Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Latest News: Apple Releases Security Updates for MacOS, iOS, and Safari

Featured Deal: Pay What You Want Complete Cyber Security Certification Bundle Deal

Possibly infected by Zeus?

Started by mmilla , Sep 08 2016 06:47 PM

This topic is locked

8 replies to this topic

#1 mmilla

Members
4 posts
OFFLINE

Local time:02:43 AM

Posted 08 September 2016 - 06:47 PM

Hi.

I suddenly got a pop-up that alerted that Windows had detected the Zeus virus and directed me to call Microsoft Support to fix it. I am not sure if my laptop is infected by it right now since Windows Defender didn't find a single threat/infection.

I found some old topic about this exact same virus, but it was old and the case had not been solved, but I went ahead and followed it and ran TDSSKiller and OTL. TDSSKiller found no threats on my laptop either.

The OTL report was too long to be added to this post, so it is attached. I hope it works!

TDSSKiller report:

01:46:28.0685 0x130c TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31

01:46:28.0685 0x130c UEFI system

01:46:32.0597 0x130c ============================================================

01:46:32.0597 0x130c Current date / time: 2016/09/09 01:46:32.0597

01:46:32.0597 0x130c SystemInfo:

01:46:32.0597 0x130c

01:46:32.0597 0x130c OS Version: 6.3.9600 ServicePack: 0.0

01:46:32.0597 0x130c Product type: Workstation

01:46:32.0597 0x130c ComputerName: MILS

01:46:32.0597 0x130c UserName: milla

01:46:32.0597 0x130c Windows directory: C:\Windows

01:46:32.0597 0x130c System windows directory: C:\Windows

01:46:32.0597 0x130c Running under WOW64

01:46:32.0597 0x130c Processor architecture: Intel x64

01:46:32.0597 0x130c Number of processors: 4

01:46:32.0597 0x130c Page size: 0x1000

01:46:32.0597 0x130c Boot type: Normal boot

01:46:32.0597 0x130c CodeIntegrityOptions = 0x00000001

01:46:32.0597 0x130c ============================================================

01:46:32.0925 0x130c KLMD registered as C:\Windows\system32\drivers\31235345.sys

01:46:32.0925 0x130c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18378, osProperties = 0x19

01:46:34.0903 0x130c System UUID: {1D6005DF-1CBD-DF30-2C51-ADA408EAACDD}

01:46:35.0738 0x130c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

01:46:35.0738 0x130c ============================================================

01:46:35.0753 0x130c \Device\Harddisk0\DR0:

01:46:35.0753 0x130c GPT partitions:

01:46:35.0753 0x130c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {06DA419F-EFBF-4021-AA59-1ECE7AB36C0D}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000

01:46:35.0753 0x130c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E6BDA987-F123-4033-A6C3-985F731B9B7F}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000

01:46:35.0753 0x130c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9C8DBE92-B8B5-485F-A4A5-D173EE52CD55}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000

01:46:35.0753 0x130c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DBF3993E-3D91-44D1-9FB5-BE94FF1B4C3C}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x71F04000

01:46:35.0753 0x130c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3D756439-DFA2-4305-AEA7-08BD5FE1451B}, Name: Basic data partition, StartLBA 0x72106800, BlocksNum 0x2600000

01:46:35.0753 0x130c MBR partitions:

01:46:35.0753 0x130c ============================================================

01:46:35.0769 0x130c C: <-> \Device\Harddisk0\DR0\Partition4

01:46:35.0769 0x130c ============================================================

01:46:35.0769 0x130c Initialize success

01:46:35.0769 0x130c ============================================================

01:46:43.0213 0x0708 ============================================================

01:46:43.0213 0x0708 Scan started

01:46:43.0213 0x0708 Mode: Manual;

01:46:43.0213 0x0708 ============================================================

01:46:43.0213 0x0708 KSN ping started

01:46:43.0431 0x0708 KSN ping finished: true

01:46:44.0936 0x0708 ================ Scan system memory ========================

01:46:44.0936 0x0708 System memory - ok

01:46:44.0936 0x0708 ================ Scan services =============================

01:46:46.0023 0x0708 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys

01:46:46.0023 0x0708 1394ohci - ok

01:46:46.0070 0x0708 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys

01:46:46.0070 0x0708 3ware - ok

01:46:46.0135 0x0708 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys

01:46:46.0155 0x0708 ACPI - ok

01:46:46.0187 0x0708 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys

01:46:46.0187 0x0708 acpiex - ok

01:46:46.0202 0x0708 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys

01:46:46.0202 0x0708 acpipagr - ok

01:46:46.0202 0x0708 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys

01:46:46.0218 0x0708 AcpiPmi - ok

01:46:46.0218 0x0708 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys

01:46:46.0218 0x0708 acpitime - ok

01:46:46.0280 0x0708 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

01:46:46.0313 0x0708 AdobeARMservice - ok

01:46:47.0574 0x0708 [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

01:46:47.0574 0x0708 AdobeFlashPlayerUpdateSvc - ok

01:46:47.0683 0x0708 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS

01:46:47.0699 0x0708 ADP80XX - ok

01:46:47.0746 0x0708 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

01:46:47.0746 0x0708 AeLookupSvc - ok

01:46:47.0792 0x0708 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys

01:46:47.0824 0x0708 AFD - ok

01:46:47.0871 0x0708 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys

01:46:47.0871 0x0708 agp440 - ok

01:46:48.0152 0x0708 [ E20C1118524DF19945BCD83A3843E8CF, 90C87096E9E2595DAA503CFD9C24D7D8F9CB2D567ACAB06FBF5527C8A6059409 ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

01:46:48.0558 0x0708 AGSService - ok

01:46:48.0605 0x0708 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys

01:46:48.0668 0x0708 ahcache - ok

01:46:48.0699 0x0708 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe

01:46:48.0699 0x0708 ALG - ok

01:46:48.0715 0x0708 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys

01:46:48.0715 0x0708 AmdK8 - ok

01:46:48.0730 0x0708 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys

01:46:48.0730 0x0708 AmdPPM - ok

01:46:48.0762 0x0708 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys

01:46:48.0762 0x0708 amdsata - ok

01:46:48.0777 0x0708 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

01:46:48.0793 0x0708 amdsbs - ok

01:46:48.0808 0x0708 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys

01:46:48.0808 0x0708 amdxata - ok

01:46:48.0840 0x0708 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys

01:46:48.0855 0x0708 AppID - ok

01:46:48.0918 0x0708 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll

01:46:48.0918 0x0708 AppIDSvc - ok

01:46:48.0965 0x0708 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll

01:46:48.0965 0x0708 Appinfo - ok

01:46:49.0053 0x0708 [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

01:46:49.0084 0x0708 Apple Mobile Device Service - ok

01:46:49.0116 0x0708 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll

01:46:49.0147 0x0708 AppReadiness - ok

01:46:49.0209 0x0708 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll

01:46:49.0256 0x0708 AppXSvc - ok

01:46:49.0287 0x0708 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys

01:46:49.0287 0x0708 arcsas - ok

01:46:49.0303 0x0708 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys

01:46:49.0319 0x0708 atapi - ok

01:46:49.0334 0x0708 [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys

01:46:49.0350 0x0708 AthBTPort - ok

01:46:49.0381 0x0708 [ BBF78A7D6F9BFF37927303ED2539FAB7, B37B2910469D0D82E4B6213F38F149DC5A7D087B89D1169B48DF0D6EA2F1A0D4 ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe

01:46:49.0475 0x0708 AtherosSvc - ok

01:46:49.0684 0x0708 [ 506CDD8280C18029753B8AB0E9F42432, 06BA160C0465D116AB07DDFC81D6B087F05E776F0365577CB59567CBC61971FC ] athr C:\Windows\system32\DRIVERS\athwbx.sys

01:46:49.0826 0x0708 athr - ok

01:46:49.0878 0x0708 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll

01:46:49.0884 0x0708 AudioEndpointBuilder - ok

01:46:49.0925 0x0708 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll

01:46:49.0982 0x0708 Audiosrv - ok

01:46:50.0020 0x0708 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll

01:46:50.0023 0x0708 AxInstSV - ok

01:46:50.0059 0x0708 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

01:46:50.0079 0x0708 b06bdrv - ok

01:46:50.0098 0x0708 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys

01:46:50.0101 0x0708 BasicDisplay - ok

01:46:50.0106 0x0708 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys

01:46:50.0108 0x0708 BasicRender - ok

01:46:51.0004 0x0708 [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl63a.sys

01:46:51.0310 0x0708 BCM43XX - ok

01:46:51.0341 0x0708 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys

01:46:51.0341 0x0708 bcmfn2 - ok

01:46:51.0388 0x0708 [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\Windows\System32\bdesvc.dll

01:46:51.0388 0x0708 BDESVC - ok

01:46:51.0404 0x0708 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys

01:46:51.0404 0x0708 Beep - ok

01:46:51.0435 0x0708 [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\Windows\System32\bfe.dll

01:46:51.0482 0x0708 BFE - ok

01:46:51.0669 0x0708 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll

01:46:51.0685 0x0708 BITS - ok

01:46:51.0732 0x0708 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

01:46:51.0794 0x0708 Bonjour Service - ok

01:46:51.0826 0x0708 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys

01:46:51.0826 0x0708 bowser - ok

01:46:51.0857 0x0708 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll

01:46:51.0857 0x0708 BrokerInfrastructure - ok

01:46:51.0904 0x0708 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll

01:46:51.0904 0x0708 Browser - ok

01:46:51.0935 0x0708 [ DE8D825D9D45108CC7640C7944E68D60, 554F473BB5CC5DABB125E821BC57A62026E996A6405E8724464B5ABCE50B626F ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys

01:46:51.0935 0x0708 BTATH_A2DP - ok

01:46:51.0966 0x0708 [ 30609197DBF90028615E9CE312C60A14, F7FCA3DB15A02D5EB583DA50132A6C30D59A7D521EA548AD5AACF8D2E2F41E72 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys

01:46:51.0966 0x0708 btath_avdt - ok

01:46:51.0998 0x0708 [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys

01:46:51.0998 0x0708 BTATH_BUS - ok

01:46:52.0013 0x0708 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\Windows\System32\drivers\btath_hcrp.sys

01:46:52.0013 0x0708 BTATH_HCRP - ok

01:46:52.0044 0x0708 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys

01:46:52.0044 0x0708 BTATH_LWFLT - ok

01:46:52.0060 0x0708 [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys

01:46:52.0060 0x0708 BTATH_RCP - ok

01:46:52.0091 0x0708 [ 8434237E1EC39E85D8ACE6FA694A5733, CE4261DC6AE5393327DC43D97F35FC9AE86665F89D17CC5708AA3D387B4FFFA5 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys

01:46:52.0107 0x0708 BtFilter - ok

01:46:52.0123 0x0708 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys

01:46:52.0138 0x0708 BthAvrcpTg - ok

01:46:52.0169 0x0708 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys

01:46:52.0169 0x0708 BthEnum - ok

01:46:52.0201 0x0708 [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys

01:46:52.0201 0x0708 BthHFEnum - ok

01:46:52.0216 0x0708 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys

01:46:52.0216 0x0708 bthhfhid - ok

01:46:52.0263 0x0708 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll

01:46:52.0279 0x0708 BthHFSrv - ok

01:46:52.0294 0x0708 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys

01:46:52.0310 0x0708 BthLEEnum - ok

01:46:52.0326 0x0708 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys

01:46:52.0326 0x0708 BTHMODEM - ok

01:46:52.0357 0x0708 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\Windows\System32\drivers\bthpan.sys

