CurtisAllen Posted June 12, 2014 ID:840866 Share Posted June 12, 2014 Hello friends! I'm trying to install Malware Bytes into my PC as I keep getting this advertisement on my brosers called Trolatunt, but everytime I try and install Malware Bytes the titled message keeps coming up. I've downloaded it 9 times from different websites and it happens everytime, I was wondering if you could help a brother out. Thanks in advance Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841077 Share Posted June 13, 2014 Could I get some help please? Link to post Share on other sites More sharing options...
kevinf80 Posted June 13, 2014 ID:841088 Share Posted June 13, 2014 Hello and P2P/Piracy Warning: If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy. Download Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.Double-click to run it. When the tool opens click Yes to disclaimer.Press Scan button.It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply. Kevin.. Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841145 Share Posted June 13, 2014 Hi Kevin, when I double click the downloaded file this comes up. "C:\Users\Curt\Downloads\FIRST64.exe is not a valid Win32 application." I have Windows7 64bit Link to post Share on other sites More sharing options...
kevinf80 Posted June 13, 2014 ID:841163 Share Posted June 13, 2014 Right click on FIRST64.exe, then select "Run as Administrator" Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841169 Share Posted June 13, 2014 Same thing comes up mate Link to post Share on other sites More sharing options...
kevinf80 Posted June 13, 2014 ID:841172 Share Posted June 13, 2014 Please download RKill from here: http://www.bleepingcomputer.com/download/rkill/ There are three buttons to choose from with different names on, select the first one and save it to your desktop. Double-click on the Rkill desktop icon to run the tool. If using Vista or Windows 7, right-click on it and Run As Administrator. A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully. A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply. If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time. If the tool does not run from any of the links provided, please let me know. If RKill runs and completes try FRST again... Thanks, Kevin Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841178 Share Posted June 13, 2014 Hi again Kevin When I click on RKill.exe normally this message comes up:'The application was unable to start correctly (0xc000005). Click OK to close the application.' Nothing happens when I run it as administrator When I downloaded the 2nd one nothing happened when I ran it normally or as administrator On the 3rd one I wasnt able to run it as administrator as the option wasn't there, when I ran it normally this came up:'C:\Users\Curt\Desktop\rkill.com The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log ot use the command-line sxstrace.exe tool for more detail.' Link to post Share on other sites More sharing options...
kevinf80 Posted June 13, 2014 ID:841200 Share Posted June 13, 2014 Download TDSSKiller and save it to your Desktop. Make sure TDSSKiller.exe is on the Desktop itself, not within a folder on the desktop. Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK. "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.If Malicious objects are found, do NOT select Delete or Cure. Change the action to Skip, When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here. Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841205 Share Posted June 13, 2014 It says 'post too long' when I try and copy and paste it mate, what do I do? Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841209 Share Posted June 13, 2014 17:54:34.0109 0x16f0 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:5417:54:48.0440 0x16f0 ============================================================17:54:48.0440 0x16f0 Current date / time: 2014/06/13 17:54:48.044017:54:48.0440 0x16f0 SystemInfo:17:54:48.0440 0x16f0 17:54:48.0440 0x16f0 OS Version: 6.1.7601 ServicePack: 1.017:54:48.0440 0x16f0 Product type: Workstation17:54:48.0440 0x16f0 ComputerName: CURT-PC17:54:48.0440 0x16f0 UserName: Curt17:54:48.0441 0x16f0 Windows directory: C:\Windows17:54:48.0441 0x16f0 System windows directory: C:\Windows17:54:48.0441 0x16f0 Running under WOW6417:54:48.0441 0x16f0 Processor architecture: Intel x6417:54:48.0441 0x16f0 Number of processors: 417:54:48.0441 0x16f0 Page size: 0x100017:54:48.0441 0x16f0 Boot type: Normal boot17:54:48.0441 0x16f0 ============================================================17:54:50.0576 0x16f0 KLMD registered as C:\Windows\system32\drivers\33496738.sys17:54:50.0870 0x16f0 System UUID: {CB5F546E-B4A6-9F29-2127-51C94DF64492}17:54:51.0443 0x16f0 Drive \Device\Harddisk1\DR1 - Size: 0x12A05F2000 ( 74.51 Gb ), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004017:54:51.0470 0x16f0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x0000004017:54:51.0493 0x16f0 ============================================================17:54:51.0494 0x16f0 \Device\Harddisk1\DR1:17:54:51.0501 0x16f0 MBR partitions:17:54:51.0501 0x16f0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3200017:54:51.0501 0x16f0 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x94CF80017:54:51.0501 0x16f0 \Device\Harddisk0\DR0:17:54:51.0503 0x16f0 MBR partitions:17:54:51.0503 0x16f0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x7470580017:54:51.0503 0x16f0 ============================================================17:54:51.0532 0x16f0 C: <-> \Device\Harddisk1\DR1\Partition217:54:51.0536 0x16f0 D: <-> \Device\Harddisk0\DR0\Partition117:54:51.0536 0x16f0 ============================================================17:54:51.0537 0x16f0 Initialize success17:54:51.0537 0x16f0 ============================================================17:55:00.0507 0x171c ============================================================17:55:00.0507 0x171c Scan started17:55:00.0507 0x171c Mode: Manual; 17:55:00.0507 0x171c ============================================================17:55:00.0507 0x171c KSN ping started17:55:14.0206 0x171c KSN ping finished: true17:55:15.0618 0x171c ================ Scan system memory ========================17:55:15.0619 0x171c System memory - ok17:55:15.0619 0x171c ================ Scan services =============================17:55:15.0751 0x171c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys17:55:15.0769 0x171c 1394ohci - ok17:55:15.0813 0x171c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys17:55:15.0830 0x171c ACPI - ok17:55:15.0849 0x171c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys17:55:15.0851 0x171c AcpiPmi - ok17:55:15.0912 0x171c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys17:55:15.0953 0x171c adp94xx - ok17:55:15.0993 0x171c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys17:55:16.0008 0x171c adpahci - ok17:55:16.0025 0x171c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys17:55:16.0034 0x171c adpu320 - ok17:55:16.0060 0x171c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll17:55:16.0062 0x171c AeLookupSvc - ok17:55:16.0109 0x171c [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys17:55:16.0154 0x171c AFD - ok17:55:16.0181 0x171c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys17:55:16.0183 0x171c agp440 - ok17:55:16.0207 0x171c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe17:55:16.0209 0x171c ALG - ok17:55:16.0249 0x171c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys17:55:16.0250 0x171c aliide - ok17:55:16.0270 0x171c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys17:55:16.0271 0x171c amdide - ok17:55:16.0299 0x171c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys17:55:16.0303 0x171c AmdK8 - ok17:55:16.0328 0x171c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys17:55:16.0332 0x171c AmdPPM - ok17:55:16.0389 0x171c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys17:55:16.0396 0x171c amdsata - ok17:55:16.0424 0x171c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys17:55:16.0441 0x171c amdsbs - ok17:55:16.0468 0x171c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys17:55:16.0470 0x171c amdxata - ok17:55:16.0566 0x171c [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll17:55:16.0571 0x171c AppHostSvc - ok17:55:16.0617 0x171c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys17:55:16.0621 0x171c AppID - ok17:55:16.0652 0x171c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll17:55:16.0656 0x171c AppIDSvc - ok17:55:16.0708 0x171c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll17:55:16.0712 0x171c Appinfo - ok17:55:16.0751 0x171c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys17:55:16.0756 0x171c arc - ok17:55:16.0772 0x171c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys17:55:16.0778 0x171c arcsas - ok17:55:16.0894 0x171c [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe17:55:16.0953 0x171c asComSvc - ok17:55:17.0017 0x171c [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys17:55:17.0019 0x171c AsIO - ok17:55:17.0280 0x171c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe17:55:17.0282 0x171c aspnet_state - ok17:55:17.0367 0x171c [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys17:55:17.0369 0x171c aswHwid - ok17:55:17.0384 0x171c [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys17:55:17.0387 0x171c aswMonFlt - ok17:55:17.0408 0x171c [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys17:55:17.0411 0x171c aswRdr - ok17:55:17.0425 0x171c [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys17:55:17.0427 0x171c aswRvrt - ok17:55:17.0510 0x171c [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys17:55:17.0529 0x171c aswSnx - ok17:55:17.0555 0x171c [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP C:\Windows\system32\drivers\aswSP.sys17:55:17.0560 0x171c aswSP - ok17:55:17.0576 0x171c [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm C:\Windows\system32\drivers\aswStm.sys17:55:17.0577 0x171c aswStm - ok17:55:17.0596 0x171c [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys17:55:17.0604 0x171c aswVmm - ok17:55:17.0644 0x171c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys17:55:17.0646 0x171c AsyncMac - ok17:55:17.0681 0x171c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys17:55:17.0683 0x171c atapi - ok17:55:17.0743 0x171c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll17:55:17.0777 0x171c AudioEndpointBuilder - ok17:55:17.0810 0x171c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll17:55:17.0820 0x171c AudioSrv - ok17:55:17.0944 0x171c [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe17:55:17.0948 0x171c avast! Antivirus - ok17:55:17.0979 0x171c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll17:55:17.0986 0x171c AxInstSV - ok17:55:18.0060 0x171c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys17:55:18.0085 0x171c b06bdrv - ok17:55:18.0142 0x171c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys17:55:18.0168 0x171c b57nd60a - ok17:55:18.0207 0x171c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll17:55:18.0211 0x171c BDESVC - ok17:55:18.0220 0x171c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys17:55:18.0221 0x171c Beep - ok17:55:18.0275 0x171c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll17:55:18.0309 0x171c BFE - ok17:55:18.0362 0x171c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll17:55:18.0390 0x171c BITS - ok17:55:18.0410 0x171c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys17:55:18.0411 0x171c blbdrive - ok17:55:18.0460 0x171c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys17:55:18.0462 0x171c bowser - ok17:55:18.0550 0x171c [ D4F84730BE7FEB435D119792F84EA934, AE66026CEF3E3F71A210C903E55C327955872B22F01E80FC3410B0AA1355062C ] BRDriver64 C:\ProgramData\BitRaider\BRDriver64.sys17:55:18.0552 0x171c BRDriver64 - ok17:55:18.0597 0x171c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys17:55:18.0598 0x171c BrFiltLo - ok17:55:18.0618 0x171c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys17:55:18.0619 0x171c BrFiltUp - ok17:55:18.0659 0x171c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys17:55:18.0661 0x171c BridgeMP - ok17:55:18.0715 0x171c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll17:55:18.0723 0x171c Browser - ok17:55:18.0752 0x171c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys17:55:18.0769 0x171c Brserid - ok17:55:18.0787 0x171c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys17:55:18.0789 0x171c BrSerWdm - ok17:55:18.0865 0x171c [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc C:\ProgramData\BitRaider\BRSptSvc.exe17:55:18.0895 0x171c BRSptSvc - ok17:55:18.0931 0x171c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys17:55:18.0934 0x171c BrUsbMdm - ok17:55:18.0954 0x171c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys17:55:18.0957 0x171c BrUsbSer - ok17:55:18.0984 0x171c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys17:55:18.0988 0x171c BTHMODEM - ok17:55:19.0034 0x171c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll17:55:19.0039 0x171c bthserv - ok17:55:19.0250 0x171c [ 72551A9AE5F68905DFC3CBA0D5242566, 15C273519C3AD1B2AF68F669125AFE607A86A60D680E299631D5E893C3CAA7E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe17:55:19.0305 0x171c c2cautoupdatesvc - ok17:55:19.0461 0x171c [ 6B669A00A431FF6CDCE67458933F5F0F, 81419EB18BB4EB96E48C99A1D45B0267E779E135427B3AEC872A1A5DD810B23F ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe17:55:19.0497 0x171c c2cpnrsvc - ok17:55:19.0516 0x171c catchme - ok17:55:19.0548 0x171c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys17:55:19.0551 0x171c cdfs - ok17:55:19.0597 0x171c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys17:55:19.0614 0x171c cdrom - ok17:55:19.0651 0x171c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll17:55:19.0655 0x171c CertPropSvc - ok17:55:19.0688 0x171c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys17:55:19.0690 0x171c circlass - ok17:55:19.0731 0x171c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys17:55:19.0756 0x171c CLFS - ok17:55:19.0826 