,,keineantwortadresse@web.de'' - Spam Mail wurde ausgehend meines Email Accounts versendet. Mit Inhalt: Link eines Pharmazieonline portals

Falkze · 19.04.2015, 08:26

Hey.

Und zwar habe ich angeblich am 18.04.15 eine Email an einen Teil meiner Kontaktliste versendet mit Betreff: ,,hi there'' und Inhalt: Link zu einem Pharmazie Online shops.

ACHTUNG!!! folgender Link
hxxp://topteh.ro/blog/

Diese Mail habe ich NICHT verschickt.

Anschließend habe ich eine Mail von ,,keineantwortadresse@web.de'' erhalten.

Betreff:
Mail delivery failed: returning message to sender

Inhalt: (Email adressen habe ich durch maxmustermann@web.de ersetzt)

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of
its recipients. This is a permanent error. The following address
failed:

"maxmustermann@web.de":
SMTP error from remote server after transfer of mail text:
host: mailgate1.uni-wuerzburg.de
Access denied: Message is known SPAM
"maxmustermann@web.de":
SMTP error from remote server after RCPT command:
host: mx-ha02.web.de
Requested action not taken: mailbox unavailable

--- The header of the original message is following. ---

Received: from [199.189.115.108] by msvc-mesg-web107.server.lan (via HTTP);
Sat, 18 Apr 2015 04:41:32 +0200
MIME-Version: 1.0
Message-ID: <trinity-cb38c8da-df5a-4c54-8ff4-845e623f7af5-1429324891953@msvc-mesg-web107>
From: maxmustermann@web.de -> ausgehend meiner email adresse
To: maxmustermann@web.de
Subject: hi there
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Apr 2015 04:41:32 +0200
X-Provags-ID: V03:K0:+XPdDt3X8ozf2TfE6zUjb9/j1oUG9JFyWq2Xo/vWkDm
h9BhT0ZyxglMwGkNygNCQNrr5HRtIpFLJySE3Q7xJDNFa+7BJK
SsLTwz7du87QwCofwBCDUONSzqmBQXC4DrVlQalAA+DdeBPDh4
jqtyXZcnxKF+lJpnmbtW71Fihwyevlti5ragIC4lOsEKQ5Zf8k
1OVa4OdLpGw4Tk8lMfahhUynSbnsU33dPhW3FDbL711vx1k+4J
hS3IkwBiX9DrlSmhEqjEJ7dyBSVyXMh9HfkK5ftpuRXkgGr5M5 JTYo0c=
X-UI-Out-Filterresults: notjunk:1;

Nun die Frage:
Wurde meine Email account lediglich gehackt oder muss ich mir weitere Gedanken machen.
Das größte Problem ist das ich Studiere und die mail an professoren und dergleichen ging, was SEHR unangenehm ist. Ich habe die Personen bereits informiert, dass ich Opfer einer ,,Hacks'' wurde und sie die mail nicht öffnen sollen.

Ich bedanke mich berreits im Voraus für die Antworten und Hilfeleistungen.
Danke!!

besten Gruß

Falkze

schrauber · 19.04.2015, 08:47

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Falkze · 19.04.2015, 09:14

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2015
Ran by falkd_000 (administrator) on FALK_DÖTTER on 19-04-2015 10:08:12
Running from C:\Users\falkd_000\Downloads
Loaded Profiles: falkd_000 (Available profiles: falkd_000)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Autodesk Inc.) C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\falkd_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\falkd_000\AppData\Local\Akamai\netsession_win.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Akamai Technologies, Inc.) C:\Users\falkd_000\AppData\Local\Akamai\netsession_win.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Run: [Spotify Web Helper] => C:\Users\falkd_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-16] (Spotify Ltd)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Run: [Akamai NetSession Interface] => C:\Users\falkd_000\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Policies\Explorer: [] 
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Symbaloo - Das führende visuelle Ressourcen-Management-Tool zum Organisieren und Teilen deiner Lieblings-Websites
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Symbaloo - Das führende visuelle Ressourcen-Management-Tool zum Organisieren und Teilen deiner Lieblings-Websites
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-405270919-1759621043-3676443113-1001 -> DefaultScope {4CAC6312-6AAE-49E3-89F8-97FD79889FD9} URL = 
SearchScopes: HKU\S-1-5-21-405270919-1759621043-3676443113-1001 -> {4CAC6312-6AAE-49E3-89F8-97FD79889FD9} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\falkd_000\AppData\Roaming\Mozilla\Firefox\Profiles\5qjeh986.default-1420916566898
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\falkd_000\AppData\Roaming\Mozilla\Firefox\Profiles\5qjeh986.default-1420916566898\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-10]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-05] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-22] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-19 10:08 - 2015-04-19 10:08 - 00014988 _____ () C:\Users\falkd_000\Downloads\FRST.txt
2015-04-19 10:07 - 2015-04-19 10:08 - 00000000 ____D () C:\FRST
2015-04-19 10:06 - 2015-04-19 10:07 - 02098176 _____ (Farbar) C:\Users\falkd_000\Downloads\FRST64.exe
2015-04-18 23:27 - 2015-04-18 23:27 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-17 16:27 - 2015-04-17 16:28 - 00000633 _____ () C:\Users\falkd_000\Desktop\track mania.txt
2015-04-16 15:52 - 2015-04-16 15:52 - 00000000 ____D () C:\Users\falkd_000\Desktop\Hydrologie
2015-04-16 12:48 - 2015-04-16 12:48 - 00000000 ____D () C:\Users\falkd_000\Documents\Fax
2015-04-15 17:27 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 17:27 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 17:27 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 17:27 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 17:27 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 17:27 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 17:27 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 17:27 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 17:27 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 17:27 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 17:27 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 17:27 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 17:27 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 17:27 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 17:27 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 17:27 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 17:27 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 17:27 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 17:27 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 17:26 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 17:26 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 17:26 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 17:26 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 17:26 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 17:26 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 17:26 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 17:26 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 17:26 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 17:26 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 17:26 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 17:26 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 17:26 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 17:26 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 17:26 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 17:26 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 17:26 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 17:26 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 17:26 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 17:26 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 17:26 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 17:26 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 17:25 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 17:25 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 17:25 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 17:25 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 17:25 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 17:25 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 17:25 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 17:25 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 17:25 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 17:25 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 17:25 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 17:25 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 17:25 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 17:25 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 17:25 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 17:25 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 17:25 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 17:25 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 17:25 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 17:25 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 17:25 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 17:25 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 17:25 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 17:25 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-08 00:58 - 2015-04-08 00:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-05 03:16 - 2015-04-05 03:19 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 03:16 - 2015-04-05 03:16 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-02 16:05 - 2015-04-02 16:20 - 00046565 _____ () C:\Users\falkd_000\Desktop\Studienarbeit_MB_Treppe.dwg
2015-03-27 03:01 - 2015-03-27 03:01 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-03-27 02:56 - 2015-03-27 02:56 - 00002229 _____ () C:\Users\falkd_000\Desktop\Autodesk® AutoCAD® 2015 jetzt installieren.lnk
2015-03-27 02:56 - 2015-03-27 02:56 - 00000000 ____D () C:\Users\falkd_000\Documents\Autodesk Application Manager
2015-03-27 02:56 - 2015-03-27 02:56 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-03-27 02:54 - 2015-03-27 02:54 - 00002066 _____ () C:\Users\Public\Desktop\Autodesk ReCap.lnk
2015-03-27 02:54 - 2015-03-27 02:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
2015-03-27 02:46 - 2015-03-27 03:13 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Autodesk
2015-03-27 02:46 - 2015-03-27 02:46 - 00002127 _____ () C:\Users\Public\Desktop\AutoCAD 2015 - Deutsch (German).lnk
2015-03-27 02:46 - 2015-03-27 02:46 - 00000000 ____D () C:\Users\falkd_000\Documents\Inventor Server SDK ACAD 2015
2015-03-27 02:46 - 2015-03-27 02:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 - Deutsch (German)
2015-03-27 02:44 - 2015-03-27 02:44 - 00000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-03-27 02:44 - 2015-03-27 02:44 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-03-27 02:41 - 2015-03-27 02:56 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-03-27 02:41 - 2015-03-27 02:54 - 00000000 ____D () C:\Program Files\Autodesk
2015-03-27 02:41 - 2015-03-27 02:41 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2015-03-26 23:52 - 2015-03-26 23:52 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-03-26 23:48 - 2015-03-27 02:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-03-26 23:47 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-03-26 23:38 - 2015-03-27 14:55 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Autodesk
2015-03-26 23:38 - 2015-03-27 14:55 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-26 23:34 - 2015-03-26 23:35 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Akamai
2015-03-26 23:34 - 2015-03-26 23:34 - 00000000 ____D () C:\Autodesk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-19 10:08 - 2014-03-24 21:50 - 01678018 _____ () C:\Windows\WindowsUpdate.log
2015-04-19 10:05 - 2014-11-08 19:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-19 10:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-18 23:39 - 2013-11-24 21:37 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-18 23:39 - 2013-08-28 11:59 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-04-18 23:39 - 2013-08-28 11:59 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-04-18 23:34 - 2014-11-08 02:10 - 00000000 ___DO () C:\Users\falkd_000\SkyDrive
2015-04-18 23:33 - 2015-03-17 11:49 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-18 23:31 - 2013-08-22 16:46 - 00026676 _____ () C:\Windows\setupact.log
2015-04-18 23:31 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-18 23:30 - 2014-11-08 03:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 23:30 - 2013-11-25 06:24 - 00377498 _____ () C:\Windows\PFRO.log
2015-04-18 23:30 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-18 23:27 - 2015-03-07 04:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-18 14:06 - 2014-12-06 15:08 - 00024064 ___SH () C:\Users\falkd_000\Downloads\Thumbs.db
2015-04-17 14:17 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-15 17:45 - 2014-11-08 14:32 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 17:43 - 2014-11-08 14:32 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 17:27 - 2015-03-16 13:55 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Spotify
2015-04-15 17:27 - 2015-03-16 13:53 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Spotify
2015-04-15 17:25 - 2014-11-12 05:07 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-14 19:07 - 2014-11-08 19:53 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 17:34 - 2014-11-08 02:14 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-405270919-1759621043-3676443113-1001
2015-04-14 01:24 - 2013-08-22 17:38 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-10 11:11 - 2014-11-08 18:54 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\vlc
2015-04-10 01:16 - 2014-11-08 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-10 01:16 - 2014-03-24 21:50 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-10 01:15 - 2014-11-08 17:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-09 01:49 - 2014-11-08 17:28 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Avira
2015-04-09 01:48 - 2014-11-08 17:26 - 00000000 ____D () C:\ProgramData\Avira
2015-04-08 15:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-02 16:20 - 2014-11-10 14:10 - 00313856 ___SH () C:\Users\falkd_000\Desktop\Thumbs.db
2015-04-02 15:49 - 2014-11-14 00:26 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Battle.net
2015-03-27 02:58 - 2013-08-22 16:44 - 00441600 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-27 02:57 - 2014-11-08 02:02 - 00000000 ____D () C:\Users\falkd_000
2015-03-27 02:34 - 2015-02-03 00:27 - 00091356 _____ () C:\Windows\DirectX.log
2015-03-23 20:15 - 2014-11-08 19:52 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-12-01 15:51 - 2014-12-01 15:51 - 0003584 _____ () C:\Users\falkd_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-27 02:44 - 2015-03-27 02:44 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\falkd_000\AppData\Local\Temp\AcDeltree.exe
C:\Users\falkd_000\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-14 17:02

==================== End Of Log ============================

--- --- ---

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2015
Ran by falkd_000 at 2015-04-19 10:09:28
Running from C:\Users\falkd_000\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
AutoCAD 2015 - Deutsch (German) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - Deutsch (German) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk)
Autodesk AutoCAD 2015 - Deutsch (German) (HKLM\...\AutoCAD 2015 - Deutsch (German)) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.3.1.39 - Autodesk)
Autodesk ReCap (Version: 1.3.1.39 - Autodesk) Hidden
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{7B8D4E8A-EA2B-4A71-BFEB-A4AAAB87C5D0}) (Version: 12.1.0.71 - Apple Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.3 - Mozilla)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros)
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
SketchUp-Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Spotify (HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Spotify) (Version: 1.0.1.1060.gc75ebdfd - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.346 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Verfügbare Autodesk-Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-405270919-1759621043-3676443113-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-405270919-1759621043-3676443113-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-405270919-1759621043-3676443113-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-405270919-1759621043-3676443113-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-405270919-1759621043-3676443113-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-405270919-1759621043-3676443113-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-405270919-1759621043-3676443113-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-405270919-1759621043-3676443113-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-405270919-1759621043-3676443113-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2015\de-DE\acadficn.dll (Autodesk, Inc.)

==================== Restore Points  =========================

26-03-2015 23:45:17 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
05-04-2015 03:15:30 Windows Update
13-04-2015 10:06:51 Geplanter Prüfpunkt
17-04-2015 14:05:38 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {27003580-2568-4472-9881-3DDE3327C8C1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {5A1C737F-37ED-4ECF-8859-61EC7A8C87E4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {709A98B5-3A0A-4DD1-BE70-F2FE53DFDB7E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {850767A8-D235-4976-BA4D-40EEA65CE8C7} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {ABAC530F-CA02-4EBB-8F01-5C8A43FEC5C5} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {BB285FF2-A311-4801-92D7-504236B28D03} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {CECA5836-34F1-4263-B51F-8FCFB1E67615} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-11-09] (TOSHIBA Corporation)
Task: {EF31277B-732C-48EB-B8A1-4B944B3278D4} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {F0731E4A-B501-466C-9D00-E40AEFD83DC4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2013-03-27 21:53 - 2013-03-27 21:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-10 21:54 - 2013-09-10 21:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-11-24 22:38 - 2013-09-13 10:04 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-19 03:38 - 2012-07-19 03:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-22 09:19 - 2013-08-22 08:54 - 00174592 _____ () C:\Windows\system32\WinMetadata\Windows.UI.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00050176 _____ () C:\Windows\system32\WinMetadata\Windows.Data.winmd
2013-08-22 09:19 - 2013-08-22 08:54 - 00030208 _____ () C:\Windows\system32\WinMetadata\Windows.Foundation.winmd
2015-03-27 02:56 - 2014-12-05 04:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-03-27 02:56 - 2014-12-05 04:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2014-03-24 21:24 - 2013-09-04 01:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\falkd_000\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\falkd_000\AppData\Local\Microsoft\Windows\Themes\Bayern (2)\DesktopBackground\desktop-hintergrund.bmp
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-405270919-1759621043-3676443113-500 - Administrator - Disabled)
falkd_000 (S-1-5-21-405270919-1759621043-3676443113-1001 - Administrator - Enabled) => C:\Users\falkd_000
Gast (S-1-5-21-405270919-1759621043-3676443113-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-405270919-1759621043-3676443113-1003 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2015 09:27:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6047

Error: (04/19/2015 09:27:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6047

Error: (04/19/2015 09:27:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/19/2015 09:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4843

Error: (04/19/2015 09:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4843

Error: (04/19/2015 09:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/19/2015 09:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3672

Error: (04/19/2015 09:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3672

Error: (04/19/2015 09:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/19/2015 09:27:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2531


System errors:
=============
Error: (04/18/2015 11:26:57 PM) (Source: DCOM) (EventID: 10010) (User: FALK_DÖTTER)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/18/2015 11:26:57 PM) (Source: DCOM) (EventID: 10010) (User: FALK_DÖTTER)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/18/2015 11:26:57 PM) (Source: DCOM) (EventID: 10010) (User: FALK_DÖTTER)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/18/2015 11:26:57 PM) (Source: DCOM) (EventID: 10010) (User: FALK_DÖTTER)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (04/17/2015 02:07:59 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240055 fehlgeschlagen: Sicherheitsupdate für Internet Explorer Flash Player für Windows 8.1 für x64-Systeme (KB3049508)

Error: (04/13/2015 11:04:07 AM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR18 gefunden.

Error: (04/05/2015 03:05:17 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 80.

Error: (04/05/2015 03:05:16 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 80.

Error: (04/05/2015 03:05:14 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 80.

Error: (03/24/2015 10:49:18 AM) (Source: Microsoft-Windows-HAL) (EventID: 13) (User: NT-AUTORITÄT)
Description: Der Systemüberwachungszeitgeber wurde ausgelöst.


Microsoft Office Sessions:
=========================
Error: (04/19/2015 09:27:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6047

Error: (04/19/2015 09:27:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6047

Error: (04/19/2015 09:27:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/19/2015 09:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4843

Error: (04/19/2015 09:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4843

Error: (04/19/2015 09:27:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/19/2015 09:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3672

Error: (04/19/2015 09:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3672

Error: (04/19/2015 09:27:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/19/2015 09:27:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2531


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage of memory in use: 42%
Total physical RAM: 3971.27 MB
Available physical RAM: 2301.39 MB
Total Pagefile: 5024.33 MB
Available Pagefile: 2675.2 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (TI31252400A) (Fixed) (Total:454.55 GB) (Free:400.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

--- --- ---

schrauber · 19.04.2015, 16:15

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Falkze · 19.04.2015, 21:45

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.04.19.04
  rootkit: v2015.03.31.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17728
falkd_000 :: FALK_DÖTTER [administrator]

19.04.2015 21:46:46
mbar-log-2015-04-19 (21-46-46).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 357147
Time elapsed: 21 minute(s), 20 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

