Tech Support Forum banner
Status
Not open for further replies.

Malware? Spyware?

3K views 27 replies 3 participants last post by  amateur 
#1 ·
Hey all,

I've got a problem that just started a few hours ago, and I'm not sure what is causing it. My best guess, is that it is malware of some sort.

Since a few hours ago, my computer has started doing something odd. Some sites that I go on, are acting rather strange. Ads are coming up in Spanish, even though I am using a computer that has it's default language as English, as well as having my browsers set to English. Netflix, when I tell the computer to play, is showing the title in Spanish, but only after the play button is clicked.

I ran CCleaner thinking maybe a cookie I picked up was causing it or something, I ran malwarebytes and Kaspersky full scans, and nothing was found. I tried doing a system restore to before it happened, and it didn't change anything.

Any help would be greatly appreciated, as I'd like to get rid of whatever is causing this.
 
#2 ·
Results of the DDS Scan:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17909
Run by a at 2:16:21 on 2015-07-31
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.3895.2250 [GMT 10:00]
.
AV: Kaspersky Internet Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avpui.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\msiexec.exe
C:\Windows\syswow64\MsiExec.exe
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\LogTransport2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.dell.com
uDefault_Page_URL = hxxp://www.dell.com
uProxyServer = 188.227.173.218:6060
mWinlogon: Userinit = userinit.exe
BHO: Content Blocker Plugin: {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
BHO: Virtual Keyboard Plugin: {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
BHO: Safe Money Plugin: {E3D96E85-529D-4269-AC6A-97CF9E2221E3} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Epic Privacy Browser Installer] "C:\Users\a\AppData\Local\Epic Privacy Browser\Installer\EpicUpdate.exe" /c
uRun: [AdobeBridge] <no file>
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {09A10376-994C-4BBF-9121-F50CF7BA237E} - {F2A56BFE-7911-451A-BC74-A9C3C2E95126} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\IEExt\ie_plugin.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{4724101F-9907-4C35-858B-E75250E345C1} : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{C5CB8C1A-AB1B-4F8B-8C75-8350691F1C43} : DHCPNameServer = 192.168.0.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.107\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Content Blocker Plugin: {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll
x64-BHO: Safe Money Plugin: {E3D96E85-529D-4269-AC6A-97CF9E2221E3} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {09A10376-994C-4BBF-9121-F50CF7BA237E} - {F2A56BFE-7911-451A-BC74-A9C3C2E95126} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\x64\IEExt\ie_plugin.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);C:\Windows\System32\drivers\cm_km_w.sys [2013-1-14 238288]
R1 klhk;klhk;C:\Windows\System32\drivers\klhk.sys [2015-6-4 246456]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2014-2-25 30304]
R1 klpd;klpd;C:\Windows\System32\drivers\klpd.sys [2013-4-12 15456]
R1 kltdi;kltdi;C:\Windows\System32\drivers\kltdi.sys [2014-6-5 55872]
R1 Klwtp;Klwtp;C:\Windows\System32\drivers\klwtp.sys [2014-8-13 77512]
R1 kneps;kneps;C:\Windows\System32\drivers\kneps.sys [2014-7-9 179776]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2015-6-3 89600]
R2 AVP15.0.1;Kaspersky Anti-Virus Service 15.0.1;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe [2014-8-30 234520]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-6-3 13336]
R2 kldisk;kldisk;C:\Windows\System32\drivers\kldisk.sys [2014-7-2 46144]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2015-6-3 2533400]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-18 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-2-26 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2015-6-3 317440]
R3 klflt;Kaspersky Lab Kernel DLL;C:\Windows\System32\drivers\klflt.sys [2014-8-18 150536]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\Windows\System32\drivers\klkbdflt.sys [2014-3-28 28768]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2013-8-8 29280]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-6-13 25816]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 torguardtap0901;TorGuard Virtual Adapter V9;C:\Windows\System32\drivers\torguardtap0901.sys [2015-3-13 39840]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-6-13 1080120]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-6-3 327296]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-7-27 114688]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-6-13 63704]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-2-16 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-2-16 180736]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-7-3 19456]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2015-6-3 250984]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-7-3 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-7-3 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2015-7-7 1255736]
.
=============== Created Last 30 ================
.
2015-07-30 16:10:04 765440 ----a-w- C:\Windows\System32\invagent.dll
2015-07-30 16:10:04 726528 ----a-w- C:\Windows\System32\generaltel.dll
2015-07-30 16:10:04 67584 ----a-w- C:\Windows\System32\acmigration.dll
2015-07-30 16:10:04 433664 ----a-w- C:\Windows\System32\devinv.dll
2015-07-30 16:10:04 1145856 ----a-w- C:\Windows\System32\aeinv.dll
2015-07-30 16:10:04 1085440 ----a-w- C:\Windows\System32\appraiser.dll
2015-07-30 16:10:02 227328 ----a-w- C:\Windows\System32\aepdu.dll
2015-07-30 16:10:00 17856 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2015-07-30 15:55:41 12221144 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{27578001-DADE-44B0-9414-B2ECD5806B48}\mpengine.dll
2015-07-30 10:13:55 -------- d-----w- C:\Program Files (x86)\KeyCryptSDK
2015-07-30 09:53:41 -------- d-----w- C:\Users\a\AppData\Roaming\SUPERAntiSpyware.com
2015-07-30 09:53:21 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
2015-07-27 13:35:10 -------- d-----w- C:\Users\a\AppData\Local\Microsoft Games
2015-07-27 12:54:53 -------- d-----w- C:\Windows\PCHEALTH
2015-07-27 12:51:28 -------- d-----w- C:\Users\a\AppData\Local\Microsoft Help
2015-07-27 11:58:55 87040 ----a-w- C:\Windows\System32\TSWbPrxy.exe
2015-07-27 10:41:35 70656 ----a-w- C:\Windows\SysWow64\fontsub.dll
2015-07-27 10:41:35 46080 ----a-w- C:\Windows\System32\atmlib.dll
2015-07-27 10:41:35 41984 ----a-w- C:\Windows\System32\lpk.dll
2015-07-27 10:41:35 372224 ----a-w- C:\Windows\System32\atmfd.dll
2015-07-27 10:41:35 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2015-07-27 10:41:35 299008 ----a-w- C:\Windows\SysWow64\atmfd.dll
2015-07-27 10:41:35 25600 ----a-w- C:\Windows\SysWow64\lpk.dll
2015-07-27 10:41:35 254976 ----a-w- C:\Windows\System32\cewmdm.dll
2015-07-27 10:41:35 210432 ----a-w- C:\Windows\SysWow64\cewmdm.dll
2015-07-27 10:41:35 14336 ----a-w- C:\Windows\System32\dciman32.dll
2015-07-27 10:41:35 10240 ----a-w- C:\Windows\SysWow64\dciman32.dll
2015-07-27 10:41:35 100864 ----a-w- C:\Windows\System32\fontsub.dll
2015-07-27 10:39:37 3242496 ----a-w- C:\Windows\System32\msi.dll
2015-07-27 10:39:36 73216 ----a-w- C:\Windows\SysWow64\msiexec.exe
2015-07-27 10:39:36 70656 ----a-w- C:\Windows\System32\appinfo.dll
2015-07-27 10:39:36 504320 ----a-w- C:\Windows\System32\msihnd.dll
2015-07-27 10:39:36 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2015-07-27 10:39:36 25088 ----a-w- C:\Windows\SysWow64\msimsg.dll
2015-07-27 10:39:36 25088 ----a-w- C:\Windows\System32\msimsg.dll
2015-07-27 10:39:36 2364416 ----a-w- C:\Windows\SysWow64\msi.dll
2015-07-27 10:39:36 1941504 ----a-w- C:\Windows\System32\authui.dll
2015-07-27 10:39:36 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2015-07-27 10:39:36 128000 ----a-w- C:\Windows\System32\msiexec.exe
2015-07-27 10:39:36 112064 ----a-w- C:\Windows\System32\consent.exe
2015-07-09 02:07:46 -------- d-----w- C:\Users\a\Tracing
2015-07-09 02:07:03 -------- d-----w- C:\Users\a\AppData\Local\Skype
2015-07-09 02:06:39 -------- d-----r- C:\Program Files (x86)\Skype
2015-07-06 15:46:46 -------- d-----w- C:\Users\a\AppData\Local\GWX
2015-07-06 15:39:00 -------- d-----w- C:\Windows\SysWow64\Wat
2015-07-06 15:39:00 -------- d-----w- C:\Windows\System32\Wat
2015-07-06 15:38:59 -------- d-s---w- C:\Windows\SysWow64\GWX
2015-07-06 15:38:59 -------- d-s---w- C:\Windows\System32\GWX
2015-07-03 03:55:45 12221144 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-07-03 03:53:26 44544 ----a-w- C:\Windows\System32\TsUsbGDCoInstaller.dll
2015-07-03 03:53:24 56832 ----a-w- C:\Windows\System32\drivers\TsUsbFlt.sys
2015-07-03 03:53:24 3072 ----a-w- C:\Windows\System32\drivers\en-US\tsusbflt.sys.mui
2015-07-03 03:53:24 13824 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-03 03:53:24 12800 ----a-w- C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-03 03:53:23 56832 ----a-w- C:\Windows\System32\MsRdpWebAccess.dll
2015-07-03 03:53:23 50176 ----a-w- C:\Windows\SysWow64\MsRdpWebAccess.dll
2015-07-03 03:53:23 18944 ----a-w- C:\Windows\System32\wksprtPS.dll
2015-07-03 03:53:23 17920 ----a-w- C:\Windows\SysWow64\wksprtPS.dll
2015-07-03 03:53:23 1147392 ----a-w- C:\Windows\System32\mstsc.exe
2015-07-03 03:53:23 1068544 ----a-w- C:\Windows\SysWow64\mstsc.exe
2015-07-03 03:51:50 30208 ----a-w- C:\Windows\System32\drivers\TsUsbGD.sys
2015-07-03 03:51:50 19456 ----a-w- C:\Windows\System32\drivers\rdpvideominiport.sys
2015-07-03 03:51:50 192000 ----a-w- C:\Windows\SysWow64\rdpendp_winip.dll
2015-07-03 03:51:49 228864 ----a-w- C:\Windows\System32\rdpendp_winip.dll
2015-07-03 03:17:38 2777088 ----a-w- C:\Windows\System32\msmpeg2vdec.dll
2015-07-03 03:17:38 2285056 ----a-w- C:\Windows\SysWow64\msmpeg2vdec.dll
2015-07-03 03:04:06 1031168 ----a-w- C:\Windows\System32\TSWorkspace.dll
2015-07-03 03:04:05 793600 ----a-w- C:\Windows\SysWow64\TSWorkspace.dll
2015-07-03 03:04:03 2871808 ----a-w- C:\Windows\explorer.exe
2015-07-03 03:04:03 2616320 ----a-w- C:\Windows\SysWow64\explorer.exe
2015-07-03 03:04:03 2543104 ----a-w- C:\Windows\System32\wpdshext.dll
2015-07-03 03:04:03 2311168 ----a-w- C:\Windows\SysWow64\wpdshext.dll
2015-07-03 03:04:02 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2015-07-03 03:04:02 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2015-07-03 03:04:01 950272 ----a-w- C:\Windows\System32\perftrack.dll
2015-07-03 03:04:01 91136 ----a-w- C:\Windows\System32\wdi.dll
2015-07-03 03:04:01 76800 ----a-w- C:\Windows\SysWow64\wdi.dll
2015-07-03 03:04:01 29696 ----a-w- C:\Windows\System32\powertracker.dll
2015-07-03 03:02:53 119296 ----a-w- C:\Windows\System32\drivers\tdx.sys
2015-07-03 02:59:09 493504 ----a-w- C:\Windows\System32\mcupdate_GenuineIntel.dll
.
==================== Find3M ====================
.
2015-07-30 16:01:04 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-07-27 08:57:18 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-07-27 08:57:18 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-09 17:58:56 192000 ----a-w- C:\Windows\System32\wuwebv.dll
2015-07-09 17:58:55 98304 ----a-w- C:\Windows\System32\wudriver.dll
2015-07-09 17:58:55 3154944 ----a-w- C:\Windows\System32\wucltux.dll
2015-07-09 17:58:34 91136 ----a-w- C:\Windows\System32\WinSetupUI.dll
2015-07-09 17:58:25 12288 ----a-w- C:\Windows\System32\wu.upgrade.ps.dll
2015-07-09 17:58:20 37376 ----a-w- C:\Windows\System32\wuapp.exe
2015-07-09 17:43:25 93184 ----a-w- C:\Windows\SysWow64\wudriver.dll
2015-07-09 17:43:25 173056 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2015-07-09 17:42:47 34816 ----a-w- C:\Windows\SysWow64\wuapp.exe
2015-07-04 18:07:11 2087424 ----a-w- C:\Windows\System32\ole32.dll
2015-07-04 17:48:36 1414656 ----a-w- C:\Windows\SysWow64\ole32.dll
2015-07-02 21:08:53 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-07-02 20:40:34 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2015-07-01 20:56:03 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-07-01 20:56:03 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-07-01 20:49:53 210944 ----a-w- C:\Windows\System32\wdigest.dll
2015-07-01 20:49:47 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2015-07-01 20:49:45 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2015-07-01 20:49:45 136192 ----a-w- C:\Windows\System32\sspicli.dll
2015-07-01 20:49:42 342016 ----a-w- C:\Windows\System32\schannel.dll
2015-07-01 20:49:42 28160 ----a-w- C:\Windows\System32\secur32.dll
2015-07-01 20:49:41 1216512 ----a-w- C:\Windows\System32\rpcrt4.dll
2015-07-01 20:49:23 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2015-07-01 20:49:22 315392 ----a-w- C:\Windows\System32\msv1_0.dll
2015-07-01 20:49:11 729088 ----a-w- C:\Windows\System32\kerberos.dll
2015-07-01 20:49:11 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
2015-07-01 20:48:34 44032 ----a-w- C:\Windows\System32\cryptbase.dll
2015-07-01 20:48:34 22016 ----a-w- C:\Windows\System32\credssp.dll
2015-07-01 20:47:38 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-07-01 20:47:18 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-07-01 20:43:51 60416 ----a-w- C:\Windows\System32\msobjs.dll
2015-07-01 20:43:37 146432 ----a-w- C:\Windows\System32\msaudite.dll
2015-07-01 20:39:24 686080 ----a-w- C:\Windows\System32\adtschema.dll
2015-07-01 20:30:43 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2015-07-01 20:30:40 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2015-07-01 20:30:37 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-07-01 20:30:37 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2015-07-01 20:30:33 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2015-07-01 20:30:32 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2015-07-01 20:30:27 552960 ----a-w- C:\Windows\SysWow64\kerberos.dll
2015-07-01 20:30:21 36864 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2015-07-01 20:30:21 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2015-07-01 20:29:46 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2015-07-01 20:29:34 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2015-07-01 20:29:34 665088 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2015-07-01 20:27:04 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2015-07-01 20:26:52 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2015-07-01 20:24:59 686080 ----a-w- C:\Windows\SysWow64\adtschema.dll
2015-07-01 19:27:34 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-07-01 19:26:43 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-07-01 19:26:37 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-06-27 02:47:11 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2015-06-27 02:43:26 5923840 ----a-w- C:\Windows\System32\jscript9.dll
2015-06-27 01:58:17 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2015-06-27 01:39:37 4520448 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-06-25 08:57:44 3207168 ----a-w- C:\Windows\System32\win32k.sys
2015-06-23 03:30:20 300704 ------w- C:\Windows\System32\MpSigStub.exe
2015-06-20 20:06:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2015-06-20 19:50:10 66560 ----a-w- C:\Windows\System32\iesetup.dll
2015-06-20 19:49:17 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2015-06-20 19:49:09 417792 ----a-w- C:\Windows\System32\html.iec
2015-06-20 19:49:08 584192 ----a-w- C:\Windows\System32\vbscript.dll
2015-06-20 19:48:29 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2015-06-20 19:34:46 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-06-20 19:34:45 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-06-20 19:25:28 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-06-20 19:13:07 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-06-20 18:46:53 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2015-06-20 18:46:48 2125824 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-06-20 18:26:01 2427392 ----a-w- C:\Windows\System32\wininet.dll
2015-06-19 18:25:41 504320 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-06-19 18:25:35 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2015-06-19 18:24:43 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2015-06-19 18:24:27 341504 ----a-w- C:\Windows\SysWow64\html.iec
2015-06-19 18:23:26 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2015-06-19 18:13:10 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-06-19 17:57:45 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-06-19 17:40:04 2052608 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-06-19 17:39:13 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2015-06-19 17:15:43 1951232 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-06-17 17:47:05 404992 ----a-w- C:\Windows\System32\gdi32.dll
2015-06-17 17:37:03 312320 ----a-w- C:\Windows\SysWow64\gdi32.dll
2015-06-13 13:15:23 136408 ----a-w- C:\Windows\System32\drivers\6C180261.sys
2015-06-11 17:57:36 53248 ----a-w- C:\Windows\SysWow64\tsgqec.dll
2015-06-11 17:57:35 856064 ----a-w- C:\Windows\SysWow64\rdvidcrl.dll
2015-06-11 17:57:35 6131200 ----a-w- C:\Windows\SysWow64\mstscax.dll
2015-06-11 17:56:55 7077376 ----a-w- C:\Windows\System32\mstscax.dll
2015-06-11 17:56:55 62976 ----a-w- C:\Windows\System32\tsgqec.dll
2015-06-11 17:56:55 1057792 ----a-w- C:\Windows\System32\rdvidcrl.dll
2015-06-11 13:15:53 429568 ----a-w- C:\Windows\System32\wksprt.exe
2015-06-09 18:03:22 3180544 ----a-w- C:\Windows\System32\rdpcorets.dll
2015-06-09 18:03:22 16384 ----a-w- C:\Windows\System32\RdpGroupPolicyExtension.dll
2015-06-09 07:00:04 327168 ----a-w- C:\Windows\System32\mswsock.dll
2015-06-09 07:00:04 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2015-06-09 06:59:52 68608 ----a-w- C:\Windows\System32\taskhost.exe
2015-06-09 06:55:52 1887232 ----a-w- C:\Windows\System32\d3d11.dll
2015-06-09 06:55:52 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll
.
============= FINISH: 2:18:21.98 ===============
 

