18 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2014-06-08 19:17 . 2014-06-08 19:17 -------- d-----w- c:\programdata\DAEMON Tools Lite

2014-05-31 16:49 . 2014-05-31 16:49 -------- d-----w- c:\programdata\RzMaelstromVAD_1.1.58.1854

2014-05-31 16:46 . 2014-05-31 16:46 -------- d-----w- c:\program files (x86)\Razer

2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\users\Curt\AppData\Local\Razer

2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\programdata\Razer

2014-05-26 20:21 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2014-05-26 20:20 . 2014-05-14 23:49 3774821 ----a-w- c:\windows\system32\nvcoproc.bin

2014-05-26 20:03 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys

2014-05-26 20:03 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll

2014-05-25 12:30 . 2014-06-09 12:54 -------- d-----w- c:\programdata\AllSavier

2014-05-23 11:02 . 2014-05-23 11:02 136704 ----a-w- c:\windows\SysWow64\RzVAD.dll

2014-05-23 10:34 . 2014-05-23 10:34 32768 ----a-w- c:\windows\system32\drivers\RzMaelstromVAD.sys

2014-05-23 10:31 . 2014-05-23 10:31 245760 ----a-w- c:\windows\system32\DriverInstallCACMD.exe

2014-05-23 10:31 . 2014-05-23 10:31 69632 ----a-w- c:\windows\system32\DriverInstallCA.dll

2014-05-21 21:40 . 2014-05-21 21:40 -------- d-----w- c:\users\Curt\AppData\Local\Packages

2014-05-21 21:40 . 2014-06-09 12:55 -------- d-----w- c:\programdata\Isaver

2014-05-21 19:02 . 2014-05-21 19:02 -------- d-----w- c:\program files (x86)\Common Files\Skype

2014-05-21 14:37 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\AppData\Local\gtk-2.0

2014-05-21 14:37 . 2014-05-21 14:37 -------- d-----w- c:\users\Curt\.thumbnails

2014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\fontconfig

2014-05-21 14:36 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\.gimp-2.8

2014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\gegl-0.2

2014-05-20 16:12 . 2014-05-26 19:16 -------- d-----w- C:\Ubisoft

2014-05-15 15:35 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll

2014-05-15 15:35 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll

2014-05-15 15:35 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb

2014-05-15 15:35 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb

2014-05-15 10:06 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll

2014-05-15 10:06 . 2014-04-12 02:19 1460736 ----a-w- c:\windows\system32\lsasrv.dll

2014-05-15 10:06 . 2014-03-04 09:44 728064 ----a-w- c:\windows\system32\kerberos.dll

2014-05-15 10:06 . 2014-03-04 09:20 3969984 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2014-05-15 10:06 . 2014-03-04 09:17 550912 ----a-w- c:\windows\SysWow64\kerberos.dll

2014-05-15 10:06 . 2014-03-04 09:20 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2014-05-15 10:06 . 2014-03-04 09:43 455168 ----a-w- c:\windows\system32\winlogon.exe

2014-05-15 10:06 . 2014-03-04 09:44 314880 ----a-w- c:\windows\system32\msv1_0.dll

2014-05-15 10:06 . 2014-03-04 09:17 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll

2014-05-15 10:06 . 2014-03-04 09:44 722944 ----a-w- c:\windows\system32\objsel.dll

2014-05-15 10:06 . 2014-03-04 09:47 5550016 ----a-w- c:\windows\system32\ntoskrnl.exe

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-05-20 02:44 . 2014-03-11 23:14 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll

2014-05-20 02:44 . 2014-01-11 01:55 61216 ----a-w- c:\windows\system32\OpenCL.dll

2014-05-20 02:44 . 2014-01-11 01:55 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll

2014-05-20 02:44 . 2013-10-27 09:12 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2014-05-20 02:44 . 2013-10-27 09:12 3109248 ----a-w- c:\windows\system32\nvapi64.dll

2014-05-20 02:44 . 2013-10-27 09:12 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll

2014-05-20 02:44 . 2009-07-13 21:59 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll

2014-05-20 01:25 . 2014-01-11 01:56 6769096 ----a-w- c:\windows\system32\nvcpl.dll