0x171c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe17:55:19.0830 0x171c clr_optimization_v2.0.50727_32 - ok17:55:19.0859 0x171c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe17:55:19.0864 0x171c clr_optimization_v2.0.50727_64 - ok17:55:19.0964 0x171c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe17:55:19.0990 0x171c clr_optimization_v4.0.30319_32 - ok17:55:20.0011 0x171c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe17:55:20.0013 0x171c clr_optimization_v4.0.30319_64 - ok17:55:20.0034 0x171c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys17:55:20.0035 0x171c CmBatt - ok17:55:20.0066 0x171c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys17:55:20.0066 0x171c cmdide - ok17:55:20.0140 0x171c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys17:55:20.0171 0x171c CNG - ok17:55:20.0206 0x171c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys17:55:20.0208 0x171c Compbatt - ok17:55:20.0248 0x171c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys17:55:20.0251 0x171c CompositeBus - ok17:55:20.0270 0x171c COMSysApp - ok17:55:20.0287 0x171c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys17:55:20.0289 0x171c crcdisk - ok17:55:20.0348 0x171c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll17:55:20.0365 0x171c CryptSvc - ok17:55:20.0421 0x171c [ AF5F50B2F20438EC929418C9AD0F5D21, 3AFEE1941339D2633A1C5CEF08656831D276B7FF77E468865D138185E0DB03A5 ] D-Vitec C:\Windows\system32\DRIVERS\dvitdcnt.sys17:55:20.0437 0x171c D-Vitec - ok17:55:20.0480 0x171c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll17:55:20.0503 0x171c DcomLaunch - ok17:55:20.0530 0x171c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll17:55:20.0552 0x171c defragsvc - ok17:55:20.0578 0x171c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys17:55:20.0581 0x171c DfsC - ok17:55:20.0606 0x171c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll17:55:20.0623 0x171c Dhcp - ok17:55:20.0634 0x171c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys17:55:20.0635 0x171c discache - ok17:55:20.0663 0x171c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys17:55:20.0665 0x171c Disk - ok17:55:20.0720 0x171c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll17:55:20.0733 0x171c Dnscache - ok17:55:20.0769 0x171c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll17:55:20.0786 0x171c dot3svc - ok17:55:20.0794 0x171c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll17:55:20.0799 0x171c DPS - ok17:55:20.0847 0x171c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys17:55:20.0848 0x171c drmkaud - ok17:55:20.0916 0x171c [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys17:55:20.0924 0x171c dtsoftbus01 - ok17:55:21.0003 0x171c [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys17:55:21.0016 0x171c DXGKrnl - ok17:55:21.0052 0x171c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll17:55:21.0055 0x171c EapHost - ok17:55:21.0542 0x171c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys17:55:21.0709 0x171c ebdrv - ok17:55:21.0744 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe17:55:21.0745 0x171c EFS - ok17:55:21.0853 0x171c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe17:55:21.0906 0x171c ehRecvr - ok17:55:21.0922 0x171c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe17:55:21.0928 0x171c ehSched - ok17:55:21.0988 0x171c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys17:55:22.0022 0x171c elxstor - ok17:55:22.0042 0x171c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys17:55:22.0044 0x171c ErrDev - ok17:55:22.0105 0x171c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll17:55:22.0130 0x171c EventSystem - ok17:55:22.0170 0x171c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys17:55:22.0188 0x171c exfat - ok17:55:22.0217 0x171c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys17:55:22.0232 0x171c fastfat - ok17:55:22.0289 0x171c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe17:55:22.0323 0x171c Fax - ok17:55:22.0351 0x171c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys17:55:22.0353 0x171c fdc - ok17:55:22.0365 0x171c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll17:55:22.0367 0x171c fdPHost - ok17:55:22.0379 0x171c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll17:55:22.0382 0x171c FDResPub - ok17:55:22.0395 0x171c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys17:55:22.0397 0x171c FileInfo - ok17:55:22.0406 0x171c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys17:55:22.0408 0x171c Filetrace - ok17:55:22.0428 0x171c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys17:55:22.0429 0x171c flpydisk - ok17:55:22.0464 0x171c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys17:55:22.0481 0x171c FltMgr - ok17:55:22.0582 0x171c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll17:55:22.0655 0x171c FontCache - ok17:55:22.0713 0x171c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe17:55:22.0718 0x171c FontCache3.0.0.0 - ok17:55:22.0744 0x171c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys17:55:22.0748 0x171c FsDepends - ok17:55:22.0791 0x171c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys17:55:22.0793 0x171c Fs_Rec - ok17:55:22.0852 0x171c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys17:55:22.0868 0x171c fvevol - ok17:55:22.0900 0x171c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys17:55:22.0904 0x171c gagp30kx - ok17:55:22.0962 0x171c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll17:55:23.0006 0x171c gpsvc - ok17:55:23.0059 0x171c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe17:55:23.0062 0x171c gupdate - ok17:55:23.0066 0x171c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe17:55:23.0068 0x171c gupdatem - ok17:55:23.0085 0x171c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys17:55:23.0086 0x171c hcw85cir - ok17:55:23.0128 0x171c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys17:55:23.0145 0x171c HdAudAddService - ok17:55:23.0251 0x171c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys17:55:23.0254 0x171c HDAudBus - ok17:55:23.0273 0x171c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys17:55:23.0274 0x171c HidBatt - ok17:55:23.0293 0x171c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys17:55:23.0296 0x171c HidBth - ok17:55:23.0320 0x171c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys17:55:23.0322 0x171c HidIr - ok17:55:23.0346 0x171c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll17:55:23.0351 0x171c hidserv - ok17:55:23.0395 0x171c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys17:55:23.0397 0x171c HidUsb - ok17:55:23.0435 0x171c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll17:55:23.0445 0x171c hkmsvc - ok17:55:23.0466 0x171c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll17:55:23.0483 0x171c HomeGroupListener - ok17:55:23.0518 0x171c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll17:55:23.0527 0x171c HomeGroupProvider - ok17:55:23.0547 0x171c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys17:55:23.0549 0x171c HpSAMD - ok17:55:23.0613 0x171c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys17:55:23.0640 0x171c HTTP - ok17:55:23.0663 0x171c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys17:55:23.0663 0x171c hwpolicy - ok17:55:23.0706 0x171c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys17:55:23.0710 0x171c i8042prt - ok17:55:23.0752 0x171c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys17:55:23.0773 0x171c iaStorV - ok17:55:23.0848 0x171c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe17:55:23.0914 0x171c idsvc - ok17:55:23.0933 0x171c IEEtwCollectorService - ok17:55:23.0960 0x171c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys17:55:23.0963 0x171c iirsp - ok17:55:24.0043 0x171c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll17:55:24.0101 0x171c IKEEXT - ok17:55:24.0123 0x171c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys17:55:24.0125 0x171c intelide - ok17:55:24.0166 0x171c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys17:55:24.0169 0x171c intelppm - ok17:55:24.0203 0x171c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll17:55:24.0209 0x171c IPBusEnum - ok17:55:24.0236 0x171c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys17:55:24.0240 0x171c IpFilterDriver - ok17:55:24.0330 0x171c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll17:55:24.0365 0x171c iphlpsvc - ok17:55:24.0382 0x171c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys17:55:24.0386 0x171c IPMIDRV - ok17:55:24.0401 0x171c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys17:55:24.0406 0x171c IPNAT - ok17:55:24.0435 0x171c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys17:55:24.0437 0x171c IRENUM - ok17:55:24.0470 0x171c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys17:55:24.0472 0x171c isapnp - ok17:55:24.0528 0x171c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys17:55:24.0553 0x171c iScsiPrt - ok17:55:24.0583 0x171c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys17:55:24.0586 0x171c kbdclass - ok17:55:24.0605 0x171c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys17:55:24.0607 0x171c kbdhid - ok17:55:24.0618 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe17:55:24.0621 0x171c KeyIso - ok17:55:24.0660 0x171c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys17:55:24.0663 0x171c KSecDD - ok17:55:24.0678 0x171c [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys17:55:24.0686 0x171c KSecPkg - ok17:55:24.0701 0x171c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys17:55:24.0702 0x171c ksthunk - ok17:55:24.0739 0x171c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll17:55:24.0757 0x171c KtmRm - ok17:55:24.0794 0x171c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll17:55:24.0811 0x171c LanmanServer - ok17:55:24.0838 0x171c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll17:55:24.0844 0x171c LanmanWorkstation - ok17:55:24.0876 0x171c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys17:55:24.0879 0x171c lltdio - ok17:55:24.0911 0x171c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll17:55:24.0934 0x171c lltdsvc - ok17:55:24.0956 0x171c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll17:55:24.0959 0x171c lmhosts - ok17:55:24.0995 0x171c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys17:55:25.0002 0x171c LSI_FC - ok17:55:25.0039 0x171c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys17:55:25.0043 0x171c LSI_SAS - ok17:55:25.0062 0x171c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys17:55:25.0064 0x171c LSI_SAS2 - ok17:55:25.0088 0x171c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys17:55:25.0090 0x171c LSI_SCSI - ok17:55:25.0111 0x171c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys17:55:25.0114 0x171c luafv - ok17:55:25.0137 0x171c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll17:55:25.0140 0x171c Mcx2Svc - ok17:55:25.0151 0x171c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys17:55:25.0152 0x171c megasas - ok17:55:25.0224 0x171c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys17:55:25.0262 0x171c MegaSR - ok17:55:25.0398 0x171c [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys17:55:25.0402 0x171c MEIx64 - ok17:55:25.0437 0x171c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll17:55:25.0442 0x171c MMCSS - ok17:55:25.0455 0x171c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys17:55:25.0458 0x171c Modem - ok17:55:25.0491 0x171c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys17:55:25.0492 0x171c monitor - ok17:55:25.0522 0x171c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys17:55:25.0524 0x171c mouclass - ok17:55:25.0551 0x171c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys17:55:25.0552 0x171c mouhid - ok17:55:25.0582 0x171c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys17:55:25.0585 0x171c mountmgr - ok17:55:25.0609 0x171c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys17:55:25.0634 0x171c mpio - ok17:55:25.0656 0x171c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys17:55:25.0659 0x171c mpsdrv - ok17:55:25.0718 0x171c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll17:55:25.0760 0x171c MpsSvc - ok17:55:25.0814 0x171c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys17:55:25.0830 0x171c MRxDAV - ok17:55:25.0875 0x171c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys17:55:25.0891 0x171c mrxsmb - ok17:55:25.0913 0x171c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys17:55:25.0930 0x171c mrxsmb10 - ok17:55:25.0954 0x171c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys17:55:25.0958 0x171c mrxsmb20 - ok17:55:25.0995 0x171c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys17:55:25.0997 0x171c msahci - ok17:55:26.0030 0x171c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys17:55:26.0060 0x171c msdsm - ok17:55:26.0086 0x171c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe17:55:26.0102 0x171c MSDTC - ok17:55:26.0139 0x171c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys17:55:26.0141 0x171c Msfs - ok17:55:26.0185 0x171c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys17:55:26.0187 0x171c mshidkmdf - ok17:55:26.0198 0x171c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys17:55:26.0199 0x171c msisadrv - ok17:55:26.0231 0x171c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll17:55:26.0248 0x171c MSiSCSI - ok17:55:26.0252 0x171c msiserver - ok17:55:26.0279 0x171c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys17:55:26.0281 0x171c MSKSSRV - ok17:55:26.0289 0x171c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys17:55:26.0290 0x171c MSPCLOCK - ok17:55:26.0313 0x171c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys17:55:26.0314 0x171c MSPQM - ok17:55:26.0344 0x171c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys17:55:26.0369 0x171c MsRPC - ok17:55:26.0386 0x171c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys17:55:26.0388 0x171c mssmbios - ok17:55:26.0405 0x171c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys17:55:26.0406 0x171c MSTEE - ok17:55:26.0420 0x171c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys17:55:26.0421 0x171c MTConfig - ok17:55:26.0438 