Attachments

#4 ·
Hello cmb11792,

My name is Tolga and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

:arrowr: If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
:arrowr: First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
:arrowr: Please download to and run all requested tools from your Desktop.
:arrowr: Perform everything in the correct order. Sometimes one step requires the previous one.
:arrowr: If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
:arrowr: Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
:arrowr: Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
:arrowr: If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
:arrowr: Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
:arrowr: My native language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Now, let's get started, shall we?

=========================================================

I see you have P2P software (Vuze) installed on your machine. Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur
Once upon a time, P2P file sharing was fairly safe. That is no longer true. You may continue to use P2P sharing at your own risk; however, please keep in mind that this practice may be the source of your current malware infestation.

A reference for the risk of these programs is here

I would recommend that you uninstall any P2P Programs, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

=========================================================

CCleaner

We do not recommend the use of registry cleaners. Our colleague miekiemoes has an excellent writeup here. We suggest uninstalling them via Programs and Features in your Control Panel.

=========================================================

uProxyServer = 188.227.173.218:6060
Did you set this proxy yourself?
 
#5 ·
I did not set that proxy myself. I'm not exactly sure where it came from.

As far as Vuze goes, I have only used it for one thing, and it was a torrent purchased form the BBC of Doctor Who episodes, so I don't think anything came from it.

I know the risks of registry cleaners, which is why I avoid the registry part of the program. I use it as a one click to clean out browser data as well as system temporary files and my recycle bin. I avoid the registry cleaner at all costs, simply because I know it can be problematic, but am willing to uninstall it if you believe it may help.
 
#7 ·
Hello cmb11792,

Thanks for the information about the proxy. Ok. I do not do something about the proxy. Please do the following.