22:25:17.0299 0x0948  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:25:17.0299 0x0948  UEFI system
22:25:29.0837 0x0948  ============================================================
22:25:29.0837 0x0948  Current date / time: 2015/04/19 22:25:29.0837
22:25:29.0837 0x0948  SystemInfo:
22:25:29.0837 0x0948  
22:25:29.0837 0x0948  OS Version: 6.3.9600 ServicePack: 0.0
22:25:29.0837 0x0948  Product type: Workstation
22:25:29.0837 0x0948  ComputerName: FALK_DÖTTER
22:25:29.0837 0x0948  UserName: falkd_000
22:25:29.0837 0x0948  Windows directory: C:\Windows
22:25:29.0837 0x0948  System windows directory: C:\Windows
22:25:29.0837 0x0948  Running under WOW64
22:25:29.0837 0x0948  Processor architecture: Intel x64
22:25:29.0837 0x0948  Number of processors: 2
22:25:29.0837 0x0948  Page size: 0x1000
22:25:29.0837 0x0948  Boot type: Normal boot
22:25:29.0837 0x0948  ============================================================
22:25:30.0501 0x0948  KLMD registered as C:\Windows\system32\drivers\94900288.sys
22:25:31.0154 0x0948  System UUID: {6D769F42-87B9-FA17-F6EB-767784D39623}
22:25:31.0978 0x0948  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:25:31.0994 0x0948  ============================================================
22:25:31.0994 0x0948  \Device\Harddisk0\DR0:
22:25:31.0994 0x0948  GPT partitions:
22:25:31.0994 0x0948  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {778E6269-6364-11E3-9FAA-0C54A54D3E5A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
22:25:31.0995 0x0948  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {778E626F-6364-11E3-9FAA-0C54A54D3E5A}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x32000
22:25:31.0995 0x0948  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {778E6271-6364-11E3-9FAA-0C54A54D3E5A}, Name: Basic data partition, StartLBA 0x232800, BlocksNum 0x40000
22:25:31.0995 0x0948  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {778E6277-6364-11E3-9FAA-0C54A54D3E5A}, Name: Basic data partition, StartLBA 0x272800, BlocksNum 0x38D1B000
22:25:31.0995 0x0948  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {775B1D33-B39D-11E3-BAE5-20256476E067}, Name: Basic data partition, StartLBA 0x38F8D800, BlocksNum 0x13F82E2
22:25:31.0995 0x0948  MBR partitions:
22:25:31.0995 0x0948  ============================================================
22:25:32.0014 0x0948  C: <-> \Device\Harddisk0\DR0\Partition4
22:25:32.0014 0x0948  ============================================================
22:25:32.0014 0x0948  Initialize success
22:25:32.0014 0x0948  ============================================================
22:26:43.0501 0x0d9c  ============================================================
22:26:43.0501 0x0d9c  Scan started
22:26:43.0501 0x0d9c  Mode: Manual; SigCheck; TDLFS; 
22:26:43.0501 0x0d9c  ============================================================
22:26:43.0501 0x0d9c  KSN ping started
22:26:45.0933 0x0d9c  KSN ping finished: true
22:26:47.0366 0x0d9c  ================ Scan system memory ========================
22:26:47.0366 0x0d9c  System memory - ok
22:26:47.0367 0x0d9c  ================ Scan services =============================
22:26:48.0464 0x0d9c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
22:26:48.0515 0x0d9c  1394ohci - ok
22:26:48.0566 0x0d9c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
22:26:48.0577 0x0d9c  3ware - ok
22:26:48.0676 0x0d9c  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:26:48.0700 0x0d9c  ACPI - ok
22:26:48.0721 0x0d9c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
22:26:48.0732 0x0d9c  acpiex - ok
22:26:48.0755 0x0d9c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
22:26:48.0791 0x0d9c  acpipagr - ok
22:26:48.0817 0x0d9c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
22:26:48.0827 0x0d9c  AcpiPmi - ok
22:26:48.0832 0x0d9c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
22:26:48.0855 0x0d9c  acpitime - ok
22:26:49.0060 0x0d9c  [ CBDF353624D1744734F2FD13B4786F90, 615C695F842D2F777C7D0DAA19B3674AB903FDC401E22A130C04DB0D0C1486D2 ] AdAppMgrSvc     C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
22:26:49.0080 0x0d9c  AdAppMgrSvc - ok
22:26:49.0164 0x0d9c  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:26:49.0172 0x0d9c  AdobeARMservice - ok
22:26:49.0412 0x0d9c  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:26:49.0424 0x0d9c  AdobeFlashPlayerUpdateSvc - ok
22:26:49.0538 0x0d9c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
22:26:49.0567 0x0d9c  ADP80XX - ok
22:26:49.0637 0x0d9c  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:26:49.0692 0x0d9c  AeLookupSvc - ok
22:26:49.0733 0x0d9c  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
22:26:49.0757 0x0d9c  AFD - ok
22:26:49.0818 0x0d9c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:26:49.0828 0x0d9c  agp440 - ok
22:26:49.0855 0x0d9c  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
22:26:49.0865 0x0d9c  ahcache - ok
22:26:49.0911 0x0d9c  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
22:26:49.0941 0x0d9c  ALG - ok
22:26:49.0973 0x0d9c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
22:26:49.0984 0x0d9c  AmdK8 - ok
22:26:50.0006 0x0d9c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
22:26:50.0036 0x0d9c  AmdPPM - ok
22:26:50.0053 0x0d9c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:26:50.0064 0x0d9c  amdsata - ok
22:26:50.0079 0x0d9c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:26:50.0095 0x0d9c  amdsbs - ok
22:26:50.0156 0x0d9c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:26:50.0165 0x0d9c  amdxata - ok
22:26:50.0232 0x0d9c  [ 4126D30992B26303E47E8981313FD6D6, 4C8DB2DDDB88FBEA87CDBFB93D9855B40043778878AF4A5571C174434F9C0D4C ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
22:26:50.0271 0x0d9c  AmUStor - ok
22:26:50.0395 0x0d9c  [ 62A6B0A393591878A1E00224EA698AD7, 691B6E248D0682477543455B67E85C768A4A53A92139E153320ED4E4CED1E010 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
22:26:50.0462 0x0d9c  AntiVirMailService - ok
22:26:50.0502 0x0d9c  [ F36D18EF1E66F92094AD89D17BEF007C, A5C793B340311CB7A301B77316E1976E3CD7CA9470CE5F1062CB003BCD4C155C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:26:50.0518 0x0d9c  AntiVirSchedulerService - ok
22:26:50.0600 0x0d9c  [ F36D18EF1E66F92094AD89D17BEF007C, A5C793B340311CB7A301B77316E1976E3CD7CA9470CE5F1062CB003BCD4C155C ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:26:50.0615 0x0d9c  AntiVirService - ok
22:26:50.0737 0x0d9c  [ 5B7924A162A604B43FFBEE9384ABE77B, 1A1A836C145BAD330EDC778D4FD18CE737EB10E4B22AE8A39CDDBAAC36B0FF11 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:26:50.0786 0x0d9c  AntiVirWebService - ok
22:26:50.0828 0x0d9c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
22:26:50.0841 0x0d9c  AppID - ok
22:26:50.0879 0x0d9c  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:26:50.0907 0x0d9c  AppIDSvc - ok
22:26:50.0935 0x0d9c  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
22:26:50.0983 0x0d9c  Appinfo - ok
22:26:51.0149 0x0d9c  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:26:51.0156 0x0d9c  Apple Mobile Device Service - ok
22:26:51.0252 0x0d9c  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
22:26:51.0296 0x0d9c  AppReadiness - ok
22:26:51.0360 0x0d9c  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
22:26:51.0460 0x0d9c  AppXSvc - ok
22:26:51.0494 0x0d9c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:26:51.0506 0x0d9c  arcsas - ok
22:26:51.0514 0x0d9c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:26:51.0524 0x0d9c  atapi - ok
22:26:51.0658 0x0d9c  [ 346012042E988BF0E56BF73C656FD02E, A30C7B98347C099324E95DF05BE36DCDB4DACB2F83D50A21FA276BD1D5C7FC7A ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
22:26:51.0687 0x0d9c  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
22:26:54.0133 0x0d9c  Detect skipped due to KSN trusted
22:26:54.0133 0x0d9c  AtherosSvc - ok
22:26:54.0432 0x0d9c  [ 37B33DDE5490A2DF56DFB46580356E3F, 40FE378C9010B06FD7ADE30F76F916D5BDBB26525CF3D11D5780E2247B6099D8 ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
22:26:54.0525 0x0d9c  athr - ok
22:26:54.0577 0x0d9c  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
22:26:54.0620 0x0d9c  AudioEndpointBuilder - ok
22:26:54.0667 0x0d9c  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:26:54.0752 0x0d9c  Audiosrv - ok
22:26:54.0783 0x0d9c  [ DE3FF859EDF66F5E0106B23B3A4B09CE, 9F6D735E32F340547D5FDA595E2A461083AC581AC0719913D4841C0C5D7A2998 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
22:26:54.0790 0x0d9c  Autodesk Content Service - ok
22:26:54.0842 0x0d9c  [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:26:54.0851 0x0d9c  avgntflt - ok
22:26:54.0896 0x0d9c  [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:26:54.0905 0x0d9c  avipbb - ok
22:26:55.0019 0x0d9c  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
22:26:55.0030 0x0d9c  Avira.OE.ServiceHost - ok
22:26:55.0071 0x0d9c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:26:55.0079 0x0d9c  avkmgr - ok
22:26:55.0117 0x0d9c  [ 83586138F23A4C284EB68AFC852D7AFA, 9ADE8924B4518ED0A8E3FC4CC3F9964BC05B5FF67F230A7FD0BDABCFFA0BB0C8 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
22:26:55.0124 0x0d9c  avnetflt - ok
22:26:55.0164 0x0d9c  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:26:55.0209 0x0d9c  AxInstSV - ok
22:26:55.0244 0x0d9c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:26:55.0267 0x0d9c  b06bdrv - ok
22:26:55.0296 0x0d9c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
22:26:55.0306 0x0d9c  BasicDisplay - ok
22:26:55.0347 0x0d9c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
22:26:55.0358 0x0d9c  BasicRender - ok
22:26:55.0406 0x0d9c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
22:26:55.0413 0x0d9c  bcmfn2 - ok
22:26:55.0501 0x0d9c  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
22:26:55.0531 0x0d9c  BDESVC - ok
22:26:55.0547 0x0d9c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
22:26:55.0568 0x0d9c  Beep - ok
22:26:55.0622 0x0d9c  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
22:26:55.0682 0x0d9c  BFE - ok
22:26:55.0727 0x0d9c  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
22:26:55.0799 0x0d9c  BITS - ok
22:26:55.0843 0x0d9c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:26:55.0859 0x0d9c  Bonjour Service - ok
22:26:55.0889 0x0d9c  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:26:55.0900 0x0d9c  bowser - ok
22:26:55.0974 0x0d9c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
22:26:56.0033 0x0d9c  BrokerInfrastructure - ok
22:26:56.0063 0x0d9c  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
22:26:56.0099 0x0d9c  Browser - ok
22:26:56.0136 0x0d9c  [ 39FFF1464DD0809B67D3E70E885485C8, B647D9A06D413DA92236D193515FCAFF9ADE826635F8A966CE1B3DA9A72A6C50 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
22:26:56.0155 0x0d9c  BtFilter - ok
22:26:56.0201 0x0d9c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
22:26:56.0211 0x0d9c  BthAvrcpTg - ok
22:26:56.0276 0x0d9c  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
22:26:56.0286 0x0d9c  BthEnum - ok
22:26:56.0335 0x0d9c  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
22:26:56.0361 0x0d9c  BthHFEnum - ok
22:26:56.0391 0x0d9c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
22:26:56.0410 0x0d9c  bthhfhid - ok
22:26:56.0448 0x0d9c  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
22:26:56.0476 0x0d9c  BthHFSrv - ok
22:26:56.0534 0x0d9c  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\System32\drivers\BthLEEnum.sys
22:26:56.0548 0x0d9c  BthLEEnum - ok
22:26:56.0569 0x0d9c  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
22:26:56.0596 0x0d9c  BTHMODEM - ok
22:26:56.0623 0x0d9c  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\System32\drivers\bthpan.sys
22:26:56.0635 0x0d9c  BthPan - ok
22:26:56.0708 0x0d9c  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
22:26:56.0756 0x0d9c  BTHPORT - ok
22:26:56.0784 0x0d9c  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
22:26:56.0825 0x0d9c  bthserv - ok
22:26:56.0838 0x0d9c  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
22:26:56.0860 0x0d9c  BTHUSB - ok
22:26:56.0883 0x0d9c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:26:56.0895 0x0d9c  cdfs - ok
22:26:56.0925 0x0d9c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
22:26:56.0953 0x0d9c  cdrom - ok
22:26:56.0985 0x0d9c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:26:57.0011 0x0d9c  CertPropSvc - ok
22:26:57.0029 0x0d9c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
22:26:57.0048 0x0d9c  circlass - ok
22:26:57.0086 0x0d9c  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
22:26:57.0105 0x0d9c  CLFS - ok
22:26:57.0146 0x0d9c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
22:26:57.0155 0x0d9c  CmBatt - ok
22:26:57.0198 0x0d9c  [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:26:57.0225 0x0d9c  CNG - ok
22:26:57.0245 0x0d9c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
22:26:57.0271 0x0d9c  CompositeBus - ok
22:26:57.0276 0x0d9c  COMSysApp - ok
22:26:57.0304 0x0d9c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
22:26:57.0345 0x0d9c  condrv - ok
22:26:57.0417 0x0d9c  [ 6344504D5A9D8ED299239FBC03AB5D35, 27299078C93E0CA9304B5F5624D801C66054A6CB277AB868B5DE9E6178EAEF52 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:26:57.0431 0x0d9c  cphs - ok
22:26:57.0464 0x0d9c  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:26:57.0506 0x0d9c  CryptSvc - ok
22:26:57.0520 0x0d9c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
22:26:57.0531 0x0d9c  dam - ok
22:26:57.0594 0x0d9c  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:26:57.0647 0x0d9c  DcomLaunch - ok
22:26:57.0686 0x0d9c  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
22:26:57.0754 0x0d9c  defragsvc - ok
22:26:57.0792 0x0d9c  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
22:26:57.0820 0x0d9c  DeviceAssociationService - ok
22:26:57.0852 0x0d9c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
22:26:57.0898 0x0d9c  DeviceInstall - ok
22:26:57.0931 0x0d9c  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
22:26:57.0943 0x0d9c  Dfsc - ok
22:26:57.0986 0x0d9c  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:26:58.0016 0x0d9c  Dhcp - ok
22:26:58.0049 0x0d9c  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
22:26:58.0060 0x0d9c  disk - ok
22:26:58.0070 0x0d9c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
22:26:58.0081 0x0d9c  dmvsc - ok
22:26:58.0123 0x0d9c  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:26:58.0152 0x0d9c  Dnscache - ok
22:26:58.0178 0x0d9c  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:26:58.0209 0x0d9c  dot3svc - ok
22:26:58.0242 0x0d9c  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
22:26:58.0273 0x0d9c  DPS - ok
22:26:58.0305 0x0d9c  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:26:58.0314 0x0d9c  drmkaud - ok
22:26:58.0343 0x0d9c  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
22:26:58.0375 0x0d9c  DsmSvc - ok
22:26:58.0438 0x0d9c  [ 40CFC6671B2442D32E149FF1683212D1, ADC1743CDB98EAC736783156D659364DF8613BCC4C0B6D0AC0D8F05AF18E0BF7 ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
22:26:58.0446 0x0d9c  dts_apo_service - ok
22:26:58.0518 0x0d9c  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:26:58.0566 0x0d9c  DXGKrnl - ok
22:26:58.0602 0x0d9c  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
22:26:58.0648 0x0d9c  Eaphost - ok
22:26:58.0752 0x0d9c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:26:58.0846 0x0d9c  ebdrv - ok
22:26:58.0889 0x0d9c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
22:26:58.0899 0x0d9c  EFS - ok
22:26:58.0916 0x0d9c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
22:26:58.0926 0x0d9c  EhStorClass - ok
22:26:58.0943 0x0d9c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
22:26:58.0954 0x0d9c  EhStorTcgDrv - ok
22:26:58.0964 0x0d9c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
22:26:58.0989 0x0d9c  ErrDev - ok
22:26:59.0056 0x0d9c  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
22:26:59.0110 0x0d9c  EventSystem - ok
22:26:59.0141 0x0d9c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:26:59.0173 0x0d9c  exfat - ok
22:26:59.0194 0x0d9c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:26:59.0210 0x0d9c  fastfat - ok
22:26:59.0264 0x0d9c  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
22:26:59.0322 0x0d9c  Fax - ok
22:26:59.0340 0x0d9c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
22:26:59.0389 0x0d9c  fdc - ok
22:26:59.0418 0x0d9c  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:26:59.0455 0x0d9c  fdPHost - ok
22:26:59.0483 0x0d9c  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:26:59.0514 0x0d9c  FDResPub - ok
22:26:59.0548 0x0d9c  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
22:26:59.0586 0x0d9c  fhsvc - ok
22:26:59.0633 0x0d9c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:26:59.0643 0x0d9c  FileInfo - ok
22:26:59.0655 0x0d9c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:26:59.0686 0x0d9c  Filetrace - ok
22:26:59.0789 0x0d9c  [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
22:26:59.0845 0x0d9c  FlexNet Licensing Service 64 - ok
22:26:59.0864 0x0d9c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
22:26:59.0881 0x0d9c  flpydisk - ok
22:26:59.0920 0x0d9c  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:26:59.0939 0x0d9c  FltMgr - ok
22:27:00.0006 0x0d9c  [ 7269C9013FCFA3C6E70F03E2630DBFC3, AAB282B4444CC17D197974D05063C7C97E5202E604681DD2DC3BCF0AE77D6057 ] FontCache       C:\Windows\system32\FntCache.dll
22:27:00.0088 0x0d9c  FontCache - ok
22:27:00.0177 0x0d9c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:27:00.0187 0x0d9c  FontCache3.0.0.0 - ok
22:27:00.0221 0x0d9c  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:27:00.0231 0x0d9c  FsDepends - ok
22:27:00.0258 0x0d9c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:27:00.0267 0x0d9c  Fs_Rec - ok
22:27:00.0315 0x0d9c  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:27:00.0340 0x0d9c  fvevol - ok
22:27:00.0352 0x0d9c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
22:27:00.0379 0x0d9c  FxPPM - ok
22:27:00.0385 0x0d9c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:27:00.0395 0x0d9c  gagp30kx - ok
22:27:00.0426 0x0d9c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:27:00.0433 0x0d9c  GEARAspiWDM - ok
22:27:00.0457 0x0d9c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
22:27:00.0484 0x0d9c  gencounter - ok
22:27:00.0523 0x0d9c  [ 045AE8D818B2E74B839597BB9C19C13B, 5C46F86C16E7F9740FEA56D5153B8E438A87B6011AA2C589FF0C1BE21D4BA701 ] GFNEXSrv        C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
22:27:00.0535 0x0d9c  GFNEXSrv - ok
22:27:00.0573 0x0d9c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
22:27:00.0586 0x0d9c  GPIOClx0101 - ok
22:27:00.0655 0x0d9c  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:27:00.0730 0x0d9c  gpsvc - ok
22:27:00.0773 0x0d9c  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:27:00.0802 0x0d9c  HdAudAddService - ok
22:27:00.0839 0x0d9c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
22:27:00.0870 0x0d9c  HDAudBus - ok
22:27:00.0887 0x0d9c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
22:27:00.0905 0x0d9c  HidBatt - ok
22:27:00.0935 0x0d9c  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
22:27:00.0960 0x0d9c  HidBth - ok
22:27:00.0989 0x0d9c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
22:27:01.0015 0x0d9c  hidi2c - ok
22:27:01.0021 0x0d9c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
22:27:01.0042 0x0d9c  HidIr - ok
22:27:01.0068 0x0d9c  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
22:27:01.0102 0x0d9c  hidserv - ok
22:27:01.0141 0x0d9c  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
22:27:01.0152 0x0d9c  HidUsb - ok
22:27:01.0192 0x0d9c  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:27:01.0214 0x0d9c  hkmsvc - ok
22:27:01.0248 0x0d9c  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:27:01.0301 0x0d9c  HomeGroupListener - ok
22:27:01.0345 0x0d9c  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:27:01.0380 0x0d9c  HomeGroupProvider - ok
22:27:01.0418 0x0d9c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:27:01.0428 0x0d9c  HpSAMD - ok
22:27:01.0483 0x0d9c  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:27:01.0518 0x0d9c  HTTP - ok
22:27:01.0537 0x0d9c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:27:01.0546 0x0d9c  hwpolicy - ok
22:27:01.0557 0x0d9c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
22:27:01.0578 0x0d9c  hyperkbd - ok
22:27:01.0583 0x0d9c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
22:27:01.0598 0x0d9c  HyperVideo - ok
22:27:01.0636 0x0d9c  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
22:27:01.0647 0x0d9c  i8042prt - ok
22:27:01.0670 0x0d9c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
22:27:01.0678 0x0d9c  iaLPSSi_GPIO - ok
22:27:01.0684 0x0d9c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
22:27:01.0693 0x0d9c  iaLPSSi_I2C - ok
22:27:01.0724 0x0d9c  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
22:27:01.0745 0x0d9c  iaStorA - ok
22:27:01.0775 0x0d9c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
22:27:01.0796 0x0d9c  iaStorAV - ok
22:27:01.0822 0x0d9c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:27:01.0841 0x0d9c  iaStorV - ok
22:27:01.0886 0x0d9c  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
22:27:01.0896 0x0d9c  ICCS - ok