2014-05-20 01:25 . 2014-01-11 01:56 3514144 ----a-w- c:\windows\system32\nvsvc64.dll

2014-05-20 01:25 . 2014-01-11 01:56 927520 ----a-w- c:\windows\system32\nvvsvc.exe

2014-05-20 01:25 . 2014-01-11 01:56 62808 ----a-w- c:\windows\system32\nvshext.dll

2014-05-20 01:25 . 2014-01-11 01:56 387528 ----a-w- c:\windows\system32\nvmctray.dll

2014-05-14 11:35 . 2014-01-09 23:28 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys

2014-05-14 11:35 . 2014-01-09 23:28 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys

2014-05-14 11:35 . 2014-01-09 23:28 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys

2014-05-14 11:34 . 2014-01-09 23:28 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2014-05-14 11:34 . 2014-05-14 11:35 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys

2014-05-14 11:34 . 2014-01-09 23:28 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2014-05-14 11:34 . 2014-01-09 23:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2014-05-14 11:34 . 2014-01-09 23:28 334648 ----a-w- c:\windows\system32\aswBoot.exe

2014-05-14 11:34 . 2014-01-09 23:28 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2014-05-14 11:34 . 2014-05-14 11:34 43152 ----a-w- c:\windows\avastSS.scr

2014-05-13 19:57 . 2014-05-13 19:57 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys

2014-04-30 18:29 . 2014-01-11 02:16 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll

2014-04-30 18:29 . 2014-01-11 02:16 1225920 ----a-w- c:\windows\system32\nvspcap64.dll

2014-04-14 19:13 . 2014-05-06 11:28 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-03-31 16:42 . 2014-01-11 02:06 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll

2014-03-31 08:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-06 3890208]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2014-03-13 3444424]

"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2014-04-17 585048]

.

c:\users\Curt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Curse.lnk - c:\users\Curt\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-5-11 8529160]

CurseClientStartup.ccip [2014-1-20 0]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]

R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]

R3 D-Vitec;D-Vitec Driver;c:\windows\system32\DRIVERS\dvitdcnt.sys;c:\windows\SYSNATIVE\DRIVERS\dvitdcnt.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 aswRvrt;avast! Revert; [x]

S0 aswVmm;avast! VM Monitor; [x]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]

S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]

S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]

S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]

S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]

S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]

S2 RzMaelstromVADStreamingService;Razer Surround Audio Service;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]

S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;c:\windows\system32\drivers\RzMaelstromVAD.sys;c:\windows\SYSNATIVE\drivers\RzMaelstromVAD.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

iissvcs REG_MULTI_SZ   w3svc was

apphost REG_MULTI_SZ   apphostsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-03-15 13:39 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20]

.

2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2014-05-14 11:34 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]

"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com


mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 194.168.4.100 194.168.8.100

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{B5967BB4-884D-4973-10D2-8E5DE7B40D10} - (no file)

BHO-{F1A6A5DC-6A35-5092-BF41-2D1F10F09C75} - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

AddRemove-{F1422DAA-0829-09A1-7536-73936CAB8FFA} - c:\programdata\Isaver\7kvU.exe

AddRemove-{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} - c:\programdata\AllSavier\AppG.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2477598826-2005863196-3422311147-1000\Software\SecuROM\License information*]

"datasecu"=hex:01,c2,ad,f1,dd,51,0c,7f,e4,ad,99,51,36,f0,c2,a0,5a,fd,b8,96,7a,

   10,4c,f9,f6,54,3a,5a,5a,73,e3,fa,df,b7,9c,67,bc,64,f2,83,ae,e9,ba,e4,34,5c,\

"rkeysecu"=hex:10,51,70,1f,da,82,73,90,5a,cb,79,1e,13,b7,af,d0

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\windows\SysWOW64\PnkBstrA.exe

.

**************************************************************************

.

Completion time: 2014-06-13  20:36:00 - machine was rebooted

ComboFix-quarantined-files.txt  2014-06-13 19:36

ComboFix2.txt  2014-06-13 18:50

ComboFix3.txt  2014-06-12 22:29

.