:arrowr: Open Notepad (Start > All Programs > Accessories > Notepad).
:arrowr: Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
:arrowr: Save it as fixlist.txt next to FRST.exe

NOTE: Both FRST.exe and the fixlist.txt must be in the same location or the fix will not work.
Code:
start
CreateRestorePoint:
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z..Z....ZZZ:1
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZ..ZZZ..Z.ZZ:1
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.ZZ.ZZ.ZZZ:1
FirewallRules: [{54A14D50-CB21-483B-B05B-38977D909DE5}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{673AB017-0F18-47EC-BEE9-508F8A2F626E}] => (Allow) C:\Program Files\Vuze\Azureus.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
2015-07-31 10:03 - 2015-07-31 10:36 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.ZZ.ZZ.ZZZ
2015-07-31 08:05 - 2015-07-31 10:03 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZ..ZZZ..Z.ZZ
2015-07-31 06:15 - 2015-07-31 08:04 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZ...Z...ZZZZ..Z
2015-07-31 03:01 - 2015-07-31 06:15 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z..Z....ZZZ
EmptyTemp:
end
:arrowr: Double-click FRST to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
:arrowr: Click the Fix button just once, and wait.
:arrowr: If you receive a message that a reboot is required, please make sure you allow it to restart normally.
:arrowr: The tool will complete its run after the restart.
:arrowr: When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 
#8 ·
Fixlog results:

Fix result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by a (2015-07-31 21:03:26) Run:2
Running from C:\Users\a\Desktop
Loaded Profiles: a (Available Profiles: a)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z..Z....ZZZ:1
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZ..ZZZ..Z.ZZ:1
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.ZZ.ZZ.ZZZ:1
FirewallRules: [{54A14D50-CB21-483B-B05B-38977D909DE5}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{673AB017-0F18-47EC-BEE9-508F8A2F626E}] => (Allow) C:\Program Files\Vuze\Azureus.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
2015-07-31 10:03 - 2015-07-31 10:36 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.ZZ.ZZ.ZZZ
2015-07-31 08:05 - 2015-07-31 10:03 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZ..ZZZ..Z.ZZ
2015-07-31 06:15 - 2015-07-31 08:04 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZ...Z...ZZZZ..Z
2015-07-31 03:01 - 2015-07-31 06:15 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z..Z....ZZZ
EmptyTemp:
end
*****************
 
#11 ·
I reran the fixlist and this is what pumped out this time.

Fix result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by a (2015-07-31 23:37:16) Run:3
Running from C:\Users\a\Desktop
Loaded Profiles: a (Available Profiles: a)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z..Z....ZZZ:1
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZ..ZZZ..Z.ZZ:1
AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.ZZ.ZZ.ZZZ:1
FirewallRules: [{54A14D50-CB21-483B-B05B-38977D909DE5}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{673AB017-0F18-47EC-BEE9-508F8A2F626E}] => (Allow) C:\Program Files\Vuze\Azureus.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
2015-07-31 10:03 - 2015-07-31 10:36 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.ZZ.ZZ.ZZZ
2015-07-31 08:05 - 2015-07-31 10:03 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZ..ZZZ..Z.ZZ
2015-07-31 06:15 - 2015-07-31 08:04 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZ...Z...ZZZZ..Z
2015-07-31 03:01 - 2015-07-31 06:15 - 00000000 ____D C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z..Z....ZZZ
EmptyTemp:
end
*****************

Restore point was successfully created.
"C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z..Z....ZZZ" => ":1" ADS not found.
"C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZ..ZZZ..Z.ZZ" => ":1" ADS not found.
"C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.ZZ.ZZ.ZZZ" => ":1" ADS not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{54A14D50-CB21-483B-B05B-38977D909DE5} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{673AB017-0F18-47EC-BEE9-508F8A2F626E} => value not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key not found.
"C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.ZZ.ZZ.ZZZ" => File/Folder not found.
"C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.ZZ..ZZZ..Z.ZZ" => File/Folder not found.
"C:\3590F75ABA9E485486C100C1A9D4FF06ZZ...Z...ZZZZ..Z" => File/Folder not found.
"C:\3590F75ABA9E485486C100C1A9D4FF06ZZ.Z.Z..Z....ZZZ" => File/Folder not found.
EmptyTemp: => 132 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 23:37:33 ====
 
#12 ·
Hello,

Please do the following:

:arrowr: Please download AdwCleaner on to your desktop.
:arrowr: Close all open programs and internet browsers.
:arrowr: Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
:arrowr: Click on the Scan button.
:arrowr: AdwCleaner will begin...be patient as the scan may take some time to complete.
:arrowr: After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
:arrowr: The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
:arrowr: Copy and paste the contents of that logfile in your next reply.
:arrowr: A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
 
#13 ·
I just tried a few different things. It appears to be only Chrome doing it. Internet Explorer isn't giving me the problems at all, including netflix showing in English where it shows in French (I was mistaken about it being Spanish). I tried changing my ip with my VPN and it's definitely attached to chrome somehow, as it didn't make a difference when I set it to other areas of Australia or with IPs that Chrome hasn't seen before, French was still being shown.

Before I got on the forum, I did do a full uninstall of Chrome using Geek Uninstaller and reinstalled it, so I didn't think it was something attached to chrome.

As far as AdwCleaner, here is the log:

# AdwCleaner v4.208 - Logfile created 03/08/2015 at 17:34:16
# Updated 09/07/2015 by Xplode
# Database : 2015-08-01.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : a - A-PC
# Running from : C:\Users\a\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 188.227.173.218:6060
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Google Chrome v44.0.2403.125


*************************

AdwCleaner[R3].txt - [924 bytes] - [03/08/2015 17:34:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R3].txt - [982 bytes] ##########
 
#14 ·
Hello cmb11792,

Ok. I understand. Please do the following.

:arrowr: Please go HERE then click on: Run Eset Online Scanner
:arrowr: Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the icon install.

All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

:arrowr: Select the option YES, I accept the Terms of Use then click on Start buton.
:arrowr: When prompted allow the Add-On/Active X to install.
:arrowr: Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
:arrowr: Now click on Advanced Settings and select the following:

  • Scan for potentially unwanted applications
  • Scan Archives
  • Enable Anti-Stealth Technology
:arrowr: Next to 'Current scan targets: Operating memory, Local drives', click the Change... button.
:arrowr: Tick all the boxes that correspond to your external/inserted drives.
:arrowr: Click Start. The virus signature database will begin to download. This may take some time.
:arrowr: Wait for the scan to finish.
:arrowr: When completed, click on Finish.
:arrowr: When the scan is done, if it shows a screen that says "Threats found!", click "List of found threats", and then click "Export to text file..."
:arrowr: Save that text file to your desktop, and then copy/paste the contents in your next reply.
 
#15 ·
Eset Results:

C:\Users\a\Desktop\Downloads\BitTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application
C:\Users\a\Desktop\Downloads\ccsetup506.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\a\Desktop\reaction images\ccsetup505.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\a\Desktop\reaction images\dfsetup219.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\a\Desktop\reaction images\spsetup128.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\a\Downloads\AKLT.zip Win32/Leaktest.AKLT.25 potentially unwanted application
C:\Users\a\Downloads\ccsetup507.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\a\Downloads\ccsetup508.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
 
#16 ·
Hello cmb11792,

Please do the following.

:arrowr: Open Notepad (Start > All Programs > Accessories > Notepad).
:arrowr: Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
:arrowr: Save it as fixlist.txt next to FRST.exe

NOTE: Both FRST.exe and the fixlist.txt must be in the same location or the fix will not work.
Code:
start
CreateRestorePoint:
C:\Users\a\Desktop\Downloads\BitTorrent.exe
C:\Users\a\Desktop\Downloads\ccsetup506.exe
C:\Users\a\Desktop\reaction images\ccsetup505.exe
C:\Users\a\Desktop\reaction images\dfsetup219.exe
C:\Users\a\Desktop\reaction images\spsetup128.exe 
C:\Users\a\Downloads\AKLT.zip
C:\Users\a\Downloads\ccsetup507.exe
C:\Users\a\Downloads\ccsetup508.exe
EmptyTemp:
end
:arrowr: Double-click FRST to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
:arrowr: Click the Fix button just once, and wait.
:arrowr: If you receive a message that a reboot is required, please make sure you allow it to restart normally.
:arrowr: The tool will complete its run after the restart.
:arrowr: When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 
#17 ·
Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
Ran by a (2015-08-03 22:38:07) Run:4
Running from C:\Users\a\Desktop
Loaded Profiles: a (Available Profiles: a)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
CreateRestorePoint:
C:\Users\a\Desktop\Downloads\BitTorrent.exe
C:\Users\a\Desktop\Downloads\ccsetup506.exe
C:\Users\a\Desktop\reaction images\ccsetup505.exe
C:\Users\a\Desktop\reaction images\dfsetup219.exe
C:\Users\a\Desktop\reaction images\spsetup128.exe
C:\Users\a\Downloads\AKLT.zip
C:\Users\a\Downloads\ccsetup507.exe
C:\Users\a\Downloads\ccsetup508.exe
EmptyTemp:
end
*****************

Restore point was successfully created.
C:\Users\a\Desktop\Downloads\BitTorrent.exe => moved successfully.
C:\Users\a\Desktop\Downloads\ccsetup506.exe => moved successfully.
C:\Users\a\Desktop\reaction images\ccsetup505.exe => moved successfully.
C:\Users\a\Desktop\reaction images\dfsetup219.exe => moved successfully.
C:\Users\a\Desktop\reaction images\spsetup128.exe => moved successfully.
C:\Users\a\Downloads\AKLT.zip => moved successfully.
C:\Users\a\Downloads\ccsetup507.exe => moved successfully.
C:\Users\a\Downloads\ccsetup508.exe => moved successfully.
EmptyTemp: => 727.1 MB temporary data Removed.


The system needed a reboot..

==== End of Fixlog 22:38:50 ====

Checking after that, I am still getting the French names in netflix and the ads.
 
#19 ·
The machine itself is fine, but for some reason I am still having the language problem. It's happening with some ads, which I've narrowed down to always leading to a site called fem.media

It's also still displaying some netflix titles in French, as the attached picture shows.

It is also only happening in Chrome, no problems in Internet Explorer, which is the only other browser I have.
 

Attachments

#20 ·
Hello again,

Thanks for informations. Let's run different tools and see what we can see. Please do the below instructions.

Please download Junkware Removal Tool to your desktop.

:arrowr: Shut down your protection software now to avoid potential conflicts.
:arrowr: Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
:arrowr: The tool will open and start scanning your system.
:arrowr: Please be patient as this can take a while to complete depending on your system's specifications.
:arrowr: On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
:arrowr: Post the contents of JRT.txt into your next reply.
 
#21 ·
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by a on Tue 04/08/2015 at 18:23:39.94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Chrome


[C:\Users\a\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\a\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\a\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\a\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 04/08/2015 at 18:29:58.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
#24 ·
Hello,

I do not see anything that would cause this. Please do the following instructions.