22:27:01.0900 0x0d9c  IEEtwCollectorService - ok
22:27:02.0038 0x0d9c  [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
22:27:02.0142 0x0d9c  igfx - ok
22:27:02.0246 0x0d9c  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:27:02.0322 0x0d9c  IKEEXT - ok
22:27:02.0344 0x0d9c  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
22:27:02.0352 0x0d9c  intaud_WaveExtensible - ok
22:27:02.0377 0x0d9c  [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:27:02.0397 0x0d9c  IntcDAud - ok
22:27:02.0462 0x0d9c  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:27:02.0504 0x0d9c  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
22:27:04.0915 0x0d9c  Detect skipped due to KSN trusted
22:27:04.0915 0x0d9c  Intel(R) Capability Licensing Service Interface - ok
22:27:05.0040 0x0d9c  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
22:27:05.0056 0x0d9c  Intel(R) Capability Licensing Service TCP IP Interface - ok
22:27:05.0119 0x0d9c  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
22:27:05.0119 0x0d9c  Intel(R) ME Service - ok
22:27:05.0150 0x0d9c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:27:05.0150 0x0d9c  intelide - ok
22:27:05.0165 0x0d9c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
22:27:05.0181 0x0d9c  intelpep - ok
22:27:05.0197 0x0d9c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
22:27:05.0228 0x0d9c  intelppm - ok
22:27:05.0244 0x0d9c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:27:05.0244 0x0d9c  IpFilterDriver - ok
22:27:05.0306 0x0d9c  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:27:05.0369 0x0d9c  iphlpsvc - ok
22:27:05.0400 0x0d9c  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
22:27:05.0415 0x0d9c  IPMIDRV - ok
22:27:05.0447 0x0d9c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:27:05.0462 0x0d9c  IPNAT - ok
22:27:05.0556 0x0d9c  [ 87F8EDF63C97BF0BF21359A3D8ABF0C7, BAAAE1DE50EBD1BCE46F33C5F3A7F3C39F61AB21416D78DAA7F8A19F38F67269 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:27:05.0572 0x0d9c  iPod Service - ok
22:27:05.0603 0x0d9c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:27:05.0634 0x0d9c  IRENUM - ok
22:27:05.0681 0x0d9c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:27:05.0681 0x0d9c  isapnp - ok
22:27:05.0728 0x0d9c  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
22:27:05.0744 0x0d9c  iScsiPrt - ok
22:27:05.0775 0x0d9c  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
22:27:05.0775 0x0d9c  iwdbus - ok
22:27:05.0853 0x0d9c  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:27:05.0869 0x0d9c  jhi_service - ok
22:27:05.0916 0x0d9c  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
22:27:05.0916 0x0d9c  kbdclass - ok
22:27:05.0947 0x0d9c  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
22:27:05.0978 0x0d9c  kbdhid - ok
22:27:05.0994 0x0d9c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
22:27:06.0041 0x0d9c  kdnic - ok
22:27:06.0056 0x0d9c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
22:27:06.0072 0x0d9c  KeyIso - ok
22:27:06.0103 0x0d9c  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:27:06.0119 0x0d9c  KSecDD - ok
22:27:06.0134 0x0d9c  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:27:06.0150 0x0d9c  KSecPkg - ok
22:27:06.0181 0x0d9c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:27:06.0197 0x0d9c  ksthunk - ok
22:27:06.0212 0x0d9c  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:27:06.0228 0x0d9c  KtmRm - ok
22:27:06.0259 0x0d9c  [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C             C:\Windows\system32\DRIVERS\L1C63x64.sys
22:27:06.0259 0x0d9c  L1C - ok
22:27:06.0306 0x0d9c  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:27:06.0353 0x0d9c  LanmanServer - ok
22:27:06.0384 0x0d9c  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:27:06.0416 0x0d9c  LanmanWorkstation - ok
22:27:06.0462 0x0d9c  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
22:27:06.0510 0x0d9c  lfsvc - ok
22:27:06.0526 0x0d9c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:27:06.0573 0x0d9c  lltdio - ok
22:27:06.0604 0x0d9c  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:27:06.0635 0x0d9c  lltdsvc - ok
22:27:06.0666 0x0d9c  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:27:06.0698 0x0d9c  lmhosts - ok
22:27:06.0760 0x0d9c  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:27:06.0776 0x0d9c  LMS - ok
22:27:06.0791 0x0d9c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:27:06.0807 0x0d9c  LSI_SAS - ok
22:27:06.0807 0x0d9c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:27:06.0823 0x0d9c  LSI_SAS2 - ok
22:27:06.0838 0x0d9c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
22:27:06.0854 0x0d9c  LSI_SAS3 - ok
22:27:06.0854 0x0d9c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
22:27:06.0869 0x0d9c  LSI_SSS - ok
22:27:06.0916 0x0d9c  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
22:27:06.0963 0x0d9c  LSM - ok
22:27:07.0010 0x0d9c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:27:07.0026 0x0d9c  luafv - ok
22:27:07.0041 0x0d9c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
22:27:07.0057 0x0d9c  megasas - ok
22:27:07.0073 0x0d9c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
22:27:07.0104 0x0d9c  megasr - ok
22:27:07.0135 0x0d9c  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
22:27:07.0135 0x0d9c  MEIx64 - ok
22:27:07.0166 0x0d9c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
22:27:07.0213 0x0d9c  MMCSS - ok
22:27:07.0229 0x0d9c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
22:27:07.0260 0x0d9c  Modem - ok
22:27:07.0276 0x0d9c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
22:27:07.0291 0x0d9c  monitor - ok
22:27:07.0323 0x0d9c  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
22:27:07.0338 0x0d9c  mouclass - ok
22:27:07.0370 0x0d9c  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
22:27:07.0385 0x0d9c  mouhid - ok
22:27:07.0416 0x0d9c  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:27:07.0432 0x0d9c  mountmgr - ok
22:27:07.0479 0x0d9c  [ 269BDB3CB77EB77BABE2862BEAB1F208, EC693365C73D59244CB77E181042128A9901BA5C1109CD4F1B9A2008DF1F9582 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:27:07.0495 0x0d9c  MozillaMaintenance - ok
22:27:07.0526 0x0d9c  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:27:07.0541 0x0d9c  mpsdrv - ok
22:27:07.0604 0x0d9c  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:27:07.0651 0x0d9c  MpsSvc - ok
22:27:07.0682 0x0d9c  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:27:07.0698 0x0d9c  MRxDAV - ok
22:27:07.0745 0x0d9c  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:27:07.0760 0x0d9c  mrxsmb - ok
22:27:07.0807 0x0d9c  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:27:07.0823 0x0d9c  mrxsmb10 - ok
22:27:07.0870 0x0d9c  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:27:07.0885 0x0d9c  mrxsmb20 - ok
22:27:07.0916 0x0d9c  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
22:27:07.0932 0x0d9c  MsBridge - ok
22:27:07.0963 0x0d9c  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
22:27:07.0979 0x0d9c  MSDTC - ok
22:27:08.0010 0x0d9c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:27:08.0026 0x0d9c  Msfs - ok
22:27:08.0041 0x0d9c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
22:27:08.0057 0x0d9c  msgpiowin32 - ok
22:27:08.0073 0x0d9c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:27:08.0088 0x0d9c  mshidkmdf - ok
22:27:08.0104 0x0d9c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
22:27:08.0135 0x0d9c  mshidumdf - ok
22:27:08.0166 0x0d9c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:27:08.0166 0x0d9c  msisadrv - ok
22:27:08.0198 0x0d9c  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:27:08.0229 0x0d9c  MSiSCSI - ok
22:27:08.0229 0x0d9c  msiserver - ok
22:27:08.0245 0x0d9c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:27:08.0276 0x0d9c  MSKSSRV - ok
22:27:08.0307 0x0d9c  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
22:27:08.0307 0x0d9c  MsLldp - ok
22:27:08.0323 0x0d9c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:27:08.0354 0x0d9c  MSPCLOCK - ok
22:27:08.0370 0x0d9c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:27:08.0385 0x0d9c  MSPQM - ok
22:27:08.0401 0x0d9c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:27:08.0432 0x0d9c  MsRPC - ok
22:27:08.0432 0x0d9c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
22:27:08.0448 0x0d9c  mssmbios - ok
22:27:08.0463 0x0d9c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:27:08.0479 0x0d9c  MSTEE - ok
22:27:08.0510 0x0d9c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
22:27:08.0526 0x0d9c  MTConfig - ok
22:27:08.0542 0x0d9c  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
22:27:08.0557 0x0d9c  Mup - ok
22:27:08.0557 0x0d9c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
22:27:08.0573 0x0d9c  mvumis - ok
22:27:08.0604 0x0d9c  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
22:27:08.0651 0x0d9c  napagent - ok
22:27:08.0682 0x0d9c  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:27:08.0698 0x0d9c  NativeWifiP - ok
22:27:08.0729 0x0d9c  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
22:27:08.0776 0x0d9c  NcaSvc - ok
22:27:08.0792 0x0d9c  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
22:27:08.0823 0x0d9c  NcbService - ok
22:27:08.0870 0x0d9c  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
22:27:08.0901 0x0d9c  NcdAutoSetup - ok
22:27:08.0963 0x0d9c  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:27:09.0010 0x0d9c  NDIS - ok
22:27:09.0042 0x0d9c  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:27:09.0057 0x0d9c  NdisCap - ok
22:27:09.0104 0x0d9c  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
22:27:09.0104 0x0d9c  NdisImPlatform - ok
22:27:09.0135 0x0d9c  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:27:09.0135 0x0d9c  NdisTapi - ok
22:27:09.0167 0x0d9c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:27:09.0182 0x0d9c  Ndisuio - ok
22:27:09.0182 0x0d9c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
22:27:09.0198 0x0d9c  NdisVirtualBus - ok
22:27:09.0213 0x0d9c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:27:09.0245 0x0d9c  NdisWan - ok
22:27:09.0260 0x0d9c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
22:27:09.0276 0x0d9c  NdisWanLegacy - ok
22:27:09.0307 0x0d9c  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:27:09.0323 0x0d9c  NDProxy - ok
22:27:09.0354 0x0d9c  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
22:27:09.0370 0x0d9c  Ndu - ok
22:27:09.0385 0x0d9c  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:27:09.0417 0x0d9c  NetBIOS - ok
22:27:09.0448 0x0d9c  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:27:09.0463 0x0d9c  NetBT - ok
22:27:09.0479 0x0d9c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
22:27:09.0495 0x0d9c  Netlogon - ok
22:27:09.0526 0x0d9c  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
22:27:09.0542 0x0d9c  Netman - ok
22:27:09.0589 0x0d9c  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
22:27:09.0635 0x0d9c  netprofm - ok
22:27:09.0714 0x0d9c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:27:09.0729 0x0d9c  NetTcpPortSharing - ok
22:27:09.0760 0x0d9c  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
22:27:09.0760 0x0d9c  netvsc - ok
22:27:09.0807 0x0d9c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:27:09.0854 0x0d9c  NlaSvc - ok
22:27:09.0870 0x0d9c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:27:09.0901 0x0d9c  Npfs - ok
22:27:09.0917 0x0d9c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
22:27:09.0917 0x0d9c  npsvctrig - ok
22:27:09.0948 0x0d9c  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
22:27:09.0979 0x0d9c  nsi - ok
22:27:10.0010 0x0d9c  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:27:10.0057 0x0d9c  nsiproxy - ok
22:27:10.0167 0x0d9c  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:27:10.0245 0x0d9c  Ntfs - ok
22:27:10.0276 0x0d9c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
22:27:10.0292 0x0d9c  Null - ok
22:27:10.0323 0x0d9c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:27:10.0323 0x0d9c  nvraid - ok
22:27:10.0339 0x0d9c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:27:10.0354 0x0d9c  nvstor - ok
22:27:10.0370 0x0d9c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:27:10.0370 0x0d9c  nv_agp - ok
22:27:10.0417 0x0d9c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:27:10.0479 0x0d9c  p2pimsvc - ok
22:27:10.0526 0x0d9c  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
22:27:10.0573 0x0d9c  p2psvc - ok
22:27:10.0604 0x0d9c  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
22:27:10.0604 0x0d9c  Parport - ok
22:27:10.0651 0x0d9c  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:27:10.0651 0x0d9c  partmgr - ok
22:27:10.0698 0x0d9c  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:27:10.0714 0x0d9c  PcaSvc - ok
22:27:10.0761 0x0d9c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
22:27:10.0776 0x0d9c  pci - ok
22:27:10.0807 0x0d9c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:27:10.0807 0x0d9c  pciide - ok
22:27:10.0839 0x0d9c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:27:10.0839 0x0d9c  pcmcia - ok
22:27:10.0854 0x0d9c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:27:10.0870 0x0d9c  pcw - ok
22:27:10.0886 0x0d9c  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
22:27:10.0901 0x0d9c  pdc - ok
22:27:10.0932 0x0d9c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:27:10.0964 0x0d9c  PEAUTH - ok
22:27:10.0979 0x0d9c  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys
22:27:10.0979 0x0d9c  PEGAGFN - ok
22:27:11.0042 0x0d9c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:27:11.0073 0x0d9c  PerfHost - ok
22:27:11.0151 0x0d9c  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
22:27:11.0229 0x0d9c  pla - ok
22:27:11.0261 0x0d9c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:27:11.0276 0x0d9c  PlugPlay - ok
22:27:11.0307 0x0d9c  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:27:11.0323 0x0d9c  PNRPAutoReg - ok
22:27:11.0354 0x0d9c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:27:11.0370 0x0d9c  PNRPsvc - ok
22:27:11.0417 0x0d9c  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:27:11.0448 0x0d9c  PolicyAgent - ok
22:27:11.0479 0x0d9c  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
22:27:11.0526 0x0d9c  Power - ok
22:27:11.0651 0x0d9c  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
22:27:11.0792 0x0d9c  PrintNotify - ok
22:27:11.0823 0x0d9c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
22:27:11.0839 0x0d9c  Processor - ok
22:27:11.0870 0x0d9c  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:27:11.0932 0x0d9c  ProfSvc - ok
22:27:11.0964 0x0d9c  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:27:11.0995 0x0d9c  Psched - ok
22:27:12.0042 0x0d9c  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
22:27:12.0073 0x0d9c  QWAVE - ok
22:27:12.0089 0x0d9c  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:27:12.0104 0x0d9c  QWAVEdrv - ok
22:27:12.0120 0x0d9c  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:27:12.0136 0x0d9c  RasAcd - ok
22:27:12.0167 0x0d9c  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
22:27:12.0198 0x0d9c  RasAuto - ok
22:27:12.0229 0x0d9c  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
22:27:12.0261 0x0d9c  RasMan - ok
22:27:12.0292 0x0d9c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:27:12.0307 0x0d9c  RasPppoe - ok
22:27:12.0354 0x0d9c  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:27:12.0370 0x0d9c  rdbss - ok
22:27:12.0386 0x0d9c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
22:27:12.0401 0x0d9c  rdpbus - ok
22:27:12.0417 0x0d9c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:27:12.0432 0x0d9c  RDPDR - ok
22:27:12.0464 0x0d9c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:27:12.0479 0x0d9c  RdpVideoMiniport - ok
22:27:12.0511 0x0d9c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:27:12.0527 0x0d9c  rdyboost - ok
22:27:12.0573 0x0d9c  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
22:27:12.0636 0x0d9c  ReFS - ok
22:27:12.0667 0x0d9c  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:27:12.0698 0x0d9c  RemoteAccess - ok
22:27:12.0714 0x0d9c  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:27:12.0761 0x0d9c  RemoteRegistry - ok
22:27:12.0792 0x0d9c  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
22:27:12.0823 0x0d9c  RFCOMM - ok
22:27:12.0870 0x0d9c  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:27:12.0902 0x0d9c  RpcEptMapper - ok
22:27:12.0933 0x0d9c  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
22:27:12.0964 0x0d9c  RpcLocator - ok
22:27:13.0027 0x0d9c  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
22:27:13.0042 0x0d9c  RpcSs - ok
22:27:13.0073 0x0d9c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:27:13.0105 0x0d9c  rspndr - ok
22:27:13.0183 0x0d9c  [ A307450FE19F99CC8AC750EB13959F94, D74B054B116C8E4295AFE1826D3E560D7F6885980C711F692CCDF4D9A87978AB ] RTWlanE         C:\Windows\system32\DRIVERS\rtwlane.sys
22:27:13.0230 0x0d9c  RTWlanE - ok
22:27:13.0245 0x0d9c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
22:27:13.0261 0x0d9c  s3cap - ok
22:27:13.0292 0x0d9c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
22:27:13.0308 0x0d9c  SamSs - ok
22:27:13.0323 0x0d9c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:27:13.0323 0x0d9c  sbp2port - ok
22:27:13.0370 0x0d9c  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:27:13.0386 0x0d9c  SCardSvr - ok
22:27:13.0417 0x0d9c  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
22:27:13.0448 0x0d9c  ScDeviceEnum - ok
22:27:13.0464 0x0d9c  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:27:13.0480 0x0d9c  scfilter - ok
22:27:13.0542 0x0d9c  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
22:27:13.0605 0x0d9c  Schedule - ok
22:27:13.0636 0x0d9c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:27:13.0652 0x0d9c  SCPolicySvc - ok
22:27:13.0683 0x0d9c  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
22:27:13.0698 0x0d9c  sdbus - ok
22:27:13.0730 0x0d9c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
22:27:13.0745 0x0d9c  sdstor - ok
22:27:13.0761 0x0d9c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:27:13.0792 0x0d9c  secdrv - ok
22:27:13.0823 0x0d9c  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
22:27:13.0839 0x0d9c  seclogon - ok
22:27:13.0870 0x0d9c  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
22:27:13.0886 0x0d9c  SENS - ok
22:27:13.0917 0x0d9c  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:27:13.0964 0x0d9c  SensrSvc - ok
22:27:13.0980 0x0d9c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
22:27:13.0995 0x0d9c  SerCx - ok
22:27:14.0027 0x0d9c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
22:27:14.0027 0x0d9c  SerCx2 - ok
22:27:14.0042 0x0d9c  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
22:27:14.0058 0x0d9c  Serenum - ok
22:27:14.0089 0x0d9c  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
22:27:14.0105 0x0d9c  Serial - ok
22:27:14.0136 0x0d9c  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
22:27:14.0152 0x0d9c  sermouse - ok
22:27:14.0198 0x0d9c  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
22:27:14.0245 0x0d9c  SessionEnv - ok
22:27:14.0261 0x0d9c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
22:27:14.0292 0x0d9c  sfloppy - ok
22:27:14.0323 0x0d9c  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:27:14.0355 0x0d9c  SharedAccess - ok
22:27:14.0433 0x0d9c  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:27:14.0495 0x0d9c  ShellHWDetection - ok
22:27:14.0512 0x0d9c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:27:14.0528 0x0d9c  SiSRaid2 - ok
22:27:14.0528 0x0d9c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:27:14.0543 0x0d9c  SiSRaid4 - ok
22:27:14.0559 0x0d9c  [ 1F42632DDAC5D95209F72F37B9726D4B, 50B8BBB788ED2E1ADB1069D7E512A24FFD98961305CF7EC0CDF9DD39926075C1 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
22:27:14.0559 0x0d9c  SmbDrvI - ok
22:27:14.0606 0x0d9c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
22:27:14.0606 0x0d9c  smphost - ok
22:27:14.0653 0x0d9c  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:27:14.0668 0x0d9c  SNMPTRAP - ok
22:27:14.0715 0x0d9c  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
22:27:14.0731 0x0d9c  spaceport - ok
22:27:14.0746 0x0d9c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
22:27:14.0762 0x0d9c  SpbCx - ok
22:27:14.0809 0x0d9c  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
22:27:14.0887 0x0d9c  Spooler - ok
22:27:15.0074 0x0d9c  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
22:27:15.0278 0x0d9c  sppsvc - ok
22:27:15.0356 0x0d9c  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:27:15.0387 0x0d9c  srv - ok
22:27:15.0434 0x0d9c  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:27:15.0450 0x0d9c  srv2 - ok
22:27:15.0496 0x0d9c  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:27:15.0543 0x0d9c  srvnet - ok
22:27:15.0575 0x0d9c  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:27:15.0637 0x0d9c  SSDPSRV - ok
22:27:15.0668 0x0d9c  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:27:15.0700 0x0d9c  SstpSvc - ok
22:27:15.0778 0x0d9c  [ D67F951F6BA708812420195B8D0AB8B6, 6583DB22EB8AA5FF0134D2536C9A46BC0D7D8F8B2829D5719DD68968C22F5917 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
22:27:15.0809 0x0d9c  STacSV - detected UnsignedFile.Multi.Generic ( 1 )