0x171c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys17:55:26.0440 0x171c Mup - ok17:55:26.0488 0x171c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll17:55:26.0513 0x171c napagent - ok17:55:26.0549 0x171c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys17:55:26.0566 0x171c NativeWifiP - ok17:55:26.0648 0x171c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys17:55:26.0682 0x171c NDIS - ok17:55:26.0719 0x171c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys17:55:26.0720 0x171c NdisCap - ok17:55:26.0750 0x171c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys17:55:26.0752 0x171c NdisTapi - ok17:55:26.0773 0x171c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys17:55:26.0776 0x171c Ndisuio - ok17:55:26.0799 0x171c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys17:55:26.0816 0x171c NdisWan - ok17:55:26.0838 0x171c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys17:55:26.0841 0x171c NDProxy - ok17:55:26.0854 0x171c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys17:55:26.0857 0x171c NetBIOS - ok17:55:26.0882 0x171c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys17:55:26.0898 0x171c NetBT - ok17:55:26.0916 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe17:55:26.0919 0x171c Netlogon - ok17:55:26.0964 0x171c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll17:55:26.0990 0x171c Netman - ok17:55:27.0031 0x171c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe17:55:27.0036 0x171c NetMsmqActivator - ok17:55:27.0056 0x171c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe17:55:27.0061 0x171c NetPipeActivator - ok17:55:27.0082 0x171c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll17:55:27.0116 0x171c netprofm - ok17:55:27.0125 0x171c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe17:55:27.0130 0x171c NetTcpActivator - ok17:55:27.0139 0x171c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe17:55:27.0144 0x171c NetTcpPortSharing - ok17:55:27.0200 0x171c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys17:55:27.0202 0x171c nfrd960 - ok17:55:27.0257 0x171c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll17:55:27.0293 0x171c NlaSvc - ok17:55:27.0303 0x171c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys17:55:27.0305 0x171c Npfs - ok17:55:27.0330 0x171c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll17:55:27.0332 0x171c nsi - ok17:55:27.0342 0x171c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys17:55:27.0343 0x171c nsiproxy - ok17:55:27.0484 0x171c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys17:55:27.0578 0x171c Ntfs - ok17:55:27.0603 0x171c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys17:55:27.0604 0x171c Null - ok17:55:28.0024 0x171c [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys17:55:28.0170 0x171c nvlddmkm - ok17:55:28.0316 0x171c [ C50CD479FD1BB886244E2663DFFBCF6A, CCFB60425E56A12C097EC05A9E5549B4F4A10379818ABC64945487C16F882E3D ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe17:55:28.0339 0x171c NvNetworkService - ok17:55:28.0362 0x171c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys17:55:28.0370 0x171c nvraid - ok17:55:28.0403 0x171c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys17:55:28.0411 0x171c nvstor - ok17:55:28.0521 0x171c [ AD7A2F3AF147B2CF302EBF7C1E01E027, B8DAAE7FE4B13C9CA3F1DEE7C98F5CA49D4D1678C82C51D6801210838319BAE5 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys17:55:28.0524 0x171c NvStreamKms - ok17:55:28.0531 0x171c NvStreamSvc - ok17:55:28.0629 0x171c [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc C:\Windows\system32\nvvsvc.exe17:55:28.0681 0x171c nvsvc - ok17:55:28.0725 0x171c [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys17:55:28.0727 0x171c nvvad_WaveExtensible - ok17:55:28.0776 0x171c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys17:55:28.0781 0x171c nv_agp - ok17:55:28.0803 0x171c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys17:55:28.0806 0x171c ohci1394 - ok17:55:28.0845 0x171c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll17:55:28.0863 0x171c p2pimsvc - ok17:55:28.0892 0x171c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll17:55:28.0918 0x171c p2psvc - ok17:55:28.0937 0x171c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys17:55:28.0941 0x171c Parport - ok17:55:28.0986 0x171c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys17:55:28.0992 0x171c partmgr - ok17:55:29.0015 0x171c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll17:55:29.0039 0x171c PcaSvc - ok17:55:29.0072 0x171c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys17:55:29.0088 0x171c pci - ok17:55:29.0125 0x171c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys17:55:29.0127 0x171c pciide - ok17:55:29.0161 0x171c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys17:55:29.0195 0x171c pcmcia - ok17:55:29.0213 0x171c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys17:55:29.0214 0x171c pcw - ok17:55:29.0229 0x171c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys17:55:29.0266 0x171c PEAUTH - ok17:55:29.0348 0x171c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe17:55:29.0353 0x171c PerfHost - ok17:55:29.0456 0x171c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll17:55:29.0527 0x171c pla - ok17:55:29.0603 0x171c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll17:55:29.0636 0x171c PlugPlay - ok17:55:29.0658 0x171c PnkBstrA - ok17:55:29.0678 0x171c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll17:55:29.0682 0x171c PNRPAutoReg - ok17:55:29.0707 0x171c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll17:55:29.0718 0x171c PNRPsvc - ok17:55:29.0779 0x171c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll17:55:29.0817 0x171c PolicyAgent - ok17:55:29.0853 0x171c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll17:55:29.0869 0x171c Power - ok17:55:29.0901 0x171c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys17:55:29.0904 0x171c PptpMiniport - ok17:55:29.0924 0x171c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys17:55:29.0926 0x171c Processor - ok17:55:29.0952 0x171c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll17:55:29.0959 0x171c ProfSvc - ok17:55:29.0982 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe17:55:29.0984 0x171c ProtectedStorage - ok17:55:30.0013 0x171c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys17:55:30.0021 0x171c Psched - ok17:55:30.0118 0x171c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys17:55:30.0177 0x171c ql2300 - ok17:55:30.0208 0x171c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys17:55:30.0211 0x171c ql40xx - ok17:55:30.0252 0x171c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll17:55:30.0277 0x171c QWAVE - ok17:55:30.0290 0x171c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys17:55:30.0293 0x171c QWAVEdrv - ok17:55:30.0307 0x171c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys17:55:30.0309 0x171c RasAcd - ok17:55:30.0345 0x171c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys17:55:30.0347 0x171c RasAgileVpn - ok17:55:30.0376 0x171c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll17:55:30.0383 0x171c RasAuto - ok17:55:30.0401 0x171c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys17:55:30.0406 0x171c Rasl2tp - ok17:55:30.0432 0x171c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll17:55:30.0458 0x171c RasMan - ok17:55:30.0477 0x171c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys17:55:30.0481 0x171c RasPppoe - ok17:55:30.0494 0x171c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys17:55:30.0497 0x171c RasSstp - ok17:55:30.0531 0x171c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys17:55:30.0548 0x171c rdbss - ok17:55:30.0565 0x171c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys17:55:30.0567 0x171c rdpbus - ok17:55:30.0587 0x171c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys17:55:30.0587 0x171c RDPCDD - ok17:55:30.0598 0x171c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys17:55:30.0599 0x171c RDPENCDD - ok17:55:30.0607 0x171c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys17:55:30.0608 0x171c RDPREFMP - ok17:55:30.0651 0x171c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys17:55:30.0660 0x171c RDPWD - ok17:55:30.0675 0x171c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys17:55:30.0680 0x171c rdyboost - ok17:55:30.0699 0x171c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll17:55:30.0703 0x171c RemoteAccess - ok17:55:30.0732 0x171c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll17:55:30.0749 0x171c RemoteRegistry - ok17:55:30.0761 0x171c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll17:55:30.0765 0x171c RpcEptMapper - ok17:55:30.0786 0x171c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe17:55:30.0788 0x171c RpcLocator - ok17:55:30.0817 0x171c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll17:55:30.0828 0x171c RpcSs - ok17:55:30.0856 0x171c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys17:55:30.0858 0x171c rspndr - ok17:55:30.0934 0x171c [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys17:55:30.0951 0x171c RTL8167 - ok17:55:31.0010 0x171c [ 2ADA9F126235A56EDC9F90C888E4D142, 4CE692D045F6F8A7A1D309376648E81066F6EBAF94580F2ED0B0FFC1FE6FE44E ] RZMAELSTROMVADService C:\Windows\system32\drivers\RzMaelstromVAD.sys17:55:31.0011 0x171c RZMAELSTROMVADService - ok17:55:31.0423 0x171c [ 0436A7489D3FB6D2BACB37415A6BF4C4, 2938240D828F7F67D51BAB2ACF9B6808013511B98C1AEC0D3755B66655329D31 ] RzMaelstromVADStreamingService C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe17:55:31.0472 0x171c RzMaelstromVADStreamingService - ok17:55:31.0489 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe17:55:31.0491 0x171c SamSs - ok17:55:31.0514 0x171c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys17:55:31.0516 0x171c sbp2port - ok17:55:31.0554 0x171c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll17:55:31.0571 0x171c SCardSvr - ok17:55:31.0582 0x171c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys17:55:31.0584 0x171c scfilter - ok17:55:31.0628 0x171c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll17:55:31.0671 0x171c Schedule - ok17:55:31.0693 0x171c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll17:55:31.0695 0x171c SCPolicySvc - ok17:55:31.0708 0x171c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll17:55:31.0723 0x171c SDRSVC - ok17:55:31.0744 0x171c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys17:55:31.0745 0x171c secdrv - ok17:55:31.0758 0x171c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll17:55:31.0760 0x171c seclogon - ok17:55:31.0773 0x171c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll17:55:31.0776 0x171c SENS - ok17:55:31.0785 0x171c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll17:55:31.0788 0x171c SensrSvc - ok17:55:31.0822 0x171c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys17:55:31.0823 0x171c Serenum - ok17:55:31.0862 0x171c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys17:55:31.0865 0x171c Serial - ok17:55:31.0888 0x171c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys17:55:31.0890 0x171c sermouse - ok17:55:31.0914 0x171c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll17:55:31.0919 0x171c SessionEnv - ok17:55:31.0932 0x171c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys17:55:31.0933 0x171c sffdisk - ok17:55:31.0940 0x171c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys17:55:31.0941 0x171c sffp_mmc - ok17:55:31.0950 0x171c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys17:55:31.0951 0x171c sffp_sd - ok17:55:31.0964 0x171c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys17:55:31.0965 0x171c sfloppy - ok17:55:32.0000 0x171c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll17:55:32.0017 0x171c SharedAccess - ok17:55:32.0038 0x171c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll17:55:32.0055 0x171c ShellHWDetection - ok17:55:32.0079 0x171c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys17:55:32.0081 0x171c SiSRaid2 - ok17:55:32.0105 0x171c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys17:55:32.0108 0x171c SiSRaid4 - ok17:55:32.0285 0x171c [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe17:55:32.0289 0x171c SkypeUpdate - ok17:55:32.0411 0x171c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys17:55:32.0454 0x171c Smb - ok17:55:32.0529 0x171c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe17:55:32.0534 0x171c SNMPTRAP - ok17:55:32.0550 0x171c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys17:55:32.0552 0x171c spldr - ok17:55:32.0621 0x171c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe17:55:32.0664 0x171c Spooler - ok17:55:32.0832 0x171c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe17:55:32.0990 0x171c sppsvc - ok17:55:33.0012 0x171c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll17:55:33.0016 0x171c sppuinotify - ok17:55:33.0071 0x171c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys17:55:33.0097 0x171c srv - ok17:55:33.0121 0x171c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys17:55:33.0149 0x171c srv2 - ok17:55:33.0219 0x171c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys17:55:33.0252 0x171c srvnet - ok17:55:33.0349 0x171c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll17:55:33.0378 0x171c SSDPSRV - ok17:55:33.0392 0x171c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll17:55:33.0399 0x171c SstpSvc - ok17:55:33.0484 0x171c [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe17:55:33.0515 0x171c Steam Client Service - ok17:55:33.0610 0x171c [ 718D79F2E7EC3AFFD3661DA81F93BBEA, BA2A4E58E5EE06392EE6F4C2E738DC807EC5A8B9F6DD4B7935FE27CBC648E390 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe17:55:33.0635 0x171c Stereo Service - ok17:55:33.0662 0x171c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys17:55:33.0664 0x171c stexstor - ok17:55:33.0723 0x171c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll17:55:33.0757 0x171c stisvc - ok17:55:33.0770 0x171c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys17:55:33.0771 0x171c swenum - ok17:55:33.0815 0x171c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll17:55:33.0840 