:arrowr: Please download TDSSKiller here or here. to the desktop.
:arrowr: Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
:arrowr: Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
:arrowr: If a suspicious file is detected, the default action will be Skip, click on Continue.
:arrowr: Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
:arrowr: Copy and paste its contents in your next reply.
 
#25 ·
tdss killer log:

00:36:51.0453 0x0dfc TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
00:36:57.0859 0x0dfc ============================================================
00:36:57.0859 0x0dfc Current date / time: 2015/08/05 00:36:57.0859
00:36:57.0859 0x0dfc SystemInfo:
00:36:57.0859 0x0dfc
00:36:57.0859 0x0dfc OS Version: 6.1.7601 ServicePack: 1.0
00:36:57.0860 0x0dfc Product type: Workstation
00:36:57.0860 0x0dfc ComputerName: A-PC
00:36:57.0860 0x0dfc UserName: a
00:36:57.0860 0x0dfc Windows directory: C:\Windows
00:36:57.0860 0x0dfc System windows directory: C:\Windows
00:36:57.0860 0x0dfc Running under WOW64
00:36:57.0860 0x0dfc Processor architecture: Intel x64
00:36:57.0860 0x0dfc Number of processors: 2
00:36:57.0860 0x0dfc Page size: 0x1000
00:36:57.0860 0x0dfc Boot type: Normal boot
00:36:57.0860 0x0dfc ============================================================
00:36:58.0229 0x0dfc KLMD registered as C:\Windows\system32\drivers\67757964.sys
00:36:58.0863 0x0dfc System UUID: {E9D30219-DCC2-110F-966F-2382C46DDFB6}
00:36:59.0882 0x0dfc Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:36:59.0886 0x0dfc ============================================================
00:36:59.0886 0x0dfc \Device\Harddisk0\DR0:
00:36:59.0886 0x0dfc MBR partitions:
00:36:59.0886 0x0dfc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:36:59.0886 0x0dfc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D4000
00:36:59.0886 0x0dfc ============================================================
00:36:59.0908 0x0dfc C: <-> \Device\Harddisk0\DR0\Partition2
00:36:59.0908 0x0dfc ============================================================
00:36:59.0908 0x0dfc Initialize success
00:36:59.0908 0x0dfc ============================================================
00:37:31.0788 0x05f0 ============================================================
00:37:31.0788 0x05f0 Scan started
00:37:31.0788 0x05f0 Mode: Manual; SigCheck; TDLFS;
00:37:31.0788 0x05f0 ============================================================
00:37:31.0788 0x05f0 KSN ping started
00:37:34.0684 0x05f0 KSN ping finished: true
00:37:35.0933 0x05f0 ================ Scan system memory ========================
00:37:35.0933 0x05f0 System memory - ok
00:37:35.0936 0x05f0 ================ Scan services =============================
00:37:36.0265 0x05f0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
00:37:36.0381 0x05f0 1394ohci - ok
00:37:36.0430 0x05f0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:37:36.0456 0x05f0 ACPI - ok
00:37:36.0490 0x05f0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
00:37:36.0574 0x05f0 AcpiPmi - ok
00:37:36.0677 0x05f0 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:37:36.0708 0x05f0 AdobeARMservice - ok
00:37:36.0802 0x05f0 [ 011BD8A49AF856E8A8EE32652D1CFC05, 7E45CD5ED185DFCA94069640C19D3079879FD1F3069873D0302ACC372F756F90 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:37:36.0827 0x05f0 AdobeFlashPlayerUpdateSvc - ok
00:37:36.0877 0x05f0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
00:37:36.0907 0x05f0 adp94xx - ok
00:37:36.0946 0x05f0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
00:37:36.0977 0x05f0 adpahci - ok
00:37:37.0000 0x05f0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
00:37:37.0019 0x05f0 adpu320 - ok
00:37:37.0054 0x05f0 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
00:37:37.0096 0x05f0 AeLookupSvc - ok
00:37:37.0180 0x05f0 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Program Files\IDT\WDM\AESTSr64.exe
00:37:37.0225 0x05f0 AESTFilters - ok
00:37:37.0275 0x05f0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
00:37:37.0338 0x05f0 AFD - ok
00:37:37.0364 0x05f0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
00:37:37.0381 0x05f0 agp440 - ok
00:37:37.0414 0x05f0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
00:37:37.0456 0x05f0 ALG - ok
00:37:37.0497 0x05f0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
00:37:37.0513 0x05f0 aliide - ok
00:37:37.0545 0x05f0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
00:37:37.0563 0x05f0 amdide - ok
00:37:37.0599 0x05f0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
00:37:37.0619 0x05f0 AmdK8 - ok
00:37:37.0628 0x05f0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
00:37:37.0663 0x05f0 AmdPPM - ok
00:37:37.0696 0x05f0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:37:37.0716 0x05f0 amdsata - ok
00:37:37.0746 0x05f0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
00:37:37.0767 0x05f0 amdsbs - ok
00:37:37.0786 0x05f0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:37:37.0801 0x05f0 amdxata - ok
00:37:37.0841 0x05f0 [ 6690E42CED5D067233ABAD42DA141213, 7FECA42624513E6C3216E91F708E97101CCFC252F925A3707EA8560D8059CBE3 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
00:37:37.0886 0x05f0 ApfiltrService - ok
00:37:37.0923 0x05f0 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
00:37:38.0010 0x05f0 AppID - ok
00:37:38.0026 0x05f0 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:37:38.0060 0x05f0 AppIDSvc - ok
00:37:38.0111 0x05f0 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
00:37:38.0160 0x05f0 Appinfo - ok
00:37:38.0186 0x05f0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
00:37:38.0206 0x05f0 arc - ok
00:37:38.0223 0x05f0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:37:38.0244 0x05f0 arcsas - ok
00:37:38.0365 0x05f0 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:37:38.0425 0x05f0 aspnet_state - ok
00:37:38.0448 0x05f0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
00:37:38.0612 0x05f0 AsyncMac - ok
00:37:38.0657 0x05f0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
00:37:38.0672 0x05f0 atapi - ok
00:37:38.0790 0x05f0 [ 80D6820DDB5427363A9D3F2137441C83, FF26B6DABDD3037EAA46BF5231B2A5A6C810E32CA63B1D7F0A573B9F220DF9A5 ] athr C:\Windows\system32\DRIVERS\athrx.sys
00:37:38.0923 0x05f0 athr - ok
00:37:38.0983 0x05f0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:37:39.0066 0x05f0 AudioEndpointBuilder - ok
00:37:39.0106 0x05f0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
00:37:39.0139 0x05f0 AudioSrv - ok
00:37:39.0193 0x05f0 [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\avp.exe
00:37:39.0215 0x05f0 AVP15.0.1 - ok
00:37:39.0249 0x05f0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:37:39.0304 0x05f0 AxInstSV - ok
00:37:39.0348 0x05f0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
00:37:39.0413 0x05f0 b06bdrv - ok
00:37:39.0448 0x05f0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
00:37:39.0489 0x05f0 b57nd60a - ok
00:37:39.0538 0x05f0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
00:37:39.0591 0x05f0 BDESVC - ok
00:37:39.0613 0x05f0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
00:37:39.0685 0x05f0 Beep - ok
00:37:39.0742 0x05f0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
00:37:39.0817 0x05f0 BFE - ok
00:37:39.0868 0x05f0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
00:37:40.0076 0x05f0 BITS - ok
00:37:40.0111 0x05f0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
00:37:40.0147 0x05f0 blbdrive - ok
00:37:40.0183 0x05f0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:37:40.0233 0x05f0 bowser - ok
00:37:40.0261 0x05f0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
00:37:40.0297 0x05f0 BrFiltLo - ok
00:37:40.0316 0x05f0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
00:37:40.0350 0x05f0 BrFiltUp - ok
00:37:40.0397 0x05f0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
00:37:40.0447 0x05f0 Browser - ok
00:37:40.0486 0x05f0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
00:37:40.0546 0x05f0 Brserid - ok
00:37:40.0570 0x05f0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
00:37:40.0611 0x05f0 BrSerWdm - ok
00:37:40.0625 0x05f0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
00:37:40.0657 0x05f0 BrUsbMdm - ok
00:37:40.0685 0x05f0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
00:37:40.0705 0x05f0 BrUsbSer - ok
00:37:40.0720 0x05f0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
00:37:40.0759 0x05f0 BTHMODEM - ok
00:37:40.0800 0x05f0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
00:37:40.0866 0x05f0 bthserv - ok
00:37:40.0882 0x05f0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:37:40.0974 0x05f0 cdfs - ok
00:37:41.0019 0x05f0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
00:37:41.0040 0x05f0 cdrom - ok
00:37:41.0068 0x05f0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
00:37:41.0126 0x05f0 CertPropSvc - ok
00:37:41.0147 0x05f0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
00:37:41.0185 0x05f0 circlass - ok
00:37:41.0214 0x05f0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
00:37:41.0251 0x05f0 CLFS - ok
00:37:41.0329 0x05f0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:37:41.0353 0x05f0 clr_optimization_v2.0.50727_32 - ok
00:37:41.0379 0x05f0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:37:41.0398 0x05f0 clr_optimization_v2.0.50727_64 - ok
00:37:41.0476 0x05f0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:37:41.0638 0x05f0 clr_optimization_v4.0.30319_32 - ok
00:37:41.0654 0x05f0 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:37:41.0739 0x05f0 clr_optimization_v4.0.30319_64 - ok
00:37:41.0773 0x05f0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
00:37:41.0803 0x05f0 CmBatt - ok
00:37:41.0833 0x05f0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
00:37:41.0851 0x05f0 cmdide - ok
00:37:41.0897 0x05f0 [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w C:\Windows\system32\DRIVERS\cm_km_w.sys
00:37:41.0920 0x05f0 cm_km_w - ok
00:37:41.0959 0x05f0 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
00:37:42.0000 0x05f0 CNG - ok
00:37:42.0027 0x05f0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
00:37:42.0041 0x05f0 Compbatt - ok
00:37:42.0059 0x05f0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
00:37:42.0097 0x05f0 CompositeBus - ok
00:37:42.0117 0x05f0 COMSysApp - ok
00:37:42.0134 0x05f0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
00:37:42.0149 0x05f0 crcdisk - ok
00:37:42.0184 0x05f0 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:37:42.0217 0x05f0 CryptSvc - ok
00:37:42.0253 0x05f0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:37:42.0320 0x05f0 DcomLaunch - ok
00:37:42.0353 0x05f0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
00:37:42.0421 0x05f0 defragsvc - ok