22:27:18.0215 0x0d9c  Detect skipped due to KSN trusted
22:27:18.0215 0x0d9c  STacSV - ok
22:27:18.0325 0x0d9c  [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:27:18.0372 0x0d9c  Steam Client Service - ok
22:27:18.0387 0x0d9c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:27:18.0403 0x0d9c  stexstor - ok
22:27:18.0434 0x0d9c  [ 71CB3BB20F08BB724769DAAAFD5AB26E, FC4B2BD03037EC07F4443BBE13A28859035F7229CA06D4E42AFB42ABF1A89F09 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
22:27:18.0450 0x0d9c  STHDA - ok
22:27:18.0497 0x0d9c  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
22:27:18.0559 0x0d9c  stisvc - ok
22:27:18.0590 0x0d9c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
22:27:18.0606 0x0d9c  storahci - ok
22:27:18.0637 0x0d9c  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:27:18.0637 0x0d9c  storflt - ok
22:27:18.0669 0x0d9c  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
22:27:18.0684 0x0d9c  stornvme - ok
22:27:18.0715 0x0d9c  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
22:27:18.0731 0x0d9c  StorSvc - ok
22:27:18.0747 0x0d9c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:27:18.0762 0x0d9c  storvsc - ok
22:27:18.0794 0x0d9c  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
22:27:18.0825 0x0d9c  svsvc - ok
22:27:18.0856 0x0d9c  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
22:27:18.0856 0x0d9c  swenum - ok
22:27:18.0919 0x0d9c  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
22:27:18.0950 0x0d9c  swprv - ok
22:27:18.0997 0x0d9c  [ 90AAE45676DDF13048FFB9D01FBE1669, 983FFA615E42B5E039DE5F1033F643D0E87C93A715043A9A642518FC66E3F9F5 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:27:19.0012 0x0d9c  SynTP - ok
22:27:19.0075 0x0d9c  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\Windows\system32\sysmain.dll
22:27:19.0153 0x0d9c  SysMain - ok
22:27:19.0184 0x0d9c  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
22:27:19.0231 0x0d9c  SystemEventsBroker - ok
22:27:19.0262 0x0d9c  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:27:19.0309 0x0d9c  TabletInputService - ok
22:27:19.0340 0x0d9c  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:27:19.0387 0x0d9c  TapiSrv - ok
22:27:19.0481 0x0d9c  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:27:19.0559 0x0d9c  Tcpip - ok
22:27:19.0903 0x0d9c  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:27:19.0966 0x0d9c  TCPIP6 - ok
22:27:20.0012 0x0d9c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:27:20.0028 0x0d9c  tcpipreg - ok
22:27:20.0091 0x0d9c  [ 58480A57ACF2671C343FD1D4BA990E34, 24AD9C808D06FABFE8E81242CAC8B5A91829F7D951B245865EF77B79BB795E3D ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:27:20.0106 0x0d9c  tdcmdpst - ok
22:27:20.0122 0x0d9c  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:27:20.0169 0x0d9c  tdx - ok
22:27:20.0278 0x0d9c  [ E964837B2A702D82E51DE879FEFDF22B, 3C24E4E3486F4D6B4AB0E202BD45AF4D344123EB6467476A4317DB0CFA37EC86 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
22:27:20.0294 0x0d9c  TemproMonitoringService - ok
22:27:20.0341 0x0d9c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
22:27:20.0341 0x0d9c  terminpt - ok
22:27:20.0640 0x0d9c  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
22:27:20.0702 0x0d9c  TermService - ok
22:27:20.0749 0x0d9c  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
22:27:20.0780 0x0d9c  Themes - ok
22:27:20.0827 0x0d9c  [ 77CF0ECC1C2B5E616B650AB5D4931114, FFB54C264EE10AABA076B591196A98DA5F57E975A4A143AFB5424DFF726AF66F ] Thotkey         C:\Windows\System32\drivers\Thotkey.sys
22:27:20.0827 0x0d9c  Thotkey - ok
22:27:20.0874 0x0d9c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:27:20.0874 0x0d9c  THREADORDER - ok
22:27:20.0968 0x0d9c  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
22:27:21.0015 0x0d9c  TimeBroker - ok
22:27:21.0171 0x0d9c  [ 6C4F5CD42074DB52AE88FC4BAB2C54F7, B4E3B6A23C99A11186F4EE875871D459A7A03EF4565CA114B41FB3C982841A45 ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
22:27:21.0171 0x0d9c  TMachInfo - ok
22:27:21.0265 0x0d9c  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
22:27:21.0280 0x0d9c  TODDSrv - ok
22:27:21.0562 0x0d9c  [ 380192EE4C9FA50A083C14522E6240C8, 539EF29B97E552F655F73EFB54AE300587F3C6FCE9AF89C81B838997E9E0CD43 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
22:27:21.0577 0x0d9c  TOSHIBA eco Utility Service - ok
22:27:21.0624 0x0d9c  [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec         C:\Windows\System32\drivers\tosrfec.sys
22:27:21.0624 0x0d9c  tosrfec - ok
22:27:21.0765 0x0d9c  [ 36391C3953D191A2AF4556D5D706C641, 5191A35C86B6C98F2CBDDC23B5311ED62310345CEDE084A54BBF70CCF0F84C50 ] tos_sps64       C:\Windows\system32\drivers\tos_sps64.sys
22:27:21.0781 0x0d9c  tos_sps64 - ok
22:27:21.0953 0x0d9c  [ 67F2A8FCD91A06E445C374C9E6BB0DD3, 3087D762421A265A0E4BB41496284B092F7F71476CC7BEC5334E3FB6414B4F41 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
22:27:21.0968 0x0d9c  TPCHSrv - ok
22:27:22.0046 0x0d9c  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
22:27:22.0062 0x0d9c  TPM - ok
22:27:22.0093 0x0d9c  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
22:27:22.0124 0x0d9c  TrkWks - ok
22:27:22.0187 0x0d9c  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:27:22.0249 0x0d9c  TrustedInstaller - ok
22:27:22.0281 0x0d9c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:27:22.0296 0x0d9c  TsUsbFlt - ok
22:27:22.0328 0x0d9c  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
22:27:22.0343 0x0d9c  TsUsbGD - ok
22:27:22.0406 0x0d9c  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:27:22.0437 0x0d9c  tunnel - ok
22:27:22.0484 0x0d9c  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\Windows\system32\drivers\TVALZ_O.SYS
22:27:22.0499 0x0d9c  TVALZ - ok
22:27:22.0547 0x0d9c  [ 55A9A23DD64EB7781FCAB565B028CD0E, 44CE0C8244F9AE6CCCDB49C29F6D35FE4CE8C92DE5B5D44D22DBD088DE83AA10 ] TVALZFL         C:\Windows\system32\Drivers\TVALZFL.sys
22:27:22.0562 0x0d9c  TVALZFL - ok
22:27:22.0578 0x0d9c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:27:22.0578 0x0d9c  uagp35 - ok
22:27:22.0641 0x0d9c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
22:27:22.0641 0x0d9c  UASPStor - ok
22:27:22.0766 0x0d9c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
22:27:22.0781 0x0d9c  UCX01000 - ok
22:27:22.0875 0x0d9c  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:27:22.0906 0x0d9c  udfs - ok
22:27:23.0281 0x0d9c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
22:27:23.0281 0x0d9c  UEFI - ok
22:27:23.0344 0x0d9c  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:27:23.0344 0x0d9c  UI0Detect - ok
22:27:23.0359 0x0d9c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:27:23.0375 0x0d9c  uliagpkx - ok
22:27:23.0391 0x0d9c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
22:27:23.0422 0x0d9c  umbus - ok
22:27:23.0438 0x0d9c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
22:27:23.0469 0x0d9c  UmPass - ok
22:27:23.0500 0x0d9c  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:27:23.0578 0x0d9c  UmRdpService - ok
22:27:23.0609 0x0d9c  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
22:27:23.0672 0x0d9c  upnphost - ok
22:27:23.0703 0x0d9c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
22:27:23.0703 0x0d9c  USBAAPL64 - ok
22:27:23.0766 0x0d9c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
22:27:23.0766 0x0d9c  usbccgp - ok
22:27:23.0797 0x0d9c  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
22:27:23.0813 0x0d9c  usbcir - ok
22:27:23.0891 0x0d9c  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
22:27:23.0906 0x0d9c  usbehci - ok
22:27:23.0984 0x0d9c  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
22:27:24.0000 0x0d9c  usbhub - ok
22:27:24.0125 0x0d9c  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
22:27:24.0141 0x0d9c  USBHUB3 - ok
22:27:24.0771 0x0d9c  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
22:27:24.0817 0x0d9c  usbohci - ok
22:27:24.0849 0x0d9c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
22:27:24.0864 0x0d9c  usbprint - ok
22:27:24.0896 0x0d9c  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\System32\drivers\usbscan.sys
22:27:24.0911 0x0d9c  usbscan - ok
22:27:25.0005 0x0d9c  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
22:27:25.0021 0x0d9c  USBSTOR - ok
22:27:25.0052 0x0d9c  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
22:27:25.0099 0x0d9c  usbuhci - ok
22:27:25.0192 0x0d9c  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:27:25.0208 0x0d9c  usbvideo - ok
22:27:25.0333 0x0d9c  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
22:27:25.0349 0x0d9c  USBXHCI - ok
22:27:25.0380 0x0d9c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
22:27:25.0396 0x0d9c  VaultSvc - ok
22:27:25.0442 0x0d9c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:27:25.0458 0x0d9c  vdrvroot - ok
22:27:25.0755 0x0d9c  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
22:27:25.0849 0x0d9c  vds - ok
22:27:25.0896 0x0d9c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
22:27:25.0911 0x0d9c  VerifierExt - ok
22:27:26.0114 0x0d9c  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
22:27:26.0130 0x0d9c  vhdmp - ok
22:27:26.0192 0x0d9c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:27:26.0208 0x0d9c  viaide - ok
22:27:26.0239 0x0d9c  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:27:26.0255 0x0d9c  vmbus - ok
22:27:26.0302 0x0d9c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
22:27:26.0333 0x0d9c  VMBusHID - ok
22:27:26.0458 0x0d9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
22:27:26.0521 0x0d9c  vmicguestinterface - ok
22:27:26.0552 0x0d9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
22:27:26.0568 0x0d9c  vmicheartbeat - ok
22:27:26.0739 0x0d9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
22:27:26.0755 0x0d9c  vmickvpexchange - ok
22:27:26.0786 0x0d9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
22:27:26.0802 0x0d9c  vmicrdv - ok
22:27:26.0943 0x0d9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
22:27:27.0513 0x0d9c  vmicshutdown - ok
22:27:27.0556 0x0d9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
22:27:27.0572 0x0d9c  vmictimesync - ok
22:27:27.0603 0x0d9c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
22:27:27.0635 0x0d9c  vmicvss - ok
22:27:27.0697 0x0d9c  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:27:27.0713 0x0d9c  volmgr - ok
22:27:27.0775 0x0d9c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:27:27.0806 0x0d9c  volmgrx - ok
22:27:27.0853 0x0d9c  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:27:27.0869 0x0d9c  volsnap - ok
22:27:27.0916 0x0d9c  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
22:27:27.0931 0x0d9c  vpci - ok
22:27:28.0010 0x0d9c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:27:28.0025 0x0d9c  vsmraid - ok
22:27:28.0400 0x0d9c  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
22:27:28.0494 0x0d9c  VSS - ok
22:27:28.0572 0x0d9c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
22:27:28.0588 0x0d9c  VSTXRAID - ok
22:27:28.0666 0x0d9c  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:27:28.0744 0x0d9c  vwifibus - ok
22:27:28.0806 0x0d9c  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:27:28.0822 0x0d9c  vwififlt - ok
22:27:28.0869 0x0d9c  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:27:28.0900 0x0d9c  vwifimp - ok
22:27:29.0025 0x0d9c  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
22:27:29.0135 0x0d9c  W32Time - ok
22:27:29.0150 0x0d9c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
22:27:29.0181 0x0d9c  WacomPen - ok
22:27:29.0525 0x0d9c  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
22:27:29.0650 0x0d9c  wbengine - ok
22:27:29.0760 0x0d9c  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:27:29.0822 0x0d9c  WbioSrvc - ok
22:27:29.0900 0x0d9c  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
22:27:29.0916 0x0d9c  Wcmsvc - ok
22:27:30.0041 0x0d9c  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:27:30.0072 0x0d9c  wcncsvc - ok
22:27:30.0103 0x0d9c  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:27:30.0166 0x0d9c  WcsPlugInService - ok
22:27:30.0197 0x0d9c  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
22:27:30.0197 0x0d9c  WdBoot - ok
22:27:30.0416 0x0d9c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:27:30.0447 0x0d9c  Wdf01000 - ok
22:27:30.0541 0x0d9c  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
22:27:30.0557 0x0d9c  WdFilter - ok
22:27:30.0603 0x0d9c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:27:30.0635 0x0d9c  WdiServiceHost - ok
22:27:30.0635 0x0d9c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:27:30.0666 0x0d9c  WdiSystemHost - ok
22:27:30.0807 0x0d9c  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
22:27:30.0822 0x0d9c  WdNisDrv - ok
22:27:30.0869 0x0d9c  WdNisSvc - ok
22:27:30.0932 0x0d9c  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\Windows\System32\webclnt.dll
22:27:30.0978 0x0d9c  WebClient - ok
22:27:31.0041 0x0d9c  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:27:31.0072 0x0d9c  Wecsvc - ok
22:27:31.0119 0x0d9c  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
22:27:31.0150 0x0d9c  WEPHOSTSVC - ok
22:27:31.0182 0x0d9c  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:27:31.0291 0x0d9c  wercplsupport - ok
22:27:31.0322 0x0d9c  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
22:27:31.0338 0x0d9c  WerSvc - ok
22:27:31.0400 0x0d9c  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
22:27:31.0416 0x0d9c  WFPLWFS - ok
22:27:31.0605 0x0d9c  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
22:27:31.0729 0x0d9c  WiaRpc - ok
22:27:31.0776 0x0d9c  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:27:31.0792 0x0d9c  WIMMount - ok
22:27:31.0808 0x0d9c  WinDefend - ok
22:27:32.0011 0x0d9c  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
22:27:32.0042 0x0d9c  WinHttpAutoProxySvc - ok
22:27:32.0198 0x0d9c  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:27:32.0261 0x0d9c  Winmgmt - ok
22:27:32.0855 0x0d9c  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:27:32.0948 0x0d9c  WinRM - ok
22:27:32.0980 0x0d9c  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
22:27:32.0995 0x0d9c  WinUsb - ok
22:27:33.0058 0x0d9c  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
22:27:33.0136 0x0d9c  WlanSvc - ok
22:27:33.0214 0x0d9c  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
22:27:33.0308 0x0d9c  wlidsvc - ok
22:27:33.0323 0x0d9c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
22:27:33.0339 0x0d9c  WmiAcpi - ok
22:27:33.0370 0x0d9c  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:27:33.0386 0x0d9c  wmiApSrv - ok
22:27:33.0417 0x0d9c  WMPNetworkSvc - ok
22:27:33.0448 0x0d9c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
22:27:33.0464 0x0d9c  Wof - ok
22:27:33.0558 0x0d9c  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
22:27:33.0636 0x0d9c  workfolderssvc - ok
22:27:33.0683 0x0d9c  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
22:27:33.0698 0x0d9c  wpcfltr - ok
22:27:33.0730 0x0d9c  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:27:33.0761 0x0d9c  WPCSvc - ok
22:27:33.0792 0x0d9c  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:27:33.0823 0x0d9c  WPDBusEnum - ok
22:27:33.0839 0x0d9c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
22:27:33.0855 0x0d9c  WpdUpFltr - ok
22:27:33.0870 0x0d9c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:27:33.0886 0x0d9c  ws2ifsl - ok
22:27:33.0917 0x0d9c  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
22:27:33.0964 0x0d9c  wscsvc - ok
22:27:34.0011 0x0d9c  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
22:27:34.0026 0x0d9c  WSDPrintDevice - ok
22:27:34.0026 0x0d9c  WSearch - ok
22:27:34.0183 0x0d9c  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
22:27:34.0323 0x0d9c  WSService - ok
22:27:34.0464 0x0d9c  [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:27:34.0622 0x0d9c  wuauserv - ok
22:27:34.0638 0x0d9c  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:27:34.0653 0x0d9c  WudfPf - ok
22:27:34.0669 0x0d9c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
22:27:34.0685 0x0d9c  WUDFRd - ok
22:27:34.0716 0x0d9c  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:27:34.0747 0x0d9c  wudfsvc - ok
22:27:34.0747 0x0d9c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
22:27:34.0763 0x0d9c  WUDFWpdFs - ok
22:27:34.0778 0x0d9c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
22:27:34.0794 0x0d9c  WUDFWpdMtp - ok
22:27:34.0825 0x0d9c  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:27:34.0872 0x0d9c  WwanSvc - ok
22:27:34.0872 0x0d9c  ================ Scan global ===============================
22:27:34.0919 0x0d9c  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
22:27:34.0966 0x0d9c  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
22:27:34.0997 0x0d9c  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
22:27:35.0044 0x0d9c  [ 5BF02EBEFEDC706318C96E2E60EDCB91, DC866C5BC3A887CAAA7169AB9BB2992F6F877B3EA04B62B4F95B6BD54943155F ] C:\Windows\system32\services.exe
22:27:35.0060 0x0d9c  [ Global ] - ok
22:27:35.0060 0x0d9c  ================ Scan MBR ==================================
22:27:35.0075 0x0d9c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:27:35.0153 0x0d9c  \Device\Harddisk0\DR0 - ok
22:27:35.0153 0x0d9c  ================ Scan VBR ==================================
22:27:35.0185 0x0d9c  [ DB1510D0CB12BFD9A1B1EEA144C719A5 ] \Device\Harddisk0\DR0\Partition1
22:27:35.0185 0x0d9c  \Device\Harddisk0\DR0\Partition1 - ok
22:27:35.0200 0x0d9c  [ 72D7998BCF70CF9CA244533E84B5A42C ] \Device\Harddisk0\DR0\Partition2
22:27:35.0216 0x0d9c  \Device\Harddisk0\DR0\Partition2 - ok
22:27:35.0216 0x0d9c  [ A93F8866A00C69ECA1CFB4AD9BF0C715 ] \Device\Harddisk0\DR0\Partition3
22:27:35.0231 0x0d9c  \Device\Harddisk0\DR0\Partition3 - ok
22:27:35.0247 0x0d9c  [ 90CB162A00C306C53A527EFA52B89B6E ] \Device\Harddisk0\DR0\Partition4
22:27:35.0263 0x0d9c  \Device\Harddisk0\DR0\Partition4 - ok
22:27:35.0294 0x0d9c  [ C459F62C5F902CD2E5A67ADCCD734773 ] \Device\Harddisk0\DR0\Partition5
22:27:35.0294 0x0d9c  \Device\Harddisk0\DR0\Partition5 - ok
22:27:35.0294 0x0d9c  ================ Scan generic autorun ======================
22:27:35.0356 0x0d9c  [ AC698132EDEA96B022FCB48E180EA567, 06F3BFC5FCFF1577399EF3D9C53B00D481AEBA8BA36930AF11F9AFD334A1C70D ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
22:27:35.0372 0x0d9c  AmIcoSinglun64 - ok
22:27:35.0466 0x0d9c  [ 9C1BDB837A2DA4FFC60CB61CEEA3E334, 31007C53EC7E077A6B9518FAF4D2566376C6F23FCE614AE29F2DA78DBF6BF564 ] C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
22:27:35.0513 0x0d9c  1.TPUReg - ok
22:27:35.0560 0x0d9c  [ 18DBA177BD009B91D1884C9DB62BB039, 74777A7B69BB2886920B6F1A1039A90FCA8DC2DAA1D6F985ED7F49A35C2E0D42 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
22:27:35.0575 0x0d9c  TSVU - ok
22:27:35.0638 0x0d9c  [ 3E23D1F7E91627DBD44AC82077E2BA7C, 09235370B85EF5FEA24F1291B9ADAD805C8D7357A78EF8CE3BA0E913F59145EC ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
22:27:35.0653 0x0d9c  avgnt - ok
22:27:35.0731 0x0d9c  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:27:35.0747 0x0d9c  Adobe ARM - ok
22:27:35.0841 0x0d9c  [ 9582680F41C0C4C6E6A2ACCADD7E723E, FC1B9973D679B43B0D476252532A3A5009E94CF79D0757A1DAC422E8EEA6D2A6 ] C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe
22:27:35.0856 0x0d9c  ADSKAppManager - ok
22:27:35.0903 0x0d9c  [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
22:27:35.0903 0x0d9c  Avira Systray - ok
22:27:36.0028 0x0d9c  [ 00B8939C3E74A7C0D86852D0B6C18104, BF0471D4FECD074B27E6531F72F940AF39F1174A2AF9B14799199CD3A3443B32 ] C:\Users\falkd_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe
22:27:36.0075 0x0d9c  Spotify Web Helper - ok
22:27:36.0216 0x0d9c  [ 3255867AE34EDD5346C750677EE63354, 3FC8E1EFF33EE83717C285D0CD388886135C5BF977B69CF6ADCFD4196139D483 ] C:\Program Files (x86)\Steam\steam.exe
22:27:36.0341 0x0d9c  Steam - ok
22:27:36.0591 0x0d9c  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\falkd_000\AppData\Local\Akamai\netsession_win.exe
22:27:36.0716 0x0d9c  Akamai NetSession Interface - ok
22:27:36.0716 0x0d9c  Waiting for KSN requests completion. In queue: 324
22:27:37.0734 0x0d9c  Waiting for KSN requests completion. In queue: 15
22:27:38.0749 0x0d9c  Waiting for KSN requests completion. In queue: 15
22:27:39.0765 0x0d9c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.9.460 ), 0x41000 ( enabled : updated )
22:27:39.0812 0x0d9c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
22:27:39.0827 0x0d9c  Win FW state via NFP2: enabled
22:27:42.0235 0x0d9c  ============================================================
22:27:42.0235 0x0d9c  Scan finished
22:27:42.0235 0x0d9c  ============================================================
22:27:42.0235 0x06d4  Detected object count: 0
22:27:42.0235 0x06d4  Actual detected object count: 0
22:28:05.0183 0x036c  ============================================================
22:28:05.0183 0x036c  Scan started
22:28:05.0183 0x036c  Mode: Manual; SigCheck; TDLFS; 
22:28:05.0183 0x036c  ============================================================
22:28:05.0183 0x036c  KSN ping started
22:28:07.0731 0x036c  KSN ping finished: true
22:28:08.0043 0x036c  ================ Scan system memory ========================
22:28:08.0043 0x036c  System memory - ok
22:28:08.0043 0x036c  ================ Scan services =============================