0x171c swprv - ok17:55:33.0927 0x171c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll17:55:33.0990 0x171c SysMain - ok17:55:34.0004 0x171c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll17:55:34.0008 0x171c TabletInputService - ok17:55:34.0045 0x171c [ 7B2A2B2D4AFA76C74EB77C5DD13E3011, EC2927200637370F78B7B82EB4EC520CFE1F95C608FED6767DFD665682D7CC6B ] taphss6 C:\Windows\system32\DRIVERS\taphss6.sys17:55:34.0046 0x171c taphss6 - ok17:55:34.0080 0x171c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll17:55:34.0098 0x171c TapiSrv - ok17:55:34.0110 0x171c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll17:55:34.0113 0x171c TBS - ok17:55:34.0234 0x171c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys17:55:34.0310 0x171c Tcpip - ok17:55:34.0416 0x171c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys17:55:34.0443 0x171c TCPIP6 - ok17:55:34.0489 0x171c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys17:55:34.0491 0x171c tcpipreg - ok17:55:34.0519 0x171c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys17:55:34.0520 0x171c TDPIPE - ok17:55:34.0551 0x171c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys17:55:34.0552 0x171c TDTCP - ok17:55:34.0575 0x171c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys17:55:34.0581 0x171c tdx - ok17:55:34.0598 0x171c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys17:55:34.0601 0x171c TermDD - ok17:55:34.0654 0x171c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll17:55:34.0689 0x171c TermService - ok17:55:34.0701 0x171c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll17:55:34.0705 0x171c Themes - ok17:55:34.0731 0x171c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll17:55:34.0733 0x171c THREADORDER - ok17:55:34.0745 0x171c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll17:55:34.0749 0x171c TrkWks - ok17:55:34.0798 0x171c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe17:55:34.0811 0x171c TrustedInstaller - ok17:55:34.0856 0x171c [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys17:55:34.0859 0x171c tssecsrv - ok17:55:34.0892 0x171c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys17:55:34.0894 0x171c TsUsbFlt - ok17:55:34.0924 0x171c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys17:55:34.0926 0x171c TsUsbGD - ok17:55:34.0959 0x171c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys17:55:34.0963 0x171c tunnel - ok17:55:34.0979 0x171c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys17:55:34.0981 0x171c uagp35 - ok17:55:35.0009 0x171c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys17:55:35.0026 0x171c udfs - ok17:55:35.0059 0x171c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe17:55:35.0063 0x171c UI0Detect - ok17:55:35.0088 0x171c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys17:55:35.0091 0x171c uliagpkx - ok17:55:35.0114 0x171c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys17:55:35.0116 0x171c umbus - ok17:55:35.0142 0x171c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys17:55:35.0144 0x171c UmPass - ok17:55:35.0222 0x171c [ D97EA14DEB32AB92CF0A405F53B9C984, DE66995B59CE24B0499891055BF7F820F5637840C4C47F26D0FACC9EA1E57E15 ] Update trolatunt C:\Program Files (x86)\trolatunt\updatetrolatunt.exe17:55:35.0226 0x171c Update trolatunt - ok17:55:35.0251 0x171c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll17:55:35.0268 0x171c upnphost - ok17:55:35.0324 0x171c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys17:55:35.0331 0x171c usbaudio - ok17:55:35.0361 0x171c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys17:55:35.0364 0x171c usbccgp - ok17:55:35.0408 0x171c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys17:55:35.0416 0x171c usbcir - ok17:55:35.0462 0x171c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys17:55:35.0467 0x171c usbehci - ok17:55:35.0541 0x171c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys17:55:35.0567 0x171c usbhub - ok17:55:35.0610 0x171c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys17:55:35.0612 0x171c usbohci - ok17:55:35.0649 0x171c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys17:55:35.0652 0x171c usbprint - ok17:55:35.0701 0x171c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS17:55:35.0707 0x171c USBSTOR - ok17:55:35.0735 0x171c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys17:55:35.0738 0x171c usbuhci - ok17:55:35.0853 0x171c [ D97EA14DEB32AB92CF0A405F53B9C984, DE66995B59CE24B0499891055BF7F820F5637840C4C47F26D0FACC9EA1E57E15 ] Util trolatunt C:\Program Files Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841211 Share Posted June 13, 2014 (x86)\trolatunt\bin\utiltrolatunt.exe17:55:35.0871 0x171c Util trolatunt - ok17:55:35.0901 0x171c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll17:55:35.0906 0x171c UxSms - ok17:55:35.0920 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe17:55:35.0923 0x171c VaultSvc - ok17:55:35.0956 0x171c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys17:55:35.0958 0x171c vdrvroot - ok17:55:35.0997 0x171c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe17:55:36.0025 0x171c vds - ok17:55:36.0051 0x171c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys17:55:36.0052 0x171c vga - ok17:55:36.0066 0x171c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys17:55:36.0067 0x171c VgaSave - ok17:55:36.0082 0x171c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys17:55:36.0097 0x171c vhdmp - ok17:55:36.0128 0x171c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys17:55:36.0129 0x171c viaide - ok17:55:36.0156 0x171c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys17:55:36.0157 0x171c volmgr - ok17:55:36.0179 0x171c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys17:55:36.0196 0x171c volmgrx - ok17:55:36.0204 0x171c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys17:55:36.0210 0x171c volsnap - ok17:55:36.0260 0x171c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys17:55:36.0277 0x171c vsmraid - ok17:55:36.0361 0x171c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe17:55:36.0437 0x171c VSS - ok17:55:36.0451 0x171c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys17:55:36.0452 0x171c vwifibus - ok17:55:36.0495 0x171c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll17:55:36.0525 0x171c W32Time - ok17:55:36.0628 0x171c [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll17:55:36.0662 0x171c W3SVC - ok17:55:36.0690 0x171c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys17:55:36.0693 0x171c WacomPen - ok17:55:36.0728 0x171c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys17:55:36.0732 0x171c WANARP - ok17:55:36.0740 0x171c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys17:55:36.0743 0x171c Wanarpv6 - ok17:55:36.0793 0x171c [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll17:55:36.0808 0x171c WAS - ok17:55:36.0933 0x171c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe17:55:36.0991 0x171c WatAdminSvc - ok17:55:37.0079 0x171c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe17:55:37.0158 0x171c wbengine - ok17:55:37.0216 0x171c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll17:55:37.0237 0x171c WbioSrvc - ok17:55:37.0263 0x171c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll17:55:37.0293 0x171c wcncsvc - ok17:55:37.0311 0x171c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll17:55:37.0317 0x171c WcsPlugInService - ok17:55:37.0346 0x171c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys17:55:37.0347 0x171c Wd - ok17:55:37.0429 0x171c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys17:55:37.0461 0x171c Wdf01000 - ok17:55:37.0497 0x171c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll17:55:37.0503 0x171c WdiServiceHost - ok17:55:37.0508 0x171c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll17:55:37.0512 0x171c WdiSystemHost - ok17:55:37.0554 0x171c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll17:55:37.0635 0x171c WebClient - ok17:55:37.0711 0x171c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll17:55:37.0738 0x171c Wecsvc - ok17:55:37.0757 0x171c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll17:55:37.0765 0x171c wercplsupport - ok17:55:37.0793 0x171c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll17:55:37.0800 0x171c WerSvc - ok17:55:37.0827 0x171c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys17:55:37.0829 0x171c WfpLwf - ok17:55:37.0851 0x171c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys17:55:37.0853 0x171c WIMMount - ok17:55:37.0876 0x171c WinDefend - ok17:55:37.0884 0x171c WinHttpAutoProxySvc - ok17:55:37.0953 0x171c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll17:55:37.0977 0x171c Winmgmt - ok17:55:38.0107 0x171c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll17:55:38.0192 0x171c WinRM - ok17:55:38.0244 0x171c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys17:55:38.0245 0x171c WinUsb - ok17:55:38.0306 0x171c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll17:55:38.0344 0x171c Wlansvc - ok17:55:38.0524 0x171c [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE17:55:38.0658 0x171c wlidsvc - ok17:55:38.0681 0x171c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys17:55:38.0682 0x171c WmiAcpi - ok17:55:38.0715 0x171c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe17:55:38.0731 0x171c wmiApSrv - ok17:55:38.0745 0x171c WMPNetworkSvc - ok17:55:38.0765 0x171c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll17:55:38.0769 0x171c WPCSvc - ok17:55:38.0787 0x171c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll17:55:38.0793 0x171c WPDBusEnum - ok17:55:38.0818 0x171c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys17:55:38.0819 0x171c ws2ifsl - ok17:55:38.0831 0x171c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll17:55:38.0836 0x171c wscsvc - ok17:55:38.0839 0x171c WSearch - ok17:55:38.0962 0x171c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll17:55:39.0067 0x171c wuauserv - ok17:55:39.0092 0x171c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys17:55:39.0096 0x171c WudfPf - ok17:55:39.0115 0x171c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys17:55:39.0131 0x171c WUDFRd - ok17:55:39.0175 0x171c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll17:55:39.0181 0x171c wudfsvc - ok17:55:39.0239 0x171c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll17:55:39.0259 0x171c WwanSvc - ok17:55:39.0301 0x171c [ 76CAA5E5ACE91F0095934A779CFE0C99, 704B1C76D7E3E693A23C3BA0DD11EC1A7D1F5B3F96E9EF9D6F1EC0BC7C499257 ] {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64 C:\Windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys17:55:39.0304 0x171c {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64 - ok17:55:39.0358 0x171c [ 3A403CD22F606E8E9327024270FA4C4D, 954B6940414066861CF844684D2B902AAD0B255CD865FAF6EF0666FEAC943829 ] {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64 C:\Windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys17:55:39.0361 0x171c {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64 - ok17:55:39.0380 0x171c ================ Scan global ===============================17:55:39.0408 0x171c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll17:55:39.0459 0x171c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll17:55:39.0493 0x171c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll17:55:39.0532 0x171c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll17:55:39.0572 0x171c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe17:55:39.0603 0x171c [ Global ] - ok17:55:39.0603 0x171c ================ Scan MBR ==================================17:55:39.0618 0x171c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR117:55:39.0773 0x171c \Device\Harddisk1\DR1 - ok17:55:39.0777 0x171c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR017:55:39.0813 0x171c \Device\Harddisk0\DR0 - ok17:55:39.0814 0x171c ================ Scan VBR ==================================17:55:39.0818 0x171c [ B8CC7E20D9A32260B568D256A2C71001 ] \Device\Harddisk1\DR1\Partition117:55:39.0820 0x171c \Device\Harddisk1\DR1\Partition1 - ok17:55:39.0826 0x171c [ 5D65B3B44E27A06242D778D5F24B045C ] \Device\Harddisk1\DR1\Partition217:55:39.0828 0x171c \Device\Harddisk1\DR1\Partition2 - ok17:55:39.0833 0x171c [ B75D63009C4A70505FCFFB595184B60C ] \Device\Harddisk0\DR0\Partition117:55:39.0891 0x171c \Device\Harddisk0\DR0\Partition1 - ok17:55:39.0892 0x171c ================ Scan generic autorun ======================17:55:40.0046 0x171c [ 5EA707336336DDFADE5FD3726CEA1523, 6136D88012140B3A43C7DC6CD0CBDB867BC6BA62D718269B73ED9F1B340F6768 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe17:55:40.0080 0x171c NvBackend - ok17:55:40.0108 0x171c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe17:55:40.0110 0x171c ShadowPlay - ok17:55:40.0335 0x171c [ 5CA0EB9538C6ACEBDC3593FC53527B9D, 35AC60899254C7414FF42BCDA4165FB58F6369BD5EDCAC24EBB1B5A095664CAC ] C:\Program Files\AVAST Software\Avast\AvastUI.exe17:55:40.0491 0x171c AvastUI.exe - ok17:55:40.0549 0x171c [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe17:55:40.0558 0x171c SunJavaUpdateSched - ok17:55:40.0758 0x171c [ 05F2602C3F1E68D8B3F91CE47AA49C82, 508B474FEFDC100B3D579786C4D0470BE94DDD3CBFDAA9083B29237EA194C1DE ] C:\Program Files (x86)\RaidCall\raidcall.exe17:55:40.0798 0x171c RaidCall - ok17:55:40.0946 0x171c [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe17:55:40.0988 0x171c DAEMON Tools Lite - ok17:55:40.0991 0x171c Waiting for KSN requests completion. In queue: 4917:55:41.0992 0x171c Waiting for KSN requests completion. In queue: 4917:55:42.0992 0x171c Waiting for KSN requests completion. In queue: 4917:55:44.0043 0x171c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )17:55:44.0054 0x171c Win FW state via NFP2: enabled17:55:46.0733 0x171c ============================================================17:55:46.0733 0x171c Scan finished17:55:46.0733 0x171c ============================================================17:55:46.0746 0x1628 Detected object count: 017:55:46.0746 0x1628 Actual detected object count: 017:55:52.0733 0x0d2c Deinitialize success Link to post Share on other sites More sharing options...