00:37:42.0449 0x05f0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
00:37:42.0503 0x05f0 DfsC - ok
00:37:42.0547 0x05f0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:37:42.0602 0x05f0 Dhcp - ok
00:37:42.0693 0x05f0 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
00:37:42.0803 0x05f0 DiagTrack - ok
00:37:42.0833 0x05f0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
00:37:42.0895 0x05f0 discache - ok
00:37:42.0933 0x05f0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
00:37:42.0950 0x05f0 Disk - ok
00:37:42.0993 0x05f0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:37:43.0031 0x05f0 Dnscache - ok
00:37:43.0065 0x05f0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
00:37:43.0128 0x05f0 dot3svc - ok
00:37:43.0153 0x05f0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
00:37:43.0217 0x05f0 DPS - ok
00:37:43.0268 0x05f0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
00:37:43.0327 0x05f0 drmkaud - ok
00:37:43.0390 0x05f0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:37:43.0456 0x05f0 DXGKrnl - ok
00:37:43.0486 0x05f0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
00:37:43.0536 0x05f0 EapHost - ok
00:37:43.0669 0x05f0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
00:37:43.0851 0x05f0 ebdrv - ok
00:37:43.0903 0x05f0 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
00:37:43.0962 0x05f0 EFS - ok
00:37:44.0055 0x05f0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
00:37:44.0135 0x05f0 ehRecvr - ok
00:37:44.0170 0x05f0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
00:37:44.0199 0x05f0 ehSched - ok
00:37:44.0251 0x05f0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
00:37:44.0289 0x05f0 elxstor - ok
00:37:44.0305 0x05f0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
00:37:44.0320 0x05f0 ErrDev - ok
00:37:44.0336 0x05f0 ESProtectionDriver - ok
00:37:44.0376 0x05f0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
00:37:44.0449 0x05f0 EventSystem - ok
00:37:44.0468 0x05f0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
00:37:44.0519 0x05f0 exfat - ok
00:37:44.0549 0x05f0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:37:44.0609 0x05f0 fastfat - ok
00:37:44.0675 0x05f0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
00:37:44.0755 0x05f0 Fax - ok
00:37:44.0772 0x05f0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
00:37:44.0809 0x05f0 fdc - ok
00:37:44.0853 0x05f0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
00:37:44.0923 0x05f0 fdPHost - ok
00:37:44.0940 0x05f0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
00:37:45.0010 0x05f0 FDResPub - ok
00:37:45.0048 0x05f0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:37:45.0065 0x05f0 FileInfo - ok
00:37:45.0078 0x05f0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:37:45.0139 0x05f0 Filetrace - ok
00:37:45.0151 0x05f0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
00:37:45.0167 0x05f0 flpydisk - ok
00:37:45.0193 0x05f0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:37:45.0215 0x05f0 FltMgr - ok
00:37:45.0310 0x05f0 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
00:37:45.0407 0x05f0 FontCache - ok
00:37:45.0444 0x05f0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:37:45.0459 0x05f0 FontCache3.0.0.0 - ok
00:37:45.0491 0x05f0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:37:45.0508 0x05f0 FsDepends - ok
00:37:45.0532 0x05f0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:37:45.0549 0x05f0 Fs_Rec - ok
00:37:45.0584 0x05f0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:37:45.0611 0x05f0 fvevol - ok
00:37:45.0644 0x05f0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
00:37:45.0660 0x05f0 gagp30kx - ok
00:37:45.0709 0x05f0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
00:37:45.0789 0x05f0 gpsvc - ok
00:37:45.0846 0x05f0 [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:37:45.0868 0x05f0 gupdate - ok
00:37:45.0876 0x05f0 [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:37:45.0893 0x05f0 gupdatem - ok
00:37:45.0927 0x05f0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
00:37:45.0975 0x05f0 hcw85cir - ok
00:37:46.0020 0x05f0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:37:46.0076 0x05f0 HdAudAddService - ok
00:37:46.0106 0x05f0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
00:37:46.0139 0x05f0 HDAudBus - ok
00:37:46.0167 0x05f0 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
00:37:46.0180 0x05f0 HECIx64 - ok
00:37:46.0214 0x05f0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
00:37:46.0251 0x05f0 HidBatt - ok
00:37:46.0276 0x05f0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
00:37:46.0301 0x05f0 HidBth - ok
00:37:46.0328 0x05f0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
00:37:46.0367 0x05f0 HidIr - ok
00:37:46.0387 0x05f0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
00:37:46.0447 0x05f0 hidserv - ok
00:37:46.0496 0x05f0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
00:37:46.0522 0x05f0 HidUsb - ok
00:37:46.0557 0x05f0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
00:37:46.0627 0x05f0 hkmsvc - ok
00:37:46.0659 0x05f0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:37:46.0708 0x05f0 HomeGroupListener - ok
00:37:46.0741 0x05f0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:37:46.0787 0x05f0 HomeGroupProvider - ok
00:37:46.0819 0x05f0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:37:46.0836 0x05f0 HpSAMD - ok
00:37:46.0899 0x05f0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:37:46.0963 0x05f0 HTTP - ok
00:37:46.0977 0x05f0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:37:46.0992 0x05f0 hwpolicy - ok
00:37:47.0027 0x05f0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
00:37:47.0045 0x05f0 i8042prt - ok
00:37:47.0101 0x05f0 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
00:37:47.0123 0x05f0 iaStor - ok
00:37:47.0190 0x05f0 [ 983FC69644DDF0486C8DFEA262948D1A, 329EC95117C31E61F6D22D79CFF339D70A70522710E7DC0CED06EC95E6D4B34F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
00:37:47.0210 0x05f0 IAStorDataMgrSvc - ok
00:37:47.0257 0x05f0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:37:47.0290 0x05f0 iaStorV - ok
00:37:47.0372 0x05f0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:37:47.0429 0x05f0 idsvc - ok
00:37:47.0447 0x05f0 IEEtwCollectorService - ok
00:37:47.0879 0x05f0 [ 795C99DC4F574C97C03D0BB39CF099EE, 67310B52F7A1B83A66872B961F347B1BD104C8A83A01F60507705B2ACEA76B71 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
00:37:48.0483 0x05f0 igfx - ok
00:37:48.0548 0x05f0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
00:37:48.0564 0x05f0 iirsp - ok
00:37:48.0617 0x05f0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
00:37:48.0708 0x05f0 IKEEXT - ok
00:37:48.0787 0x05f0 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
00:37:48.0849 0x05f0 Impcd - ok
00:37:48.0939 0x05f0 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:37:49.0002 0x05f0 IntcDAud - ok
00:37:49.0028 0x05f0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
00:37:49.0045 0x05f0 intelide - ok
00:37:49.0099 0x05f0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
00:37:49.0158 0x05f0 intelppm - ok
00:37:49.0206 0x05f0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
00:37:49.0317 0x05f0 IPBusEnum - ok
00:37:49.0333 0x05f0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:37:49.0389 0x05f0 IpFilterDriver - ok
00:37:49.0440 0x05f0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:37:49.0502 0x05f0 iphlpsvc - ok
00:37:49.0530 0x05f0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
00:37:49.0562 0x05f0 IPMIDRV - ok
00:37:49.0581 0x05f0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:37:49.0650 0x05f0 IPNAT - ok
00:37:49.0674 0x05f0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:37:49.0710 0x05f0 IRENUM - ok
00:37:49.0727 0x05f0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:37:49.0742 0x05f0 isapnp - ok
00:37:49.0777 0x05f0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
00:37:49.0800 0x05f0 iScsiPrt - ok
00:37:49.0838 0x05f0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
00:37:49.0855 0x05f0 kbdclass - ok
00:37:49.0880 0x05f0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
00:37:49.0906 0x05f0 kbdhid - ok
00:37:49.0927 0x05f0 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
00:37:49.0963 0x05f0 KeyIso - ok
00:37:50.0014 0x05f0 [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
00:37:50.0042 0x05f0 kl1 - ok
00:37:50.0072 0x05f0 [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk C:\Windows\system32\DRIVERS\kldisk.sys
00:37:50.0086 0x05f0 kldisk - ok
00:37:50.0114 0x05f0 [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
00:37:50.0131 0x05f0 klflt - ok
00:37:50.0175 0x05f0 [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk C:\Windows\system32\DRIVERS\klhk.sys
00:37:50.0198 0x05f0 klhk - ok
00:37:50.0258 0x05f0 [ B8B20727DD8B9753614E089682473563, CA39E9A517CC8B1E04860E0AFB03B0CD7FBDE66143B6CA26FB9DC0EBF80F8F48 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
00:37:50.0311 0x05f0 KLIF - ok
00:37:50.0377 0x05f0 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
00:37:50.0390 0x05f0 KLIM6 - ok
00:37:50.0430 0x05f0 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
00:37:50.0445 0x05f0 klkbdflt - ok
00:37:50.0449 0x05f0 klkbdflt2 - ok
00:37:50.0456 0x05f0 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
00:37:50.0470 0x05f0 klmouflt - ok
00:37:50.0501 0x05f0 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
00:37:50.0516 0x05f0 klpd - ok
00:37:50.0552 0x05f0 [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
00:37:50.0567 0x05f0 kltdi - ok
00:37:50.0601 0x05f0 [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp C:\Windows\system32\DRIVERS\klwtp.sys
00:37:50.0619 0x05f0 Klwtp - ok
00:37:50.0636 0x05f0 [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps C:\Windows\system32\DRIVERS\kneps.sys
00:37:50.0656 0x05f0 kneps - ok
00:37:50.0684 0x05f0 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:37:50.0701 0x05f0 KSecDD - ok
00:37:50.0717 0x05f0 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:37:50.0737 0x05f0 KSecPkg - ok
00:37:50.0761 0x05f0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:37:50.0819 0x05f0 ksthunk - ok
00:37:50.0859 0x05f0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
00:37:50.0934 0x05f0 KtmRm - ok
00:37:50.0978 0x05f0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:37:51.0050 0x05f0 LanmanServer - ok
00:37:51.0071 0x05f0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:37:51.0131 0x05f0 LanmanWorkstation - ok
00:37:51.0163 0x05f0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
00:37:51.0222 0x05f0 lltdio - ok
00:37:51.0250 0x05f0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:37:51.0323 0x05f0 lltdsvc - ok