Falkze · 19.04.2015, 21:46

Code:

ATTFilter

22:28:08.0168 0x036c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
22:28:08.0184 0x036c  1394ohci - ok
22:28:08.0215 0x036c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
22:28:08.0215 0x036c  3ware - ok
22:28:08.0262 0x036c  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:28:08.0293 0x036c  ACPI - ok
22:28:08.0293 0x036c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
22:28:08.0309 0x036c  acpiex - ok
22:28:08.0309 0x036c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
22:28:08.0325 0x036c  acpipagr - ok
22:28:08.0340 0x036c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
22:28:08.0340 0x036c  AcpiPmi - ok
22:28:08.0356 0x036c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
22:28:08.0356 0x036c  acpitime - ok
22:28:08.0465 0x036c  [ CBDF353624D1744734F2FD13B4786F90, 615C695F842D2F777C7D0DAA19B3674AB903FDC401E22A130C04DB0D0C1486D2 ] AdAppMgrSvc     C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe
22:28:08.0481 0x036c  AdAppMgrSvc - ok
22:28:08.0543 0x036c  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:28:08.0543 0x036c  AdobeARMservice - ok
22:28:08.0637 0x036c  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:28:08.0653 0x036c  AdobeFlashPlayerUpdateSvc - ok
22:28:08.0700 0x036c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
22:28:08.0731 0x036c  ADP80XX - ok
22:28:08.0762 0x036c  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:28:08.0778 0x036c  AeLookupSvc - ok
22:28:08.0825 0x036c  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
22:28:08.0840 0x036c  AFD - ok
22:28:08.0887 0x036c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:28:08.0887 0x036c  agp440 - ok
22:28:08.0918 0x036c  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
22:28:08.0934 0x036c  ahcache - ok
22:28:08.0965 0x036c  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
22:28:08.0981 0x036c  ALG - ok
22:28:08.0997 0x036c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
22:28:09.0012 0x036c  AmdK8 - ok
22:28:09.0028 0x036c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
22:28:09.0043 0x036c  AmdPPM - ok
22:28:09.0043 0x036c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:28:09.0059 0x036c  amdsata - ok
22:28:09.0075 0x036c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:28:09.0090 0x036c  amdsbs - ok
22:28:09.0106 0x036c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:28:09.0122 0x036c  amdxata - ok
22:28:09.0137 0x036c  [ 4126D30992B26303E47E8981313FD6D6, 4C8DB2DDDB88FBEA87CDBFB93D9855B40043778878AF4A5571C174434F9C0D4C ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
22:28:09.0153 0x036c  AmUStor - ok
22:28:09.0215 0x036c  [ 62A6B0A393591878A1E00224EA698AD7, 691B6E248D0682477543455B67E85C768A4A53A92139E153320ED4E4CED1E010 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
22:28:09.0231 0x036c  AntiVirMailService - ok
22:28:09.0278 0x036c  [ F36D18EF1E66F92094AD89D17BEF007C, A5C793B340311CB7A301B77316E1976E3CD7CA9470CE5F1062CB003BCD4C155C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:28:09.0293 0x036c  AntiVirSchedulerService - ok
22:28:09.0325 0x036c  [ F36D18EF1E66F92094AD89D17BEF007C, A5C793B340311CB7A301B77316E1976E3CD7CA9470CE5F1062CB003BCD4C155C ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:28:09.0340 0x036c  AntiVirService - ok
22:28:09.0387 0x036c  [ 5B7924A162A604B43FFBEE9384ABE77B, 1A1A836C145BAD330EDC778D4FD18CE737EB10E4B22AE8A39CDDBAAC36B0FF11 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:28:09.0403 0x036c  AntiVirWebService - ok
22:28:09.0434 0x036c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
22:28:09.0450 0x036c  AppID - ok
22:28:09.0481 0x036c  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:28:09.0481 0x036c  AppIDSvc - ok
22:28:09.0528 0x036c  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
22:28:09.0528 0x036c  Appinfo - ok
22:28:09.0622 0x036c  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:28:09.0637 0x036c  Apple Mobile Device Service - ok
22:28:09.0684 0x036c  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
22:28:09.0700 0x036c  AppReadiness - ok
22:28:09.0762 0x036c  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
22:28:09.0809 0x036c  AppXSvc - ok
22:28:09.0840 0x036c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:28:09.0856 0x036c  arcsas - ok
22:28:09.0856 0x036c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:28:09.0856 0x036c  atapi - ok
22:28:09.0919 0x036c  [ 346012042E988BF0E56BF73C656FD02E, A30C7B98347C099324E95DF05BE36DCDB4DACB2F83D50A21FA276BD1D5C7FC7A ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
22:28:09.0919 0x036c  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
22:28:09.0919 0x036c  Detect skipped due to KSN trusted
22:28:09.0919 0x036c  AtherosSvc - ok
22:28:10.0028 0x036c  [ 37B33DDE5490A2DF56DFB46580356E3F, 40FE378C9010B06FD7ADE30F76F916D5BDBB26525CF3D11D5780E2247B6099D8 ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
22:28:10.0122 0x036c  athr - ok
22:28:10.0169 0x036c  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
22:28:10.0184 0x036c  AudioEndpointBuilder - ok
22:28:10.0215 0x036c  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:28:10.0247 0x036c  Audiosrv - ok
22:28:10.0278 0x036c  [ DE3FF859EDF66F5E0106B23B3A4B09CE, 9F6D735E32F340547D5FDA595E2A461083AC581AC0719913D4841C0C5D7A2998 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
22:28:10.0294 0x036c  Autodesk Content Service - ok
22:28:10.0325 0x036c  [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
22:28:10.0325 0x036c  avgntflt - ok
22:28:10.0356 0x036c  [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
22:28:10.0372 0x036c  avipbb - ok
22:28:10.0419 0x036c  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
22:28:10.0434 0x036c  Avira.OE.ServiceHost - ok
22:28:10.0434 0x036c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
22:28:10.0450 0x036c  avkmgr - ok
22:28:10.0465 0x036c  [ 83586138F23A4C284EB68AFC852D7AFA, 9ADE8924B4518ED0A8E3FC4CC3F9964BC05B5FF67F230A7FD0BDABCFFA0BB0C8 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
22:28:10.0481 0x036c  avnetflt - ok
22:28:10.0512 0x036c  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:28:10.0512 0x036c  AxInstSV - ok
22:28:10.0559 0x036c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:28:10.0575 0x036c  b06bdrv - ok
22:28:10.0591 0x036c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
22:28:10.0606 0x036c  BasicDisplay - ok
22:28:10.0653 0x036c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
22:28:10.0653 0x036c  BasicRender - ok
22:28:10.0669 0x036c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
22:28:10.0684 0x036c  bcmfn2 - ok
22:28:10.0716 0x036c  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
22:28:10.0731 0x036c  BDESVC - ok
22:28:10.0747 0x036c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
22:28:10.0762 0x036c  Beep - ok
22:28:10.0809 0x036c  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
22:28:10.0841 0x036c  BFE - ok
22:28:10.0872 0x036c  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
22:28:10.0903 0x036c  BITS - ok
22:28:10.0934 0x036c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:28:10.0950 0x036c  Bonjour Service - ok
22:28:10.0981 0x036c  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:28:10.0981 0x036c  bowser - ok
22:28:11.0028 0x036c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
22:28:11.0044 0x036c  BrokerInfrastructure - ok
22:28:11.0075 0x036c  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
22:28:11.0091 0x036c  Browser - ok
22:28:11.0122 0x036c  [ 39FFF1464DD0809B67D3E70E885485C8, B647D9A06D413DA92236D193515FCAFF9ADE826635F8A966CE1B3DA9A72A6C50 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
22:28:11.0137 0x036c  BtFilter - ok
22:28:11.0169 0x036c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
22:28:11.0169 0x036c  BthAvrcpTg - ok
22:28:11.0216 0x036c  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
22:28:11.0231 0x036c  BthEnum - ok
22:28:11.0247 0x036c  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
22:28:11.0247 0x036c  BthHFEnum - ok
22:28:11.0262 0x036c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
22:28:11.0262 0x036c  bthhfhid - ok
22:28:11.0309 0x036c  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
22:28:11.0325 0x036c  BthHFSrv - ok
22:28:11.0372 0x036c  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\System32\drivers\BthLEEnum.sys
22:28:11.0387 0x036c  BthLEEnum - ok
22:28:11.0419 0x036c  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
22:28:11.0419 0x036c  BTHMODEM - ok
22:28:11.0450 0x036c  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\System32\drivers\bthpan.sys
22:28:11.0466 0x036c  BthPan - ok
22:28:11.0544 0x036c  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
22:28:11.0575 0x036c  BTHPORT - ok
22:28:11.0606 0x036c  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
22:28:11.0622 0x036c  bthserv - ok
22:28:11.0637 0x036c  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
22:28:11.0653 0x036c  BTHUSB - ok
22:28:11.0653 0x036c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:28:11.0669 0x036c  cdfs - ok
22:28:11.0700 0x036c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
22:28:11.0716 0x036c  cdrom - ok
22:28:11.0747 0x036c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:28:11.0762 0x036c  CertPropSvc - ok
22:28:11.0762 0x036c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
22:28:11.0778 0x036c  circlass - ok
22:28:11.0809 0x036c  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
22:28:11.0841 0x036c  CLFS - ok
22:28:11.0872 0x036c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
22:28:11.0887 0x036c  CmBatt - ok
22:28:11.0919 0x036c  [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:28:11.0934 0x036c  CNG - ok
22:28:11.0950 0x036c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
22:28:11.0966 0x036c  CompositeBus - ok
22:28:11.0966 0x036c  COMSysApp - ok
22:28:11.0981 0x036c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
22:28:11.0997 0x036c  condrv - ok
22:28:12.0075 0x036c  [ 6344504D5A9D8ED299239FBC03AB5D35, 27299078C93E0CA9304B5F5624D801C66054A6CB277AB868B5DE9E6178EAEF52 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:28:12.0075 0x036c  cphs - ok
22:28:12.0122 0x036c  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:28:12.0122 0x036c  CryptSvc - ok
22:28:12.0137 0x036c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
22:28:12.0153 0x036c  dam - ok
22:28:12.0200 0x036c  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:28:12.0231 0x036c  DcomLaunch - ok
22:28:12.0278 0x036c  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
22:28:12.0294 0x036c  defragsvc - ok
22:28:12.0341 0x036c  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
22:28:12.0356 0x036c  DeviceAssociationService - ok
22:28:12.0387 0x036c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
22:28:12.0403 0x036c  DeviceInstall - ok
22:28:12.0434 0x036c  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
22:28:12.0434 0x036c  Dfsc - ok
22:28:12.0481 0x036c  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:28:12.0497 0x036c  Dhcp - ok
22:28:12.0528 0x036c  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
22:28:12.0528 0x036c  disk - ok
22:28:12.0544 0x036c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
22:28:12.0559 0x036c  dmvsc - ok
22:28:12.0606 0x036c  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:28:12.0606 0x036c  Dnscache - ok
22:28:12.0638 0x036c  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:28:12.0653 0x036c  dot3svc - ok
22:28:12.0700 0x036c  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
22:28:12.0716 0x036c  DPS - ok
22:28:12.0731 0x036c  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:28:12.0747 0x036c  drmkaud - ok
22:28:12.0778 0x036c  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
22:28:12.0794 0x036c  DsmSvc - ok
22:28:12.0841 0x036c  [ 40CFC6671B2442D32E149FF1683212D1, ADC1743CDB98EAC736783156D659364DF8613BCC4C0B6D0AC0D8F05AF18E0BF7 ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
22:28:12.0856 0x036c  dts_apo_service - ok
22:28:12.0934 0x036c  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:28:12.0981 0x036c  DXGKrnl - ok
22:28:13.0013 0x036c  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
22:28:13.0028 0x036c  Eaphost - ok
22:28:13.0122 0x036c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:28:13.0216 0x036c  ebdrv - ok
22:28:13.0263 0x036c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
22:28:13.0278 0x036c  EFS - ok
22:28:13.0294 0x036c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
22:28:13.0294 0x036c  EhStorClass - ok
22:28:13.0325 0x036c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
22:28:13.0325 0x036c  EhStorTcgDrv - ok
22:28:13.0341 0x036c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
22:28:13.0356 0x036c  ErrDev - ok
22:28:13.0403 0x036c  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
22:28:13.0419 0x036c  EventSystem - ok
22:28:13.0450 0x036c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:28:13.0466 0x036c  exfat - ok
22:28:13.0497 0x036c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:28:13.0513 0x036c  fastfat - ok
22:28:13.0559 0x036c  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
22:28:13.0591 0x036c  Fax - ok
22:28:13.0591 0x036c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
22:28:13.0606 0x036c  fdc - ok
22:28:13.0638 0x036c  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:28:13.0653 0x036c  fdPHost - ok
22:28:13.0669 0x036c  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:28:13.0684 0x036c  FDResPub - ok
22:28:13.0716 0x036c  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
22:28:13.0731 0x036c  fhsvc - ok
22:28:13.0778 0x036c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:28:13.0794 0x036c  FileInfo - ok
22:28:13.0825 0x036c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:28:13.0841 0x036c  Filetrace - ok
22:28:13.0935 0x036c  [ 8645F91F40B8D022C9AC3DABDF360A6B, 4F83080B1273C92470EB90D80B32056C913240DCC9C4C50B7BE85254066D654D ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
22:28:13.0981 0x036c  FlexNet Licensing Service 64 - ok
22:28:13.0997 0x036c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
22:28:14.0013 0x036c  flpydisk - ok
22:28:14.0060 0x036c  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:28:14.0075 0x036c  FltMgr - ok
22:28:14.0138 0x036c  [ 7269C9013FCFA3C6E70F03E2630DBFC3, AAB282B4444CC17D197974D05063C7C97E5202E604681DD2DC3BCF0AE77D6057 ] FontCache       C:\Windows\system32\FntCache.dll
22:28:14.0169 0x036c  FontCache - ok
22:28:14.0247 0x036c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:28:14.0263 0x036c  FontCache3.0.0.0 - ok
22:28:14.0294 0x036c  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:28:14.0310 0x036c  FsDepends - ok
22:28:14.0341 0x036c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:28:14.0341 0x036c  Fs_Rec - ok
22:28:14.0388 0x036c  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:28:14.0419 0x036c  fvevol - ok
22:28:14.0435 0x036c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
22:28:14.0435 0x036c  FxPPM - ok
22:28:14.0450 0x036c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:28:14.0450 0x036c  gagp30kx - ok
22:28:14.0481 0x036c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
22:28:14.0481 0x036c  GEARAspiWDM - ok
22:28:14.0497 0x036c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
22:28:14.0513 0x036c  gencounter - ok
22:28:14.0544 0x036c  [ 045AE8D818B2E74B839597BB9C19C13B, 5C46F86C16E7F9740FEA56D5153B8E438A87B6011AA2C589FF0C1BE21D4BA701 ] GFNEXSrv        C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
22:28:14.0560 0x036c  GFNEXSrv - ok
22:28:14.0591 0x036c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
22:28:14.0606 0x036c  GPIOClx0101 - ok
22:28:14.0669 0x036c  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:28:14.0716 0x036c  gpsvc - ok
22:28:14.0763 0x036c  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:28:14.0778 0x036c  HdAudAddService - ok
22:28:14.0810 0x036c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
22:28:14.0825 0x036c  HDAudBus - ok
22:28:14.0841 0x036c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
22:28:14.0856 0x036c  HidBatt - ok
22:28:14.0888 0x036c  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
22:28:14.0903 0x036c  HidBth - ok
22:28:14.0919 0x036c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
22:28:14.0919 0x036c  hidi2c - ok
22:28:14.0935 0x036c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
22:28:14.0935 0x036c  HidIr - ok
22:28:14.0966 0x036c  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
22:28:14.0981 0x036c  hidserv - ok
22:28:15.0013 0x036c  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
22:28:15.0028 0x036c  HidUsb - ok
22:28:15.0060 0x036c  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:28:15.0075 0x036c  hkmsvc - ok
22:28:15.0106 0x036c  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:28:15.0122 0x036c  HomeGroupListener - ok
22:28:15.0169 0x036c  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:28:15.0185 0x036c  HomeGroupProvider - ok
22:28:15.0216 0x036c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:28:15.0231 0x036c  HpSAMD - ok
22:28:15.0278 0x036c  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:28:15.0310 0x036c  HTTP - ok
22:28:15.0341 0x036c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:28:15.0341 0x036c  hwpolicy - ok
22:28:15.0356 0x036c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
22:28:15.0372 0x036c  hyperkbd - ok
22:28:15.0372 0x036c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
22:28:15.0388 0x036c  HyperVideo - ok
22:28:15.0419 0x036c  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
22:28:15.0435 0x036c  i8042prt - ok
22:28:15.0450 0x036c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
22:28:15.0450 0x036c  iaLPSSi_GPIO - ok
22:28:15.0466 0x036c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
22:28:15.0466 0x036c  iaLPSSi_I2C - ok
22:28:15.0497 0x036c  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\Windows\system32\drivers\iaStorA.sys
22:28:15.0513 0x036c  iaStorA - ok
22:28:15.0544 0x036c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
22:28:15.0576 0x036c  iaStorAV - ok
22:28:15.0592 0x036c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:28:15.0623 0x036c  iaStorV - ok
22:28:15.0654 0x036c  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
22:28:15.0670 0x036c  ICCS - ok
22:28:15.0670 0x036c  IEEtwCollectorService - ok
22:28:15.0795 0x036c  [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
22:28:15.0904 0x036c  igfx - ok
22:28:15.0967 0x036c  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:28:15.0998 0x036c  IKEEXT - ok
22:28:16.0014 0x036c  [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
22:28:16.0029 0x036c  intaud_WaveExtensible - ok
22:28:16.0045 0x036c  [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:28:16.0076 0x036c  IntcDAud - ok
22:28:16.0139 0x036c  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:28:16.0154 0x036c  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
22:28:16.0154 0x036c  Detect skipped due to KSN trusted
22:28:16.0154 0x036c  Intel(R) Capability Licensing Service Interface - ok
22:28:16.0201 0x036c  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
22:28:16.0264 0x036c  Intel(R) Capability Licensing Service TCP IP Interface - ok
22:28:16.0311 0x036c  [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
22:28:16.0326 0x036c  Intel(R) ME Service - ok
22:28:16.0358 0x036c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:28:16.0358 0x036c  intelide - ok
22:28:16.0373 0x036c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
22:28:16.0389 0x036c  intelpep - ok
22:28:16.0404 0x036c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
22:28:16.0420 0x036c  intelppm - ok
22:28:16.0451 0x036c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:28:16.0467 0x036c  IpFilterDriver - ok
22:28:16.0545 0x036c  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:28:16.0578 0x036c  iphlpsvc - ok
22:28:16.0610 0x036c  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
22:28:16.0625 0x036c  IPMIDRV - ok
22:28:16.0641 0x036c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:28:16.0657 0x036c  IPNAT - ok