01:46:52.0357 0x0708 BthPan - ok

01:46:52.0435 0x0708 [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

01:46:52.0466 0x0708 BTHPORT - ok

01:46:52.0513 0x0708 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll

01:46:52.0529 0x0708 bthserv - ok

01:46:52.0560 0x0708 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

01:46:52.0560 0x0708 BTHUSB - ok

01:46:52.0857 0x0708 [ E18079F3B8CD8205B20713055A6BF16E, 65231EC2736B3C8C0FE82502D539A852220EA62F046128BFC5956F2E2D87F934 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe

01:46:52.0935 0x0708 CCDMonitorService - ok

01:46:52.0982 0x0708 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

01:46:52.0982 0x0708 cdfs - ok

01:46:53.0009 0x0708 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys

01:46:53.0015 0x0708 cdrom - ok

01:46:53.0044 0x0708 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll

01:46:53.0047 0x0708 CertPropSvc - ok

01:46:53.0078 0x0708 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys

01:46:53.0078 0x0708 circlass - ok

01:46:53.0109 0x0708 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys

01:46:53.0125 0x0708 CLFS - ok

01:46:53.0594 0x0708 [ 5A2EF42528D1D2D3C8732FC1A7CDD16D, B961D2F4B7DA5FF68AFCD10FDAC545442FEC8CF05D7D6BB4A00E2F5A2F2950F0 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe

01:46:53.0687 0x0708 ClickToRunSvc - ok

01:46:53.0719 0x0708 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys

01:46:53.0719 0x0708 CmBatt - ok

01:46:53.0781 0x0708 [ 5CBF8B3E27D824D2AA2A34AFB406F1D0, 955AF1307C02D2B4DEEB150F37F77B8631C0F3C450037C233E9E27D6571B0265 ] CNG C:\Windows\system32\Drivers\cng.sys

01:46:53.0797 0x0708 CNG - ok

01:46:53.0812 0x0708 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys

01:46:53.0812 0x0708 CompositeBus - ok

01:46:53.0828 0x0708 COMSysApp - ok

01:46:53.0828 0x0708 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys

01:46:53.0828 0x0708 condrv - ok

01:46:53.0922 0x0708 [ 61BE76F05BDC068B30FEE5B0F19212F0, 3EABFBF31E8498C8AFEA384E9A86C7063DC4E1255874A8E049D1CC99E51B2AD8 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe

01:46:53.0922 0x0708 cphs - ok

01:46:53.0969 0x0708 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll

01:46:53.0969 0x0708 CryptSvc - ok

01:46:53.0984 0x0708 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys

01:46:53.0984 0x0708 dam - ok

01:46:54.0047 0x0708 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll

01:46:54.0078 0x0708 DcomLaunch - ok

01:46:54.0187 0x0708 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll

01:46:54.0203 0x0708 defragsvc - ok

01:46:54.0234 0x0708 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll

01:46:54.0250 0x0708 DeviceAssociationService - ok

01:46:54.0281 0x0708 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll

01:46:54.0297 0x0708 DeviceInstall - ok

01:46:54.0328 0x0708 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys

01:46:54.0328 0x0708 Dfsc - ok

01:46:54.0359 0x0708 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll

01:46:54.0375 0x0708 Dhcp - ok

01:46:54.0391 0x0708 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys

01:46:54.0391 0x0708 disk - ok

01:46:54.0422 0x0708 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys

01:46:54.0422 0x0708 dmvsc - ok

01:46:54.0478 0x0708 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\Windows\System32\dnsrslvr.dll

01:46:54.0493 0x0708 Dnscache - ok

01:46:54.0551 0x0708 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll

01:46:54.0558 0x0708 dot3svc - ok

01:46:54.0594 0x0708 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll

01:46:54.0594 0x0708 DPS - ok

01:46:54.0640 0x0708 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

01:46:54.0640 0x0708 drmkaud - ok

01:46:54.0672 0x0708 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll

01:46:54.0672 0x0708 DsmSvc - ok

01:46:54.0750 0x0708 [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

01:46:54.0812 0x0708 DXGKrnl - ok

01:46:54.0844 0x0708 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll

01:46:54.0844 0x0708 Eaphost - ok

01:46:55.0031 0x0708 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys

01:46:55.0134 0x0708 ebdrv - ok

01:46:55.0181 0x0708 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe

01:46:55.0181 0x0708 EFS - ok

01:46:55.0213 0x0708 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys

01:46:55.0213 0x0708 EhStorClass - ok

01:46:55.0228 0x0708 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys

01:46:55.0228 0x0708 EhStorTcgDrv - ok

01:46:55.0634 0x0708 [ 93F194B160AD93B776D8DAED3D76A2C5, A6089D65459F09DC69368A68E898824327B064DEB8BC47D192B7F71D4A5252EE ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

01:46:55.0713 0x0708 ePowerSvc - ok

01:46:55.0728 0x0708 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys

01:46:55.0744 0x0708 ErrDev - ok

01:46:55.0759 0x0708 [ FB342DF3EBD1E99D6A9DABB1B30D767A, 9ED98F013CABDB3E5CAE2252348E913D8C9BC3386A7F5B8BD5244B00E1791094 ] ETDI2C C:\Windows\system32\DRIVERS\ETDI2C.sys

01:46:55.0759 0x0708 ETDI2C - ok

01:46:55.0822 0x0708 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll

01:46:55.0853 0x0708 EventSystem - ok

01:46:55.0884 0x0708 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys

01:46:55.0884 0x0708 exfat - ok

01:46:55.0900 0x0708 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys

01:46:55.0916 0x0708 fastfat - ok

01:46:55.0963 0x0708 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe

01:46:55.0994 0x0708 Fax - ok

01:46:56.0009 0x0708 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys

01:46:56.0009 0x0708 fdc - ok

01:46:56.0041 0x0708 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll

01:46:56.0041 0x0708 fdPHost - ok

01:46:56.0088 0x0708 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll

01:46:56.0088 0x0708 FDResPub - ok

01:46:56.0119 0x0708 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll

01:46:56.0119 0x0708 fhsvc - ok

01:46:56.0134 0x0708 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

01:46:56.0134 0x0708 FileInfo - ok

01:46:56.0150 0x0708 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys

01:46:56.0150 0x0708 Filetrace - ok

01:46:56.0181 0x0708 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys

01:46:56.0181 0x0708 flpydisk - ok

01:46:56.0213 0x0708 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

01:46:56.0228 0x0708 FltMgr - ok

01:46:56.0291 0x0708 [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\Windows\system32\FntCache.dll

01:46:56.0353 0x0708 FontCache - ok

01:46:56.0463 0x0708 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

01:46:56.0463 0x0708 FontCache3.0.0.0 - ok

01:46:56.0494 0x0708 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

01:46:56.0494 0x0708 FsDepends - ok

01:46:56.0510 0x0708 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

01:46:56.0510 0x0708 Fs_Rec - ok

01:46:56.0556 0x0708 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

01:46:56.0572 0x0708 fvevol - ok

01:46:56.0603 0x0708 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys

01:46:56.0603 0x0708 FxPPM - ok

01:46:56.0619 0x0708 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

01:46:56.0619 0x0708 gagp30kx - ok

01:46:56.0635 0x0708 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

01:46:56.0650 0x0708 GEARAspiWDM - ok

01:46:56.0666 0x0708 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys

01:46:56.0666 0x0708 gencounter - ok

01:46:56.0697 0x0708 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys

01:46:56.0713 0x0708 GPIOClx0101 - ok

01:46:56.0760 0x0708 [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\Windows\System32\gpsvc.dll

01:46:56.0838 0x0708 gpsvc - ok

01:46:56.0963 0x0708 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

01:46:56.0963 0x0708 gupdate - ok

01:46:56.0978 0x0708 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

01:46:56.0978 0x0708 gupdatem - ok

01:46:57.0047 0x0708 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

01:46:57.0058 0x0708 HdAudAddService - ok

01:46:57.0089 0x0708 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys

01:46:57.0105 0x0708 HDAudBus - ok

01:46:57.0121 0x0708 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys

01:46:57.0121 0x0708 HidBatt - ok

01:46:57.0152 0x0708 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys

01:46:57.0152 0x0708 HidBth - ok

01:46:57.0183 0x0708 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys

01:46:57.0183 0x0708 hidi2c - ok

01:46:57.0199 0x0708 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys

01:46:57.0199 0x0708 HidIr - ok

01:46:57.0230 0x0708 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll

01:46:57.0230 0x0708 hidserv - ok

01:46:57.0277 0x0708 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys

01:46:57.0277 0x0708 HidUsb - ok

01:46:57.0308 0x0708 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll

01:46:57.0308 0x0708 hkmsvc - ok

01:46:57.0339 0x0708 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll

01:46:57.0355 0x0708 HomeGroupListener - ok

01:46:57.0449 0x0708 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

01:46:57.0449 0x0708 HomeGroupProvider - ok

01:46:57.0464 0x0708 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

01:46:57.0480 0x0708 HpSAMD - ok

01:46:57.0527 0x0708 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys

01:46:57.0589 0x0708 HTTP - ok

01:46:57.0636 0x0708 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

01:46:57.0636 0x0708 hwpolicy - ok

01:46:57.0652 0x0708 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys

01:46:57.0652 0x0708 hyperkbd - ok

01:46:57.0667 0x0708 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys

01:46:57.0667 0x0708 HyperVideo - ok

01:46:57.0714 0x0708 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys

01:46:57.0714 0x0708 i8042prt - ok

01:46:57.0730 0x0708 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys

01:46:57.0730 0x0708 iaLPSSi_GPIO - ok

01:46:57.0761 0x0708 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys

01:46:57.0761 0x0708 iaLPSSi_I2C - ok

01:46:57.0777 0x0708 [ 30267B4417B91B15E4E2A827531C2650, E710C4E5D9FE27175FC788AF950BD205CCFB45B1B804CCCEECE645C8F1E9A646 ] iaLPSS_GPIO C:\Windows\System32\drivers\iaLPSS_GPIO.sys

01:46:57.0777 0x0708 iaLPSS_GPIO - ok

01:46:57.0792 0x0708 [ F48E1A63FC46EC6F891ED13ADD543BAE, 33B38AC5D4EFEC5A45BE222712C51FCEBDDFFFC85850930991D4A8520D91DB6F ] iaLPSS_I2C C:\Windows\System32\drivers\iaLPSS_I2C.sys

01:46:57.0808 0x0708 iaLPSS_I2C - ok

01:46:57.0839 0x0708 [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys

01:46:57.0871 0x0708 iaStorA - ok

01:46:57.0980 0x0708 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys

01:46:57.0996 0x0708 iaStorAV - ok

01:46:58.0058 0x0708 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

01:46:58.0074 0x0708 iaStorV - ok

01:46:58.0074 0x0708 IEEtwCollectorService - ok

01:46:58.0386 0x0708 [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

01:46:58.0511 0x0708 igfx - ok

01:46:58.0605 0x0708 [ 9CD9723D813232FFFFFBC82BC8EDA77E, EE465ADE4BB4594305AC4D9B0856AE9C0FCA981F80EAD400354F50F555446B4D ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe

01:46:58.0605 0x0708 igfxCUIService1.0.0.0 - ok

01:46:58.0668 0x0708 [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\Windows\System32\ikeext.dll

01:46:58.0714 0x0708 IKEEXT - ok

01:46:58.0761 0x0708 [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys

01:46:58.0761 0x0708 intaud_WaveExtensible - ok

01:46:58.0918 0x0708 [ 867D7EBF7A01FB0ABC72CBC18CCA8A2F, 697C899C95BD7C35294B42685156C553B5C80B3648FFE4ED666BD476B478D998 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

01:46:59.0069 0x0708 IntcAzAudAddService - ok

01:46:59.0178 0x0708 [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

01:46:59.0194 0x0708 IntcDAud - ok

01:46:59.0366 0x0708 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe

01:47:00.0632 0x0708 Intel® Capability Licensing Service Interface - ok

01:47:00.0679 0x0708 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe

01:47:00.0710 0x0708 Intel® Capability Licensing Service TCP IP Interface - ok

01:47:00.0725 0x0708 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys

01:47:00.0725 0x0708 intelide - ok

01:47:00.0757 0x0708 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys

01:47:00.0757 0x0708 intelpep - ok

01:47:00.0772 0x0708 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys

01:47:00.0772 0x0708 intelppm - ok

01:47:00.0788 0x0708 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

01:47:00.0804 0x0708 IpFilterDriver - ok

01:47:00.0850 0x0708 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

01:47:00.0882 0x0708 iphlpsvc - ok

01:47:00.0929 0x0708 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys

01:47:00.0944 0x0708 IPMIDRV - ok

01:47:00.0991 0x0708 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

01:47:00.0991 0x0708 IPNAT - ok

01:47:01.0038 0x0708 [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

01:47:01.0075 0x0708 iPod Service - ok

01:47:01.0088 0x0708 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys

01:47:01.0088 0x0708 IRENUM - ok

01:47:01.0119 0x0708 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys

01:47:01.0119 0x0708 isapnp - ok

01:47:01.0150 0x0708 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys

01:47:01.0166 0x0708 iScsiPrt - ok

01:47:01.0197 0x0708 [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus C:\Windows\System32\drivers\iwdbus.sys

01:47:01.0197 0x0708 iwdbus - ok

01:47:01.0322 0x0708 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

01:47:01.0416 0x0708 jhi_service - ok

01:47:01.0447 0x0708 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys

01:47:01.0447 0x0708 kbdclass - ok

01:47:01.0478 0x0708 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\Windows\System32\drivers\kbdhid.sys

01:47:01.0478 0x0708 kbdhid - ok

01:47:01.0510 0x0708 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys

01:47:01.0510 0x0708 kdnic - ok

01:47:01.0510 0x0708 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe

01:47:01.0510 0x0708 KeyIso - ok

01:47:01.0557 0x0708 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

01:47:01.0557 0x0708 KSecDD - ok

01:47:01.0588 0x0708 [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

01:47:01.0588 0x0708 KSecPkg - ok

01:47:01.0603 0x0708 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

01:47:01.0603 0x0708 ksthunk - ok

01:47:01.0650 0x0708 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll

01:47:01.0666 0x0708 KtmRm - ok

01:47:01.0697 0x0708 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll

01:47:01.0713 0x0708 LanmanServer - ok

01:47:01.0760 0x0708 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

01:47:01.0760 0x0708 LanmanWorkstation - ok

01:47:01.0807 0x0708 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll

01:47:01.0822 0x0708 lfsvc - ok

01:47:01.0838 0x0708 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

01:47:01.0838 0x0708 lltdio - ok

01:47:01.0869 0x0708 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll

01:47:01.0885 0x0708 lltdsvc - ok

01:47:01.0900 0x0708 [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver C:\Windows\System32\drivers\LMDriver.sys

01:47:01.0900 0x0708 LMDriver - ok

01:47:01.0932 0x0708 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll

01:47:01.0932 0x0708 lmhosts - ok

01:47:01.0978 0x0708 [ E2952760B05A256FB1412D20A41C89C1, B5AF47DF90D5DC8E6549DE1AFF897669E8200D08083D43DF86E34F6EE19C59DA ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

01:47:01.0994 0x0708 LMS - ok

01:47:02.0025 0x0708 [ 5259A9DAB76FFBCE3CD94C710FF49621, 80DF535A44D002CB5D2634C1EDA81F9E50E4220C3A86082C365024AC7F774C5A ] LMSvc C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe

01:47:02.0041 0x0708 LMSvc - ok

01:47:02.0072 0x0708 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

01:47:02.0072 0x0708 LSI_SAS - ok

01:47:02.0088 0x0708 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

01:47:02.0088 0x0708 LSI_SAS2 - ok

01:47:02.0104 0x0708 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys

01:47:02.0104 0x0708 LSI_SAS3 - ok

01:47:02.0119 0x0708 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys

01:47:02.0119 0x0708 LSI_SSS - ok

01:47:02.0182 0x0708 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll

01:47:02.0213 0x0708 LSM - ok

01:47:02.0244 0x0708 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys

01:47:02.0244 0x0708 luafv - ok

01:47:02.0260 0x0708 MBAMSwissArmy - ok

01:47:02.0260 0x0708 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys

01:47:02.0275 0x0708 megasas - ok

01:47:02.0307 0x0708 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys

01:47:02.0322 0x0708 megasr - ok

01:47:02.0354 0x0708 [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys

01:47:02.0354 0x0708 MEIx64 - ok

01:47:02.0385 0x0708 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll

01:47:02.0385 0x0708 MMCSS - ok

01:47:02.0400 0x0708 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys

01:47:02.0400 0x0708 Modem - ok

01:47:02.0416 0x0708 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys

01:47:02.0416 0x0708 monitor - ok

01:47:02.0447 0x0708 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\Windows\System32\drivers\mouclass.sys

01:47:02.0447 0x0708 mouclass - ok

01:47:02.0494 0x0708 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\Windows\System32\drivers\mouhid.sys

01:47:02.0494 0x0708 mouhid - ok

01:47:02.0510 0x0708 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

01:47:02.0510 0x0708 mountmgr - ok

01:47:02.0588 0x0708 [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

01:47:02.0635 0x0708 MozillaMaintenance - ok

01:47:02.0666 0x0708 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

01:47:02.0682 0x0708 mpsdrv - ok

01:47:02.0729 0x0708 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll

01:47:02.0760 0x0708 MpsSvc - ok

01:47:02.0807 0x0708 [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

01:47:02.0822 0x0708 MRxDAV - ok

01:47:02.0916 0x0708 [ 5DCD41F62F71519D2A46D41F60C69B0C, A9C2F8B8F82BDBF48F34D5837ED27CE251C75232A07AF26F7B796D2A106795A0 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

01:47:02.0932 0x0708 mrxsmb - ok

01:47:02.0963 0x0708 [ D7C9BC4D37BF08C7DD436A0A5F321668, 30A5AF211BEC89E26134CDAE3E60D0D9F0AE2748F56E9D09B07431206AD381C6 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

01:47:02.0994 0x0708 mrxsmb10 - ok

01:47:03.0050 0x0708 [ 4065615E836BF8C61AF6278EB2A9D1D6, B9A0E40DEC36D1A228EC4EF48CCD9BE6C726E53D17F38280AA74C068E7887621 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

01:47:03.0072 0x0708 mrxsmb20 - ok

01:47:03.0098 0x0708 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys

01:47:03.0098 0x0708 MsBridge - ok

01:47:03.0145 0x0708 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe

01:47:03.0145 0x0708 MSDTC - ok

01:47:03.0176 0x0708 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys

01:47:03.0176 0x0708 Msfs - ok

01:47:03.0192 0x0708 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys

01:47:03.0192 0x0708 msgpiowin32 - ok

01:47:03.0207 0x0708 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

01:47:03.0207 0x0708 mshidkmdf - ok

01:47:03.0223 0x0708 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys

01:47:03.0223 0x0708 mshidumdf - ok

01:47:03.0239 0x0708 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

01:47:03.0239 0x0708 msisadrv - ok

01:47:03.0270 0x0708 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll

01:47:03.0286 0x0708 MSiSCSI - ok

01:47:03.0286 0x0708 msiserver - ok

01:47:03.0317 0x0708 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

01:47:03.0317 0x0708 MSKSSRV - ok

01:47:03.0348 0x0708 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys

01:47:03.0348 0x0708 MsLldp - ok

01:47:03.0364 0x0708 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

01:47:03.0364 0x0708 MSPCLOCK - ok

01:47:03.0395 0x0708 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

01:47:03.0395 0x0708 MSPQM - ok

01:47:03.0426 0x0708 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

01:47:03.0426 0x0708 MsRPC - ok

01:47:03.0473 0x0708 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys

01:47:03.0473 0x0708 mssmbios - ok

01:47:03.0489 0x0708 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

01:47:03.0489 0x0708 MSTEE - ok

01:47:03.0504 0x0708 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys

01:47:03.0504 0x0708 MTConfig - ok

01:47:03.0504 0x0708 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys

01:47:03.0504 0x0708 Mup - ok

01:47:03.0520 0x0708 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys

01:47:03.0536 0x0708 mvumis - ok

01:47:03.0598 0x0708 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll

01:47:03.0629 0x0708 napagent - ok

01:47:03.0676 0x0708 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

01:47:03.0676 0x0708 NativeWifiP - ok

01:47:03.0754 0x0708 [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe

01:47:03.0817 0x0708 NAUpdate - ok

01:47:03.0864 0x0708 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll

01:47:03.0864 0x0708 NcaSvc - ok

01:47:03.0895 0x0708 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll

01:47:03.0911 0x0708 NcbService - ok

01:47:03.0942 0x0708 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll

01:47:03.0942 0x0708 NcdAutoSetup - ok

01:47:03.0989 0x0708 [ 21FE65E2E67C4E31EE95CBD1F91C4B24, 6558F2BC10E6B09F7EE5264722FCF572B861EDB60A1433B58A4F4625EC0ABF63 ] NDIS C:\Windows\system32\drivers\ndis.sys