00:37:51.0348 0x05f0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:37:51.0405 0x05f0 lmhosts - ok
00:37:51.0495 0x05f0 [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:37:51.0554 0x05f0 LMS - ok
00:37:51.0599 0x05f0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
00:37:51.0616 0x05f0 LSI_FC - ok
00:37:51.0637 0x05f0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:37:51.0654 0x05f0 LSI_SAS - ok
00:37:51.0672 0x05f0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
00:37:51.0692 0x05f0 LSI_SAS2 - ok
00:37:51.0716 0x05f0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
00:37:51.0734 0x05f0 LSI_SCSI - ok
00:37:51.0751 0x05f0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
00:37:51.0801 0x05f0 luafv - ok
00:37:51.0847 0x05f0 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
00:37:51.0861 0x05f0 MBAMProtector - ok
00:37:51.0942 0x05f0 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
00:37:52.0004 0x05f0 MBAMService - ok
00:37:52.0018 0x05f0 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
00:37:52.0032 0x05f0 MBAMWebAccessControl - ok
00:37:52.0064 0x05f0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
00:37:52.0083 0x05f0 Mcx2Svc - ok
00:37:52.0113 0x05f0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
00:37:52.0129 0x05f0 megasas - ok
00:37:52.0165 0x05f0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
00:37:52.0190 0x05f0 MegaSR - ok
00:37:52.0221 0x05f0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
00:37:52.0284 0x05f0 MMCSS - ok
00:37:52.0309 0x05f0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
00:37:52.0368 0x05f0 Modem - ok
00:37:53.0977 0x05f0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
00:37:54.0028 0x05f0 monitor - ok
00:37:54.0073 0x05f0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
00:37:54.0091 0x05f0 mouclass - ok
00:37:54.0108 0x05f0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
00:37:54.0139 0x05f0 mouhid - ok
00:37:54.0171 0x05f0 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:37:54.0190 0x05f0 mountmgr - ok
00:37:54.0215 0x05f0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
00:37:54.0234 0x05f0 mpio - ok
00:37:54.0245 0x05f0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:37:54.0305 0x05f0 mpsdrv - ok
00:37:54.0355 0x05f0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:37:54.0446 0x05f0 MpsSvc - ok
00:37:54.0467 0x05f0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:37:54.0512 0x05f0 MRxDAV - ok
00:37:54.0534 0x05f0 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:37:54.0577 0x05f0 mrxsmb - ok
00:37:54.0598 0x05f0 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:37:54.0635 0x05f0 mrxsmb10 - ok
00:37:54.0654 0x05f0 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:37:54.0672 0x05f0 mrxsmb20 - ok
00:37:54.0699 0x05f0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
00:37:54.0713 0x05f0 msahci - ok
00:37:54.0739 0x05f0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
00:37:54.0757 0x05f0 msdsm - ok
00:37:54.0785 0x05f0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
00:37:54.0822 0x05f0 MSDTC - ok
00:37:54.0850 0x05f0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:37:54.0919 0x05f0 Msfs - ok
00:37:54.0960 0x05f0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:37:55.0018 0x05f0 mshidkmdf - ok
00:37:55.0035 0x05f0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:37:55.0050 0x05f0 msisadrv - ok
00:37:55.0083 0x05f0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:37:55.0145 0x05f0 MSiSCSI - ok
00:37:55.0150 0x05f0 msiserver - ok
00:37:55.0185 0x05f0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
00:37:55.0261 0x05f0 MSKSSRV - ok
00:37:55.0271 0x05f0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
00:37:55.0328 0x05f0 MSPCLOCK - ok
00:37:55.0349 0x05f0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
00:37:55.0436 0x05f0 MSPQM - ok
00:37:55.0479 0x05f0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:37:55.0599 0x05f0 MsRPC - ok
00:37:55.0615 0x05f0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
00:37:55.0686 0x05f0 mssmbios - ok
00:37:55.0720 0x05f0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
00:37:55.0768 0x05f0 MSTEE - ok
00:37:55.0787 0x05f0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
00:37:55.0823 0x05f0 MTConfig - ok
00:37:55.0862 0x05f0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
00:37:55.0878 0x05f0 Mup - ok
00:37:55.0930 0x05f0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
00:37:56.0018 0x05f0 napagent - ok
00:37:56.0062 0x05f0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:37:56.0093 0x05f0 NativeWifiP - ok
00:37:56.0157 0x05f0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
00:37:56.0211 0x05f0 NDIS - ok
00:37:56.0250 0x05f0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
00:37:56.0316 0x05f0 NdisCap - ok
00:37:56.0343 0x05f0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:37:56.0412 0x05f0 NdisTapi - ok
00:37:56.0428 0x05f0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
00:37:56.0487 0x05f0 Ndisuio - ok
00:37:56.0520 0x05f0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
00:37:56.0581 0x05f0 NdisWan - ok
00:37:56.0600 0x05f0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
00:37:56.0657 0x05f0 NDProxy - ok
00:37:56.0687 0x05f0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
00:37:56.0743 0x05f0 NetBIOS - ok
00:37:56.0772 0x05f0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:37:56.0841 0x05f0 NetBT - ok
00:37:56.0860 0x05f0 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
00:37:56.0924 0x05f0 Netlogon - ok
00:37:57.0001 0x05f0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
00:37:57.0140 0x05f0 Netman - ok
00:37:57.0270 0x05f0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:37:57.0369 0x05f0 NetMsmqActivator - ok
00:37:57.0386 0x05f0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:37:57.0404 0x05f0 NetPipeActivator - ok
00:37:57.0458 0x05f0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
00:37:57.0518 0x05f0 netprofm - ok
00:37:57.0525 0x05f0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:37:57.0543 0x05f0 NetTcpActivator - ok
00:37:57.0551 0x05f0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:37:57.0571 0x05f0 NetTcpPortSharing - ok
00:37:57.0607 0x05f0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
00:37:57.0623 0x05f0 nfrd960 - ok
00:37:57.0651 0x05f0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
00:37:57.0713 0x05f0 NlaSvc - ok
00:37:57.0729 0x05f0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:37:57.0792 0x05f0 Npfs - ok
00:37:57.0830 0x05f0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
00:37:57.0897 0x05f0 nsi - ok
00:37:57.0917 0x05f0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:37:57.0978 0x05f0 nsiproxy - ok
00:37:58.0062 0x05f0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
00:37:58.0152 0x05f0 Ntfs - ok
00:37:58.0181 0x05f0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
00:37:58.0237 0x05f0 Null - ok
00:37:58.0261 0x05f0 [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
00:37:58.0305 0x05f0 nusb3hub - ok
00:37:58.0336 0x05f0 [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
00:37:58.0365 0x05f0 nusb3xhc - ok
00:37:58.0395 0x05f0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:37:58.0414 0x05f0 nvraid - ok
00:37:58.0425 0x05f0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:37:58.0444 0x05f0 nvstor - ok
00:37:58.0472 0x05f0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
00:37:58.0491 0x05f0 nv_agp - ok
00:37:58.0608 0x05f0 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:37:58.0639 0x05f0 odserv - ok
00:37:58.0666 0x05f0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
00:37:58.0703 0x05f0 ohci1394 - ok
00:37:58.0734 0x05f0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:37:58.0752 0x05f0 ose - ok
00:37:58.0786 0x05f0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:37:58.0851 0x05f0 p2pimsvc - ok
00:37:58.0878 0x05f0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
00:37:58.0907 0x05f0 p2psvc - ok
00:37:58.0935 0x05f0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
00:37:58.0979 0x05f0 Parport - ok
00:37:59.0011 0x05f0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:37:59.0027 0x05f0 partmgr - ok
00:37:59.0078 0x05f0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
00:37:59.0114 0x05f0 PcaSvc - ok
00:37:59.0148 0x05f0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
00:37:59.0167 0x05f0 pci - ok
00:37:59.0196 0x05f0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
00:37:59.0211 0x05f0 pciide - ok
00:37:59.0230 0x05f0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
00:37:59.0251 0x05f0 pcmcia - ok
00:37:59.0264 0x05f0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
00:37:59.0279 0x05f0 pcw - ok
00:37:59.0330 0x05f0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:37:59.0392 0x05f0 PEAUTH - ok
00:37:59.0455 0x05f0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:37:59.0488 0x05f0 PerfHost - ok
00:37:59.0586 0x05f0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
00:37:59.0693 0x05f0 pla - ok
00:37:59.0734 0x05f0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:37:59.0791 0x05f0 PlugPlay - ok
00:37:59.0808 0x05f0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:37:59.0838 0x05f0 PNRPAutoReg - ok
00:37:59.0864 0x05f0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:37:59.0890 0x05f0 PNRPsvc - ok
00:37:59.0928 0x05f0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:37:59.0988 0x05f0 PolicyAgent - ok
00:38:00.0022 0x05f0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
00:38:00.0079 0x05f0 Power - ok
00:38:00.0127 0x05f0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
00:38:00.0183 0x05f0 PptpMiniport - ok
00:38:00.0205 0x05f0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
00:38:00.0244 0x05f0 Processor - ok
00:38:00.0283 0x05f0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
00:38:00.0322 0x05f0 ProfSvc - ok
00:38:00.0338 0x05f0 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
00:38:00.0356 0x05f0 ProtectedStorage - ok
00:38:00.0388 0x05f0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
00:38:00.0457 0x05f0 Psched - ok
00:38:00.0550 0x05f0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
00:38:00.0627 0x05f0 ql2300 - ok
00:38:00.0651 0x05f0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
00:38:00.0668 0x05f0 ql40xx - ok
00:38:00.0712 0x05f0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
00:38:00.0753 0x05f0 QWAVE - ok
00:38:00.0775 0x05f0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:38:00.0808 0x05f0 QWAVEdrv - ok
00:38:00.0823 0x05f0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:38:00.0885 0x05f0 RasAcd - ok