Pre-Run: 17,599,569,920 bytes free

Post-Run: 17,414,639,616 bytes free

.

- - End Of File - - 1F0ADF26FC30628E2CADA4A76166444F

A36C5E4F47E84449FF07ED3517B43A31

 

 

----------------------------------------------------------------------------------------

 


ComboFix 14-06-13.01 - Curt 13/06/2014  20:27:25.3.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.932.81.1033.18.8130.5926 [GMT 1:00]

Running from: c:\users\Curt\Desktop\ComboFix.exe

Command switches used :: c:\users\Curt\Desktop\CFScript.txt

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

FILE ::

"c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys"

"c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys"

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\trolatunt

c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys

c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys

.

.

(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_{0C0BB4A8-45A4-4685-9C1D-08D98AF4B926}GW64

-------\Legacy_{0C0BB4A8-45A4-4685-9C1D-08D98AF4B926}W64

-------\Service_{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64

-------\Service_{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64

-------\Service_Update trolatunt

-------\Service_Util trolatunt

.

.

(((((((((((((((((((((((((   Files Created from 2014-05-13 to 2014-06-13  )))))))))))))))))))))))))))))))

.

.

2014-06-13 19:30 . 2014-06-13 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-06-13 17:33 . 2014-06-13 17:33 -------- d-----w- c:\programdata\RogueKiller

2014-06-13 12:13 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92A78368-62C8-4F4F-A0DD-901C859AAAF0}\mpengine.dll

2014-06-12 14:41 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll

2014-06-12 14:41 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll

2014-06-12 14:41 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll

2014-06-12 14:41 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll

2014-06-12 14:41 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll

2014-06-12 14:41 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll

2014-06-12 14:41 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll

2014-06-12 14:41 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe

2014-06-12 14:41 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll

2014-06-12 14:41 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll

2014-06-12 14:41 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll

2014-06-12 14:41 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe

2014-06-11 12:45 . 2014-06-11 12:46 -------- d-----w- C:\AdwCleaner

2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\SysWow64\BestPractices

2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\system32\BestPractices

2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- C:\inetpub

2014-06-11 10:56 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll

2014-06-11 10:56 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll

2014-06-11 10:56 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys

2014-06-11 10:56 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS

2014-06-11 10:56 . 2014-03-26 14:44 2002432 ----a-w- c:\windows\system32\msxml6.dll

2014-06-11 10:56 . 2014-03-26 14:44 1882112 ----a-w- c:\windows\system32\msxml3.dll

2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll

2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll

2014-06-11 10:56 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll

2014-06-11 10:56 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll

2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll

2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll

2014-06-11 10:51 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll

2014-06-11 10:51 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll

2014-06-08 19:18 . 2014-06-08 19:26 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys

2014-06-08 19:18 . 2014-06-08 19:27 -------- d-----w- c:\users\Curt\AppData\Roaming\DAEMON Tools Lite

2014-06-08 19:18 . 2014-06-08 19:18 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite

2014-06-08 19:17 . 2014-06-08 19:17 -------- d-----w- c:\programdata\DAEMON Tools Lite

2014-05-31 16:49 . 2014-05-31 16:49 -------- d-----w- c:\programdata\RzMaelstromVAD_1.1.58.1854

2014-05-31 16:46 . 2014-05-31 16:46 -------- d-----w- c:\program files (x86)\Razer

2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\users\Curt\AppData\Local\Razer

2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\programdata\Razer

2014-05-26 20:21 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe

2014-05-26 20:20 . 2014-05-14 23:49 3774821 ----a-w- c:\windows\system32\nvcoproc.bin

2014-05-26 20:03 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys

2014-05-26 20:03 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll

2014-05-25 12:30 . 2014-06-09 12:54 -------- d-----w- c:\programdata\AllSavier

2014-05-23 11:02 . 2014-05-23 11:02 136704 ----a-w- c:\windows\SysWow64\RzVAD.dll

2014-05-23 10:34 . 2014-05-23 10:34 32768 ----a-w- c:\windows\system32\drivers\RzMaelstromVAD.sys