kevinf80 Posted June 13, 2014 ID:841223 Share Posted June 13, 2014 Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/ Quit all running programs.For Windows XP, double-click to start.For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.Read and accept the EULA (End User Licene Agreement)Click Scan to scan the system.When the scan completes Close the program > Don't Fix anything!Post back the report which should be located on your desktop. Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841230 Share Posted June 13, 2014 RogueKiller V9.0.2.0 [Jun 3 2014] by Adlice Softwaremail : http://www.adlice.com/contact/Feedback : http://forum.adlice.comWebsite : http://www.adlice.com/softwares/roguekiller/Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits versionStarted in : Normal modeUser : Curt [Admin rights]Mode : Scan -- Date : 06/13/2014 18:42:15 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 6 ¤¤¤[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0 -> FOUND[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> FOUND[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> FOUND ¤¤¤ Scheduled tasks : 2 ¤¤¤[suspicious.Path] \\{0E80C62A-70B4-4A3B-A498-304C8BC09F0C} -- C:\Windows\system32\pcalua.exe (-a "C:\Users\Curt\Downloads\dotnetfx35setup (2).exe" -d C:\Users\Curt\Downloads) -> FOUND[suspicious.Path] \\{DE8E483F-6CB4-4008-BD04-0A5781289A15} -- C:\Windows\system32\pcalua.exe (-a C:\Users\Curt\Downloads\vcredist_x86.exe -d C:\Users\Curt\Downloads) -> FOUND ¤¤¤ Files : 1 ¤¤¤[suspicious.Path][File] Curse.lnk -- C:\Users\Curt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [LNK@] C:\Users\Curt\AppData\Roaming\CURSEC~1\Bin\Curse.exe /startup -> FOUND ¤¤¤ HOSTS File : 1 ¤¤¤[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost ¤¤¤ Antirootkit : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ MBR Check : ¤¤¤+++++ PhysicalDrive0: TOSHIBA DT01ACA100 ATA Device +++++--- User ---[MBR] 22573ad624aee0641716040eee8103d5[bSP] 4a38cdfb4c0d50184385f8f7170579d7 : Windows Vista/7/8 MBR CodePartition table:0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MBUser = LL1 ... OKUser = LL2 ... OK +++++ PhysicalDrive1: Maxtor 6L080M0 ATA Device +++++--- User ---[MBR] a096714f892896b9854b7f16982d69fa[bSP] a35c8b04745775ccf1428e71798e6372 : Windows Vista/7/8 MBR CodePartition table:0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 76191 MBUser = LL1 ... OKUser = LL2 ... OK +++++ PhysicalDrive2: Multiple Card Reader USB Device +++++Error reading User MBR! ([15] The device is not ready. )Error reading LL1 MBR! NOT VALID!Error reading LL2 MBR! ([32] The request is not supported. ) ============================================RKreport_SCN_06132014_183907.log Link to post Share on other sites More sharing options...
kevinf80 Posted June 13, 2014 ID:841252 Share Posted June 13, 2014 Read the following link before we continue and run Combofix: ComboFix usage, Questions, Help? - Look here Next, Delete any versions of Combofix that you may have on your Desktop, download a fresh copy from either of the following links :- http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.infospyware.net/antimalware/combofix/ Ensure that Combofix is saved directly to the Desktop <--- Very important Disable all security programs as they will have a negative effect on Combofix, instructions available here http://www.bleepingcomputer.com/forums/topic114351.html if required. Be aware the list may not have all programs listed, if you need more help please ask. Close any open browsers and any other programs you might have running Double click the icon to run the tool (Vista or Windows 7 users right click and select "Run as Administrator) Instructions for running Combofix available here http://www.bleepingcomputer.com/combofix/how-to-use-combofix if required. If you are using windows XP It might display a pop up saying that "Recovery console is not installed, do you want to install?" Please select yes & let it download the files it needs to do this. Once the recovery console is installed Combofix will then offer to scan for malware. Select continue or yes. When finished, it will produce a report for you. Please post the "C:\ComboFix.txt" for further review ****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze **** Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell us when you reply. Read here http://thespykiller.co.uk/index.php?page=20 why disabling autoruns is recommended. *EXTRA NOTES* If Combofix detects any Rootkit/Bootkit activity on your system it will give a warning and prompt for a reboot, you must allow it to do so. If Combofix reboot's due to a rootkit, the screen may stay black for several minutes on reboot, this is normal If after running Combofix you receive any type of warning message about registry key's being listed for deletion when trying to open certain items, reboot the system and this will fix the issue (Those items will not be deleted) Post the log in next reply please... Kevin Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841260 Share Posted June 13, 2014 ComboFix 14-06-13.01 - Curt 13/06/2014 19:45:18.2.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.8130.5846 [GMT 1:00]Running from: c:\users\Curt\Desktop\ComboFix.exeAV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}..((((((((((((((((((((((((( Files Created from 2014-05-13 to 2014-06-13 )))))))))))))))))))))))))))))))..2014-06-13 18:49 . 2014-06-13 18:49 -------- d-----w- c:\users\Default\AppData\Local\temp2014-06-13 17:33 . 2014-06-13 17:33 -------- d-----w- c:\programdata\RogueKiller2014-06-13 17:33 . 2014-06-13 17:33 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92A78368-62C8-4F4F-A0DD-901C859AAAF0}\offreg.dll2014-06-13 12:13 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92A78368-62C8-4F4F-A0DD-901C859AAAF0}\mpengine.dll2014-06-12 14:41 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll2014-06-12 14:41 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll2014-06-12 14:41 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll2014-06-12 14:41 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll2014-06-12 14:41 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll2014-06-12 14:41 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll2014-06-12 14:41 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll2014-06-12 14:41 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe2014-06-12 14:41 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll2014-06-12 14:41 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll2014-06-12 14:41 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll2014-06-12 14:41 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe2014-06-11 12:45 . 2014-06-11 12:46 -------- d-----w- C:\AdwCleaner2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\SysWow64\BestPractices2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\system32\BestPractices2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- C:\inetpub2014-06-11 10:56 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll2014-06-11 10:56 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll2014-06-11 10:56 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys2014-06-11 10:56 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS2014-06-11 10:56 . 2014-03-26 14:44 2002432 ----a-w- c:\windows\system32\msxml6.dll2014-06-11 10:56 . 2014-03-26 14:44 1882112 ----a-w- c:\windows\system32\msxml3.dll2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll2014-06-11 10:56 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll2014-06-11 10:56 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll2014-06-11 10:51 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll2014-06-11 10:51 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll2014-06-10 01:05 . 2014-06-09 10:54 61112 ----a-w- c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys2014-06-08 20:31 . 2014-06-05 13:07 61112 ----a-w- c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys2014-06-08 19:26 . 2014-06-13 17:09 -------- d-----w- c:\program files (x86)\trolatunt2014-06-08 19:18 . 2014-06-08 19:26 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys2014-06-08 19:18 . 2014-06-08 19:27 -------- d-----w- c:\users\Curt\AppData\Roaming\DAEMON Tools Lite2014-06-08 19:18 . 2014-06-08 19:18 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite2014-06-08 19:17 . 2014-06-08 19:17 -------- d-----w- c:\programdata\DAEMON Tools Lite2014-05-31 16:49 . 2014-05-31 16:49 -------- d-----w- c:\programdata\RzMaelstromVAD_1.1.58.18542014-05-31 16:46 . 2014-05-31 16:46 -------- d-----w- c:\program files (x86)\Razer2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\users\Curt\AppData\Local\Razer2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\programdata\Razer2014-05-26 20:21 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe2014-05-26 20:20 . 2014-05-14 23:49 3774821 ----a-w- c:\windows\system32\nvcoproc.bin2014-05-26 20:03 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys2014-05-26 20:03 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll2014-05-25 12:30 . 2014-06-09 12:54 -------- d-----w- c:\programdata\AllSavier2014-05-23 11:02 . 2014-05-23 11:02 136704 ----a-w- c:\windows\SysWow64\RzVAD.dll2014-05-23 10:34 . 2014-05-23 10:34 32768 ----a-w- c:\windows\system32\drivers\RzMaelstromVAD.sys2014-05-23 10:31 . 2014-05-23 10:31 245760 ----a-w- c:\windows\system32\DriverInstallCACMD.exe2014-05-23 10:31 . 2014-05-23 10:31 69632 ----a-w- c:\windows\system32\DriverInstallCA.dll2014-05-21 21:40 . 2014-05-21 21:40 -------- d-----w- c:\users\Curt\AppData\Local\Packages2014-05-21 21:40 . 2014-06-09 12:55 -------- d-----w- c:\programdata\Isaver2014-05-21 19:02 . 2014-05-21 19:02 -------- d-----w- c:\program files (x86)\Common Files\Skype2014-05-21 14:37 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\AppData\Local\gtk-2.02014-05-21 14:37 . 2014-05-21 14:37 -------- d-----w- c:\users\Curt\.thumbnails2014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\fontconfig2014-05-21 14:36 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\.gimp-2.82014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\gegl-0.22014-05-20 16:12 . 2014-05-26 19:16 -------- d-----w- C:\Ubisoft2014-05-15 15:35 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll2014-05-15 15:35 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll2014-05-15 15:35 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb2014-05-15 15:35 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb2014-05-15 10:06 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll2014-05-15 10:06 . 2014-04-12 02:19 1460736 ----a-w- c:\windows\system32\lsasrv.dll2014-05-15 10:06 . 2014-03-04 09:44 728064 ----a-w- c:\windows\system32\kerberos.dll2014-05-15 10:06 . 2014-03-04 09:20 3969984 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe2014-05-15 10:06 . 2014-03-04 09:17 550912 ----a-w- c:\windows\SysWow64\kerberos.dll2014-05-15 10:06 . 2014-03-04 09:20 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe2014-05-15 10:06 . 2014-03-04 09:43 455168 ----a-w- c:\windows\system32\winlogon.exe2014-05-15 10:06 . 2014-03-04 09:44 314880 ----a-w- c:\windows\system32\msv1_0.dll2014-05-15 10:06 . 2014-03-04 09:17 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll2014-05-15 10:06 . 2014-03-04 09:44 722944 ----a-w- c:\windows\system32\objsel.dll2014-05-15 10:06 . 2014-03-04 09:47 5550016 ----a-w- c:\windows\system32\ntoskrnl.exe...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-05-20 02:44 . 2014-03-11 23:14 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll2014-05-20 02:44 . 2014-01-11 01:55 61216 ----a-w- c:\windows\system32\OpenCL.dll2014-05-20 02:44 . 2014-01-11 01:55 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll2014-05-20 02:44 . 