00:38:00.0921 0x05f0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
00:38:00.0978 0x05f0 RasAgileVpn - ok
00:38:01.0016 0x05f0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
00:38:01.0076 0x05f0 RasAuto - ok
00:38:01.0097 0x05f0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
00:38:01.0155 0x05f0 Rasl2tp - ok
00:38:01.0183 0x05f0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
00:38:01.0249 0x05f0 RasMan - ok
00:38:01.0268 0x05f0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:38:01.0330 0x05f0 RasPppoe - ok
00:38:01.0349 0x05f0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
00:38:01.0406 0x05f0 RasSstp - ok
00:38:01.0427 0x05f0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:38:01.0495 0x05f0 rdbss - ok
00:38:01.0528 0x05f0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
00:38:01.0567 0x05f0 rdpbus - ok
00:38:01.0585 0x05f0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
00:38:01.0634 0x05f0 RDPCDD - ok
00:38:01.0641 0x05f0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
00:38:01.0700 0x05f0 RDPENCDD - ok
00:38:01.0723 0x05f0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
00:38:01.0780 0x05f0 RDPREFMP - ok
00:38:01.0847 0x05f0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:38:01.0898 0x05f0 RdpVideoMiniport - ok
00:38:01.0936 0x05f0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
00:38:01.0967 0x05f0 RDPWD - ok
00:38:01.0997 0x05f0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:38:02.0019 0x05f0 rdyboost - ok
00:38:02.0053 0x05f0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:38:02.0113 0x05f0 RemoteAccess - ok
00:38:02.0146 0x05f0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:38:02.0199 0x05f0 RemoteRegistry - ok
00:38:02.0218 0x05f0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:38:02.0266 0x05f0 RpcEptMapper - ok
00:38:02.0292 0x05f0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
00:38:02.0308 0x05f0 RpcLocator - ok
00:38:02.0333 0x05f0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
00:38:02.0392 0x05f0 RpcSs - ok
00:38:02.0410 0x05f0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
00:38:02.0470 0x05f0 rspndr - ok
00:38:02.0501 0x05f0 [ BE29B0A3AC1E8BD02FFAB8CEE86BADFA, D6F76ECD30EDE1E5B1F01919B1492715947ACCA411D70BB2771427775736C055 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
00:38:02.0520 0x05f0 RSUSBSTOR - ok
00:38:02.0562 0x05f0 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
00:38:02.0597 0x05f0 RTL8167 - ok
00:38:02.0616 0x05f0 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
00:38:02.0630 0x05f0 SamSs - ok
00:38:02.0641 0x05f0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:38:02.0657 0x05f0 sbp2port - ok
00:38:02.0687 0x05f0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:38:02.0749 0x05f0 SCardSvr - ok
00:38:02.0801 0x05f0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:38:02.0847 0x05f0 scfilter - ok
00:38:02.0935 0x05f0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
00:38:03.0031 0x05f0 Schedule - ok
00:38:03.0070 0x05f0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:38:03.0114 0x05f0 SCPolicySvc - ok
00:38:03.0148 0x05f0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:38:03.0186 0x05f0 SDRSVC - ok
00:38:03.0223 0x05f0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
00:38:03.0285 0x05f0 secdrv - ok
00:38:03.0307 0x05f0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
00:38:03.0370 0x05f0 seclogon - ok
00:38:03.0387 0x05f0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
00:38:03.0449 0x05f0 SENS - ok
00:38:03.0469 0x05f0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:38:03.0497 0x05f0 SensrSvc - ok
00:38:03.0515 0x05f0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
00:38:03.0531 0x05f0 Serenum - ok
00:38:03.0556 0x05f0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
00:38:03.0584 0x05f0 Serial - ok
00:38:03.0604 0x05f0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
00:38:03.0642 0x05f0 sermouse - ok
00:38:03.0678 0x05f0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
00:38:03.0729 0x05f0 SessionEnv - ok
00:38:03.0747 0x05f0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
00:38:03.0781 0x05f0 sffdisk - ok
00:38:03.0786 0x05f0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
00:38:03.0807 0x05f0 sffp_mmc - ok
00:38:03.0822 0x05f0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
00:38:03.0859 0x05f0 sffp_sd - ok
00:38:03.0873 0x05f0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
00:38:03.0905 0x05f0 sfloppy - ok
00:38:03.0941 0x05f0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:38:04.0023 0x05f0 SharedAccess - ok
00:38:04.0058 0x05f0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:38:04.0164 0x05f0 ShellHWDetection - ok
00:38:04.0224 0x05f0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
00:38:04.0239 0x05f0 SiSRaid2 - ok
00:38:04.0253 0x05f0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:38:04.0269 0x05f0 SiSRaid4 - ok
00:38:04.0324 0x05f0 [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
00:38:04.0364 0x05f0 SkypeUpdate - ok
00:38:04.0399 0x05f0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
00:38:04.0460 0x05f0 Smb - ok
00:38:04.0501 0x05f0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:38:04.0518 0x05f0 SNMPTRAP - ok
00:38:04.0530 0x05f0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
00:38:04.0546 0x05f0 spldr - ok
00:38:04.0595 0x05f0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
00:38:04.0686 0x05f0 Spooler - ok
00:38:04.0819 0x05f0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
00:38:05.0021 0x05f0 sppsvc - ok
00:38:05.0051 0x05f0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
00:38:05.0115 0x05f0 sppuinotify - ok
00:38:05.0148 0x05f0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
00:38:05.0225 0x05f0 srv - ok
00:38:05.0250 0x05f0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:38:05.0295 0x05f0 srv2 - ok
00:38:05.0325 0x05f0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:38:05.0354 0x05f0 srvnet - ok
00:38:05.0401 0x05f0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:38:05.0456 0x05f0 SSDPSRV - ok
00:38:05.0465 0x05f0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:38:05.0538 0x05f0 SstpSvc - ok
00:38:05.0627 0x05f0 [ E82994866A370A480607637F28B82835, E6DA8CBCCCD5BA36EC50B069B80CBCA983B931FFB571449763CDD9E10688ED5E ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
00:38:05.0659 0x05f0 STacSV - ok
00:38:05.0685 0x05f0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
00:38:05.0699 0x05f0 stexstor - ok
00:38:05.0749 0x05f0 [ 3AD0ED8B19CD76D2254DE5FB298E3C26, D1FBFE854ECC9BE7FCCB62A797428396C3715A7EF5099AA07FF1943C180B410D ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
00:38:05.0788 0x05f0 STHDA - ok
00:38:05.0834 0x05f0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
00:38:05.0879 0x05f0 stisvc - ok
00:38:05.0903 0x05f0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
00:38:05.0918 0x05f0 swenum - ok
00:38:06.0037 0x05f0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
00:38:06.0078 0x05f0 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
00:38:09.0078 0x05f0 Detect skipped due to KSN trusted
00:38:09.0079 0x05f0 SwitchBoard - ok
00:38:09.0128 0x05f0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
00:38:09.0205 0x05f0 swprv - ok
00:38:09.0274 0x05f0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
00:38:09.0383 0x05f0 SysMain - ok
00:38:09.0407 0x05f0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:38:09.0439 0x05f0 TabletInputService - ok
00:38:09.0467 0x05f0 [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
00:38:09.0487 0x05f0 tap0901 - ok
00:38:09.0526 0x05f0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
00:38:09.0596 0x05f0 TapiSrv - ok
00:38:09.0614 0x05f0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
00:38:09.0663 0x05f0 TBS - ok
00:38:09.0753 0x05f0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:38:09.0843 0x05f0 Tcpip - ok
00:38:09.0928 0x05f0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
00:38:09.0994 0x05f0 TCPIP6 - ok
00:38:10.0013 0x05f0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:38:10.0028 0x05f0 tcpipreg - ok
00:38:10.0063 0x05f0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
00:38:10.0109 0x05f0 TDPIPE - ok
00:38:10.0139 0x05f0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
00:38:10.0171 0x05f0 TDTCP - ok
00:38:10.0204 0x05f0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:38:10.0234 0x05f0 tdx - ok
00:38:10.0267 0x05f0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
00:38:10.0286 0x05f0 TermDD - ok
00:38:10.0333 0x05f0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
00:38:10.0393 0x05f0 TermService - ok
00:38:10.0411 0x05f0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
00:38:10.0452 0x05f0 Themes - ok
00:38:10.0491 0x05f0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
00:38:10.0561 0x05f0 THREADORDER - ok
00:38:10.0607 0x05f0 [ 973FEA5D8EECA1EF37FBB6819103249A, 5FC3F658196B6C9B0B3B1ECBAB83D3C5D6D29A348C1325A262D1889C8C602D54 ] torguardtap0901 C:\Windows\system32\DRIVERS\torguardtap0901.sys
00:38:10.0636 0x05f0 torguardtap0901 - ok
00:38:10.0659 0x05f0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
00:38:10.0720 0x05f0 TrkWks - ok
00:38:10.0784 0x05f0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:38:10.0850 0x05f0 TrustedInstaller - ok
00:38:10.0877 0x05f0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
00:38:10.0893 0x05f0 tssecsrv - ok
00:38:10.0934 0x05f0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
00:38:10.0996 0x05f0 TsUsbFlt - ok
00:38:11.0029 0x05f0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
00:38:11.0054 0x05f0 TsUsbGD - ok
00:38:11.0093 0x05f0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
00:38:11.0141 0x05f0 tunnel - ok
00:38:11.0150 0x05f0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
00:38:11.0166 0x05f0 uagp35 - ok
00:38:11.0187 0x05f0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:38:11.0256 0x05f0 udfs - ok
00:38:11.0281 0x05f0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:38:11.0314 0x05f0 UI0Detect - ok
00:38:11.0345 0x05f0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
00:38:11.0362 0x05f0 uliagpkx - ok
00:38:11.0389 0x05f0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
00:38:11.0407 0x05f0 umbus - ok
00:38:11.0413 0x05f0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
00:38:11.0449 0x05f0 UmPass - ok
00:38:11.0636 0x05f0 [ CBDEE152D73200EE49031A26310B9D3E, 92E22235446F8DB3BFE97EDE7DE7D33F43EAC5957C5B41ACCEC4EBFD19BFF819 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
00:38:11.0749 0x05f0 UNS - ok
00:38:11.0787 0x05f0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
00:38:11.0847 0x05f0 upnphost - ok