22:28:16.0703 0x036c  [ 87F8EDF63C97BF0BF21359A3D8ABF0C7, BAAAE1DE50EBD1BCE46F33C5F3A7F3C39F61AB21416D78DAA7F8A19F38F67269 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:28:16.0719 0x036c  iPod Service - ok
22:28:16.0750 0x036c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:28:16.0766 0x036c  IRENUM - ok
22:28:16.0797 0x036c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:28:16.0813 0x036c  isapnp - ok
22:28:16.0860 0x036c  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
22:28:16.0875 0x036c  iScsiPrt - ok
22:28:16.0891 0x036c  [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
22:28:16.0891 0x036c  iwdbus - ok
22:28:16.0922 0x036c  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:28:16.0938 0x036c  jhi_service - ok
22:28:16.0985 0x036c  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
22:28:16.0985 0x036c  kbdclass - ok
22:28:17.0016 0x036c  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
22:28:17.0032 0x036c  kbdhid - ok
22:28:17.0063 0x036c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
22:28:17.0078 0x036c  kdnic - ok
22:28:17.0094 0x036c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
22:28:17.0094 0x036c  KeyIso - ok
22:28:17.0125 0x036c  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:28:17.0141 0x036c  KSecDD - ok
22:28:17.0172 0x036c  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:28:17.0172 0x036c  KSecPkg - ok
22:28:17.0188 0x036c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:28:17.0203 0x036c  ksthunk - ok
22:28:17.0235 0x036c  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:28:17.0250 0x036c  KtmRm - ok
22:28:17.0266 0x036c  [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C             C:\Windows\system32\DRIVERS\L1C63x64.sys
22:28:17.0282 0x036c  L1C - ok
22:28:17.0313 0x036c  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:28:17.0344 0x036c  LanmanServer - ok
22:28:17.0375 0x036c  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:28:17.0391 0x036c  LanmanWorkstation - ok
22:28:17.0438 0x036c  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
22:28:17.0469 0x036c  lfsvc - ok
22:28:17.0485 0x036c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:28:17.0500 0x036c  lltdio - ok
22:28:17.0516 0x036c  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:28:17.0532 0x036c  lltdsvc - ok
22:28:17.0568 0x036c  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:28:17.0583 0x036c  lmhosts - ok
22:28:17.0630 0x036c  [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:28:17.0646 0x036c  LMS - ok
22:28:17.0677 0x036c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:28:17.0693 0x036c  LSI_SAS - ok
22:28:17.0693 0x036c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:28:17.0709 0x036c  LSI_SAS2 - ok
22:28:17.0724 0x036c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
22:28:17.0724 0x036c  LSI_SAS3 - ok
22:28:17.0740 0x036c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
22:28:17.0755 0x036c  LSI_SSS - ok
22:28:17.0802 0x036c  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
22:28:17.0818 0x036c  LSM - ok
22:28:17.0849 0x036c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:28:17.0865 0x036c  luafv - ok
22:28:17.0880 0x036c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
22:28:17.0896 0x036c  megasas - ok
22:28:17.0912 0x036c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
22:28:17.0943 0x036c  megasr - ok
22:28:17.0959 0x036c  [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
22:28:17.0974 0x036c  MEIx64 - ok
22:28:18.0005 0x036c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
22:28:18.0021 0x036c  MMCSS - ok
22:28:18.0037 0x036c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
22:28:18.0052 0x036c  Modem - ok
22:28:18.0052 0x036c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
22:28:18.0068 0x036c  monitor - ok
22:28:18.0115 0x036c  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
22:28:18.0115 0x036c  mouclass - ok
22:28:18.0146 0x036c  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
22:28:18.0162 0x036c  mouhid - ok
22:28:18.0193 0x036c  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:28:18.0209 0x036c  mountmgr - ok
22:28:18.0255 0x036c  [ 269BDB3CB77EB77BABE2862BEAB1F208, EC693365C73D59244CB77E181042128A9901BA5C1109CD4F1B9A2008DF1F9582 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:28:18.0255 0x036c  MozillaMaintenance - ok
22:28:18.0302 0x036c  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:28:18.0318 0x036c  mpsdrv - ok
22:28:18.0365 0x036c  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:28:18.0396 0x036c  MpsSvc - ok
22:28:18.0427 0x036c  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:28:18.0443 0x036c  MRxDAV - ok
22:28:18.0490 0x036c  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:28:18.0505 0x036c  mrxsmb - ok
22:28:18.0552 0x036c  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:28:18.0568 0x036c  mrxsmb10 - ok
22:28:18.0599 0x036c  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:28:18.0615 0x036c  mrxsmb20 - ok
22:28:18.0646 0x036c  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
22:28:18.0662 0x036c  MsBridge - ok
22:28:18.0709 0x036c  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
22:28:18.0724 0x036c  MSDTC - ok
22:28:18.0740 0x036c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:28:18.0755 0x036c  Msfs - ok
22:28:18.0771 0x036c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
22:28:18.0787 0x036c  msgpiowin32 - ok
22:28:18.0802 0x036c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:28:18.0802 0x036c  mshidkmdf - ok
22:28:18.0818 0x036c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
22:28:18.0834 0x036c  mshidumdf - ok
22:28:18.0865 0x036c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:28:18.0865 0x036c  msisadrv - ok
22:28:18.0896 0x036c  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:28:18.0912 0x036c  MSiSCSI - ok
22:28:18.0912 0x036c  msiserver - ok
22:28:18.0927 0x036c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:28:18.0943 0x036c  MSKSSRV - ok
22:28:18.0974 0x036c  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
22:28:18.0990 0x036c  MsLldp - ok
22:28:19.0005 0x036c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:28:19.0021 0x036c  MSPCLOCK - ok
22:28:19.0037 0x036c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:28:19.0052 0x036c  MSPQM - ok
22:28:19.0068 0x036c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:28:19.0084 0x036c  MsRPC - ok
22:28:19.0099 0x036c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
22:28:19.0115 0x036c  mssmbios - ok
22:28:19.0115 0x036c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:28:19.0130 0x036c  MSTEE - ok
22:28:19.0146 0x036c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
22:28:19.0162 0x036c  MTConfig - ok
22:28:19.0177 0x036c  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
22:28:19.0177 0x036c  Mup - ok
22:28:19.0193 0x036c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
22:28:19.0193 0x036c  mvumis - ok
22:28:19.0240 0x036c  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
22:28:19.0255 0x036c  napagent - ok
22:28:19.0302 0x036c  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:28:19.0318 0x036c  NativeWifiP - ok
22:28:19.0349 0x036c  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
22:28:19.0365 0x036c  NcaSvc - ok
22:28:19.0396 0x036c  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
22:28:19.0412 0x036c  NcbService - ok
22:28:19.0474 0x036c  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
22:28:19.0474 0x036c  NcdAutoSetup - ok
22:28:19.0552 0x036c  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:28:19.0584 0x036c  NDIS - ok
22:28:19.0615 0x036c  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:28:19.0630 0x036c  NdisCap - ok
22:28:19.0646 0x036c  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
22:28:19.0662 0x036c  NdisImPlatform - ok
22:28:19.0677 0x036c  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:28:19.0693 0x036c  NdisTapi - ok
22:28:19.0709 0x036c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:28:19.0724 0x036c  Ndisuio - ok
22:28:19.0740 0x036c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
22:28:19.0755 0x036c  NdisVirtualBus - ok
22:28:19.0771 0x036c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:28:19.0787 0x036c  NdisWan - ok
22:28:19.0787 0x036c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
22:28:19.0818 0x036c  NdisWanLegacy - ok
22:28:19.0849 0x036c  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:28:19.0849 0x036c  NDProxy - ok
22:28:19.0880 0x036c  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
22:28:19.0896 0x036c  Ndu - ok
22:28:19.0927 0x036c  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:28:19.0927 0x036c  NetBIOS - ok
22:28:19.0959 0x036c  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:28:19.0974 0x036c  NetBT - ok
22:28:19.0990 0x036c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
22:28:19.0990 0x036c  Netlogon - ok
22:28:20.0037 0x036c  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
22:28:20.0052 0x036c  Netman - ok
22:28:20.0099 0x036c  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
22:28:20.0115 0x036c  netprofm - ok
22:28:20.0193 0x036c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:28:20.0193 0x036c  NetTcpPortSharing - ok
22:28:20.0224 0x036c  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
22:28:20.0240 0x036c  netvsc - ok
22:28:20.0271 0x036c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:28:20.0302 0x036c  NlaSvc - ok
22:28:20.0318 0x036c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:28:20.0334 0x036c  Npfs - ok
22:28:20.0349 0x036c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
22:28:20.0365 0x036c  npsvctrig - ok
22:28:20.0396 0x036c  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
22:28:20.0396 0x036c  nsi - ok
22:28:20.0427 0x036c  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:28:20.0443 0x036c  nsiproxy - ok
22:28:20.0537 0x036c  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:28:20.0599 0x036c  Ntfs - ok
22:28:20.0615 0x036c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
22:28:20.0631 0x036c  Null - ok
22:28:20.0662 0x036c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:28:20.0662 0x036c  nvraid - ok
22:28:20.0677 0x036c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:28:20.0693 0x036c  nvstor - ok
22:28:20.0709 0x036c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:28:20.0709 0x036c  nv_agp - ok
22:28:20.0756 0x036c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:28:20.0771 0x036c  p2pimsvc - ok
22:28:20.0818 0x036c  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
22:28:20.0834 0x036c  p2psvc - ok
22:28:20.0865 0x036c  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
22:28:20.0865 0x036c  Parport - ok
22:28:20.0912 0x036c  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:28:20.0927 0x036c  partmgr - ok
22:28:20.0974 0x036c  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:28:20.0990 0x036c  PcaSvc - ok
22:28:21.0037 0x036c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
22:28:21.0052 0x036c  pci - ok
22:28:21.0068 0x036c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:28:21.0068 0x036c  pciide - ok
22:28:21.0099 0x036c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:28:21.0099 0x036c  pcmcia - ok
22:28:21.0115 0x036c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:28:21.0131 0x036c  pcw - ok
22:28:21.0146 0x036c  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
22:28:21.0162 0x036c  pdc - ok
22:28:21.0209 0x036c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:28:21.0224 0x036c  PEAUTH - ok
22:28:21.0240 0x036c  [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN         C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys
22:28:21.0256 0x036c  PEGAGFN - ok
22:28:21.0318 0x036c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:28:21.0318 0x036c  PerfHost - ok
22:28:21.0396 0x036c  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
22:28:21.0443 0x036c  pla - ok
22:28:21.0474 0x036c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:28:21.0490 0x036c  PlugPlay - ok
22:28:21.0521 0x036c  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:28:21.0521 0x036c  PNRPAutoReg - ok
22:28:21.0552 0x036c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:28:21.0568 0x036c  PNRPsvc - ok
22:28:21.0615 0x036c  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:28:21.0631 0x036c  PolicyAgent - ok
22:28:21.0662 0x036c  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
22:28:21.0677 0x036c  Power - ok
22:28:21.0818 0x036c  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
22:28:21.0896 0x036c  PrintNotify - ok
22:28:21.0927 0x036c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
22:28:21.0927 0x036c  Processor - ok
22:28:21.0974 0x036c  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:28:21.0990 0x036c  ProfSvc - ok
22:28:22.0037 0x036c  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:28:22.0037 0x036c  Psched - ok
22:28:22.0084 0x036c  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
22:28:22.0099 0x036c  QWAVE - ok
22:28:22.0131 0x036c  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:28:22.0146 0x036c  QWAVEdrv - ok
22:28:22.0162 0x036c  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:28:22.0162 0x036c  RasAcd - ok
22:28:22.0193 0x036c  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
22:28:22.0209 0x036c  RasAuto - ok
22:28:22.0240 0x036c  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
22:28:22.0271 0x036c  RasMan - ok
22:28:22.0287 0x036c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:28:22.0302 0x036c  RasPppoe - ok
22:28:22.0349 0x036c  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:28:22.0381 0x036c  rdbss - ok
22:28:22.0381 0x036c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
22:28:22.0396 0x036c  rdpbus - ok
22:28:22.0427 0x036c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:28:22.0443 0x036c  RDPDR - ok
22:28:22.0459 0x036c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:28:22.0474 0x036c  RdpVideoMiniport - ok
22:28:22.0521 0x036c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:28:22.0537 0x036c  rdyboost - ok
22:28:22.0600 0x036c  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
22:28:22.0631 0x036c  ReFS - ok
22:28:22.0663 0x036c  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:28:22.0678 0x036c  RemoteAccess - ok
22:28:22.0694 0x036c  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:28:22.0709 0x036c  RemoteRegistry - ok
22:28:22.0756 0x036c  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
22:28:22.0756 0x036c  RFCOMM - ok
22:28:22.0788 0x036c  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:28:22.0803 0x036c  RpcEptMapper - ok
22:28:22.0834 0x036c  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
22:28:22.0850 0x036c  RpcLocator - ok
22:28:22.0897 0x036c  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
22:28:22.0928 0x036c  RpcSs - ok
22:28:22.0944 0x036c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:28:22.0959 0x036c  rspndr - ok
22:28:23.0038 0x036c  [ A307450FE19F99CC8AC750EB13959F94, D74B054B116C8E4295AFE1826D3E560D7F6885980C711F692CCDF4D9A87978AB ] RTWlanE         C:\Windows\system32\DRIVERS\rtwlane.sys
22:28:23.0085 0x036c  RTWlanE - ok
22:28:23.0100 0x036c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
22:28:23.0100 0x036c  s3cap - ok
22:28:23.0147 0x036c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
22:28:23.0147 0x036c  SamSs - ok
22:28:23.0163 0x036c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:28:23.0178 0x036c  sbp2port - ok
22:28:23.0225 0x036c  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:28:23.0241 0x036c  SCardSvr - ok
22:28:23.0272 0x036c  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
22:28:23.0288 0x036c  ScDeviceEnum - ok
22:28:23.0303 0x036c  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:28:23.0319 0x036c  scfilter - ok
22:28:23.0381 0x036c  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
22:28:23.0413 0x036c  Schedule - ok
22:28:23.0444 0x036c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:28:23.0460 0x036c  SCPolicySvc - ok
22:28:23.0506 0x036c  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
22:28:23.0522 0x036c  sdbus - ok
22:28:23.0553 0x036c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
22:28:23.0553 0x036c  sdstor - ok
22:28:23.0585 0x036c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:28:23.0600 0x036c  secdrv - ok
22:28:23.0631 0x036c  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
22:28:23.0631 0x036c  seclogon - ok
22:28:23.0663 0x036c  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
22:28:23.0678 0x036c  SENS - ok
22:28:23.0710 0x036c  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:28:23.0710 0x036c  SensrSvc - ok
22:28:23.0725 0x036c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
22:28:23.0741 0x036c  SerCx - ok
22:28:23.0772 0x036c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
22:28:23.0788 0x036c  SerCx2 - ok
22:28:23.0788 0x036c  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
22:28:23.0803 0x036c  Serenum - ok
22:28:23.0819 0x036c  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
22:28:23.0835 0x036c  Serial - ok
22:28:23.0866 0x036c  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
22:28:23.0881 0x036c  sermouse - ok
22:28:23.0928 0x036c  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
22:28:23.0944 0x036c  SessionEnv - ok
22:28:23.0960 0x036c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
22:28:23.0960 0x036c  sfloppy - ok
22:28:23.0991 0x036c  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:28:24.0022 0x036c  SharedAccess - ok
22:28:24.0053 0x036c  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:28:24.0069 0x036c  ShellHWDetection - ok
22:28:24.0085 0x036c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:28:24.0100 0x036c  SiSRaid2 - ok
22:28:24.0100 0x036c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:28:24.0116 0x036c  SiSRaid4 - ok
22:28:24.0131 0x036c  [ 1F42632DDAC5D95209F72F37B9726D4B, 50B8BBB788ED2E1ADB1069D7E512A24FFD98961305CF7EC0CDF9DD39926075C1 ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
22:28:24.0131 0x036c  SmbDrvI - ok
22:28:24.0178 0x036c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
22:28:24.0178 0x036c  smphost - ok
22:28:24.0225 0x036c  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:28:24.0225 0x036c  SNMPTRAP - ok
22:28:24.0272 0x036c  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
22:28:24.0288 0x036c  spaceport - ok
22:28:24.0319 0x036c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
22:28:24.0319 0x036c  SpbCx - ok
22:28:24.0366 0x036c  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
22:28:24.0397 0x036c  Spooler - ok
22:28:24.0585 0x036c  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
22:28:24.0757 0x036c  sppsvc - ok
22:28:24.0835 0x036c  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:28:24.0850 0x036c  srv - ok
22:28:24.0897 0x036c  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:28:24.0929 0x036c  srv2 - ok
22:28:24.0960 0x036c  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:28:24.0975 0x036c  srvnet - ok
22:28:25.0022 0x036c  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:28:25.0038 0x036c  SSDPSRV - ok
22:28:25.0085 0x036c  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:28:25.0100 0x036c  SstpSvc - ok
22:28:25.0163 0x036c  [ D67F951F6BA708812420195B8D0AB8B6, 6583DB22EB8AA5FF0134D2536C9A46BC0D7D8F8B2829D5719DD68968C22F5917 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
22:28:25.0179 0x036c  STacSV - detected UnsignedFile.Multi.Generic ( 1 )
22:28:25.0179 0x036c  Detect skipped due to KSN trusted
22:28:25.0179 0x036c  STacSV - ok
22:28:25.0257 0x036c  [ 25C16F7D749F1BA7D573756338658727, 4A4056F34C0D34D793E0A24D37842F8122A5C072F9A2ED9192763FB0CC8FDADC ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:28:25.0272 0x036c  Steam Client Service - ok
22:28:25.0304 0x036c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:28:25.0319 0x036c  stexstor - ok
22:28:25.0350 0x036c  [ 71CB3BB20F08BB724769DAAAFD5AB26E, FC4B2BD03037EC07F4443BBE13A28859035F7229CA06D4E42AFB42ABF1A89F09 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