01:47:04.0036 0x0708 NDIS - ok

01:47:04.0067 0x0708 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

01:47:04.0067 0x0708 NdisCap - ok

01:47:04.0098 0x0708 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys

01:47:04.0098 0x0708 NdisImPlatform - ok

01:47:04.0129 0x0708 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

01:47:04.0129 0x0708 NdisTapi - ok

01:47:04.0161 0x0708 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

01:47:04.0161 0x0708 Ndisuio - ok

01:47:04.0176 0x0708 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys

01:47:04.0176 0x0708 NdisVirtualBus - ok

01:47:04.0192 0x0708 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

01:47:04.0207 0x0708 NdisWan - ok

01:47:04.0207 0x0708 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys

01:47:04.0207 0x0708 NdisWanLegacy - ok

01:47:04.0239 0x0708 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

01:47:04.0254 0x0708 NDProxy - ok

01:47:04.0286 0x0708 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys

01:47:04.0286 0x0708 Ndu - ok

01:47:04.0301 0x0708 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys

01:47:04.0333 0x0708 Netaapl - ok

01:47:04.0364 0x0708 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

01:47:04.0380 0x0708 NetBIOS - ok

01:47:04.0411 0x0708 [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

01:47:04.0442 0x0708 NetBT - ok

01:47:04.0458 0x0708 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe

01:47:04.0458 0x0708 Netlogon - ok

01:47:04.0520 0x0708 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll

01:47:04.0520 0x0708 Netman - ok

01:47:04.0567 0x0708 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll

01:47:04.0598 0x0708 netprofm - ok

01:47:04.0723 0x0708 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

01:47:04.0739 0x0708 NetTcpPortSharing - ok

01:47:04.0786 0x0708 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys

01:47:04.0786 0x0708 netvsc - ok

01:47:04.0833 0x0708 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll

01:47:04.0848 0x0708 NlaSvc - ok

01:47:04.0880 0x0708 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys

01:47:04.0880 0x0708 Npfs - ok

01:47:04.0895 0x0708 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys

01:47:04.0895 0x0708 npsvctrig - ok

01:47:04.0926 0x0708 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll

01:47:04.0926 0x0708 nsi - ok

01:47:04.0958 0x0708 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

01:47:04.0958 0x0708 nsiproxy - ok

01:47:05.0091 0x0708 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

01:47:05.0251 0x0708 Ntfs - ok

01:47:05.0266 0x0708 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys

01:47:05.0266 0x0708 Null - ok

01:47:05.0282 0x0708 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys

01:47:05.0298 0x0708 nvraid - ok

01:47:05.0313 0x0708 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys

01:47:05.0313 0x0708 nvstor - ok

01:47:05.0329 0x0708 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

01:47:05.0344 0x0708 nv_agp - ok

01:47:05.0376 0x0708 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

01:47:05.0391 0x0708 ose - ok

01:47:05.0423 0x0708 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

01:47:05.0438 0x0708 p2pimsvc - ok

01:47:05.0485 0x0708 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll

01:47:05.0501 0x0708 p2psvc - ok

01:47:05.0516 0x0708 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys

01:47:05.0530 0x0708 Parport - ok

01:47:05.0565 0x0708 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys

01:47:05.0568 0x0708 partmgr - ok

01:47:05.0612 0x0708 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll

01:47:05.0633 0x0708 PcaSvc - ok

01:47:05.0681 0x0708 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys

01:47:05.0691 0x0708 pci - ok

01:47:05.0723 0x0708 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys

01:47:05.0724 0x0708 pciide - ok

01:47:05.0741 0x0708 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

01:47:05.0745 0x0708 pcmcia - ok

01:47:05.0765 0x0708 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys

01:47:05.0767 0x0708 pcw - ok

01:47:05.0797 0x0708 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys

01:47:05.0800 0x0708 pdc - ok

01:47:05.0829 0x0708 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys

01:47:05.0852 0x0708 PEAUTH - ok

01:47:06.0184 0x0708 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe

01:47:06.0184 0x0708 PerfHost - ok

01:47:06.0278 0x0708 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll

01:47:06.0341 0x0708 pla - ok

01:47:06.0372 0x0708 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll

01:47:06.0372 0x0708 PlugPlay - ok

01:47:06.0419 0x0708 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

01:47:06.0434 0x0708 PNRPAutoReg - ok

01:47:06.0450 0x0708 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

01:47:06.0466 0x0708 PNRPsvc - ok

01:47:06.0621 0x0708 [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

01:47:06.0640 0x0708 PolicyAgent - ok

01:47:06.0656 0x0708 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll

01:47:06.0672 0x0708 Power - ok

01:47:06.0844 0x0708 [ 346F352E17EA5793C726D3F6582BA855, 5CD830CDCC73335EDC58D26D1BC8B8830DA885CA6D1E21BB7EE763354B5C35EA ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll

01:47:07.0047 0x0708 PrintNotify - ok

01:47:07.0119 0x0708 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys

01:47:07.0119 0x0708 Processor - ok

01:47:07.0166 0x0708 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\Windows\system32\profsvc.dll

01:47:07.0166 0x0708 ProfSvc - ok

01:47:07.0212 0x0708 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

01:47:07.0212 0x0708 Psched - ok

01:47:07.0340 0x0708 [ 6EB41C3CFFD313B33E40D00C37D34AAF, 2ADEDC38971BF6F022C0DF96293931BE561C17338889B764D0ED0E513DA4D5D8 ] QASvc C:\Program Files\Acer\Acer Quick Access\QASvc.exe

01:47:07.0356 0x0708 QASvc - ok

01:47:07.0419 0x0708 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll

01:47:07.0419 0x0708 QWAVE - ok

01:47:07.0464 0x0708 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

01:47:07.0467 0x0708 QWAVEdrv - ok

01:47:07.0487 0x0708 [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim C:\Windows\System32\drivers\RadioShim.sys

01:47:07.0488 0x0708 RadioShim - ok

01:47:07.0511 0x0708 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

01:47:07.0512 0x0708 RasAcd - ok

01:47:07.0549 0x0708 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll

01:47:07.0553 0x0708 RasAuto - ok

01:47:07.0595 0x0708 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll

01:47:07.0616 0x0708 RasMan - ok

01:47:07.0653 0x0708 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

01:47:07.0656 0x0708 RasPppoe - ok

01:47:07.0683 0x0708 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

01:47:07.0694 0x0708 rdbss - ok

01:47:07.0740 0x0708 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys

01:47:07.0740 0x0708 rdpbus - ok

01:47:07.0771 0x0708 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

01:47:07.0771 0x0708 RDPDR - ok

01:47:07.0802 0x0708 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

01:47:07.0818 0x0708 RdpVideoMiniport - ok

01:47:07.0849 0x0708 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

01:47:07.0855 0x0708 rdyboost - ok

01:47:07.0905 0x0708 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys

01:47:07.0952 0x0708 ReFS - ok

01:47:07.0983 0x0708 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll

01:47:07.0998 0x0708 RemoteAccess - ok

01:47:08.0030 0x0708 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll

01:47:08.0045 0x0708 RemoteRegistry - ok

01:47:08.0077 0x0708 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys

01:47:08.0077 0x0708 RFCOMM - ok

01:47:08.0108 0x0708 [ C866E007E585D87B39A6844AF309D295, 98A2B1EB7952F44A054ECFE3C397D9691546B53EB977BE30E821F2323328DBE8 ] RMSvc C:\Program Files\Acer\Acer Quick Access\RMSvc.exe

01:47:08.0123 0x0708 RMSvc - ok

01:47:08.0155 0x0708 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

01:47:08.0155 0x0708 RpcEptMapper - ok

01:47:08.0186 0x0708 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe

01:47:08.0186 0x0708 RpcLocator - ok

01:47:08.0233 0x0708 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll

01:47:08.0264 0x0708 RpcSs - ok

01:47:08.0295 0x0708 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

01:47:08.0295 0x0708 rspndr - ok

01:47:08.0342 0x0708 [ 7CC0D898D00675F14BA0C4BF056C1CF4, E9203DD2A201AEF206C1A4177FD564DDFC8E7468DC268BD99389626A2C6593D3 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys

01:47:08.0389 0x0708 RTL8168 - ok

01:47:08.0405 0x0708 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys

01:47:08.0405 0x0708 s3cap - ok

01:47:08.0436 0x0708 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe

01:47:08.0452 0x0708 SamSs - ok

01:47:08.0452 0x0708 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

01:47:08.0467 0x0708 sbp2port - ok

01:47:08.0514 0x0708 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll

01:47:08.0530 0x0708 SCardSvr - ok

01:47:08.0561 0x0708 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll

01:47:08.0561 0x0708 ScDeviceEnum - ok

01:47:08.0608 0x0708 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

01:47:08.0608 0x0708 scfilter - ok

01:47:08.0655 0x0708 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll

01:47:08.0701 0x0708 Schedule - ok

01:47:08.0732 0x0708 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll

01:47:08.0732 0x0708 SCPolicySvc - ok

01:47:08.0794 0x0708 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\Windows\System32\drivers\sdbus.sys

01:47:08.0810 0x0708 sdbus - ok

01:47:08.0841 0x0708 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys

01:47:08.0841 0x0708 sdstor - ok

01:47:08.0857 0x0708 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys

01:47:08.0857 0x0708 secdrv - ok

01:47:08.0888 0x0708 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\Windows\system32\seclogon.dll

01:47:08.0888 0x0708 seclogon - ok

01:47:08.0919 0x0708 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll

01:47:08.0935 0x0708 SENS - ok

01:47:08.0982 0x0708 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

01:47:08.0982 0x0708 SensrSvc - ok

01:47:08.0997 0x0708 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys

01:47:09.0013 0x0708 SerCx - ok

01:47:09.0029 0x0708 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys

01:47:09.0029 0x0708 SerCx2 - ok

01:47:09.0044 0x0708 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys

01:47:09.0044 0x0708 Serenum - ok

01:47:09.0060 0x0708 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys

01:47:09.0076 0x0708 Serial - ok

01:47:09.0113 0x0708 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\Windows\System32\drivers\sermouse.sys

01:47:09.0116 0x0708 sermouse - ok

01:47:09.0167 0x0708 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll

01:47:09.0182 0x0708 SessionEnv - ok

01:47:09.0214 0x0708 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys

01:47:09.0214 0x0708 sfloppy - ok

01:47:09.0245 0x0708 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll

01:47:09.0260 0x0708 SharedAccess - ok

01:47:09.0339 0x0708 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll

01:47:09.0370 0x0708 ShellHWDetection - ok

01:47:09.0401 0x0708 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

01:47:09.0401 0x0708 SiSRaid2 - ok

01:47:09.0432 0x0708 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

01:47:09.0432 0x0708 SiSRaid4 - ok

01:47:09.0479 0x0708 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll

01:47:09.0479 0x0708 smphost - ok

01:47:09.0511 0x0708 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

01:47:09.0511 0x0708 SNMPTRAP - ok

01:47:09.0557 0x0708 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys

01:47:09.0573 0x0708 spaceport - ok

01:47:09.0604 0x0708 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys

01:47:09.0620 0x0708 SpbCx - ok

01:47:09.0667 0x0708 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe

01:47:09.0698 0x0708 Spooler - ok

01:47:10.0323 0x0708 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe

01:47:10.0542 0x0708 sppsvc - ok

01:47:10.0589 0x0708 [ 69DC128CF54009A686E0F0C57E2BA0DC, 961B1F1F4CD07D85660E63DEC0AACDE1BF0DA30C0E39C497AE31BD37C5591B72 ] srv C:\Windows\system32\DRIVERS\srv.sys

01:47:10.0620 0x0708 srv - ok

01:47:10.0651 0x0708 [ CED8576CD925E83ABEB14F65EA205C29, 37803AB047B5717EDBB7009F504C87B8DE110FBC5D67DFE6A9C8F04B30DD9629 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

01:47:10.0667 0x0708 srv2 - ok

01:47:10.0698 0x0708 [ 4396587119D8F4B72561ED24666E7567, 11754EA2668B2088363EFD2BCE4FDABC8836A6C9D78873F2A4F3517A48932ABF ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