00:38:11.0880 0x05f0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
00:38:11.0927 0x05f0 usbccgp - ok
00:38:11.0949 0x05f0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
00:38:11.0985 0x05f0 usbcir - ok
00:38:12.0013 0x05f0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
00:38:12.0031 0x05f0 usbehci - ok
00:38:12.0069 0x05f0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
00:38:12.0120 0x05f0 usbhub - ok
00:38:12.0134 0x05f0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
00:38:12.0150 0x05f0 usbohci - ok
00:38:12.0173 0x05f0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
00:38:12.0195 0x05f0 usbprint - ok
00:38:12.0221 0x05f0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
00:38:12.0266 0x05f0 USBSTOR - ok
00:38:12.0294 0x05f0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
00:38:12.0311 0x05f0 usbuhci - ok
00:38:12.0374 0x05f0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:38:12.0430 0x05f0 usbvideo - ok
00:38:12.0461 0x05f0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
00:38:12.0529 0x05f0 UxSms - ok
00:38:12.0551 0x05f0 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
00:38:12.0576 0x05f0 VaultSvc - ok
00:38:12.0616 0x05f0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:38:12.0631 0x05f0 vdrvroot - ok
00:38:12.0673 0x05f0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
00:38:12.0778 0x05f0 vds - ok
00:38:12.0816 0x05f0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
00:38:12.0837 0x05f0 vga - ok
00:38:12.0854 0x05f0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
00:38:12.0913 0x05f0 VgaSave - ok
00:38:12.0978 0x05f0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
00:38:13.0014 0x05f0 vhdmp - ok
00:38:13.0038 0x05f0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
00:38:13.0073 0x05f0 viaide - ok
00:38:13.0099 0x05f0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:38:13.0117 0x05f0 volmgr - ok
00:38:13.0144 0x05f0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:38:13.0182 0x05f0 volmgrx - ok
00:38:13.0204 0x05f0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:38:13.0227 0x05f0 volsnap - ok
00:38:13.0254 0x05f0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:38:13.0272 0x05f0 vsmraid - ok
00:38:13.0372 0x05f0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
00:38:13.0489 0x05f0 VSS - ok
00:38:13.0532 0x05f0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
00:38:13.0551 0x05f0 vwifibus - ok
00:38:13.0576 0x05f0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
00:38:13.0618 0x05f0 vwififlt - ok
00:38:13.0731 0x05f0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
00:38:13.0838 0x05f0 W32Time - ok
00:38:13.0862 0x05f0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
00:38:13.0887 0x05f0 WacomPen - ok
00:38:13.0916 0x05f0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
00:38:13.0978 0x05f0 WANARP - ok
00:38:13.0984 0x05f0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:38:14.0030 0x05f0 Wanarpv6 - ok
00:38:14.0124 0x05f0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
00:38:14.0221 0x05f0 WatAdminSvc - ok
00:38:14.0311 0x05f0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
00:38:14.0409 0x05f0 wbengine - ok
00:38:14.0426 0x05f0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:38:14.0468 0x05f0 WbioSrvc - ok
00:38:14.0490 0x05f0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:38:14.0524 0x05f0 wcncsvc - ok
00:38:14.0538 0x05f0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:38:14.0586 0x05f0 WcsPlugInService - ok
00:38:14.0607 0x05f0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
00:38:14.0622 0x05f0 Wd - ok
00:38:14.0688 0x05f0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:38:14.0738 0x05f0 Wdf01000 - ok
00:38:14.0771 0x05f0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:38:14.0806 0x05f0 WdiServiceHost - ok
00:38:14.0811 0x05f0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:38:14.0829 0x05f0 WdiSystemHost - ok
00:38:14.0861 0x05f0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
00:38:14.0900 0x05f0 WebClient - ok
00:38:14.0932 0x05f0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:38:14.0995 0x05f0 Wecsvc - ok
00:38:15.0010 0x05f0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:38:15.0057 0x05f0 wercplsupport - ok
00:38:15.0085 0x05f0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
00:38:15.0140 0x05f0 WerSvc - ok
00:38:15.0162 0x05f0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
00:38:15.0224 0x05f0 WfpLwf - ok
00:38:15.0243 0x05f0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:38:15.0257 0x05f0 WIMMount - ok
00:38:15.0283 0x05f0 WinDefend - ok
00:38:15.0302 0x05f0 WinHttpAutoProxySvc - ok
00:38:15.0366 0x05f0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:38:15.0453 0x05f0 Winmgmt - ok
00:38:15.0543 0x05f0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
00:38:15.0659 0x05f0 WinRM - ok
00:38:15.0731 0x05f0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
00:38:15.0809 0x05f0 Wlansvc - ok
00:38:15.0841 0x05f0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
00:38:15.0858 0x05f0 WmiAcpi - ok
00:38:15.0889 0x05f0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:38:15.0913 0x05f0 wmiApSrv - ok
00:38:15.0930 0x05f0 WMPNetworkSvc - ok
00:38:15.0950 0x05f0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
00:38:15.0982 0x05f0 WPCSvc - ok
00:38:16.0005 0x05f0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:38:16.0027 0x05f0 WPDBusEnum - ok
00:38:16.0049 0x05f0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:38:16.0111 0x05f0 ws2ifsl - ok
00:38:16.0142 0x05f0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
00:38:16.0167 0x05f0 wscsvc - ok
00:38:16.0172 0x05f0 WSearch - ok
00:38:16.0273 0x05f0 [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
00:38:16.0434 0x05f0 wuauserv - ok
00:38:16.0469 0x05f0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:38:16.0493 0x05f0 WudfPf - ok
00:38:16.0524 0x05f0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
00:38:16.0555 0x05f0 WUDFRd - ok
00:38:16.0588 0x05f0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:38:16.0621 0x05f0 wudfsvc - ok
00:38:16.0651 0x05f0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
00:38:16.0682 0x05f0 WwanSvc - ok
00:38:16.0699 0x05f0 ================ Scan global ===============================
00:38:16.0728 0x05f0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
00:38:16.0763 0x05f0 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
00:38:16.0780 0x05f0 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
00:38:16.0815 0x05f0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:38:16.0871 0x05f0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
00:38:16.0881 0x05f0 [ Global ] - ok
00:38:16.0882 0x05f0 ================ Scan MBR ==================================
00:38:16.0900 0x05f0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:38:17.0524 0x05f0 \Device\Harddisk0\DR0 - ok
00:38:17.0525 0x05f0 ================ Scan VBR ==================================
00:38:17.0530 0x05f0 [ DEBDEB5BDBA122BE35CA2FB86C579578 ] \Device\Harddisk0\DR0\Partition1
00:38:17.0559 0x05f0 \Device\Harddisk0\DR0\Partition1 - ok
00:38:17.0587 0x05f0 [ C267608FBEE789BA0FD3366CD1FC0207 ] \Device\Harddisk0\DR0\Partition2
00:38:17.0647 0x05f0 \Device\Harddisk0\DR0\Partition2 - ok
00:38:17.0648 0x05f0 ================ Scan generic autorun ======================
00:38:17.0748 0x05f0 [ 845F52CF096DA9F16C12E4E70ECB1D68, D3BC0070DDE5C974E4DBBDD6251AD3B87EA11D577B64320B8D374C54FB4337F0 ] C:\Program Files\IDT\WDM\sttray64.exe
00:38:17.0840 0x05f0 SysTrayApp - ok
00:38:17.0867 0x05f0 [ 87D32202404483FA9860BC3774F04031, C031C3A80DF30684B36F849EE4EC9AB88AE97A71DF4C1614C3977BF7EBAE1251 ] C:\Windows\system32\igfxtray.exe
00:38:17.0883 0x05f0 IgfxTray - ok
00:38:17.0905 0x05f0 [ E48592D99D6024DDCC76F2FB0347A9C7, 7DF7E15771FCBCF0D6C8D35B0124B3D02FB0C2EB0922B966C7ABCA6A310A96C2 ] C:\Windows\system32\hkcmd.exe
00:38:17.0938 0x05f0 HotKeysCmds - ok
00:38:17.0964 0x05f0 [ 88A186BC307825427338252EB4A82D87, FAB48F1EBCC1DD181D3E4D6FCF74198B9D8CCF060130AFBF02C50EC250C2DC77 ] C:\Windows\system32\igfxpers.exe
00:38:17.0988 0x05f0 Persistence - ok
00:38:18.0298 0x05f0 [ B74C5AD12D3B307893D1019A370B77B1, E5F58402520A659A8EDE96EB0762011994A5EAB5FCF56FA28ED1C9F9336CE6B2 ] C:\Program Files\Dell\QuickSet\QuickSet.exe
00:38:18.0452 0x05f0 QuickSet - ok
00:38:18.0544 0x05f0 [ 527BA8F96712AB5535A84B3AE15E66E3, 87A7B7C17429804BBFAD920B5B41D4C023B4AAEC1622C7B5353A5F51AA014640 ] C:\Program Files\DellTPad\Apoint.exe
00:38:18.0592 0x05f0 Apoint - ok
00:38:18.0651 0x05f0 [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
00:38:18.0686 0x05f0 AdobeAAMUpdater-1.0 - ok
00:38:18.0743 0x05f0 [ 41D1214B86A06FD29423A797EBDA17E4, ABC79107DDD5890C54B844CD5C69747121083DA69A77C02068D2B9C349FB1614 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
00:38:18.0763 0x05f0 IAStorIcon - ok
00:38:18.0808 0x05f0 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
00:38:18.0837 0x05f0 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
00:38:18.0837 0x05f0 Detect skipped due to KSN trusted
00:38:18.0837 0x05f0 SwitchBoard - ok
00:38:18.0930 0x05f0 [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
00:38:18.0974 0x05f0 AdobeCS6ServiceManager - ok
00:38:19.0054 0x05f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:38:19.0158 0x05f0 Sidebar - ok
00:38:19.0181 0x05f0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:38:19.0207 0x05f0 mctadmin - ok
00:38:19.0293 0x05f0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
00:38:19.0343 0x05f0 Sidebar - ok
00:38:19.0359 0x05f0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
00:38:19.0381 0x05f0 mctadmin - ok
00:38:20.0047 0x05f0 [ 47DBCC66CF9A3DCEF2D42051431160D3, 5E99CB8333471E80590AED8CA139EF859AD617D1C7BD9406913A86016DCA08F6 ] C:\Program Files\CCleaner\CCleaner64.exe
00:38:20.0432 0x05f0 CCleaner Monitoring - ok
00:38:20.0532 0x05f0 Epic Privacy Browser Installer - ok
00:38:20.0537 0x05f0 Waiting for KSN requests completion. In queue: 100
00:38:21.0538 0x05f0 Waiting for KSN requests completion. In queue: 100
00:38:22.0538 0x05f0 Waiting for KSN requests completion. In queue: 100
00:38:23.0538 0x05f0 Waiting for KSN requests completion. In queue: 100
00:38:24.0696 0x05f0 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
00:38:24.0707 0x05f0 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
00:38:27.0757 0x05f0 ============================================================
00:38:27.0757 0x05f0 Scan finished
00:38:27.0757 0x05f0 ============================================================
00:38:27.0772 0x0324 Detected object count: 0
00:38:27.0772 0x0324 Actual detected object count: 0
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top