2013-10-27 09:12 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll2014-05-20 02:44 . 2013-10-27 09:12 3109248 ----a-w- c:\windows\system32\nvapi64.dll2014-05-20 02:44 . 2013-10-27 09:12 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll2014-05-20 02:44 . 2009-07-13 21:59 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll2014-05-20 01:25 . 2014-01-11 01:56 6769096 ----a-w- c:\windows\system32\nvcpl.dll2014-05-20 01:25 . 2014-01-11 01:56 3514144 ----a-w- c:\windows\system32\nvsvc64.dll2014-05-20 01:25 . 2014-01-11 01:56 927520 ----a-w- c:\windows\system32\nvvsvc.exe2014-05-20 01:25 . 2014-01-11 01:56 62808 ----a-w- c:\windows\system32\nvshext.dll2014-05-20 01:25 . 2014-01-11 01:56 387528 ----a-w- c:\windows\system32\nvmctray.dll2014-05-14 11:35 . 2014-01-09 23:28 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys2014-05-14 11:35 . 2014-01-09 23:28 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys2014-05-14 11:35 . 2014-01-09 23:28 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys2014-05-14 11:34 . 2014-01-09 23:28 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys2014-05-14 11:34 . 2014-05-14 11:35 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys2014-05-14 11:34 . 2014-01-09 23:28 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2014-05-14 11:34 . 2014-01-09 23:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2014-05-14 11:34 . 2014-01-09 23:28 334648 ----a-w- c:\windows\system32\aswBoot.exe2014-05-14 11:34 . 2014-01-09 23:28 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2014-05-14 11:34 . 2014-05-14 11:34 43152 ----a-w- c:\windows\avastSS.scr2014-05-13 19:57 . 2014-05-13 19:57 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys2014-04-30 18:29 . 2014-01-11 02:16 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll2014-04-30 18:29 . 2014-01-11 02:16 1225920 ----a-w- c:\windows\system32\nvspcap64.dll2014-04-14 19:13 . 2014-05-06 11:28 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2014-03-31 16:42 . 2014-01-11 02:06 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll2014-03-31 08:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-06 3890208]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]"RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2014-03-13 3444424]"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2014-04-17 585048].c:\users\Curt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk - c:\users\Curt\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-5-11 8529160]CurseClientStartup.ccip [2014-1-20 0].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R2 Update trolatunt;Update trolatunt;c:\program files (x86)\trolatunt\updatetrolatunt.exe;c:\program files (x86)\trolatunt\updatetrolatunt.exe [x]R2 Util trolatunt;Util trolatunt;c:\program files (x86)\trolatunt\bin\utiltrolatunt.exe;c:\program files (x86)\trolatunt\bin\utiltrolatunt.exe [x]R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]R3 D-Vitec;D-Vitec Driver;c:\windows\system32\DRIVERS\dvitdcnt.sys;c:\windows\SYSNATIVE\DRIVERS\dvitdcnt.sys [x]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]S0 aswRvrt;avast! Revert; [x]S0 aswVmm;avast! VM Monitor; [x]S1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64;{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64;c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys;c:\windows\SYSNATIVE\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys [x]S1 {0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64;{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64;c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys;c:\windows\SYSNATIVE\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys [x]S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]S2 RzMaelstromVADStreamingService;Razer Surround Audio Service;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [x]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;c:\windows\system32\drivers\RzMaelstromVAD.sys;c:\windows\SYSNATIVE\drivers\RzMaelstromVAD.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]iissvcs REG_MULTI_SZ w3svc wasapphost REG_MULTI_SZ apphostsvc.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-03-15 13:39 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20].2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2014-05-14 11:34 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.google.commStart Page = https://uk.yahoo.com?fr=hp-avast&type=avastbclmLocal Page = c:\windows\SysWOW64\blank.htmTCP: DhcpNameServer = 194.168.4.100 194.168.8.100.- - - - ORPHANS REMOVED - - - -.BHO-{B5967BB4-884D-4973-10D2-8E5DE7B40D10} - (no file)BHO-{F1A6A5DC-6A35-5092-BF41-2D1F10F09C75} - (no file)Wow6432Node-HKLM-Run-<NO NAME> - (no file)AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exeAddRemove-{F1422DAA-0829-09A1-7536-73936CAB8FFA} - c:\programdata\Isaver\7kvU.exeAddRemove-{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} - c:\programdata\AllSavier\AppG.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-2477598826-2005863196-3422311147-1000\Software\SecuROM\License information*]"datasecu"=hex:01,c2,ad,f1,dd,51,0c,7f,e4,ad,99,51,36,f0,c2,a0,5a,fd,b8,96,7a, 10,4c,f9,f6,54,3a,5a,5a,73,e3,fa,df,b7,9c,67,bc,64,f2,83,ae,e9,ba,e4,34,5c,\"rkeysecu"=hex:10,51,70,1f,da,82,73,90,5a,cb,79,1e,13,b7,af,d0.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).Completion time: 2014-06-13 19:50:28ComboFix-quarantined-files.txt 2014-06-13 18:50ComboFix2.txt 2014-06-12 22:29.Pre-Run: 17,596,764,160 bytes freePost-Run: 17,543,696,384 bytes free.- - End Of File - - 805B4A0241DF7555B012E115B63CC33EA36C5E4F47E84449FF07ED3517B43A31 Link to post Share on other sites More sharing options...
kevinf80 Posted June 13, 2014 ID:841269 Share Posted June 13, 2014 1. Close any open browsers.2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.3. Open notepad and copy/paste the text in the Codebox below into it: ClearJavaCache::File::c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sysc:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sysFolder::c:\program files (x86)\trolatuntDriver::Update trolatuntUtil trolatunt{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64Save this as CFScript.txt, and as Type: All Files (*.*) in the same location as ComboFix.exeRefering to the picture above, drag CFScript into ComboFix.exeWhen finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.Next, We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete: Run Eset Online Scanner **Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET. Turn off the real time scanner of any existing antivirus program while performing the online scan click on the Run ESET Online Scanner button Tick the box next to YES, I accept the Terms of Use. Click Start When asked, allow the add/on to be installed Click Start Make sure that the option "Remove found threats" is UNticked Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked. Click Scan wait for the virus definitions to be downloaded Wait for the scan to finish When the scan is complete If no threats were found put a checkmark in "Uninstall application on close" close program report to me that nothing was found If threats were found click on "list of threats found" click on "export to text file" and save it as ESET SCAN and save to the desktop Click on back put a checkmark in "Uninstall application on close" click on finish close program Copy and paste the report in next reply. Let me see those two logs, also give an update on any remaining issues or concerns... Kevin Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841309 Share Posted June 13, 2014 ComboFix 14-06-13.01 - Curt 13/06/2014 20:27:25.3.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.8130.5926 [GMT 1:00]Running from: c:\users\Curt\Desktop\ComboFix.exeCommand switches used :: c:\users\Curt\Desktop\CFScript.txtAV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.FILE ::"c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys""c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys"..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\program files (x86)\trolatuntc:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sysc:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Legacy_{0C0BB4A8-45A4-4685-9C1D-08D98AF4B926}GW64-------\Legacy_{0C0BB4A8-45A4-4685-9C1D-08D98AF4B926}W64-------\Service_{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64-------\Service_{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64-------\Service_Update trolatunt-------\Service_Util trolatunt..((((((((((((((((((((((((( Files Created from 2014-05-13 to 2014-06-13 )))))))))))))))))))))))))))))))..2014-06-13 19:30 . 2014-06-13 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp2014-06-13 17:33 . 2014-06-13 17:33 -------- d-----w- c:\programdata\RogueKiller2014-06-13 12:13 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92A78368-62C8-4F4F-A0DD-901C859AAAF0}\mpengine.dll2014-06-12 14:41 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll2014-06-12 14:41 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll2014-06-12 14:41 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll2014-06-12 14:41 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll2014-06-12 14:41 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll2014-06-12 14:41 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll2014-06-12 14:41 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll2014-06-12 14:41 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe2014-06-12 14:41 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll2014-06-12 14:41 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll2014-06-12 14:41 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll2014-06-12 14:41 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe2014-06-11 12:45 . 2014-06-11 12:46 -------- d-----w- C:\AdwCleaner2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\SysWow64\BestPractices2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\system32\BestPractices2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- C:\inetpub2014-06-11 10:56 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll2014-06-11 10:56 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll2014-06-11 10:56 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys2014-06-11 10:56 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS2014-06-11 10:56 . 2014-03-26 14:44 2002432 ----a-w- c:\windows\system32\msxml6.dll2014-06-11 10:56 . 2014-03-26 14:44 1882112 ----a-w- c:\windows\system32\msxml3.dll2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll2014-06-11 10:56 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll2014-06-11 10:56 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll2014-06-11 10:51 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll2014-06-11 10:51 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll2014-06-08 19:18 . 2014-06-08 19:26 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys2014-06-08 19:18 . 2014-06-08 19:27 -------- d-----w- c:\users\Curt\AppData\Roaming\DAEMON Tools Lite2014-06-08 19:18 . 2014-06-08 19:18 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite2014-06-08 19:17 . 2014-06-08 19:17 -------- d-----w- c:\programdata\DAEMON Tools Lite2014-05-31 16:49 . 2014-05-31 16:49 -------- d-----w- c:\programdata\RzMaelstromVAD_1.1.58.18542014-05-31 16:46 . 2014-05-31 16:46 -------- d-----w- c:\program files (x86)\Razer2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\users\Curt\AppData\Local\Razer2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\programdata\Razer2014-05-26 20:21 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe2014-05-26 20:20 . 