01:47:10.0729 0x0708 srvnet - ok

01:47:10.0776 0x0708 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

01:47:10.0792 0x0708 SSDPSRV - ok

01:47:10.0839 0x0708 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll

01:47:10.0839 0x0708 SstpSvc - ok

01:47:10.0854 0x0708 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys

01:47:10.0854 0x0708 stexstor - ok

01:47:10.0917 0x0708 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll

01:47:10.0948 0x0708 stisvc - ok

01:47:10.0964 0x0708 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys

01:47:10.0964 0x0708 storahci - ok

01:47:10.0995 0x0708 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

01:47:10.0995 0x0708 storflt - ok

01:47:11.0011 0x0708 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys

01:47:11.0011 0x0708 stornvme - ok

01:47:11.0042 0x0708 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll

01:47:11.0042 0x0708 StorSvc - ok

01:47:11.0073 0x0708 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys

01:47:11.0073 0x0708 storvsc - ok

01:47:11.0120 0x0708 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll

01:47:11.0123 0x0708 svsvc - ok

01:47:11.0153 0x0708 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys

01:47:11.0153 0x0708 swenum - ok

01:47:11.0200 0x0708 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll

01:47:11.0247 0x0708 swprv - ok

01:47:11.0341 0x0708 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll

01:47:11.0372 0x0708 SysMain - ok

01:47:11.0403 0x0708 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll

01:47:11.0419 0x0708 SystemEventsBroker - ok

01:47:11.0450 0x0708 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll

01:47:11.0466 0x0708 TabletInputService - ok

01:47:11.0497 0x0708 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll

01:47:11.0513 0x0708 TapiSrv - ok

01:47:11.0606 0x0708 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

01:47:11.0669 0x0708 Tcpip - ok

01:47:11.0763 0x0708 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

01:47:11.0825 0x0708 TCPIP6 - ok

01:47:11.0872 0x0708 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

01:47:11.0872 0x0708 tcpipreg - ok

01:47:11.0888 0x0708 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

01:47:11.0903 0x0708 tdx - ok

01:47:11.0934 0x0708 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys

01:47:11.0934 0x0708 terminpt - ok

01:47:12.0013 0x0708 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll

01:47:12.0059 0x0708 TermService - ok

01:47:12.0091 0x0708 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll

01:47:12.0091 0x0708 Themes - ok

01:47:12.0138 0x0708 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll

01:47:12.0138 0x0708 THREADORDER - ok

01:47:12.0169 0x0708 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll

01:47:12.0184 0x0708 TimeBroker - ok

01:47:12.0216 0x0708 [ F97DF9B53A44222EE2E33732E4E4A138, 1E5741B4F2561085446F49069EADDBCFE5A0F2FEA20AB2567B315DE36C14BA11 ] TouchToolsLaunchService C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe

01:47:12.0216 0x0708 TouchToolsLaunchService - ok

01:47:12.0231 0x0708 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys

01:47:12.0247 0x0708 TPM - ok

01:47:12.0278 0x0708 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll

01:47:12.0278 0x0708 TrkWks - ok

01:47:12.0309 0x0708 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

01:47:12.0325 0x0708 TrustedInstaller - ok

01:47:12.0341 0x0708 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

01:47:12.0341 0x0708 TsUsbFlt - ok

01:47:12.0372 0x0708 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys

01:47:12.0372 0x0708 TsUsbGD - ok

01:47:12.0403 0x0708 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

01:47:12.0403 0x0708 tunnel - ok

01:47:12.0419 0x0708 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

01:47:12.0435 0x0708 uagp35 - ok

01:47:12.0450 0x0708 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys

01:47:12.0450 0x0708 UASPStor - ok

01:47:12.0481 0x0708 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys

01:47:12.0497 0x0708 UCX01000 - ok

01:47:12.0513 0x0708 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys

01:47:12.0528 0x0708 udfs - ok

01:47:12.0560 0x0708 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys

01:47:12.0560 0x0708 UEFI - ok

01:47:12.0638 0x0708 [ B4EE7221F45468EF27DED05568A54AD7, DA9ECA510B631CDE6C6B0964376279423BE62F15D2042EA472D7E553E70881E5 ] UEIPSvc C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe

01:47:12.0638 0x0708 UEIPSvc - ok

01:47:12.0685 0x0708 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe

01:47:12.0685 0x0708 UI0Detect - ok

01:47:12.0716 0x0708 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

01:47:12.0716 0x0708 uliagpkx - ok

01:47:12.0731 0x0708 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys

01:47:12.0731 0x0708 umbus - ok

01:47:12.0747 0x0708 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys

01:47:12.0747 0x0708 UmPass - ok

01:47:12.0794 0x0708 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll

01:47:12.0794 0x0708 UmRdpService - ok

01:47:12.0872 0x0708 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll

01:47:12.0888 0x0708 upnphost - ok

01:47:12.0919 0x0708 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys

01:47:12.0935 0x0708 USBAAPL64 - ok

01:47:12.0966 0x0708 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys

01:47:12.0966 0x0708 usbccgp - ok

01:47:12.0997 0x0708 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys

01:47:12.0997 0x0708 usbcir - ok

01:47:13.0028 0x0708 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys

01:47:13.0028 0x0708 usbehci - ok

01:47:13.0075 0x0708 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys

01:47:13.0109 0x0708 usbhub - ok

01:47:13.0163 0x0708 [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys

01:47:13.0179 0x0708 USBHUB3 - ok

01:47:13.0242 0x0708 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys

01:47:13.0242 0x0708 usbohci - ok

01:47:13.0257 0x0708 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys

01:47:13.0273 0x0708 usbprint - ok

01:47:13.0304 0x0708 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS

01:47:13.0304 0x0708 USBSTOR - ok

01:47:13.0320 0x0708 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys

01:47:13.0320 0x0708 usbuhci - ok

01:47:13.0367 0x0708 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

01:47:13.0367 0x0708 usbvideo - ok

01:47:13.0429 0x0708 [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS

01:47:13.0429 0x0708 USBXHCI - ok

01:47:13.0445 0x0708 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe

01:47:13.0445 0x0708 VaultSvc - ok

01:47:13.0476 0x0708 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

01:47:13.0476 0x0708 vdrvroot - ok

01:47:13.0538 0x0708 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe

01:47:13.0601 0x0708 vds - ok

01:47:13.0632 0x0708 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys

01:47:13.0632 0x0708 VerifierExt - ok

01:47:13.0679 0x0708 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys

01:47:13.0695 0x0708 vhdmp - ok

01:47:13.0726 0x0708 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys

01:47:13.0726 0x0708 viaide - ok

01:47:13.0773 0x0708 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys

01:47:13.0773 0x0708 vmbus - ok

01:47:13.0788 0x0708 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys

01:47:13.0788 0x0708 VMBusHID - ok

01:47:13.0851 0x0708 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll

01:47:13.0867 0x0708 vmicguestinterface - ok

01:47:13.0890 0x0708 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll

01:47:13.0902 0x0708 vmicheartbeat - ok

01:47:13.0918 0x0708 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll

01:47:13.0930 0x0708 vmickvpexchange - ok

01:47:13.0946 0x0708 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll

01:47:13.0961 0x0708 vmicrdv - ok

01:47:14.0008 0x0708 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll

01:47:14.0008 0x0708 vmicshutdown - ok

01:47:14.0180 0x0708 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll

01:47:14.0196 0x0708 vmictimesync - ok

01:47:14.0242 0x0708 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll

01:47:14.0242 0x0708 vmicvss - ok

01:47:14.0289 0x0708 [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\Windows\system32\drivers\volmgr.sys

01:47:14.0305 0x0708 volmgr - ok

01:47:14.0336 0x0708 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

01:47:14.0352 0x0708 volmgrx - ok

01:47:14.0383 0x0708 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys

01:47:14.0399 0x0708 volsnap - ok

01:47:14.0430 0x0708 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys

01:47:14.0477 0x0708 vpci - ok

01:47:14.0524 0x0708 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

01:47:14.0524 0x0708 vsmraid - ok

01:47:14.0602 0x0708 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\Windows\system32\vssvc.exe

01:47:14.0649 0x0708 VSS - ok

01:47:14.0680 0x0708 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys

01:47:14.0696 0x0708 VSTXRAID - ok

01:47:14.0711 0x0708 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

01:47:14.0711 0x0708 vwifibus - ok

01:47:14.0727 0x0708 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

01:47:14.0743 0x0708 vwififlt - ok

01:47:14.0743 0x0708 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

01:47:14.0743 0x0708 vwifimp - ok

01:47:14.0805 0x0708 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll

01:47:14.0805 0x0708 W32Time - ok

01:47:14.0836 0x0708 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys

01:47:14.0836 0x0708 WacomPen - ok

01:47:14.0914 0x0708 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe

01:47:14.0961 0x0708 wbengine - ok

01:47:15.0039 0x0708 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

01:47:15.0055 0x0708 WbioSrvc - ok

01:47:15.0102 0x0708 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll

01:47:15.0102 0x0708 Wcmsvc - ok

01:47:15.0159 0x0708 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll

01:47:15.0175 0x0708 wcncsvc - ok

01:47:15.0237 0x0708 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

01:47:15.0253 0x0708 WcsPlugInService - ok

01:47:15.0284 0x0708 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys

01:47:15.0284 0x0708 WdBoot - ok

01:47:15.0331 0x0708 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

01:47:15.0378 0x0708 Wdf01000 - ok

01:47:15.0409 0x0708 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys

01:47:15.0409 0x0708 WdFilter - ok

01:47:15.0440 0x0708 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll

01:47:15.0440 0x0708 WdiServiceHost - ok

01:47:15.0456 0x0708 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll

01:47:15.0456 0x0708 WdiSystemHost - ok

01:47:15.0487 0x0708 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys

01:47:15.0487 0x0708 WdNisDrv - ok

01:47:15.0518 0x0708 WdNisSvc - ok

01:47:15.0550 0x0708 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\Windows\System32\webclnt.dll

01:47:15.0565 0x0708 WebClient - ok

01:47:15.0596 0x0708 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll

01:47:15.0596 0x0708 Wecsvc - ok

01:47:15.0628 0x0708 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll

01:47:15.0643 0x0708 WEPHOSTSVC - ok

01:47:15.0675 0x0708 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll

01:47:15.0675 0x0708 wercplsupport - ok

01:47:15.0706 0x0708 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll

01:47:15.0706 0x0708 WerSvc - ok

01:47:15.0737 0x0708 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys

01:47:15.0737 0x0708 WFPLWFS - ok

01:47:15.0800 0x0708 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll

01:47:15.0800 0x0708 WiaRpc - ok

01:47:15.0831 0x0708 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys

01:47:15.0831 0x0708 WIMMount - ok

01:47:15.0831 0x0708 WinDefend - ok

01:47:15.0893 0x0708 [ 310388D06C11C507226CD7C2D21D5ACE, E8158111566D553B8F0E86C33B5F75AF3A4A3405503927822B80DF64D8DEFB05 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll

01:47:15.0924 0x0708 WinHttpAutoProxySvc - ok

01:47:16.0003 0x0708 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

01:47:16.0003 0x0708 Winmgmt - ok

01:47:16.0096 0x0708 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll

01:47:16.0208 0x0708 WinRM - ok

01:47:16.0264 0x0708 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

01:47:16.0264 0x0708 WinUsb - ok

01:47:16.0327 0x0708 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll

01:47:16.0389 0x0708 WlanSvc - ok

01:47:16.0561 0x0708 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll

01:47:16.0608 0x0708 wlidsvc - ok

01:47:16.0639 0x0708 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys

01:47:16.0639 0x0708 WmiAcpi - ok

01:47:16.0655 0x0708 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

01:47:16.0671 0x0708 wmiApSrv - ok

01:47:16.0686 0x0708 WMPNetworkSvc - ok

01:47:16.0733 0x0708 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys

01:47:16.0733 0x0708 Wof - ok

01:47:16.0827 0x0708 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll

01:47:16.0889 0x0708 workfolderssvc - ok

01:47:16.0936 0x0708 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys

01:47:16.0936 0x0708 wpcfltr - ok

01:47:16.0952 0x0708 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll

01:47:16.0967 0x0708 WPCSvc - ok

01:47:16.0999 0x0708 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

01:47:16.0999 0x0708 WPDBusEnum - ok

01:47:17.0014 0x0708 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys

01:47:17.0014 0x0708 WpdUpFltr - ok

01:47:17.0014 0x0708 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

01:47:17.0014 0x0708 ws2ifsl - ok

01:47:17.0046 0x0708 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll

01:47:17.0061 0x0708 wscsvc - ok

01:47:17.0092 0x0708 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys

01:47:17.0092 0x0708 WSDPrintDevice - ok

01:47:17.0124 0x0708 [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys

01:47:17.0164 0x0708 WSDScan - ok

01:47:17.0164 0x0708 WSearch - ok

01:47:17.0567 0x0708 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll

01:47:17.0677 0x0708 WSService - ok

01:47:18.0099 0x0708 [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv C:\Windows\system32\wuaueng.dll

01:47:18.0239 0x0708 wuauserv - ok

01:47:18.0271 0x0708 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

01:47:18.0271 0x0708 WudfPf - ok

01:47:18.0317 0x0708 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys

01:47:18.0317 0x0708 WUDFRd - ok

01:47:18.0349 0x0708 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

01:47:18.0364 0x0708 wudfsvc - ok

01:47:18.0380 0x0708 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys

01:47:18.0380 0x0708 WUDFWpdFs - ok

01:47:18.0395 0x0708 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys

01:47:18.0395 0x0708 WUDFWpdMtp - ok

01:47:18.0474 0x0708 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll

01:47:18.0489 0x0708 WwanSvc - ok

01:47:18.0505 0x0708 ================ Scan global ===============================

01:47:18.0583 0x0708 [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll

01:47:18.0630 0x0708 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll

01:47:18.0661 0x0708 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll

01:47:18.0692 0x0708 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe

01:47:18.0708 0x0708 [ Global ] - ok

01:47:18.0708 0x0708 ================ Scan MBR ==================================

01:47:18.0739 0x0708 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

01:47:18.0739 0x0708 \Device\Harddisk0\DR0 - ok

01:47:18.0755 0x0708 ================ Scan VBR ==================================

01:47:18.0755 0x0708 [ E620C4E38759BB8130FE7CB307DAF513 ] \Device\Harddisk0\DR0\Partition1

01:47:18.0755 0x0708 \Device\Harddisk0\DR0\Partition1 - ok

01:47:18.0755 0x0708 [ DF2D675681C4BFCEDC8D4CAF7B0EBE24 ] \Device\Harddisk0\DR0\Partition2

01:47:18.0770 0x0708 \Device\Harddisk0\DR0\Partition2 - ok

01:47:18.0770 0x0708 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3

01:47:18.0770 0x0708 \Device\Harddisk0\DR0\Partition3 - ok

01:47:18.0786 0x0708 [ 79D93A3EF5BBAB5C5A2FDF074BC83AAB ] \Device\Harddisk0\DR0\Partition4

01:47:18.0786 0x0708 \Device\Harddisk0\DR0\Partition4 - ok

01:47:18.0817 0x0708 [ 0C8EDFF968ACC21BDF2626B9F7FD76A4 ] \Device\Harddisk0\DR0\Partition5

01:47:18.0864 0x0708 \Device\Harddisk0\DR0\Partition5 - ok

01:47:18.0864 0x0708 ================ Scan generic autorun ======================

01:47:19.0984 0x0708 [ 89AA8AC9B4E101E4173455D4620C5117, 746A6EA06A980EE29E6A401AA19313F13ECBF0F0EDFB6E7E6BD8C46ACCF9DA0B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

01:47:20.0390 0x0708 RTHDVCPL - ok

01:47:20.0437 0x0708 [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe

01:47:20.0453 0x0708 Logitech Download Assistant - ok

01:47:20.0484 0x0708 [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe

01:47:20.0500 0x0708 iTunesHelper - ok

01:47:20.0547 0x0708 [ 8B36B219F3AA51D1EC131C9438CD2963, E7CBF553AD1FBD8EFCBEF1D76E01019CCB71C30FCFD30AD64A2203C5C7492655 ] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe

01:47:20.0547 0x0708 BacKGround Agent - ok

01:47:20.0562 0x0708 [ BA3FA620D8BB5D48F73E82B308F4E151, 1AEA4CA51EF9BBAA0CE6C1308363A680FDEC4103158D704DCAE8898C7E358E4A ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe

01:47:20.0578 0x0708 abDocsDllLoader - ok

01:47:20.0578 0x0708 jjfcjwhjee - ok

01:47:20.0812 0x0708 [ 330049982A6CF1A2A0500E8E620889D3, 81A804621F9FAD520CB47FC084F6BD4EF2697E1FB8AF30596303089597FE7C2C ] C:\Users\milla\AppData\Roaming\Spotify\SpotifyWebHelper.exe

01:47:20.0843 0x0708 Spotify Web Helper - ok

01:47:21.0297 0x0708 [ 8A793A1618B8C37FC70E85DC03E9567D, 568156DB22BB9E3411923BD3417C1E8BAFC641FB82C298FCFAAD8708BE8E7DF3 ] C:\Users\milla\AppData\Roaming\Spotify\Spotify.exe

01:47:21.0453 0x0708 Spotify - ok

01:47:21.0703 0x0708 [ F2AD1B265908797F8A5E21E0312F2F25, 2A6A612F7D52D297385C43E77AD0CD37B28F33ED2AF89098F5E66B812B838A52 ] C:\Users\milla\AppData\Local\Akamai\netsession_win.exe

01:47:21.0797 0x0708 Akamai NetSession Interface - ok

01:47:21.0813 0x0708 Waiting for KSN requests completion. In queue: 143

01:47:22.0828 0x0708 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )

01:47:22.0844 0x0708 Win FW state via NFP2: enabled ( trusted )

01:47:23.0184 0x0708 ============================================================

01:47:23.0184 0x0708 Scan finished

01:47:23.0184 0x0708 ============================================================

01:47:23.0184 0x025c Detected object count: 0

01:47:23.0184 0x025c Actual detected object count: 0

OTL.Txt 159.37KB 7 downloads

BC AdBot (Login to Remove)

BleepingComputer.com
Register to remove ads

#2 nasdaq

Malware Response Team
38,587 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:43 PM

Posted 10 September 2016 - 08:30 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
The scan may take some time to finish,so please be patient.
If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR MY REVIEW.

Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.
===

Please download AdwCleaner by Xplode onto your Desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Click the LogFile button and the report will open in Notepad.

IMPORTANT

If you click the Clean button all items listed in the report will be removed.

If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Check off the element(s) you wish to keep.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished.
Please post the content of that log file with your next answer.
You can find the log file at C:\AdwCleanerCx.txt (x is a number).

===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.

Click the Add reply button.
===

Please post the logs.

Let me know what problems persists.

#3 mmilla

Topic Starter

Members
4 posts
OFFLINE

Local time:02:43 AM

Posted 10 September 2016 - 10:27 AM

malwarebytes.txt   1.02KB   1 downloads
AdwCleanerC0.txt   9.01KB   1 downloads
Addition.txt   45.07KB   1 downloads

Thanks for your reply!

Here are the logs, most of them are attached not to make this post miles long

FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016

Ran by milla (administrator) on MILS (10-09-2016 10:14:47)

Running from C:\Users\milla\Desktop

Loaded Profiles: milla (Available Profiles: milla)

Platform: Windows 8.1 (Update) (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe

() C:\Windows\SysWOW64\UMonit64.exe

(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe

(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe

() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Spotify Ltd) C:\Users\milla\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe

(Akamai Technologies, Inc.) C:\Users\milla\AppData\Local\Akamai\netsession_win.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe

(Akamai Technologies, Inc.) C:\Users\milla\AppData\Local\Akamai\netsession_win.exe

() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe

(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe

() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Screen Grasp\GestureDetection.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Screen Grasp\Launch Screen Grasp.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-20] (Realtek Semiconductor)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-18] (Apple Inc.)

HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [66304 2015-03-18] (Acer Incorporated)

HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2015-04-16] ()

HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-26] (Qualcomm®Atheros®)

HKU\S-1-5-21-1356464103-165666162-2052290704-1001\...\Run: [Spotify Web Helper] => C:\Users\milla\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1529456 2016-09-05] (Spotify Ltd)

HKU\S-1-5-21-1356464103-165666162-2052290704-1001\...\Run: [Spotify] => C:\Users\milla\AppData\Roaming\Spotify\Spotify.exe [6810224 2016-09-05] (Spotify Ltd)

HKU\S-1-5-21-1356464103-165666162-2052290704-1001\...\Run: [Akamai NetSession Interface] => C:\Users\milla\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.1.1.154 10.1.1.153

Tcpip\..\Interfaces\{7856FE3A-EE8D-4841-8674-5CFBAC572695}: [NameServer] 193.166.4.24,8.8.8.8

Tcpip\..\Interfaces\{7856FE3A-EE8D-4841-8674-5CFBAC572695}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Tcpip\..\Interfaces\{8A32B839-1BB0-4EA7-A0A7-6E07DD66001D}: [DhcpNameServer] 172.20.10.1

Tcpip\..\Interfaces\{9424D50D-BF70-4121-BCBD-342D1B3D9849}: [DhcpNameServer] 10.1.1.154 10.1.1.153

ManualProxies:

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKU\S-1-5-21-1356464103-165666162-2052290704-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}

HKU\S-1-5-21-1356464103-165666162-2052290704-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/

HKU\S-1-5-21-1356464103-165666162-2052290704-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://search.avast.com/AV772/

SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =

SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}

SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}

SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKU\S-1-5-21-1356464103-165666162-2052290704-1001 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}

SearchScopes: HKU\S-1-5-21-1356464103-165666162-2052290704-1001 -> {470B4222-2257-4B86-9FC1-13270DBD3776} URL =

SearchScopes: HKU\S-1-5-21-1356464103-165666162-2052290704-1001 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}

SearchScopes: HKU\S-1-5-21-1356464103-165666162-2052290704-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-07-12] (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-07-12] (Microsoft Corporation)

BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)

FireFox:

========

FF ProfilePath: C:\Users\milla\AppData\Roaming\Mozilla\Firefox\Profiles\zcgut4ap.default