22:28:25.0366 0x036c  STHDA - ok
22:28:25.0413 0x036c  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
22:28:25.0444 0x036c  stisvc - ok
22:28:25.0444 0x036c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
22:28:25.0460 0x036c  storahci - ok
22:28:25.0491 0x036c  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:28:25.0507 0x036c  storflt - ok
22:28:25.0538 0x036c  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
22:28:25.0538 0x036c  stornvme - ok
22:28:25.0569 0x036c  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
22:28:25.0585 0x036c  StorSvc - ok
22:28:25.0601 0x036c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:28:25.0601 0x036c  storvsc - ok
22:28:25.0632 0x036c  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
22:28:25.0647 0x036c  svsvc - ok
22:28:25.0694 0x036c  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
22:28:25.0694 0x036c  swenum - ok
22:28:25.0741 0x036c  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
22:28:25.0772 0x036c  swprv - ok
22:28:25.0835 0x036c  [ 90AAE45676DDF13048FFB9D01FBE1669, 983FFA615E42B5E039DE5F1033F643D0E87C93A715043A9A642518FC66E3F9F5 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:28:25.0851 0x036c  SynTP - ok
22:28:25.0929 0x036c  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\Windows\system32\sysmain.dll
22:28:25.0976 0x036c  SysMain - ok
22:28:26.0007 0x036c  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
22:28:26.0022 0x036c  SystemEventsBroker - ok
22:28:26.0069 0x036c  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:28:26.0085 0x036c  TabletInputService - ok
22:28:26.0132 0x036c  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:28:26.0147 0x036c  TapiSrv - ok
22:28:26.0241 0x036c  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:28:26.0304 0x036c  Tcpip - ok
22:28:26.0382 0x036c  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:28:26.0444 0x036c  TCPIP6 - ok
22:28:26.0491 0x036c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:28:26.0491 0x036c  tcpipreg - ok
22:28:26.0522 0x036c  [ 58480A57ACF2671C343FD1D4BA990E34, 24AD9C808D06FABFE8E81242CAC8B5A91829F7D951B245865EF77B79BB795E3D ] tdcmdpst        C:\Windows\system32\DRIVERS\tdcmdpst.sys
22:28:26.0522 0x036c  tdcmdpst - ok
22:28:26.0554 0x036c  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:28:26.0569 0x036c  tdx - ok
22:28:26.0601 0x036c  [ E964837B2A702D82E51DE879FEFDF22B, 3C24E4E3486F4D6B4AB0E202BD45AF4D344123EB6467476A4317DB0CFA37EC86 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
22:28:26.0616 0x036c  TemproMonitoringService - ok
22:28:26.0632 0x036c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
22:28:26.0647 0x036c  terminpt - ok
22:28:26.0694 0x036c  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
22:28:26.0726 0x036c  TermService - ok
22:28:26.0772 0x036c  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
22:28:26.0772 0x036c  Themes - ok
22:28:26.0804 0x036c  [ 77CF0ECC1C2B5E616B650AB5D4931114, FFB54C264EE10AABA076B591196A98DA5F57E975A4A143AFB5424DFF726AF66F ] Thotkey         C:\Windows\System32\drivers\Thotkey.sys
22:28:26.0804 0x036c  Thotkey - ok
22:28:26.0835 0x036c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
22:28:26.0851 0x036c  THREADORDER - ok
22:28:26.0882 0x036c  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
22:28:26.0897 0x036c  TimeBroker - ok
22:28:26.0960 0x036c  [ 6C4F5CD42074DB52AE88FC4BAB2C54F7, B4E3B6A23C99A11186F4EE875871D459A7A03EF4565CA114B41FB3C982841A45 ] TMachInfo       C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
22:28:26.0960 0x036c  TMachInfo - ok
22:28:26.0991 0x036c  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
22:28:27.0007 0x036c  TODDSrv - ok
22:28:27.0038 0x036c  [ 380192EE4C9FA50A083C14522E6240C8, 539EF29B97E552F655F73EFB54AE300587F3C6FCE9AF89C81B838997E9E0CD43 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
22:28:27.0054 0x036c  TOSHIBA eco Utility Service - ok
22:28:27.0085 0x036c  [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec         C:\Windows\System32\drivers\tosrfec.sys
22:28:27.0085 0x036c  tosrfec - ok
22:28:27.0116 0x036c  [ 36391C3953D191A2AF4556D5D706C641, 5191A35C86B6C98F2CBDDC23B5311ED62310345CEDE084A54BBF70CCF0F84C50 ] tos_sps64       C:\Windows\system32\drivers\tos_sps64.sys
22:28:27.0132 0x036c  tos_sps64 - ok
22:28:27.0194 0x036c  [ 67F2A8FCD91A06E445C374C9E6BB0DD3, 3087D762421A265A0E4BB41496284B092F7F71476CC7BEC5334E3FB6414B4F41 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
22:28:27.0210 0x036c  TPCHSrv - ok
22:28:27.0226 0x036c  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
22:28:27.0241 0x036c  TPM - ok
22:28:27.0288 0x036c  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
22:28:27.0288 0x036c  TrkWks - ok
22:28:27.0351 0x036c  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:28:27.0351 0x036c  TrustedInstaller - ok
22:28:27.0382 0x036c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:28:27.0382 0x036c  TsUsbFlt - ok
22:28:27.0424 0x036c  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
22:28:27.0435 0x036c  TsUsbGD - ok
22:28:27.0450 0x036c  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:28:27.0466 0x036c  tunnel - ok
22:28:27.0482 0x036c  [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ           C:\Windows\system32\drivers\TVALZ_O.SYS
22:28:27.0482 0x036c  TVALZ - ok
22:28:27.0497 0x036c  [ 55A9A23DD64EB7781FCAB565B028CD0E, 44CE0C8244F9AE6CCCDB49C29F6D35FE4CE8C92DE5B5D44D22DBD088DE83AA10 ] TVALZFL         C:\Windows\system32\Drivers\TVALZFL.sys
22:28:27.0513 0x036c  TVALZFL - ok
22:28:27.0513 0x036c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:28:27.0529 0x036c  uagp35 - ok
22:28:27.0544 0x036c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
22:28:27.0560 0x036c  UASPStor - ok
22:28:27.0604 0x036c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
22:28:27.0604 0x036c  UCX01000 - ok
22:28:27.0651 0x036c  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:28:27.0666 0x036c  udfs - ok
22:28:27.0666 0x036c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
22:28:27.0682 0x036c  UEFI - ok
22:28:27.0729 0x036c  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:28:27.0729 0x036c  UI0Detect - ok
22:28:27.0744 0x036c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:28:27.0744 0x036c  uliagpkx - ok
22:28:27.0776 0x036c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
22:28:27.0791 0x036c  umbus - ok
22:28:27.0791 0x036c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
22:28:27.0807 0x036c  UmPass - ok
22:28:27.0838 0x036c  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:28:27.0854 0x036c  UmRdpService - ok
22:28:27.0901 0x036c  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
22:28:27.0916 0x036c  upnphost - ok
22:28:27.0948 0x036c  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
22:28:27.0963 0x036c  USBAAPL64 - ok
22:28:27.0994 0x036c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
22:28:28.0010 0x036c  usbccgp - ok
22:28:28.0026 0x036c  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
22:28:28.0041 0x036c  usbcir - ok
22:28:28.0073 0x036c  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
22:28:28.0088 0x036c  usbehci - ok
22:28:28.0104 0x036c  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
22:28:28.0135 0x036c  usbhub - ok
22:28:28.0182 0x036c  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
22:28:28.0198 0x036c  USBHUB3 - ok
22:28:28.0244 0x036c  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
22:28:28.0260 0x036c  usbohci - ok
22:28:28.0276 0x036c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
22:28:28.0276 0x036c  usbprint - ok
22:28:28.0307 0x036c  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\System32\drivers\usbscan.sys
22:28:28.0323 0x036c  usbscan - ok
22:28:28.0354 0x036c  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
22:28:28.0369 0x036c  USBSTOR - ok
22:28:28.0401 0x036c  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
22:28:28.0401 0x036c  usbuhci - ok
22:28:28.0432 0x036c  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:28:28.0448 0x036c  usbvideo - ok
22:28:28.0494 0x036c  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
22:28:28.0510 0x036c  USBXHCI - ok
22:28:28.0526 0x036c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
22:28:28.0541 0x036c  VaultSvc - ok
22:28:28.0573 0x036c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:28:28.0573 0x036c  vdrvroot - ok
22:28:28.0651 0x036c  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
22:28:28.0682 0x036c  vds - ok
22:28:28.0713 0x036c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
22:28:28.0729 0x036c  VerifierExt - ok
22:28:28.0760 0x036c  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
22:28:28.0791 0x036c  vhdmp - ok
22:28:28.0807 0x036c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:28:28.0823 0x036c  viaide - ok
22:28:28.0854 0x036c  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:28:28.0854 0x036c  vmbus - ok
22:28:28.0869 0x036c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
22:28:28.0869 0x036c  VMBusHID - ok
22:28:28.0901 0x036c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
22:28:28.0932 0x036c  vmicguestinterface - ok
22:28:28.0948 0x036c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
22:28:28.0979 0x036c  vmicheartbeat - ok
22:28:28.0994 0x036c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
22:28:29.0026 0x036c  vmickvpexchange - ok
22:28:29.0041 0x036c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
22:28:29.0057 0x036c  vmicrdv - ok
22:28:29.0088 0x036c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
22:28:29.0104 0x036c  vmicshutdown - ok
22:28:29.0135 0x036c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
22:28:29.0151 0x036c  vmictimesync - ok
22:28:29.0182 0x036c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
22:28:29.0198 0x036c  vmicvss - ok
22:28:29.0229 0x036c  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:28:29.0244 0x036c  volmgr - ok
22:28:29.0260 0x036c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:28:29.0276 0x036c  volmgrx - ok
22:28:29.0323 0x036c  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:28:29.0338 0x036c  volsnap - ok
22:28:29.0369 0x036c  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
22:28:29.0385 0x036c  vpci - ok
22:28:29.0401 0x036c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:28:29.0416 0x036c  vsmraid - ok
22:28:29.0479 0x036c  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
22:28:29.0526 0x036c  VSS - ok
22:28:29.0541 0x036c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
22:28:29.0557 0x036c  VSTXRAID - ok
22:28:29.0604 0x036c  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:28:29.0620 0x036c  vwifibus - ok
22:28:29.0651 0x036c  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:28:29.0667 0x036c  vwififlt - ok
22:28:29.0682 0x036c  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:28:29.0682 0x036c  vwifimp - ok
22:28:29.0729 0x036c  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
22:28:29.0745 0x036c  W32Time - ok
22:28:29.0761 0x036c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
22:28:29.0776 0x036c  WacomPen - ok
22:28:29.0839 0x036c  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
22:28:29.0886 0x036c  wbengine - ok
22:28:29.0917 0x036c  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:28:29.0932 0x036c  WbioSrvc - ok
22:28:29.0979 0x036c  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
22:28:29.0995 0x036c  Wcmsvc - ok
22:28:30.0042 0x036c  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:28:30.0057 0x036c  wcncsvc - ok
22:28:30.0089 0x036c  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:28:30.0104 0x036c  WcsPlugInService - ok
22:28:30.0136 0x036c  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
22:28:30.0136 0x036c  WdBoot - ok
22:28:30.0214 0x036c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:28:30.0229 0x036c  Wdf01000 - ok
22:28:30.0276 0x036c  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
22:28:30.0292 0x036c  WdFilter - ok
22:28:30.0323 0x036c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:28:30.0339 0x036c  WdiServiceHost - ok
22:28:30.0354 0x036c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:28:30.0370 0x036c  WdiSystemHost - ok
22:28:30.0370 0x036c  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
22:28:30.0386 0x036c  WdNisDrv - ok
22:28:30.0401 0x036c  WdNisSvc - ok
22:28:30.0448 0x036c  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\Windows\System32\webclnt.dll
22:28:30.0464 0x036c  WebClient - ok
22:28:30.0495 0x036c  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:28:30.0511 0x036c  Wecsvc - ok
22:28:30.0557 0x036c  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
22:28:30.0557 0x036c  WEPHOSTSVC - ok
22:28:30.0589 0x036c  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:28:30.0604 0x036c  wercplsupport - ok
22:28:30.0651 0x036c  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
22:28:30.0667 0x036c  WerSvc - ok
22:28:30.0714 0x036c  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
22:28:30.0729 0x036c  WFPLWFS - ok
22:28:30.0745 0x036c  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
22:28:30.0761 0x036c  WiaRpc - ok
22:28:30.0776 0x036c  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:28:30.0776 0x036c  WIMMount - ok
22:28:30.0792 0x036c  WinDefend - ok
22:28:30.0823 0x036c  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
22:28:30.0854 0x036c  WinHttpAutoProxySvc - ok
22:28:30.0917 0x036c  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:28:30.0932 0x036c  Winmgmt - ok
22:28:31.0026 0x036c  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:28:31.0104 0x036c  WinRM - ok
22:28:31.0136 0x036c  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
22:28:31.0136 0x036c  WinUsb - ok
22:28:31.0198 0x036c  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
22:28:31.0245 0x036c  WlanSvc - ok
22:28:31.0323 0x036c  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
22:28:31.0370 0x036c  wlidsvc - ok
22:28:31.0386 0x036c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
22:28:31.0401 0x036c  WmiAcpi - ok
22:28:31.0417 0x036c  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:28:31.0432 0x036c  wmiApSrv - ok
22:28:31.0464 0x036c  WMPNetworkSvc - ok
22:28:31.0495 0x036c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
22:28:31.0511 0x036c  Wof - ok
22:28:31.0604 0x036c  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
22:28:31.0651 0x036c  workfolderssvc - ok
22:28:31.0682 0x036c  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
22:28:31.0682 0x036c  wpcfltr - ok
22:28:31.0714 0x036c  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:28:31.0729 0x036c  WPCSvc - ok
22:28:31.0761 0x036c  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:28:31.0776 0x036c  WPDBusEnum - ok
22:28:31.0807 0x036c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
22:28:31.0807 0x036c  WpdUpFltr - ok
22:28:31.0823 0x036c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:28:31.0839 0x036c  ws2ifsl - ok
22:28:31.0886 0x036c  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
22:28:31.0901 0x036c  wscsvc - ok
22:28:31.0917 0x036c  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
22:28:31.0932 0x036c  WSDPrintDevice - ok
22:28:31.0932 0x036c  WSearch - ok
22:28:32.0058 0x036c  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
22:28:32.0167 0x036c  WSService - ok
22:28:32.0292 0x036c  [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:28:32.0386 0x036c  wuauserv - ok
22:28:32.0417 0x036c  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:28:32.0417 0x036c  WudfPf - ok
22:28:32.0433 0x036c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
22:28:32.0448 0x036c  WUDFRd - ok
22:28:32.0479 0x036c  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:28:32.0495 0x036c  wudfsvc - ok
22:28:32.0511 0x036c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
22:28:32.0526 0x036c  WUDFWpdFs - ok
22:28:32.0526 0x036c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
22:28:32.0542 0x036c  WUDFWpdMtp - ok
22:28:32.0589 0x036c  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:28:32.0620 0x036c  WwanSvc - ok
22:28:32.0636 0x036c  ================ Scan global ===============================
22:28:32.0651 0x036c  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
22:28:32.0698 0x036c  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
22:28:32.0730 0x036c  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
22:28:32.0776 0x036c  [ 5BF02EBEFEDC706318C96E2E60EDCB91, DC866C5BC3A887CAAA7169AB9BB2992F6F877B3EA04B62B4F95B6BD54943155F ] C:\Windows\system32\services.exe
22:28:32.0776 0x036c  [ Global ] - ok
22:28:32.0776 0x036c  ================ Scan MBR ==================================
22:28:32.0792 0x036c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:28:32.0870 0x036c  \Device\Harddisk0\DR0 - ok
22:28:32.0870 0x036c  ================ Scan VBR ==================================
22:28:32.0886 0x036c  [ DB1510D0CB12BFD9A1B1EEA144C719A5 ] \Device\Harddisk0\DR0\Partition1
22:28:32.0901 0x036c  \Device\Harddisk0\DR0\Partition1 - ok
22:28:32.0917 0x036c  [ 72D7998BCF70CF9CA244533E84B5A42C ] \Device\Harddisk0\DR0\Partition2
22:28:32.0933 0x036c  \Device\Harddisk0\DR0\Partition2 - ok
22:28:32.0933 0x036c  [ A93F8866A00C69ECA1CFB4AD9BF0C715 ] \Device\Harddisk0\DR0\Partition3
22:28:32.0948 0x036c  \Device\Harddisk0\DR0\Partition3 - ok
22:28:32.0964 0x036c  [ 90CB162A00C306C53A527EFA52B89B6E ] \Device\Harddisk0\DR0\Partition4
22:28:32.0980 0x036c  \Device\Harddisk0\DR0\Partition4 - ok
22:28:33.0011 0x036c  [ C459F62C5F902CD2E5A67ADCCD734773 ] \Device\Harddisk0\DR0\Partition5
22:28:33.0011 0x036c  \Device\Harddisk0\DR0\Partition5 - ok
22:28:33.0011 0x036c  ================ Scan generic autorun ======================
22:28:33.0073 0x036c  [ AC698132EDEA96B022FCB48E180EA567, 06F3BFC5FCFF1577399EF3D9C53B00D481AEBA8BA36930AF11F9AFD334A1C70D ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
22:28:33.0089 0x036c  AmIcoSinglun64 - ok
22:28:33.0183 0x036c  [ 9C1BDB837A2DA4FFC60CB61CEEA3E334, 31007C53EC7E077A6B9518FAF4D2566376C6F23FCE614AE29F2DA78DBF6BF564 ] C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
22:28:33.0245 0x036c  1.TPUReg - ok
22:28:33.0292 0x036c  [ 18DBA177BD009B91D1884C9DB62BB039, 74777A7B69BB2886920B6F1A1039A90FCA8DC2DAA1D6F985ED7F49A35C2E0D42 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
22:28:33.0308 0x036c  TSVU - ok
22:28:33.0370 0x036c  [ 3E23D1F7E91627DBD44AC82077E2BA7C, 09235370B85EF5FEA24F1291B9ADAD805C8D7357A78EF8CE3BA0E913F59145EC ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
22:28:33.0386 0x036c  avgnt - ok
22:28:33.0448 0x036c  [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:28:33.0480 0x036c  Adobe ARM - ok
22:28:33.0573 0x036c  [ 9582680F41C0C4C6E6A2ACCADD7E723E, FC1B9973D679B43B0D476252532A3A5009E94CF79D0757A1DAC422E8EEA6D2A6 ] C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe
22:28:33.0589 0x036c  ADSKAppManager - ok
22:28:33.0620 0x036c  [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
22:28:33.0636 0x036c  Avira Systray - ok
22:28:33.0761 0x036c  [ 00B8939C3E74A7C0D86852D0B6C18104, BF0471D4FECD074B27E6531F72F940AF39F1174A2AF9B14799199CD3A3443B32 ] C:\Users\falkd_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe
22:28:33.0808 0x036c  Spotify Web Helper - ok
22:28:33.0948 0x036c  [ 3255867AE34EDD5346C750677EE63354, 3FC8E1EFF33EE83717C285D0CD388886135C5BF977B69CF6ADCFD4196139D483 ] C:\Program Files (x86)\Steam\steam.exe
22:28:34.0011 0x036c  Steam - ok
22:28:34.0214 0x036c  [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\falkd_000\AppData\Local\Akamai\netsession_win.exe
22:28:34.0339 0x036c  Akamai NetSession Interface - ok
22:28:34.0339 0x036c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.9.460 ), 0x41000 ( enabled : updated )
22:28:34.0339 0x036c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
22:28:34.0339 0x036c  Win FW state via NFP2: enabled
22:28:36.0732 0x036c  ============================================================
22:28:36.0732 0x036c  Scan finished
22:28:36.0732 0x036c  ============================================================
22:28:36.0732 0x12cc  Detected object count: 0
22:28:36.0732 0x12cc  Actual detected object count: 0