2014-05-14 23:49 3774821 ----a-w- c:\windows\system32\nvcoproc.bin2014-05-26 20:03 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys2014-05-26 20:03 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll2014-05-25 12:30 . 2014-06-09 12:54 -------- d-----w- c:\programdata\AllSavier2014-05-23 11:02 . 2014-05-23 11:02 136704 ----a-w- c:\windows\SysWow64\RzVAD.dll2014-05-23 10:34 . 2014-05-23 10:34 32768 ----a-w- c:\windows\system32\drivers\RzMaelstromVAD.sys2014-05-23 10:31 . 2014-05-23 10:31 245760 ----a-w- c:\windows\system32\DriverInstallCACMD.exe2014-05-23 10:31 . 2014-05-23 10:31 69632 ----a-w- c:\windows\system32\DriverInstallCA.dll2014-05-21 21:40 . 2014-05-21 21:40 -------- d-----w- c:\users\Curt\AppData\Local\Packages2014-05-21 21:40 . 2014-06-09 12:55 -------- d-----w- c:\programdata\Isaver2014-05-21 19:02 . 2014-05-21 19:02 -------- d-----w- c:\program files (x86)\Common Files\Skype2014-05-21 14:37 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\AppData\Local\gtk-2.02014-05-21 14:37 . 2014-05-21 14:37 -------- d-----w- c:\users\Curt\.thumbnails2014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\fontconfig2014-05-21 14:36 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\.gimp-2.82014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\gegl-0.22014-05-20 16:12 . 2014-05-26 19:16 -------- d-----w- C:\Ubisoft2014-05-15 15:35 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll2014-05-15 15:35 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll2014-05-15 15:35 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb2014-05-15 15:35 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb2014-05-15 10:06 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll2014-05-15 10:06 . 2014-04-12 02:19 1460736 ----a-w- c:\windows\system32\lsasrv.dll2014-05-15 10:06 . 2014-03-04 09:44 728064 ----a-w- c:\windows\system32\kerberos.dll2014-05-15 10:06 . 2014-03-04 09:20 3969984 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe2014-05-15 10:06 . 2014-03-04 09:17 550912 ----a-w- c:\windows\SysWow64\kerberos.dll2014-05-15 10:06 . 2014-03-04 09:20 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe2014-05-15 10:06 . 2014-03-04 09:43 455168 ----a-w- c:\windows\system32\winlogon.exe2014-05-15 10:06 . 2014-03-04 09:44 314880 ----a-w- c:\windows\system32\msv1_0.dll2014-05-15 10:06 . 2014-03-04 09:17 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll2014-05-15 10:06 . 2014-03-04 09:44 722944 ----a-w- c:\windows\system32\objsel.dll2014-05-15 10:06 . 2014-03-04 09:47 5550016 ----a-w- c:\windows\system32\ntoskrnl.exe...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-05-20 02:44 . 2014-03-11 23:14 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll2014-05-20 02:44 . 2014-01-11 01:55 61216 ----a-w- c:\windows\system32\OpenCL.dll2014-05-20 02:44 . 2014-01-11 01:55 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll2014-05-20 02:44 . 2013-10-27 09:12 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll2014-05-20 02:44 . 2013-10-27 09:12 3109248 ----a-w- c:\windows\system32\nvapi64.dll2014-05-20 02:44 . 2013-10-27 09:12 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll2014-05-20 02:44 . 2009-07-13 21:59 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll2014-05-20 01:25 . 2014-01-11 01:56 6769096 ----a-w- c:\windows\system32\nvcpl.dll2014-05-20 01:25 . 2014-01-11 01:56 3514144 ----a-w- c:\windows\system32\nvsvc64.dll2014-05-20 01:25 . 2014-01-11 01:56 927520 ----a-w- c:\windows\system32\nvvsvc.exe2014-05-20 01:25 . 2014-01-11 01:56 62808 ----a-w- c:\windows\system32\nvshext.dll2014-05-20 01:25 . 2014-01-11 01:56 387528 ----a-w- c:\windows\system32\nvmctray.dll2014-05-14 11:35 . 2014-01-09 23:28 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys2014-05-14 11:35 . 2014-01-09 23:28 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys2014-05-14 11:35 . 2014-01-09 23:28 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys2014-05-14 11:34 . 2014-01-09 23:28 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys2014-05-14 11:34 . 2014-05-14 11:35 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys2014-05-14 11:34 . 2014-01-09 23:28 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2014-05-14 11:34 . 2014-01-09 23:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2014-05-14 11:34 . 2014-01-09 23:28 334648 ----a-w- c:\windows\system32\aswBoot.exe2014-05-14 11:34 . 2014-01-09 23:28 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2014-05-14 11:34 . 2014-05-14 11:34 43152 ----a-w- c:\windows\avastSS.scr2014-05-13 19:57 . 2014-05-13 19:57 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys2014-04-30 18:29 . 2014-01-11 02:16 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll2014-04-30 18:29 . 2014-01-11 02:16 1225920 ----a-w- c:\windows\system32\nvspcap64.dll2014-04-14 19:13 . 2014-05-06 11:28 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2014-03-31 16:42 . 2014-01-11 02:06 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll2014-03-31 08:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-06 3890208]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]"RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2014-03-13 3444424]"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2014-04-17 585048].c:\users\Curt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk - c:\users\Curt\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-5-11 8529160]CurseClientStartup.ccip [2014-1-20 0].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]R3 D-Vitec;D-Vitec Driver;c:\windows\system32\DRIVERS\dvitdcnt.sys;c:\windows\SYSNATIVE\DRIVERS\dvitdcnt.sys [x]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]S0 aswRvrt;avast! Revert; [x]S0 aswVmm;avast! VM Monitor; [x]S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]S2 RzMaelstromVADStreamingService;Razer Surround Audio Service;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [x]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;c:\windows\system32\drivers\RzMaelstromVAD.sys;c:\windows\SYSNATIVE\drivers\RzMaelstromVAD.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]iissvcs REG_MULTI_SZ w3svc wasapphost REG_MULTI_SZ apphostsvc.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-03-15 13:39 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20].2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2014-05-14 11:34 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.google.commStart Page = https://uk.yahoo.com?fr=hp-avast&type=avastbclmLocal Page = c:\windows\SysWOW64\blank.htmTCP: DhcpNameServer = 194.168.4.100 194.168.8.100.- - - - ORPHANS REMOVED - - - -.BHO-{B5967BB4-884D-4973-10D2-8E5DE7B40D10} - (no file)BHO-{F1A6A5DC-6A35-5092-BF41-2D1F10F09C75} - (no file)Wow6432Node-HKLM-Run-<NO NAME> - (no file)AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exeAddRemove-{F1422DAA-0829-09A1-7536-73936CAB8FFA} - c:\programdata\Isaver\7kvU.exeAddRemove-{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} - c:\programdata\AllSavier\AppG.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-2477598826-2005863196-3422311147-1000\Software\SecuROM\License information*]"datasecu"=hex:01,c2,ad,f1,dd,51,0c,7f,e4,ad,99,51,36,f0,c2,a0,5a,fd,b8,96,7a, 10,4c,f9,f6,54,3a,5a,5a,73,e3,fa,df,b7,9c,67,bc,64,f2,83,ae,e9,ba,e4,34,5c,\"rkeysecu"=hex:10,51,70,1f,da,82,73,90,5a,cb,79,1e,13,b7,af,d0.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files\AVAST Software\Avast\AvastSvc.exec:\windows\SysWOW64\PnkBstrA.exe.**************************************************************************.Completion time: 2014-06-13 20:36:00 - machine was rebootedComboFix-quarantined-files.txt 2014-06-13 19:36ComboFix2.txt 2014-06-13 18:50ComboFix3.txt 2014-06-12 22:29.Pre-Run: 17,599,569,920 bytes freePost-Run: 17,414,639,616 bytes free.- - End Of File - - 1F0ADF26FC30628E2CADA4A76166444FA36C5E4F47E84449FF07ED3517B43A31 ---------------------------------------------------------------------------------------- ComboFix 14-06-13.01 - Curt 13/06/2014 20:27:25.3.4 - x64Microsoft Windows 7 Home Premium 6.1.7601.1.932.81.1033.18.8130.5926 [GMT 1:00]Running from: c:\users\Curt\Desktop\ComboFix.exeCommand switches used :: c:\users\Curt\Desktop\CFScript.txtAV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.FILE ::"c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sys""c:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys"..((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))..c:\program files (x86)\trolatuntc:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64.sysc:\windows\system32\drivers\{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64.sys..((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))..-------\Legacy_{0C0BB4A8-45A4-4685-9C1D-08D98AF4B926}GW64-------\Legacy_{0C0BB4A8-45A4-4685-9C1D-08D98AF4B926}W64-------\Service_{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}Gw64-------\Service_{0c0bb4a8-45a4-4685-9c1d-08d98af4b926}w64-------\Service_Update trolatunt-------\Service_Util trolatunt..((((((((((((((((((((((((( Files Created from 2014-05-13 to 2014-06-13 )))))))))))))))))))))))))))))))..2014-06-13 19:30 . 2014-06-13 19:30 -------- d-----w- c:\users\Default\AppData\Local\temp2014-06-13 17:33 . 2014-06-13 17:33 -------- d-----w- c:\programdata\RogueKiller2014-06-13 12:13 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{92A78368-62C8-4F4F-A0DD-901C859AAAF0}\mpengine.dll2014-06-12 14:41 . 2012-06-01 05:36 192000 ----a-w- c:\windows\system32\iisRtl.dll2014-06-12 14:41 . 2012-06-01 05:34 55296 ----a-w- c:\windows\system32\admwprox.dll2014-06-12 14:41 . 2012-06-01 04:37 154624 ----a-w- c:\windows\SysWow64\iisRtl.dll2014-06-12 14:41 . 2012-06-01 04:35 50688 ----a-w- c:\windows\SysWow64\admwprox.dll2014-06-12 14:41 . 2012-06-01 05:39 14848 ----a-w- c:\windows\system32\wamregps.dll2014-06-12 14:41 . 2012-06-01 05:36 11264 ----a-w- c:\windows\system32\iisrstap.dll2014-06-12 14:41 . 2012-06-01 05:35 60928 ----a-w- c:\windows\system32\ahadmin.dll2014-06-12 14:41 . 2012-06-01 05:33 16896 ----a-w- c:\windows\system32\iisreset.exe2014-06-12 14:41 . 2012-06-01 04:40 10752 ----a-w- c:\windows\SysWow64\wamregps.dll2014-06-12 14:41 . 2012-06-01 04:37 8192 ----a-w- c:\windows\SysWow64\iisrstap.dll2014-06-12 14:41 . 2012-06-01 04:35 26624 ----a-w- c:\windows\SysWow64\ahadmin.dll2014-06-12 14:41 . 2012-06-01 04:34 15360 ----a-w- c:\windows\SysWow64\iisreset.exe2014-06-11 12:45 . 2014-06-11 12:46 -------- d-----w- C:\AdwCleaner2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\SysWow64\BestPractices2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- c:\windows\system32\BestPractices2014-06-11 12:30 . 2014-06-11 12:30 -------- d-----w- C:\inetpub2014-06-11 10:56 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll2014-06-11 10:56 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll2014-06-11 10:56 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys2014-06-11 10:56 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS2014-06-11 10:56 . 2014-03-26 14:44 2002432 ----a-w- c:\windows\system32\msxml6.dll2014-06-11 10:56 . 2014-03-26 14:44 1882112 ----a-w- c:\windows\system32\msxml3.dll2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml6r.dll2014-06-11 10:56 . 2014-03-26 14:41 2048 ----a-w- c:\windows\system32\msxml3r.dll2014-06-11 10:56 . 2014-03-26 14:27 1389056 ----a-w- c:\windows\SysWow64\msxml6.dll2014-06-11 10:56 . 2014-03-26 14:27 1237504 ----a-w- c:\windows\SysWow64\msxml3.dll2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll2014-06-11 10:56 . 2014-03-26 14:25 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll2014-06-11 10:51 . 2014-06-08 09:13 506368 ----a-w- c:\windows\system32\aepdu.dll2014-06-11 10:51 . 2014-06-08 09:08 424448 ----a-w- c:\windows\system32\aeinv.dll2014-06-08 19:18 . 