FF NewTab: about:newtab

FF DefaultSearchEngine: Avast Search

FF DefaultSearchUrl: hxxps://search.avast.com/AV772/search/web?q={searchTerms}

FF SearchEngineOrder.1: Avast Search

FF SelectedSearchEngine: Avast Search

FF Keyword.URL: hxxps://search.avast.com/AV772/search/web?q={searchTerms}

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-28] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)

FF SearchPlugin: C:\Users\milla\AppData\Roaming\Mozilla\Firefox\Profiles\zcgut4ap.default\searchplugins\avast-search.xml [2016-04-23]

FF Extension: (No Name) - C:\Users\milla\AppData\Roaming\Mozilla\Firefox\Profiles\zcgut4ap.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [not found]

FF Extension: (AdBlock for YouTube™) - C:\Users\milla\AppData\Roaming\Mozilla\Firefox\Profiles\zcgut4ap.default\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2016-04-02]

FF Extension: (Adblock Plus) - C:\Users\milla\AppData\Roaming\Mozilla\Firefox\Profiles\zcgut4ap.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-19]

FF Extension: (Greasemonkey) - C:\Users\milla\AppData\Roaming\Mozilla\Firefox\Profiles\zcgut4ap.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-03-19]

Chrome:

=======

CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__

CHR StartupUrls: Default -> "hxxp://google.co.uk/"

CHR Profile: C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-04]

CHR Extension: (Google Docs) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-04]

CHR Extension: (Google Drive) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-04]

CHR Extension: (YouTube) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-04]

CHR Extension: (Fair AdBlocker App (by STANDS)) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcnofaichneijfbkdkghmhjjbepjmble [2016-08-18]

CHR Extension: (Google Sheets) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-04]

CHR Extension: (Fair Ads (by STANDS)) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\gagfkmknmijppikpcikmbbkdkhggcmge [2016-07-01]

CHR Extension: (Google Docs Offline) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-04]

CHR Extension: (Fair AdBlocker (by STANDS)) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2016-09-09]

CHR Extension: (Black carbon + silver metal) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\lodhggoaglindpoejnjldimdlikkphph [2016-08-27]

CHR Extension: (Chrome Web Store Payments) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]

CHR Extension: (Trump To Voldemort) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojdkllbbbcpnmcohgpbbhonbnijfioja [2016-08-26]

CHR Extension: (Gmail) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-04]

CHR Extension: (Chrome Media Router) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-26] (Windows ® Win 7 DDK provider) [File not signed]

R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2749696 2015-03-18] (Acer Incorporated)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-04] (Microsoft Corporation)

R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation)

R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)

R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)

R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-21] (Acer Incorporate)

R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-03-21] (Acer Incorporate)

R2 TouchToolsLaunchService; C:\Program Files\Acer\Acer Touch Tools\TouchToolsLaunchSvc.exe [250624 2014-01-08] (Acer Incorporated)

S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-25] (acer)

S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)

S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)

S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)

R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [173384 2014-04-07] (ELAN Microelectronic Corp.)

U5 GeneStor; C:\Windows\System32\Drivers\GeneStor.sys [107208 2014-01-17] (GenesysLogic)

R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [24568 2013-10-03] (Intel Corporation)

R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-10-03] (Intel Corporation)

R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)

R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)

R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-10 10:14 - 2016-09-10 10:15 - 00021532 _____ C:\Users\milla\Desktop\FRST.txt

2016-09-10 10:14 - 2016-09-10 10:14 - 02397696 _____ (Farbar) C:\Users\milla\Desktop\FRST64.exe

2016-09-10 10:14 - 2016-09-10 10:14 - 00000000 ____D C:\FRST

2016-09-10 10:12 - 2016-09-10 10:12 - 00009229 _____ C:\Users\milla\Desktop\AdwCleaner[C0].txt

2016-09-10 10:05 - 2016-09-10 10:10 - 00000000 ____D C:\AdwCleaner

2016-09-10 10:03 - 2016-09-10 10:04 - 03826240 _____ C:\Users\milla\Desktop\adwcleaner_6.010.exe

2016-09-10 09:55 - 2016-09-10 09:55 - 00001046 _____ C:\Users\milla\Desktop\malwarebytes.txt

2016-09-10 09:33 - 2016-09-10 09:59 - 00001081 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2016-09-10 09:33 - 2016-09-10 09:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2016-09-10 09:33 - 2016-09-10 09:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2016-09-10 09:33 - 2016-09-10 09:33 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2016-09-10 09:33 - 2016-03-10 06:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2016-09-10 09:33 - 2016-03-10 06:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys

2016-09-10 09:33 - 2016-03-10 06:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2016-09-10 09:32 - 2016-09-10 09:32 - 22851472 _____ (Malwarebytes ) C:\Users\milla\Documents\mbam-setup-2.2.1.1043.exe

2016-09-08 18:50 - 2016-09-08 18:50 - 00222276 _____ C:\Users\milla\Desktop\TDSSKiller.txt

2016-09-08 18:10 - 2016-09-08 18:10 - 00085020 _____ C:\Users\milla\Desktop\Extras.Txt

2016-09-08 18:08 - 2016-09-08 18:08 - 00163192 _____ C:\Users\milla\Desktop\OTL.Txt

2016-09-08 17:48 - 2016-09-08 17:48 - 00602112 _____ (OldTimer Tools) C:\Users\milla\Desktop\OTL.exe

2016-09-08 17:46 - 2016-09-08 18:50 - 00222368 _____ C:\TDSSKiller.3.1.0.11_09.09.2016_01.46.28_log.txt

2016-09-08 17:46 - 2016-09-08 17:46 - 04656735 _____ C:\Users\milla\Desktop\tdsskiller (1).zip

2016-09-08 17:46 - 2016-08-05 04:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\milla\Desktop\TDSSKiller.exe

2016-09-08 17:44 - 2016-09-08 17:44 - 04656735 _____ C:\Users\milla\Documents\tdsskiller.zip

2016-09-08 17:32 - 2016-09-08 17:32 - 00868560 _____ (NoVirusThanks Company Srl ) C:\Users\milla\Documents\zbot_remover_setup.exe

2016-09-08 09:57 - 2016-09-08 09:59 - 00190648 _____ C:\Users\milla\Downloads\The Little Mermaid - Part Of Your World Reprise (Finnish 1998 Soundtrack Version).mp3.sfk

2016-09-08 09:51 - 2016-09-08 09:56 - 00267472 _____ C:\Users\milla\Downloads\the_little_mermaid_-_part_of_your_wo-oCwbouXI_mc_fmt135.mp3.sfk

2016-09-08 09:50 - 2016-09-08 09:56 - 00415552 _____ C:\Users\milla\Documents\mermaidddd.mp4.sfk

2016-09-08 09:31 - 2016-09-08 09:50 - 285813663 _____ C:\Users\milla\Documents\mermaidddd.mp4

2016-09-01 11:00 - 2016-09-01 11:00 - 02621952 _____ C:\Users\milla\Desktop\Noe PP cpt 1.ppt

2016-08-30 13:53 - 2016-08-30 14:02 - 353538272 _____ C:\Users\milla\Documents\salatut_elamat_31.08.2016.mp4

2016-08-29 19:57 - 2016-08-29 19:59 - 00186496 _____ C:\Users\milla\Documents\iinto.mp4.sfk

2016-08-29 19:46 - 2016-08-29 19:54 - 139783227 _____ C:\Users\milla\Documents\iinto.mp4

2016-08-29 12:44 - 2016-08-29 12:44 - 00000000 ____D C:\Users\milla\AppData\Local\The Lord of the Rings Online

2016-08-29 12:31 - 2009-09-04 09:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll

2016-08-29 12:31 - 2009-09-04 09:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll

2016-08-29 12:31 - 2009-09-04 09:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll

2016-08-28 21:28 - 2016-08-28 21:28 - 00000000 ____D C:\Users\milla\AppData\Local\Akamai

2016-08-28 21:27 - 2016-08-29 12:33 - 00000000 ____D C:\Users\milla\AppData\Local\Turbine

2016-08-28 21:26 - 2009-09-04 09:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll

2016-08-28 21:26 - 2007-03-12 08:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll

2016-08-28 21:25 - 2016-08-29 12:49 - 00000000 ____D C:\Users\milla\Documents\The Lord of the Rings Online

2016-08-28 21:25 - 2016-08-28 21:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbine

2016-08-28 21:25 - 2016-08-28 21:25 - 00000000 ____D C:\Program Files (x86)\Turbine

2016-08-28 21:23 - 2016-08-28 21:24 - 64386312 _____ (Turbine, Inc. ) C:\Users\milla\Documents\lotrolive.exe

2016-08-28 12:19 - 2016-08-28 12:19 - 00053402 _____ C:\Users\milla\Desktop\mursal_reviewDC.pdf

2016-08-25 14:40 - 2016-08-30 09:33 - 00055360 _____ C:\Users\milla\Documents\ariel.veg

2016-08-25 14:40 - 2016-08-27 20:54 - 00049056 _____ C:\Users\milla\Documents\ariel.veg.bak

2016-08-25 14:33 - 2016-08-25 14:33 - 00012056 _____ C:\Users\milla\AppData\Local\recently-used.xbel

2016-08-25 09:29 - 2016-08-25 09:29 - 00469566 _____ C:\Users\milla\Desktop\COD 421&521.pdf

2016-08-25 08:48 - 2016-08-25 08:48 - 01115648 _____ C:\Users\milla\Desktop\Connect Classic Student Registration (1).ppt

2016-08-24 12:34 - 2016-08-24 12:34 - 00003222 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task

2016-08-24 12:33 - 2016-08-24 12:33 - 00000000 ____D C:\Users\milla\AppData\Roaming\Skype

2016-08-19 08:15 - 2016-08-19 08:15 - 00087987 _____ C:\Users\milla\Desktop\Osuuspankki.pdf

2016-08-19 08:14 - 2016-08-19 08:14 - 00000565 _____ C:\Users\milla\Desktop\kuitti_201608095934972J0910.csv

2016-08-18 14:06 - 2016-08-18 14:06 - 00382720 _____ C:\Users\milla\Documents\poywedited.mp4.sfk

2016-08-18 11:32 - 2016-08-18 11:49 - 267823311 _____ C:\Users\milla\Documents\poywedited.mp4

2016-08-18 11:21 - 2016-08-18 11:21 - 00382688 _____ C:\Users\milla\Documents\poyw.mp4.sfk

2016-08-18 11:03 - 2016-08-18 11:21 - 265049688 _____ C:\Users\milla\Documents\poyw.mp4

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-09-10 10:13 - 2016-07-21 14:04 - 00000000 ____D C:\Users\milla\AppData\Local\Spotify

2016-09-10 10:13 - 2016-07-21 14:00 - 00000000 ____D C:\Users\milla\AppData\Roaming\Spotify

2016-09-10 10:13 - 2016-04-04 12:57 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2016-09-10 10:13 - 2016-04-04 12:57 - 00000912 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2016-09-10 10:13 - 2015-04-22 06:29 - 00000000 __RDO C:\Users\milla\OneDrive

2016-09-10 10:11 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2016-09-10 10:10 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\BBI

2016-09-10 10:04 - 2015-04-22 06:27 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1356464103-165666162-2052290704-1001

2016-09-10 09:59 - 2016-07-21 14:04 - 00001865 _____ C:\Users\milla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