2014-05-23 10:31 . 2014-05-23 10:31 245760 ----a-w- c:\windows\system32\DriverInstallCACMD.exe

2014-05-23 10:31 . 2014-05-23 10:31 69632 ----a-w- c:\windows\system32\DriverInstallCA.dll

2014-05-21 21:40 . 2014-05-21 21:40 -------- d-----w- c:\users\Curt\AppData\Local\Packages

2014-05-21 21:40 . 2014-06-09 12:55 -------- d-----w- c:\programdata\Isaver

2014-05-21 19:02 . 2014-05-21 19:02 -------- d-----w- c:\program files (x86)\Common Files\Skype

2014-05-21 14:37 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\AppData\Local\gtk-2.0

2014-05-21 14:37 . 2014-05-21 14:37 -------- d-----w- c:\users\Curt\.thumbnails

2014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\fontconfig

2014-05-21 14:36 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\.gimp-2.8

2014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\gegl-0.2

2014-05-20 16:12 . 2014-05-26 19:16 -------- d-----w- C:\Ubisoft

2014-05-15 15:35 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll

2014-05-15 15:35 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll

2014-05-15 15:35 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb

2014-05-15 15:35 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb

2014-05-15 10:06 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll

2014-05-15 10:06 . 2014-04-12 02:19 1460736 ----a-w- c:\windows\system32\lsasrv.dll

2014-05-15 10:06 . 2014-03-04 09:44 728064 ----a-w- c:\windows\system32\kerberos.dll

2014-05-15 10:06 . 2014-03-04 09:20 3969984 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2014-05-15 10:06 . 2014-03-04 09:17 550912 ----a-w- c:\windows\SysWow64\kerberos.dll

2014-05-15 10:06 . 2014-03-04 09:20 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2014-05-15 10:06 . 2014-03-04 09:43 455168 ----a-w- c:\windows\system32\winlogon.exe

2014-05-15 10:06 . 2014-03-04 09:44 314880 ----a-w- c:\windows\system32\msv1_0.dll

2014-05-15 10:06 . 2014-03-04 09:17 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll

2014-05-15 10:06 . 2014-03-04 09:44 722944 ----a-w- c:\windows\system32\objsel.dll

2014-05-15 10:06 . 2014-03-04 09:47 5550016 ----a-w- c:\windows\system32\ntoskrnl.exe

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-05-20 02:44 . 2014-03-11 23:14 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll

2014-05-20 02:44 . 2014-01-11 01:55 61216 ----a-w- c:\windows\system32\OpenCL.dll

2014-05-20 02:44 . 2014-01-11 01:55 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll

2014-05-20 02:44 . 2013-10-27 09:12 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll

2014-05-20 02:44 . 2013-10-27 09:12 3109248 ----a-w- c:\windows\system32\nvapi64.dll

2014-05-20 02:44 . 2013-10-27 09:12 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll

2014-05-20 02:44 . 2009-07-13 21:59 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll

2014-05-20 01:25 . 2014-01-11 01:56 6769096 ----a-w- c:\windows\system32\nvcpl.dll

2014-05-20 01:25 . 2014-01-11 01:56 3514144 ----a-w- c:\windows\system32\nvsvc64.dll

2014-05-20 01:25 . 2014-01-11 01:56 927520 ----a-w- c:\windows\system32\nvvsvc.exe

2014-05-20 01:25 . 2014-01-11 01:56 62808 ----a-w- c:\windows\system32\nvshext.dll

2014-05-20 01:25 . 2014-01-11 01:56 387528 ----a-w- c:\windows\system32\nvmctray.dll

2014-05-14 11:35 . 2014-01-09 23:28 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys

2014-05-14 11:35 . 2014-01-09 23:28 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys

2014-05-14 11:35 . 2014-01-09 23:28 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys

2014-05-14 11:34 . 2014-01-09 23:28 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys

2014-05-14 11:34 . 2014-05-14 11:35 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys

2014-05-14 11:34 . 2014-01-09 23:28 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys

2014-05-14 11:34 . 2014-01-09 23:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2014-05-14 11:34 . 2014-01-09 23:28 334648 ----a-w- c:\windows\system32\aswBoot.exe

2014-05-14 11:34 . 2014-01-09 23:28 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys

2014-05-14 11:34 . 2014-05-14 11:34 43152 ----a-w- c:\windows\avastSS.scr

2014-05-13 19:57 . 2014-05-13 19:57 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys

2014-04-30 18:29 . 2014-01-11 02:16 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll

2014-04-30 18:29 . 2014-01-11 02:16 1225920 ----a-w- c:\windows\system32\nvspcap64.dll

2014-04-14 19:13 . 2014-05-06 11:28 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2014-03-31 16:42 . 2014-01-11 02:06 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll

2014-03-31 08:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-06 3890208]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2014-03-13 3444424]

"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2014-04-17 585048]

.

c:\users\Curt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Curse.lnk - c:\users\Curt\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-5-11 8529160]

CurseClientStartup.ccip [2014-1-20 0]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=1 (0x1)

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]

R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]

R3 D-Vitec;D-Vitec Driver;c:\windows\system32\DRIVERS\dvitdcnt.sys;c:\windows\SYSNATIVE\DRIVERS\dvitdcnt.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

S0 aswRvrt;avast! Revert; [x]

S0 aswVmm;avast! VM Monitor; [x]

S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]

S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]

S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]

S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]

S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]

S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]

S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]

S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]

S2 RzMaelstromVADStreamingService;Razer Surround Audio Service;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]

S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;c:\windows\system32\drivers\RzMaelstromVAD.sys;c:\windows\SYSNATIVE\drivers\RzMaelstromVAD.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

iissvcs REG_MULTI_SZ   w3svc was

apphost REG_MULTI_SZ   apphostsvc

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-03-15 13:39 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20]

.

2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2014-05-14 11:34 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]

"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com


mLocal Page = c:\windows\SysWOW64\blank.htm

TCP: DhcpNameServer = 194.168.4.100 194.168.8.100

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{B5967BB4-884D-4973-10D2-8E5DE7B40D10} - (no file)

BHO-{F1A6A5DC-6A35-5092-BF41-2D1F10F09C75} - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

AddRemove-{F1422DAA-0829-09A1-7536-73936CAB8FFA} - c:\programdata\Isaver\7kvU.exe

AddRemove-{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} - c:\programdata\AllSavier\AppG.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2477598826-2005863196-3422311147-1000\Software\SecuROM\License information*]

"datasecu"=hex:01,c2,ad,f1,dd,51,0c,7f,e4,ad,99,51,36,f0,c2,a0,5a,fd,b8,96,7a,

   10,4c,f9,f6,54,3a,5a,5a,73,e3,fa,df,b7,9c,67,bc,64,f2,83,ae,e9,ba,e4,34,5c,\

"rkeysecu"=hex:10,51,70,1f,da,82,73,90,5a,cb,79,1e,13,b7,af,d0

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files\AVAST Software\Avast\AvastSvc.exe

c:\windows\SysWOW64\PnkBstrA.exe

.

**************************************************************************

.

Completion time: 2014-06-13  20:36:00 - machine was rebooted

ComboFix-quarantined-files.txt  2014-06-13 19:36

ComboFix2.txt  2014-06-13 18:50

ComboFix3.txt  2014-06-12 22:29

.

Pre-Run: 17,599,569,920 bytes free

Post-Run: 17,414,639,616 bytes free

.

- - End Of File - - 1F0ADF26FC30628E2CADA4A76166444F

A36C5E4F47E84449FF07ED3517B43A31

 

Link to post
Share on other sites

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir a variant of Win64/Conduit.SearchProtect.A potentially unwanted application

C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted application

C:\AdwCleaner\Quarantine\C\ProgramData\Happy2Save\Qt.dll.vir a variant of Win32/AdWare.MultiPlug.N application

C:\Users\Curt\Downloads\DTLite4491-0356.exe Win32/DownWare.L potentially unwanted application

C:\Users\Curt\Downloads\VLCv213.exe a variant of Win32/OpenInstall potentially unwanted application
Link to post
Share on other sites

  • 3 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.