[/CODE]

schrauber · 20.04.2015, 15:36

Passwort vom Mail Account ändern, falls noch nicht geschehen.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Falkze · 20.04.2015, 20:07

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v4.201 - Bericht erstellt 20/04/2015 um 20:48:09
# Aktualisiert 08/04/2015 von Xplode
# Datenbank : 2015-04-19.4 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : falkd_000 - FALK_DÖTTER
# Gestarted von : C:\Users\falkd_000\Downloads\AdwCleaner_4.201.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Schlüssel Gelöscht : HKCU\Software\OCS
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;<local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.1 (x86 de)


*************************

AdwCleaner[R0].txt - [1214 Bytes] - [20/04/2015 20:46:52]
AdwCleaner[S0].txt - [1088 Bytes] - [20/04/2015 20:48:09]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1147  Bytes] ##########

--- --- ---

[/CODE]

JRT Logfile:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.9 (04.19.2015:1)
OS: Windows 8.1 x64
Ran by falkd_000 on 20.04.2015 at 20:54:26,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2177839467-1406077244-3722988280-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-405270919-1759621043-3676443113-1001
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-405270919-1759621043-3676443113-500



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.04.2015 at 20:56:24,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

--- --- ---

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by falkd_000 (administrator) on FALK_DÖTTER on 20-04-2015 21:01:39
Running from C:\Users\falkd_000\Downloads
Loaded Profiles: falkd_000 (Available profiles: falkd_000)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Run: [Spotify Web Helper] => C:\Users\falkd_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-16] (Spotify Ltd)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Run: [Akamai NetSession Interface] => C:\Users\falkd_000\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Policies\Explorer: [] 
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-405270919-1759621043-3676443113-1001 -> {4CAC6312-6AAE-49E3-89F8-97FD79889FD9} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\falkd_000\AppData\Roaming\Mozilla\Firefox\Profiles\5qjeh986.default-1420916566898
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\falkd_000\AppData\Roaming\Mozilla\Firefox\Profiles\5qjeh986.default-1420916566898\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-10]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
S2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-05] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-22] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 21:01 - 2015-04-20 21:01 - 00000000 ____D () C:\Users\falkd_000\Downloads\FRST-OlderVersion
2015-04-20 20:56 - 2015-04-20 20:56 - 00000996 _____ () C:\Users\falkd_000\Desktop\JRT.txt
2015-04-20 20:54 - 2015-04-20 20:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FALK_DÖTTER-Windows-8.1-(64-bit).dat
2015-04-20 20:54 - 2015-04-20 20:54 - 00000000 ____D () C:\RegBackup
2015-04-20 20:53 - 2015-04-20 20:53 - 02684539 _____ (Thisisu) C:\Users\falkd_000\Downloads\JRT.exe
2015-04-20 20:46 - 2015-04-20 20:48 - 00000000 ____D () C:\AdwCleaner
2015-04-20 20:46 - 2015-04-20 20:46 - 02217984 _____ () C:\Users\falkd_000\Downloads\AdwCleaner_4.201.exe
2015-04-19 22:22 - 2015-04-19 22:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\falkd_000\Desktop\tdsskiller.exe
2015-04-19 21:13 - 2015-04-19 21:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-19 21:12 - 2015-04-19 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-19 21:12 - 2015-04-19 21:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-19 21:10 - 2015-04-19 22:17 - 00000000 ____D () C:\Users\falkd_000\Desktop\mbar
2015-04-19 21:10 - 2015-04-19 21:44 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-19 21:07 - 2015-04-19 21:09 - 16502728 _____ (Malwarebytes Corp.) C:\Users\falkd_000\Desktop\mbar-1.09.1.1004.exe
2015-04-19 11:51 - 2015-04-19 11:52 - 00000049 _____ () C:\Users\falkd_000\Desktop\trojaner_board.txt
2015-04-19 10:09 - 2015-04-19 10:10 - 00024132 _____ () C:\Users\falkd_000\Downloads\Addition.txt
2015-04-19 10:08 - 2015-04-20 21:01 - 00012587 _____ () C:\Users\falkd_000\Downloads\FRST.txt
2015-04-19 10:07 - 2015-04-20 21:01 - 00000000 ____D () C:\FRST
2015-04-19 10:06 - 2015-04-20 21:01 - 02099712 _____ (Farbar) C:\Users\falkd_000\Downloads\FRST64.exe
2015-04-18 23:27 - 2015-04-18 23:27 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-17 16:27 - 2015-04-17 16:28 - 00000633 _____ () C:\Users\falkd_000\Desktop\track mania.txt
2015-04-16 15:52 - 2015-04-16 15:52 - 00000000 ____D () C:\Users\falkd_000\Desktop\Hydrologie
2015-04-16 12:48 - 2015-04-16 12:48 - 00000000 ____D () C:\Users\falkd_000\Documents\Fax
2015-04-15 17:27 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 17:27 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 17:27 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 17:27 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 17:27 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 17:27 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 17:27 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 17:27 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 17:27 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 17:27 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 17:27 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 17:27 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 17:27 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 17:27 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 17:27 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 17:27 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 17:27 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 17:27 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 17:27 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 17:26 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 17:26 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 17:26 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 17:26 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 17:26 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 17:26 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 17:26 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 17:26 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 17:26 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 17:26 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 17:26 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 17:26 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 17:26 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 17:26 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 17:26 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 17:26 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 17:26 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 17:26 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 17:26 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 17:26 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 17:26 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 17:26 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 17:25 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 17:25 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 17:25 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 17:25 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 17:25 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 17:25 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 17:25 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 17:25 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 17:25 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 17:25 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 17:25 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 17:25 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 17:25 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 17:25 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 17:25 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 17:25 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 17:25 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 17:25 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 17:25 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 17:25 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 17:25 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 17:25 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 17:25 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 17:25 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-08 00:58 - 2015-04-08 00:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-05 03:16 - 2015-04-05 03:19 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 03:16 - 2015-04-05 03:16 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-02 16:05 - 2015-04-02 16:20 - 00046565 _____ () C:\Users\falkd_000\Desktop\Studienarbeit_MB_Treppe.dwg
2015-03-27 03:01 - 2015-03-27 03:01 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-03-27 02:56 - 2015-03-27 02:56 - 00002229 _____ () C:\Users\falkd_000\Desktop\Autodesk® AutoCAD® 2015 jetzt installieren.lnk
2015-03-27 02:56 - 2015-03-27 02:56 - 00000000 ____D () C:\Users\falkd_000\Documents\Autodesk Application Manager
2015-03-27 02:56 - 2015-03-27 02:56 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-03-27 02:54 - 2015-03-27 02:54 - 00002066 _____ () C:\Users\Public\Desktop\Autodesk ReCap.lnk
2015-03-27 02:54 - 2015-03-27 02:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
2015-03-27 02:46 - 2015-03-27 03:13 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Autodesk
2015-03-27 02:46 - 2015-03-27 02:46 - 00002127 _____ () C:\Users\Public\Desktop\AutoCAD 2015 - Deutsch (German).lnk
2015-03-27 02:46 - 2015-03-27 02:46 - 00000000 ____D () C:\Users\falkd_000\Documents\Inventor Server SDK ACAD 2015
2015-03-27 02:46 - 2015-03-27 02:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 - Deutsch (German)
2015-03-27 02:44 - 2015-03-27 02:44 - 00000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-03-27 02:44 - 2015-03-27 02:44 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-03-27 02:41 - 2015-03-27 02:56 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-03-27 02:41 - 2015-03-27 02:54 - 00000000 ____D () C:\Program Files\Autodesk
2015-03-27 02:41 - 2015-03-27 02:41 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2015-03-26 23:52 - 2015-03-26 23:52 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-03-26 23:48 - 2015-03-27 02:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-03-26 23:47 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-03-26 23:38 - 2015-03-27 14:55 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Autodesk
2015-03-26 23:38 - 2015-03-27 14:55 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-26 23:34 - 2015-03-26 23:35 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Akamai
2015-03-26 23:34 - 2015-03-26 23:34 - 00000000 ____D () C:\Autodesk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-20 20:52 - 2014-11-08 02:10 - 00000000 __RDO () C:\Users\falkd_000\SkyDrive
2015-04-20 20:51 - 2015-03-17 11:49 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-20 20:49 - 2013-08-22 16:46 - 00026792 _____ () C:\Windows\setupact.log
2015-04-20 20:49 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-20 20:48 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-20 20:35 - 2014-03-24 21:50 - 01109781 _____ () C:\Windows\WindowsUpdate.log
2015-04-20 17:05 - 2014-11-08 19:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-19 22:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-19 21:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-18 23:39 - 2013-11-24 21:37 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-18 23:39 - 2013-08-28 11:59 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-04-18 23:39 - 2013-08-28 11:59 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-04-18 23:30 - 2014-11-08 03:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 23:30 - 2013-11-25 06:24 - 00377498 _____ () C:\Windows\PFRO.log
2015-04-18 23:27 - 2015-03-07 04:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-18 14:06 - 2014-12-06 15:08 - 00024064 ___SH () C:\Users\falkd_000\Downloads\Thumbs.db
2015-04-17 14:17 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-15 17:45 - 2014-11-08 14:32 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 17:43 - 2014-11-08 14:32 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 17:27 - 2015-03-16 13:55 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Spotify
2015-04-15 17:27 - 2015-03-16 13:53 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Spotify
2015-04-15 17:25 - 2014-11-12 05:07 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-14 19:07 - 2014-11-08 19:53 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 01:24 - 2013-08-22 17:38 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-10 11:11 - 2014-11-08 18:54 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\vlc
2015-04-10 01:16 - 2014-11-08 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-10 01:16 - 2014-03-24 21:50 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-10 01:15 - 2014-11-08 17:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-09 01:49 - 2014-11-08 17:28 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Avira
2015-04-09 01:48 - 2014-11-08 17:26 - 00000000 ____D () C:\ProgramData\Avira
2015-04-08 15:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-02 16:20 - 2014-11-10 14:10 - 00313856 ___SH () C:\Users\falkd_000\Desktop\Thumbs.db
2015-04-02 15:49 - 2014-11-14 00:26 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Battle.net
2015-03-27 02:58 - 2013-08-22 16:44 - 00441600 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-27 02:57 - 2014-11-08 02:02 - 00000000 ____D () C:\Users\falkd_000
2015-03-27 02:34 - 2015-02-03 00:27 - 00091356 _____ () C:\Windows\DirectX.log
2015-03-23 20:15 - 2014-11-08 19:52 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-12-01 15:51 - 2014-12-01 15:51 - 0003584 _____ () C:\Users\falkd_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-27 02:44 - 2015-03-27 02:44 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\falkd_000\AppData\Local\Temp\AcDeltree.exe
C:\Users\falkd_000\AppData\Local\Temp\avgnt.exe
C:\Users\falkd_000\AppData\Local\Temp\Quarantine.exe
C:\Users\falkd_000\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-14 17:02

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Ich bin geistert, wie reibungslos die Anwendung der Programme unter ihrer Anleitung funktioniert. Danke nochmals für ihre Unterstützung!
Können Sie bereits etwas dazu sagen, ob ich möglicherweise einen Trojaner auf dem System habe oder ,,lediglich'' mein MailAccount betroffen ist.

Danke

beste Grüße
Falkze

schrauber · 21.04.2015, 12:51

Da war schon Adware auf dem Rechner, hatte aber nichts mit dem Mailaccount zu tun

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Falkze · 21.04.2015, 15:57

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=4d2527c2782bde41a25f9a69763bcc1c
# engine=23489
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-21 01:57:42
# local_time=2015-04-21 03:57:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 3295830 54505955 0 0
# scanned=285422
# found=2
# cleaned=0
# scan_time=4383
sh=DD19A9445146B63AEE8E0EB328D52E5BD2071466 ft=1 fh=188b4abc7d9fafc7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-405270919-1759621043-3676443113-1001\$RDP5JTI.exe"
sh=47B19AB97028D8925579BED54EFEE88C8107D6B6 ft=1 fh=34f71966959b3eb8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\falkd_000\AppData\Local\Temp\DMR\dmr_72.exe"

Code:

ATTFilter

 Results of screen317's Security Check version 1.00  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus    
Windows Defender   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 	17.0.0.169  
 Adobe Reader XI  
 Mozilla Firefox (37.0.1) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by falkd_000 (administrator) on FALK_DÖTTER on 21-04-2015 16:53:36
Running from C:\Users\falkd_000\Downloads
Loaded Profiles: falkd_000 (Available profiles: falkd_000)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [493960 2014-12-05] (Autodesk Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Run: [Spotify Web Helper] => C:\Users\falkd_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1959992 2015-03-16] (Spotify Ltd)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2874048 2015-02-19] (Valve Corporation)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Run: [Akamai NetSession Interface] => C:\Users\falkd_000\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Policies\Explorer: [] 
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-405270919-1759621043-3676443113-1001 -> {4CAC6312-6AAE-49E3-89F8-97FD79889FD9} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\falkd_000\AppData\Roaming\Mozilla\Firefox\Profiles\5qjeh986.default-1420916566898
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\falkd_000\AppData\Roaming\Mozilla\Firefox\Profiles\5qjeh986.default-1420916566898\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-10]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [599944 2014-12-05] (Autodesk Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-09] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
S2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-16] (Qualcomm Atheros Communications, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-05] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-22] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-21 16:51 - 2015-04-21 16:51 - 00852616 _____ () C:\Users\falkd_000\Downloads\SecurityCheck.exe
2015-04-21 14:38 - 2015-04-21 14:39 - 02347384 _____ (ESET) C:\Users\falkd_000\Downloads\esetsmartinstaller_deu.exe
2015-04-20 21:01 - 2015-04-20 21:01 - 00000000 ____D () C:\Users\falkd_000\Downloads\FRST-OlderVersion
2015-04-20 20:56 - 2015-04-20 20:56 - 00000996 _____ () C:\Users\falkd_000\Desktop\JRT.txt
2015-04-20 20:54 - 2015-04-20 20:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FALK_DÖTTER-Windows-8.1-(64-bit).dat
2015-04-20 20:54 - 2015-04-20 20:54 - 00000000 ____D () C:\RegBackup
2015-04-20 20:53 - 2015-04-20 20:53 - 02684539 _____ (Thisisu) C:\Users\falkd_000\Downloads\JRT.exe
2015-04-20 20:46 - 2015-04-20 20:48 - 00000000 ____D () C:\AdwCleaner
2015-04-20 20:46 - 2015-04-20 20:46 - 02217984 _____ () C:\Users\falkd_000\Downloads\AdwCleaner_4.201.exe
2015-04-19 22:22 - 2015-04-19 22:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\falkd_000\Desktop\tdsskiller.exe
2015-04-19 21:13 - 2015-04-19 21:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-19 21:12 - 2015-04-19 22:18 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-19 21:12 - 2015-04-19 21:45 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-19 21:10 - 2015-04-19 22:17 - 00000000 ____D () C:\Users\falkd_000\Desktop\mbar
2015-04-19 21:10 - 2015-04-19 21:44 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-19 21:07 - 2015-04-19 21:09 - 16502728 _____ (Malwarebytes Corp.) C:\Users\falkd_000\Desktop\mbar-1.09.1.1004.exe
2015-04-19 11:51 - 2015-04-19 11:52 - 00000049 _____ () C:\Users\falkd_000\Desktop\trojaner_board.txt
2015-04-19 10:09 - 2015-04-19 10:10 - 00024132 _____ () C:\Users\falkd_000\Downloads\Addition.txt
2015-04-19 10:08 - 2015-04-21 16:53 - 00012808 _____ () C:\Users\falkd_000\Downloads\FRST.txt
2015-04-19 10:07 - 2015-04-21 16:53 - 00000000 ____D () C:\FRST
2015-04-19 10:06 - 2015-04-20 21:01 - 02099712 _____ (Farbar) C:\Users\falkd_000\Downloads\FRST64.exe
2015-04-18 23:27 - 2015-04-18 23:27 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-17 16:27 - 2015-04-17 16:28 - 00000633 _____ () C:\Users\falkd_000\Desktop\track mania.txt
2015-04-16 15:52 - 2015-04-16 15:52 - 00000000 ____D () C:\Users\falkd_000\Desktop\Hydrologie
2015-04-16 12:48 - 2015-04-16 12:48 - 00000000 ____D () C:\Users\falkd_000\Documents\Fax
2015-04-15 17:27 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 17:27 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 17:27 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 17:27 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 17:27 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 17:27 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 17:27 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 17:27 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 17:27 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 17:27 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 17:27 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 17:27 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 17:27 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 17:27 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 17:27 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 17:27 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 17:27 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 17:27 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 17:27 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 17:26 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 17:26 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 17:26 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 17:26 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 17:26 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 17:26 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 17:26 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 17:26 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 17:26 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 17:26 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 17:26 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 17:26 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 17:26 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 17:26 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 17:26 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 17:26 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 17:26 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 17:26 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 17:26 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 17:26 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 17:26 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 17:26 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 17:25 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 17:25 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 17:25 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 17:25 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 17:25 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 17:25 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 17:25 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 17:25 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 17:25 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 17:25 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 17:25 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 17:25 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 17:25 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 17:25 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 17:25 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 17:25 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 17:25 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 17:25 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 17:25 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 17:25 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 17:25 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 17:25 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 17:25 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 17:25 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 17:25 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-08 00:58 - 2015-04-08 00:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-05 03:16 - 2015-04-05 03:19 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 03:16 - 2015-04-05 03:16 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-02 16:05 - 2015-04-02 16:20 - 00046565 _____ () C:\Users\falkd_000\Desktop\Studienarbeit_MB_Treppe.dwg
2015-03-27 03:01 - 2015-03-27 03:01 - 00000000 ____D () C:\ProgramData\FLEXnet
2015-03-27 02:56 - 2015-03-27 02:56 - 00002229 _____ () C:\Users\falkd_000\Desktop\Autodesk® AutoCAD® 2015 jetzt installieren.lnk
2015-03-27 02:56 - 2015-03-27 02:56 - 00000000 ____D () C:\Users\falkd_000\Documents\Autodesk Application Manager
2015-03-27 02:56 - 2015-03-27 02:56 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-03-27 02:54 - 2015-03-27 02:54 - 00002066 _____ () C:\Users\Public\Desktop\Autodesk ReCap.lnk
2015-03-27 02:54 - 2015-03-27 02:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk ReCap
2015-03-27 02:46 - 2015-03-27 03:13 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Autodesk
2015-03-27 02:46 - 2015-03-27 02:46 - 00002127 _____ () C:\Users\Public\Desktop\AutoCAD 2015 - Deutsch (German).lnk
2015-03-27 02:46 - 2015-03-27 02:46 - 00000000 ____D () C:\Users\falkd_000\Documents\Inventor Server SDK ACAD 2015
2015-03-27 02:46 - 2015-03-27 02:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 - Deutsch (German)
2015-03-27 02:44 - 2015-03-27 02:44 - 00000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2015-03-27 02:44 - 2015-03-27 02:44 - 00000000 ____D () C:\Program Files\Common Files\Macrovision Shared
2015-03-27 02:41 - 2015-03-27 02:56 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2015-03-27 02:41 - 2015-03-27 02:54 - 00000000 ____D () C:\Program Files\Autodesk
2015-03-27 02:41 - 2015-03-27 02:41 - 00000000 ____D () C:\Users\Public\Documents\Autodesk
2015-03-26 23:52 - 2015-03-26 23:52 - 00000000 ____D () C:\Program Files (x86)\Autodesk
2015-03-26 23:48 - 2015-03-27 02:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-03-26 23:47 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-03-26 23:47 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-03-26 23:47 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-03-26 23:38 - 2015-03-27 14:55 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Autodesk
2015-03-26 23:38 - 2015-03-27 14:55 - 00000000 ____D () C:\ProgramData\Autodesk
2015-03-26 23:34 - 2015-03-26 23:35 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Akamai
2015-03-26 23:34 - 2015-03-26 23:34 - 00000000 ____D () C:\Autodesk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-21 16:05 - 2014-11-08 19:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-21 15:07 - 2014-03-24 21:50 - 01376322 _____ () C:\Windows\WindowsUpdate.log
2015-04-21 15:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-21 14:39 - 2013-11-24 21:37 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-21 14:39 - 2013-08-28 11:59 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-04-21 14:39 - 2013-08-28 11:59 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-04-21 13:29 - 2014-11-08 02:10 - 00000000 __RDO () C:\Users\falkd_000\SkyDrive
2015-04-21 01:12 - 2014-11-10 14:10 - 00325632 ___SH () C:\Users\falkd_000\Desktop\Thumbs.db
2015-04-20 20:51 - 2015-03-17 11:49 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-20 20:49 - 2013-08-22 16:46 - 00026792 _____ () C:\Windows\setupact.log
2015-04-20 20:49 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-20 20:48 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-19 22:15 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-19 21:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-18 23:30 - 2014-11-08 03:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-18 23:30 - 2013-11-25 06:24 - 00377498 _____ () C:\Windows\PFRO.log
2015-04-18 23:27 - 2015-03-07 04:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-18 14:06 - 2014-12-06 15:08 - 00024064 ___SH () C:\Users\falkd_000\Downloads\Thumbs.db
2015-04-17 14:17 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-15 17:45 - 2014-11-08 14:32 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 17:43 - 2014-11-08 14:32 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 17:27 - 2015-03-16 13:55 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Spotify
2015-04-15 17:27 - 2015-03-16 13:53 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Spotify
2015-04-15 17:25 - 2014-11-12 05:07 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-14 19:07 - 2014-11-08 19:53 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 01:24 - 2013-08-22 17:38 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-10 11:11 - 2014-11-08 18:54 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\vlc
2015-04-10 01:16 - 2014-11-08 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-10 01:16 - 2014-03-24 21:50 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-10 01:15 - 2014-11-08 17:26 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-04-09 01:49 - 2014-11-08 17:28 - 00000000 ____D () C:\Users\falkd_000\AppData\Roaming\Avira
2015-04-09 01:48 - 2014-11-08 17:26 - 00000000 ____D () C:\ProgramData\Avira
2015-04-08 15:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-02 15:49 - 2014-11-14 00:26 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Battle.net
2015-03-27 02:58 - 2013-08-22 16:44 - 00441600 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-27 02:57 - 2014-11-08 02:02 - 00000000 ____D () C:\Users\falkd_000
2015-03-27 02:34 - 2015-02-03 00:27 - 00091356 _____ () C:\Windows\DirectX.log
2015-03-23 20:15 - 2014-11-08 19:52 - 00000000 ____D () C:\Users\falkd_000\AppData\Local\Adobe

==================== Files in the root of some directories =======

2014-12-01 15:51 - 2014-12-01 15:51 - 0003584 _____ () C:\Users\falkd_000\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-27 02:44 - 2015-03-27 02:44 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Some content of TEMP:
====================
C:\Users\falkd_000\AppData\Local\Temp\AcDeltree.exe
C:\Users\falkd_000\AppData\Local\Temp\avgnt.exe
C:\Users\falkd_000\AppData\Local\Temp\Quarantine.exe
C:\Users\falkd_000\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-14 17:02

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Das ist doch schonmal eine gute Nachricht! =)
Dann wird das größte übel wohl sein, dass die Mail mit Inhalt der Viagra-Seite an den Leiter des Bauamts ging bei welchem ich Praktikum mache

Danke, bisher habe Ich sonst keine weiteren Fragen. =)

schrauber · 22.04.2015, 08:09

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\$RECYCLE.BIN
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Policies\Explorer: [] 
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Falkze · 22.04.2015, 16:17

okay nun habe ich zum ersten mal ein problem..
Das Textdokument habe ich erstellt mit dem Code.
Benannt habe ich das Textdokument mit ,,Fixlist.txt''. Wenn ich FRST nun starte und den ,,Fix'' Button drücke kommt das es die Datei nicht findet.
Ich habe es probiert indem ich es einmal in dem FRST Ordner gespeichert habe und einmal auf dem Desktop gelassen habe. Funktioniert beidemale nicht :/
In welchen unterordner des frst gehört die datei?

Gruß Falk

schrauber · 23.04.2015, 07:58

Nicht Ordner, die gehört neben das Programm FRST, also in deinen Download Ordner

Falkze · 23.04.2015, 17:44

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-04-2015
Ran by falkd_000 at 2015-04-23 18:13:04 Run:1
Running from C:\Users\falkd_000\Downloads
Loaded Profiles: falkd_000 (Available profiles: falkd_000)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\$RECYCLE.BIN
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\...\Policies\Explorer: [] 
Emptytemp:
*****************

C:\$RECYCLE.BIN => Moved successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-405270919-1759621043-3676443113-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\ => value deleted successfully.
EmptyTemp: => Removed 2.2 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 18:13:30 ====

Eine Frage dann noch... Sollte das CleanUp auch umbedingt noch gemacht werden um eine ,,Diagnose'' zu stellen? Oder dient es der weiteren Absicherung?

Beste Grüße

Falk

schrauber · 24.04.2015, 08:12

Nee, das Cleanup räumt unsere Arbeit auf, wie der Name schon sagt, denn der Rechner ist jetzt sauber und wir sind fertig

,,keineantwortadresse@web.de'' - Spam Mail wurde ausgehend meines Email Accounts versendet. Mit Inhalt: Link eines Pharmazieonline portals

Log-Analyse und Auswertung: ,,keineantwortadresse@web.de'' - Spam Mail wurde ausgehend meines Email Accounts versendet. Mit Inhalt: Link eines Pharmazieonline portals