2016-09-10 09:59 - 2016-06-09 09:05 - 00001049 _____ C:\Users\Public\Desktop\VLC media player.lnk

2016-09-10 09:59 - 2016-04-24 02:06 - 00002342 _____ C:\Users\milla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk

2016-09-10 09:59 - 2016-04-22 06:12 - 00001864 _____ C:\Users\Public\Desktop\QuickTime Player.lnk

2016-09-10 09:59 - 2016-04-22 06:10 - 00001732 _____ C:\Users\Public\Desktop\iTunes.lnk

2016-09-10 09:59 - 2016-04-04 12:58 - 00002188 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2016-09-10 09:59 - 2016-04-04 12:58 - 00002170 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2016-09-10 09:59 - 2016-01-07 07:59 - 00002082 _____ C:\Users\milla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OldSchool RuneScape.lnk

2016-09-10 09:59 - 2015-06-24 15:06 - 00001035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk

2016-09-10 09:59 - 2015-06-08 12:37 - 00000999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2016-09-10 09:59 - 2015-04-27 10:49 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

2016-09-10 09:59 - 2015-04-23 11:45 - 00001892 _____ C:\Users\milla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\avast! antivirus.lnk

2016-09-10 09:59 - 2015-04-22 11:39 - 00000958 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk

2016-09-10 09:59 - 2015-04-22 06:23 - 00001252 _____ C:\Users\milla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio Manager.lnk

2016-09-10 09:59 - 2015-04-22 06:21 - 00000985 _____ C:\Users\milla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2016-09-10 09:59 - 2015-04-22 06:18 - 00000445 _____ C:\Users\milla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk

2016-09-10 09:59 - 2015-04-22 06:18 - 00000443 _____ C:\Users\milla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk

2016-09-10 09:59 - 2014-04-10 23:23 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2016-09-10 09:58 - 2016-07-21 14:04 - 00001859 _____ C:\Users\milla\Desktop\Spotify.lnk

2016-09-10 09:58 - 2015-12-25 08:36 - 00002669 _____ C:\Users\milla\Desktop\µTorrent.lnk

2016-09-10 09:58 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\Inf

2016-09-10 09:42 - 2015-05-04 11:02 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2016-09-10 09:32 - 2015-04-22 06:40 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8B550746-00C4-4B6B-B65C-009190E58763}

2016-09-09 23:18 - 2015-04-22 07:18 - 02736640 ___SH C:\Users\milla\Documents\Thumbs.db

2016-09-09 20:26 - 2016-01-07 08:00 - 00000024 _____ C:\Users\milla\jagexappletviewer.preferences

2016-09-09 20:24 - 2016-01-07 08:00 - 00000044 _____ C:\Users\milla\jagex_cl_oldschool_LIVE.dat

2016-09-09 20:21 - 2016-04-01 15:03 - 00000000 ____D C:\Users\milla\AppData\Roaming\vlc

2016-09-09 16:58 - 2015-04-22 06:21 - 00000000 ____D C:\Users\milla\AppData\Local\Packages

2016-09-09 10:03 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\AppReadiness

2016-09-08 09:25 - 2015-04-24 07:23 - 00000000 ____D C:\Users\milla\AppData\Roaming\Youtube Downloader HD

2016-09-06 21:05 - 2015-09-06 10:14 - 00000000 ____D C:\Users\milla\Desktop\Uni stuff

2016-09-04 20:05 - 2015-09-06 10:36 - 00000000 ____D C:\Users\milla\Documents\Full movies

2016-09-03 23:12 - 2016-04-02 05:02 - 00000000 ____D C:\Users\milla\AppData\Roaming\uTorrent

2016-09-03 22:54 - 2016-07-16 13:50 - 00000000 ____D C:\Users\milla\Downloads\Zootopia (2016) 720p BrRip x264 - VPPV

2016-09-01 13:30 - 2016-03-27 17:26 - 00000000 ____D C:\Users\milla\Desktop\Gaming

2016-09-01 11:00 - 2015-05-03 02:50 - 00208384 ___SH C:\Users\milla\Desktop\Thumbs.db

2016-08-25 14:42 - 2015-04-22 11:41 - 00000000 ____D C:\Users\milla\.gimp-2.8

2016-08-25 14:09 - 2015-04-22 13:43 - 00000000 ____D C:\Users\milla\AppData\Local\gtk-2.0

2016-08-25 13:50 - 2016-07-30 17:08 - 00000000 ____D C:\Users\milla\Downloads\hercules

2016-08-24 12:34 - 2015-08-28 10:06 - 00003172 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1356464103-165666162-2052290704-1001

2016-08-21 07:18 - 2013-08-22 10:36 - 00000000 ___HD C:\Program Files\WindowsApps

2016-08-18 00:53 - 2016-04-04 13:10 - 00000000 ____D C:\Users\milla\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps

2016-08-17 12:53 - 2013-08-22 10:20 - 00000000 ____D C:\Windows\CbsTemp

2016-08-16 12:27 - 2013-08-22 10:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft

2016-08-16 12:25 - 2015-08-28 10:02 - 00000000 ____D C:\Program Files\Microsoft Office 15

2016-08-12 11:48 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\rescache

2016-08-11 09:53 - 2013-08-22 09:44 - 05211352 _____ C:\Windows\system32\FNTCACHE.DAT

2016-08-11 07:14 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\LiveKernelReports

2016-08-11 04:26 - 2015-04-24 09:26 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2016-08-11 04:26 - 2015-04-24 09:26 - 00000000 ____D C:\Windows\system32\MRT

2016-08-11 04:23 - 2013-08-22 10:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates

==================== Files in the root of some directories =======

2015-06-06 12:39 - 2015-06-06 12:39 - 0000096 _____ () C:\Users\milla\AppData\Roaming\version2.xml

2016-08-25 14:33 - 2016-08-25 14:33 - 0012056 _____ () C:\Users\milla\AppData\Local\recently-used.xbel

2014-06-18 20:07 - 2014-06-18 20:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some files in TEMP:

====================

C:\Users\milla\AppData\Local\Temp\libeay32.dll

C:\Users\milla\AppData\Local\Temp\msvcr120.dll

C:\Users\milla\AppData\Local\Temp\sqlite3.dll

C:\Users\milla\AppData\Local\Temp\vlc-2.2.4-win32.exe

C:\Users\milla\AppData\Local\Temp\ZXTKw2bGSjYY.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-09-06 11:27

==================== End of FRST.txt ============================

#4 nasdaq

Malware Response Team
38,587 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:43 PM

Posted 11 September 2016 - 07:07 AM

Press the windows key

+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.

start


CreateRestorePoint:
EmptyTemp:
CloseProcesses:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1356464103-165666162-2052290704-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
FF Extension: (No Name) - C:\Users\milla\AppData\Roaming\Mozilla\Firefox\Profiles\zcgut4ap.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [not found]
CHR Extension: (Chrome Web Store Payments) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]
C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Task: {23B8E632-218B-464A-9D46-24302F56634E} - \Start Registry Reviver for MILS@milla(logon) -> No File <==== ATTENTION
Task: {3E313FF1-0CE4-4938-AA9C-13090CE5AA47} - System32\Tasks\Chromium => C:\Users\milla\AppData\Local\Chromium\APPLIC~1\450242~1.0\INSTAL~1\UNINST~1.EXE
Task: C:\Windows\Tasks\Chromium.job => C:\Users\milla\AppData\Local\Chromium\APPLIC~1\450242~1.0\INSTAL~1\UNINST~1.EXE


End

Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please post the log and let me know what problem persists.

#5 mmilla

Topic Starter

Members
4 posts
OFFLINE

Local time:02:43 AM

Posted 11 September 2016 - 10:21 AM

Fix result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016

Ran by milla (11-09-2016 10:12:31) Run:1

Running from C:\Users\milla\Desktop

Loaded Profiles: milla (Available Profiles: milla)

Boot Mode: Normal

==============================================

fixlist content:

*****************

start

CreateRestorePoint:

EmptyTemp:

CloseProcesses:

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1356464103-165666162-2052290704-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}

FF Extension: (No Name) - C:\Users\milla\AppData\Roaming\Mozilla\Firefox\Profiles\zcgut4ap.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} [not found]

CHR Extension: (Chrome Web Store Payments) - C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04]

C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Task: {23B8E632-218B-464A-9D46-24302F56634E} - \Start Registry Reviver for MILS@milla(logon) -> No File <==== ATTENTION

Task: {3E313FF1-0CE4-4938-AA9C-13090CE5AA47} - System32\Tasks\Chromium => C:\Users\milla\AppData\Local\Chromium\APPLIC~1\450242~1.0\INSTAL~1\UNINST~1.EXE

Task: C:\Windows\Tasks\Chromium.job => C:\Users\milla\AppData\Local\Chromium\APPLIC~1\450242~1.0\INSTAL~1\UNINST~1.EXE

End

*****************

Restore point was successfully created.

Processes closed successfully.

"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => key removed successfully

HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => key not found.

"HKLM\SOFTWARE\Policies\Google" => key removed successfully

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully

HKCR\Wow6432Node\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.

"HKU\S-1-5-21-1356464103-165666162-2052290704-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" => key removed successfully

HKCR\CLSID\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} => key not found.

C:\Users\milla\AppData\Roaming\Mozilla\Firefox\Profiles\zcgut4ap.default\extensions\{a38384b3-2d1d-4f36-bc22-0f7ae402bcd7} => path removed successfully

C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully

"C:\Users\milla\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda" => not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{23B8E632-218B-464A-9D46-24302F56634E}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23B8E632-218B-464A-9D46-24302F56634E}" => key removed successfully

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Start Registry Reviver for MILS@milla(logon) => key not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E313FF1-0CE4-4938-AA9C-13090CE5AA47}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E313FF1-0CE4-4938-AA9C-13090CE5AA47}" => key removed successfully

C:\Windows\System32\Tasks\Chromium => moved successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Chromium" => key removed successfully

C:\Windows\Tasks\Chromium.job => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 134272559 B

Java, Flash, Steam htmlcache => 492 B

Windows/system/drivers => 65150571 B

Edge => 0 B

Chrome => 836473451 B

Firefox => 26000629 B

Opera => 0 B

Temp, IE cache, history, cookies, recent:

Default => 0 B

ProgramData => 0 B

Public => 0 B

systemprofile => 0 B

systemprofile32 => 128 B

LocalService => 441392 B

NetworkService => 64244238 B

milla => 586520017 B

RecycleBin => 9686640721 B

EmptyTemp: => 10.6 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 10:14:33 ====

#6 nasdaq

Malware Response Team
38,587 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:43 PM

Posted 12 September 2016 - 06:49 AM

How is the computer running now?

#7 mmilla

Topic Starter

Members
4 posts
OFFLINE

Local time:02:43 AM

Posted 12 September 2016 - 12:30 PM

It seems to be working flawlessly I also got rid of an annoying pop-up that appeared at startup, so thank you so so much for your help!!

#8 nasdaq

Malware Response Team
38,587 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:43 PM

Posted 12 September 2016 - 12:34 PM

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

#9 nasdaq

Malware Response Team
38,587 posts
OFFLINE

Gender:Male
Location:Montreal, QC. Canada
Local time:07:43 PM

Posted 19 September 2016 - 08:37 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Back to Virus, Trojan, Spyware, and Malware Removal Logs