2014-06-08 19:26 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys2014-06-08 19:18 . 2014-06-08 19:27 -------- d-----w- c:\users\Curt\AppData\Roaming\DAEMON Tools Lite2014-06-08 19:18 . 2014-06-08 19:18 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite2014-06-08 19:17 . 2014-06-08 19:17 -------- d-----w- c:\programdata\DAEMON Tools Lite2014-05-31 16:49 . 2014-05-31 16:49 -------- d-----w- c:\programdata\RzMaelstromVAD_1.1.58.18542014-05-31 16:46 . 2014-05-31 16:46 -------- d-----w- c:\program files (x86)\Razer2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\users\Curt\AppData\Local\Razer2014-05-31 16:45 . 2014-05-31 16:45 -------- d-----w- c:\programdata\Razer2014-05-26 20:21 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe2014-05-26 20:20 . 2014-05-14 23:49 3774821 ----a-w- c:\windows\system32\nvcoproc.bin2014-05-26 20:03 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys2014-05-26 20:03 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll2014-05-25 12:30 . 2014-06-09 12:54 -------- d-----w- c:\programdata\AllSavier2014-05-23 11:02 . 2014-05-23 11:02 136704 ----a-w- c:\windows\SysWow64\RzVAD.dll2014-05-23 10:34 . 2014-05-23 10:34 32768 ----a-w- c:\windows\system32\drivers\RzMaelstromVAD.sys2014-05-23 10:31 . 2014-05-23 10:31 245760 ----a-w- c:\windows\system32\DriverInstallCACMD.exe2014-05-23 10:31 . 2014-05-23 10:31 69632 ----a-w- c:\windows\system32\DriverInstallCA.dll2014-05-21 21:40 . 2014-05-21 21:40 -------- d-----w- c:\users\Curt\AppData\Local\Packages2014-05-21 21:40 . 2014-06-09 12:55 -------- d-----w- c:\programdata\Isaver2014-05-21 19:02 . 2014-05-21 19:02 -------- d-----w- c:\program files (x86)\Common Files\Skype2014-05-21 14:37 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\AppData\Local\gtk-2.02014-05-21 14:37 . 2014-05-21 14:37 -------- d-----w- c:\users\Curt\.thumbnails2014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\fontconfig2014-05-21 14:36 . 2014-05-21 15:14 -------- d-----w- c:\users\Curt\.gimp-2.82014-05-21 14:36 . 2014-05-21 14:36 -------- d-----w- c:\users\Curt\AppData\Local\gegl-0.22014-05-20 16:12 . 2014-05-26 19:16 -------- d-----w- C:\Ubisoft2014-05-15 15:35 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll2014-05-15 15:35 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll2014-05-15 15:35 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb2014-05-15 15:35 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb2014-05-15 10:06 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll2014-05-15 10:06 . 2014-04-12 02:19 1460736 ----a-w- c:\windows\system32\lsasrv.dll2014-05-15 10:06 . 2014-03-04 09:44 728064 ----a-w- c:\windows\system32\kerberos.dll2014-05-15 10:06 . 2014-03-04 09:20 3969984 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe2014-05-15 10:06 . 2014-03-04 09:17 550912 ----a-w- c:\windows\SysWow64\kerberos.dll2014-05-15 10:06 . 2014-03-04 09:20 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe2014-05-15 10:06 . 2014-03-04 09:43 455168 ----a-w- c:\windows\system32\winlogon.exe2014-05-15 10:06 . 2014-03-04 09:44 314880 ----a-w- c:\windows\system32\msv1_0.dll2014-05-15 10:06 . 2014-03-04 09:17 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll2014-05-15 10:06 . 2014-03-04 09:44 722944 ----a-w- c:\windows\system32\objsel.dll2014-05-15 10:06 . 2014-03-04 09:47 5550016 ----a-w- c:\windows\system32\ntoskrnl.exe...(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2014-05-20 02:44 . 2014-03-11 23:14 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll2014-05-20 02:44 . 2014-01-11 01:55 61216 ----a-w- c:\windows\system32\OpenCL.dll2014-05-20 02:44 . 2014-01-11 01:55 52056 ----a-w- c:\windows\SysWow64\OpenCL.dll2014-05-20 02:44 . 2013-10-27 09:12 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll2014-05-20 02:44 . 2013-10-27 09:12 3109248 ----a-w- c:\windows\system32\nvapi64.dll2014-05-20 02:44 . 2013-10-27 09:12 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll2014-05-20 02:44 . 2009-07-13 21:59 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll2014-05-20 01:25 . 2014-01-11 01:56 6769096 ----a-w- c:\windows\system32\nvcpl.dll2014-05-20 01:25 . 2014-01-11 01:56 3514144 ----a-w- c:\windows\system32\nvsvc64.dll2014-05-20 01:25 . 2014-01-11 01:56 927520 ----a-w- c:\windows\system32\nvvsvc.exe2014-05-20 01:25 . 2014-01-11 01:56 62808 ----a-w- c:\windows\system32\nvshext.dll2014-05-20 01:25 . 2014-01-11 01:56 387528 ----a-w- c:\windows\system32\nvmctray.dll2014-05-14 11:35 . 2014-01-09 23:28 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys2014-05-14 11:35 . 2014-01-09 23:28 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys2014-05-14 11:35 . 2014-01-09 23:28 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys2014-05-14 11:34 . 2014-01-09 23:28 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys2014-05-14 11:34 . 2014-05-14 11:35 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys2014-05-14 11:34 . 2014-01-09 23:28 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys2014-05-14 11:34 . 2014-01-09 23:28 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys2014-05-14 11:34 . 2014-01-09 23:28 334648 ----a-w- c:\windows\system32\aswBoot.exe2014-05-14 11:34 . 2014-01-09 23:28 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys2014-05-14 11:34 . 2014-05-14 11:34 43152 ----a-w- c:\windows\avastSS.scr2014-05-13 19:57 . 2014-05-13 19:57 42184 ----a-w- c:\windows\system32\drivers\taphss6.sys2014-04-30 18:29 . 2014-01-11 02:16 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll2014-04-30 18:29 . 2014-01-11 02:16 1225920 ----a-w- c:\windows\system32\nvspcap64.dll2014-04-14 19:13 . 2014-05-06 11:28 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll2014-03-31 16:42 . 2014-01-11 02:06 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll2014-03-31 08:35 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe..((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4.[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912].[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-06 3890208]"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]"RaidCall"="c:\program files (x86)\RaidCall\raidcall.exe" [2014-03-13 3444424]"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2014-04-17 585048].c:\users\Curt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk - c:\users\Curt\AppData\Roaming\Curse Client\Bin\Curse.exe /startup [2014-5-11 8529160]CurseClientStartup.ccip [2014-1-20 0].[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]"ConsentPromptBehaviorAdmin"= 5 (0x5)"ConsentPromptBehaviorUser"= 3 (0x3)"EnableUIADesktopToggle"= 0 (0x0).[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]"LoadAppInit_DLLs"=1 (0x1).R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]R3 D-Vitec;D-Vitec Driver;c:\windows\system32\DRIVERS\dvitdcnt.sys;c:\windows\SYSNATIVE\DRIVERS\dvitdcnt.sys [x]R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]S0 aswRvrt;avast! Revert; [x]S0 aswVmm;avast! VM Monitor; [x]S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [x]S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]S2 RzMaelstromVADStreamingService;Razer Surround Audio Service;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe;c:\programdata\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [x]S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]S3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;c:\windows\system32\drivers\RzMaelstromVAD.sys;c:\windows\SYSNATIVE\drivers\RzMaelstromVAD.sys [x]..[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]iissvcs REG_MULTI_SZ w3svc wasapphost REG_MULTI_SZ apphostsvc.[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]2014-03-15 13:39 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe.Contents of the 'Scheduled Tasks' folder.2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20].2014-06-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-09 23:20]..--------- X64 Entries -----------..[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]@="{472083B0-C522-11CF-8763-00608CC02F24}"[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]2014-05-14 11:34 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll.[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920].------- Supplementary Scan -------.uLocal Page = c:\windows\system32\blank.htmuStart Page = hxxp://www.google.commStart Page = https://uk.yahoo.com?fr=hp-avast&type=avastbclmLocal Page = c:\windows\SysWOW64\blank.htmTCP: DhcpNameServer = 194.168.4.100 194.168.8.100.- - - - ORPHANS REMOVED - - - -.BHO-{B5967BB4-884D-4973-10D2-8E5DE7B40D10} - (no file)BHO-{F1A6A5DC-6A35-5092-BF41-2D1F10F09C75} - (no file)Wow6432Node-HKLM-Run-<NO NAME> - (no file)AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exeAddRemove-{F1422DAA-0829-09A1-7536-73936CAB8FFA} - c:\programdata\Isaver\7kvU.exeAddRemove-{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} - c:\programdata\AllSavier\AppG.exe...--------------------- LOCKED REGISTRY KEYS ---------------------.[HKEY_USERS\S-1-5-21-2477598826-2005863196-3422311147-1000\Software\SecuROM\License information*]"datasecu"=hex:01,c2,ad,f1,dd,51,0c,7f,e4,ad,99,51,36,f0,c2,a0,5a,fd,b8,96,7a, 10,4c,f9,f6,54,3a,5a,5a,73,e3,fa,df,b7,9c,67,bc,64,f2,83,ae,e9,ba,e4,34,5c,\"rkeysecu"=hex:10,51,70,1f,da,82,73,90,5a,cb,79,1e,13,b7,af,d0.[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]@Denied: (Full) (Everyone).------------------------ Other Running Processes ------------------------.c:\program files\AVAST Software\Avast\AvastSvc.exec:\windows\SysWOW64\PnkBstrA.exe.**************************************************************************.Completion time: 2014-06-13 20:36:00 - machine was rebootedComboFix-quarantined-files.txt 2014-06-13 19:36ComboFix2.txt 2014-06-13 18:50ComboFix3.txt 2014-06-12 22:29.Pre-Run: 17,599,569,920 bytes freePost-Run: 17,414,639,616 bytes free.- - End Of File - - 1F0ADF26FC30628E2CADA4A76166444FA36C5E4F47E84449FF07ED3517B43A31 Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841312 Share Posted June 13, 2014 C:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir a variant of Win32/Conduit.SearchProtect.H potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir a variant of Win64/Conduit.SearchProtect.A potentially unwanted applicationC:\AdwCleaner\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir a variant of Win32/Conduit.SearchProtect.I potentially unwanted applicationC:\AdwCleaner\Quarantine\C\ProgramData\Happy2Save\Qt.dll.vir a variant of Win32/AdWare.MultiPlug.N applicationC:\Users\Curt\Downloads\DTLite4491-0356.exe Win32/DownWare.L potentially unwanted applicationC:\Users\Curt\Downloads\VLCv213.exe a variant of Win32/OpenInstall potentially unwanted application Link to post Share on other sites More sharing options...
kevinf80 Posted June 13, 2014 ID:841318 Share Posted June 13, 2014 What is the current status of your system, any remaining issues or concerns? Link to post Share on other sites More sharing options...
CurtisAllen Posted June 13, 2014 Author ID:841325 Share Posted June 13, 2014 It seems to be fine, I'll try and download Malware bytes now Link to post Share on other sites More sharing options...
kevinf80 Posted June 13, 2014 ID:841332 Share Posted June 13, 2014 Yep sounds good... Link to post Share on other sites More sharing options...
CurtisAllen Posted June 14, 2014 Author ID:841354 Share Posted June 14, 2014 Thanks a bunch mate! If I had money I'd donate to you haha Link to post Share on other sites More sharing options...
kevinf80 Posted June 14, 2014 ID:841507 Share Posted June 14, 2014 Did you run Malwarebytes, is there a log? Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted July 1, 2014 Root Admin ID:847905 Share Posted July 1, 2014 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts