| |
| |||||||
Log-Analyse und Auswertung: DHL-Trojaner-EMail mit PDF-Anhang geöffnetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
14.05.2015, 11:50
| #1 |
| |  DHL-Trojaner-EMail mit PDF-Anhang geöffnet Hallo, ich habe gestern eine DHL-Trojaner-Mail bekommen und den PDF-Anhang zur E-Mail geöffnet. Ich bin mir allerdings nicht mehr sicher, ob die PDF-Datei einen Link beinhaltete oder nicht bzw. ob ich den auch angeklickt habe. Mein Kaspersky Anti-Virus-Scan hat nichts gefunden. Dasselbe gilt für Kaspersky TDSSKilleer und Mbar, die ich mir dann schnell runtergeladen habe. Aus den Logs (gmer, defogger, frst) werde ich auch nicht schlau. Trotzdessen bleiben Zweifel, ob alles in Ordnung ist bzw. ob sich der Trojaner-Virus dennoch in mein System eingeschlichen hat. Ich bin ein Laie und würde mich über eure Hilfe freuen. Vielen Dank im Voraus. |
|
14.05.2015, 12:03
| #2 |
| /// the machine /// TB-Ausbilder    | DHL-Trojaner-EMail mit PDF-Anhang geöffnet hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
14.05.2015, 14:11
| #3 |
| | DHL-Trojaner-EMail mit PDF-Anhang geöffnet Hallo,
__________________danke für die schnelle Rückmeldung. Das Systemtyp von meinem PC ist 64-Bit. Die 64-Version von FRST, die ich vorhin runtergeladen habe, passt also?! Anbei die beiden Logs von FRST64: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2015 01
Ran by nomad81 (administrator) on XYZ on 14-05-2015 14:55:41
Running from C:\Users\nomad81\Desktop
Loaded Profiles: nomad81 (Available profiles: nomad81)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-12] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-18] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [178512 2015-03-13] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [164568 2015-03-13] (NVIDIA Corporation)
Startup: C:\Users\nomad81\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-03-23]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\nomad81\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_59536739.lnk [2014-04-19]
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-836943027-871465299-3026659436-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-836943027-871465299-3026659436-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
HKU\S-1-5-21-836943027-871465299-3026659436-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://toshiba.eu/symbaloo_c
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {FB61FD3C-B82B-450B-BAD1-3867AC51D0A1} URL =
SearchScopes: HKU\.DEFAULT -> {FB61FD3C-B82B-450B-BAD1-3867AC51D0A1} URL =
SearchScopes: HKU\S-1-5-21-836943027-871465299-3026659436-1002 -> DefaultScope {FB61FD3C-B82B-450B-BAD1-3867AC51D0A1} URL =
SearchScopes: HKU\S-1-5-21-836943027-871465299-3026659436-1002 -> {FB61FD3C-B82B-450B-BAD1-3867AC51D0A1} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2014-03-23] (Microsoft Corporation)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-19] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-03-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-03-23] (Microsoft Corporation)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-10-19] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2014-03-23] (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2014-03-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\nomad81\AppData\Roaming\Mozilla\Firefox\Profiles\qdbp4eny.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-10-19] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-10-19] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-10-19] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-23] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF user.js: detected! => C:\Users\nomad81\AppData\Roaming\Mozilla\Firefox\Profiles\qdbp4eny.default\user.js [2015-02-23]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2014-08-21]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-08-21]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2014-08-21]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2014-08-21]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2014-08-21]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [131312 2015-03-19] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-04] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-03-19] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-07-19] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3820960 2015-03-19] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 59536739; C:\Windows\system32\DRIVERS\59536739.sys [460888 2014-04-19] (Kaspersky Lab ZAO)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [253680 2015-03-19] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2012-07-27] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [142344 2014-10-19] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [771272 2014-10-19] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [67680 2014-03-19] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3497240 2015-03-23] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-08-06] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows (R) Win 7 DDK provider)
S3 Tosrfcom; No ImagePath
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
U3 uxldipow; \??\C:\Users\nomad81\AppData\Local\Temp\uxldipow.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-14 14:55 - 2015-05-14 14:56 - 00019357 _____ () C:\Users\nomad81\Desktop\FRST.txt.txt
2015-05-14 11:49 - 2015-05-14 11:49 - 00370971 _____ () C:\Users\nomad81\Desktop\gmer_2.1.19355.zip
2015-05-14 11:45 - 2015-05-14 11:45 - 00000000 ____D () C:\Users\nomad81\Desktop\FRST-OlderVersion
2015-05-14 11:42 - 2015-05-14 11:42 - 00050477 _____ () C:\Users\nomad81\Desktop\Defogger.exe
2015-05-14 11:42 - 2015-05-14 11:42 - 00000000 _____ () C:\Users\nomad81\defogger_reenable
2015-05-14 10:48 - 2015-05-14 14:55 - 00000000 ____D () C:\FRST
2015-05-14 10:47 - 2015-05-14 11:45 - 02105856 _____ (Farbar) C:\Users\nomad81\Desktop\FRST64.exe
2015-05-14 10:23 - 2015-05-14 10:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\nomad81\Desktop\tdsskiller.exe
2015-05-14 10:16 - 2015-05-14 10:16 - 00001182 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-14 10:16 - 2015-05-14 10:16 - 00001170 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-14 10:16 - 2015-05-14 10:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-14 10:16 - 2015-05-14 10:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-14 10:16 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 10:16 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 23:39 - 2015-05-14 11:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-13 23:39 - 2015-05-14 11:02 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-13 23:39 - 2015-05-13 23:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-13 23:36 - 2015-05-14 11:01 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-13 23:35 - 2015-05-14 11:30 - 00000000 ____D () C:\Users\nomad81\Desktop\mbar
2015-05-13 23:32 - 2015-05-13 23:33 - 16502728 _____ (Malwarebytes Corp.) C:\Users\nomad81\Desktop\mbar-1.09.1.1004.exe
2015-05-13 22:30 - 2015-05-13 22:30 - 00000000 ____D () C:\KVRT_Data
2015-05-13 22:21 - 2015-05-13 22:29 - 110613848 _____ (Kaspersky Lab ZAO) C:\Users\nomad81\Desktop\KVRT.exe
2015-05-13 08:06 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 08:06 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-13 08:06 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 08:06 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 08:06 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 08:05 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 08:05 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 08:05 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 08:05 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 08:05 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 08:05 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 08:05 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 08:05 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 08:05 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 08:05 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 08:05 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-05-13 08:05 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 08:05 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 08:05 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 08:05 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-13 08:05 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 08:05 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 08:05 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-13 08:05 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 08:05 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-05-13 08:05 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 08:05 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 08:05 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 08:05 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 08:05 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 08:05 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 08:05 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-13 08:05 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 08:05 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-13 08:05 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 08:05 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-05-13 08:05 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 08:05 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 08:05 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 08:05 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 08:05 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 08:05 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 08:05 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 08:05 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 08:05 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 08:05 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 08:05 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 08:05 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 08:05 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 08:05 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 07:59 - 2015-05-13 07:59 - 00000000 ___RD () C:\Users\nomad81\OneDrive
2015-05-01 13:32 - 2015-05-01 13:32 - 00000000 ____D () C:\Program Files\Common Files\Intel
2015-05-01 13:32 - 2015-05-01 13:32 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-04-14 22:33 - 2015-04-14 22:33 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-14 21:17 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-14 21:17 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-14 21:17 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-14 21:17 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-14 21:17 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-14 21:17 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-14 21:17 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-14 21:17 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-14 21:17 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-14 21:17 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-14 21:17 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-14 21:17 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-14 21:17 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-14 21:17 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-14 21:17 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-14 21:17 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-14 21:17 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-14 21:16 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-14 21:16 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-14 21:16 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-14 21:16 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-14 21:16 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-14 21:16 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-14 21:16 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 21:16 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-14 21:16 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-14 21:16 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-14 21:16 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-14 21:16 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-14 21:16 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-14 21:16 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-14 21:16 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-14 21:16 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-14 21:16 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-14 21:16 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-14 21:16 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-14 21:16 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-14 21:16 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-14 21:16 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-14 21:16 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-14 21:16 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-14 21:16 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-14 21:16 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-14 21:16 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-14 21:16 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-14 21:16 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 21:16 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-14 14:46 - 2014-03-14 22:20 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-836943027-871465299-3026659436-1002
2015-05-14 14:42 - 2013-12-25 02:17 - 01915166 _____ () C:\Windows\WindowsUpdate.log
2015-05-14 14:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-14 13:47 - 2014-08-21 21:17 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-14 13:40 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-05-14 12:02 - 2014-01-21 21:56 - 00380416 _____ () C:\Users\nomad81\Desktop\gmer.exe
2015-05-14 11:42 - 2014-03-14 22:14 - 00000000 ____D () C:\Users\nomad81
2015-05-14 11:42 - 2013-11-24 21:37 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-14 11:42 - 2013-08-28 11:59 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2015-05-14 11:42 - 2013-08-28 11:59 - 00159366 _____ () C:\Windows\system32\perfc007.dat
2015-05-14 11:35 - 2013-08-22 16:46 - 00020752 _____ () C:\Windows\setupact.log
2015-05-14 11:35 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-14 11:35 - 2013-08-22 16:44 - 00372760 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 11:32 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-14 11:30 - 2013-08-22 15:36 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 10:19 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-14 10:10 - 2013-08-22 21:11 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 07:59 - 2014-03-23 21:04 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-836943027-871465299-3026659436-1002
2015-05-05 19:59 - 2015-03-12 21:43 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2015-03-12 21:43 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-01 13:34 - 2013-12-25 02:22 - 00085358 _____ () C:\Windows\DPINST.LOG
2015-05-01 13:34 - 2013-12-25 02:09 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-01 13:33 - 2013-12-25 02:27 - 00000000 ____D () C:\ProgramData\Package Cache
2015-05-01 13:33 - 2013-12-25 02:12 - 00000000 ____D () C:\ProgramData\Intel
2015-05-01 13:31 - 2013-12-25 02:12 - 00000000 ____D () C:\Program Files\Intel
2015-04-16 20:43 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-15 21:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-14 22:33 - 2015-03-11 23:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-14 21:25 - 2014-03-15 13:01 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-14 21:23 - 2014-03-15 13:01 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 21:16 - 2014-11-11 21:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
Some content of TEMP:
====================
C:\Users\nomad81\AppData\Local\Temp\avira-eu-cleaner_de.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-04 21:35
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2015 01
Ran by nomad81 at 2015-05-14 14:56:17
Running from C:\Users\nomad81\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-836943027-871465299-3026659436-500 - Administrator - Disabled)
Gast (S-1-5-21-836943027-871465299-3026659436-501 - Limited - Disabled)
nomad81 (S-1-5-21-836943027-871465299-3026659436-1002 - Administrator - Enabled) => C:\Users\nomad81
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Amazon 1Button App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.4 - Amazon)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.32(T) - TOSHIBA CORPORATION)
Canon CanoScan LiDE 120 On-screen Manual (HKLM-x32\...\Canon CanoScan LiDE 120 On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.11.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
CanoScan LiDE 120 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2415) (Version: 1.00 - Canon Inc.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
DTS Studio Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
Evernote (HKLM-x32\...\Evernote) (Version: 1.0.0 - Evernote Launcher by Toshiba Europe GmbH)
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{182D4D1C-F9C5-4758-9B8C-157655C9F29B}) (Version: 17.1.1512.0771 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{6535d76a-59fb-4935-b2c5-cd61917c4a4b}) (Version: 17.16.0 - Intel Corporation)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-836943027-871465299-3026659436-1002\...\OneDriveSetup.exe) (Version: 17.3.5849.0427 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{2749c485-3a8b-4533-92ff-7cf6e8221cff}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 38.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0 (x86 de)) (Version: 38.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0 - Mozilla)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1510 - Microsoft Corporation) Hidden
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Addendum (HKLM-x32\...\{C1569944-FAD6-4B3B-85E5-C213C2FF8EFC}) (Version: 1.00 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{5F6AC07E-50EF-422E-B56E-6521E5B35139}) (Version: 1.1.12.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.0003.64001 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.346 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start Screen Option (HKLM\...\{06B71035-F19F-4F76-9875-FFCCD4FC3F83}) (Version: 1.00.00.6403 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.5.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.27.102 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-836943027-871465299-3026659436-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\nomad81\AppData\Local\Microsoft\OneDrive\17.3.5849.0427\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
23-04-2015 19:18:46 Geplanter Prüfpunkt
01-05-2015 13:29:54 Intel® PROSet/Wireless Software
09-05-2015 16:16:28 Geplanter Prüfpunkt
14-05-2015 10:08:12 Windows Modules Installer
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0891751A-931E-416C-8A8B-6D582BF72D60} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {20C7A75C-5892-491E-A7EA-5107FFE81D9E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-14] (Microsoft Corporation)
Task: {4B7FBCC2-E3FF-406C-9966-6BCC7F8ADACD} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {4C051551-F4EA-4577-AC78-3A63521C4E47} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {574E0C2D-9361-4C88-9204-359ECDB885B2} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {5782365D-293A-4CBD-A951-A766A8CC2034} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation)
Task: {9EB471E0-9ED9-4EEC-A252-41E72DA1FF3D} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-19] (Toshiba Europe GmbH)
Task: {CC0CBF5D-461C-4EF2-A0B4-4863B49C57ED} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2014-03-01] (Microsoft Corporation)
Task: {CF644552-11BF-4D33-9350-541420CD0838} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {D8616EA8-60E3-4711-8FBC-C93503051686} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-836943027-871465299-3026659436-1002 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {E6AB9120-FECB-4102-9143-E2A79B60F88B} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-11-09] (TOSHIBA Corporation)
==================== Loaded Modules (whitelisted) ==============
2013-03-27 22:53 - 2013-03-27 22:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2006-12-04 02:26 - 2006-12-04 02:26 - 00022016 _____ () C:\Windows\System32\sugs2l6.dll
2014-03-23 20:35 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-03-23 20:29 - 2014-01-02 19:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2013-09-10 22:54 - 2013-09-10 22:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-12-25 02:17 - 2015-03-13 21:41 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-12-25 02:18 - 2015-03-13 18:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2013-12-25 02:11 - 2013-09-04 02:52 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-12-25 02:17 - 2015-03-13 21:41 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2014-10-19 11:57 - 00642344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00347328 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-836943027-871465299-3026659436-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\nomad81\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Nvtmru"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "TCrdMain"
HKLM\...\StartupApproved\Run: => "ThpSrv"
HKLM\...\StartupApproved\Run: => "TSSSrv"
HKLM\...\StartupApproved\Run: => "TosWaitSrv"
HKLM\...\StartupApproved\Run32: => "1.TPUReg"
HKLM\...\StartupApproved\Run32: => "AmIcoSinglun64"
HKLM\...\StartupApproved\Run32: => "TSVU"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKU\S-1-5-21-836943027-871465299-3026659436-1002\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{496633AD-07C0-404F-B6EC-480A49D04472}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{6F0BD13C-ACD8-4E64-90CE-2E0630AC0946}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{3AE7B92F-82FA-4408-94AD-F61F450695FE}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C7E3F35B-6D2A-4436-BBA1-82BDC3FA6836}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{A0B41725-DAD4-4458-BB09-8A497E1F0459}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{53204D9B-1C62-42EF-BBDB-76FBE3F39793}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{4597135B-D778-4A31-9406-84B8627B10DF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{2887DEEB-6BDD-4CC2-9BDA-1E6A703776AA}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{85CA0095-B634-4F37-8155-5E692EBB0DE9}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{289E88DA-91A3-4EB2-9F1A-553749A93F81}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{A52AB26A-643D-42C1-9941-2C367DEB7B10}] => (Allow) C:\Users\nomad81\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{0976D828-ED81-410C-8647-DD25351FEC99}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CEFE0D73-D595-4491-BDDC-B38BB0397E1B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E091EA80-9C58-4217-BB93-CE18788BEEB3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4612757D-925A-437F-9413-9BB4B10ADC4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A1EC9AFA-DB72-4676-AA7F-1396C3C0E698}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5B95D7BE-7F02-4863-B134-74E3A7663D83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{05931F80-16B4-4BC2-8891-B42DECCB13B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D86FB50D-7278-4535-B611-ED43A45C8C3A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/14/2015 10:26:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: tdsskiller.exe, Version: 3.0.0.44, Zeitstempel: 0x54c08a45
Name des fehlerhaften Moduls: tdsskiller.exe, Version: 3.0.0.44, Zeitstempel: 0x54c08a45
Ausnahmecode: 0x40000015
Fehleroffset: 0x0014348c
ID des fehlerhaften Prozesses: 0x1008
Startzeit der fehlerhaften Anwendung: 0xtdsskiller.exe0
Pfad der fehlerhaften Anwendung: tdsskiller.exe1
Pfad des fehlerhaften Moduls: tdsskiller.exe2
Berichtskennung: tdsskiller.exe3
Vollständiger Name des fehlerhaften Pakets: tdsskiller.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: tdsskiller.exe5
Error: (05/14/2015 10:06:33 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).
Error: (05/01/2015 01:31:53 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "select * from CIntelWLANEvent" konnte im Namespace "//./ROOT/default" aufgrund des Fehlers "0x80041010" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (04/03/2015 11:17:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 16.5.0.0, Zeitstempel: 0x52179ea0
Name des fehlerhaften Moduls: MurocApi.dll, Version: 16.5.0.0, Zeitstempel: 0x52179d03
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002bcd8
ID des fehlerhaften Prozesses: 0xaec
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5
Error: (03/28/2015 10:30:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GFExperience.exe, Version: 17.12.8.0, Zeitstempel: 0x54b8aef5
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17668, Zeitstempel: 0x54c846bb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001eef7
ID des fehlerhaften Prozesses: 0x10a4
Startzeit der fehlerhaften Anwendung: 0xGFExperience.exe0
Pfad der fehlerhaften Anwendung: GFExperience.exe1
Pfad des fehlerhaften Moduls: GFExperience.exe2
Berichtskennung: GFExperience.exe3
Vollständiger Name des fehlerhaften Pakets: GFExperience.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GFExperience.exe5
Error: (03/28/2015 10:30:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: GFExperience.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei System.Runtime.Interop.UnsafeNativeMethods.EventUnregister(Int64)
bei System.Runtime.Diagnostics.DiagnosticsEventProvider.Deregister()
bei System.Runtime.Diagnostics.DiagnosticsEventProvider.Dispose(Boolean)
bei System.Runtime.Diagnostics.DiagnosticsEventProvider.Finalize()
Error: (03/19/2015 11:45:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xyz)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/12/2015 09:43:12 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "ProtectionManagement" wurde versucht, die Abfrage "select * from MSFT_MpEvent" zu registrieren, deren Zielklasse "MSFT_MpEvent" im Namespace "//./root/microsoft/protectionManagement" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (03/12/2015 09:43:12 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "" wurde versucht, die Abfrage "select * from MSFT_MpEvent" zu registrieren, deren Zielklasse "MSFT_MpEvent" im Namespace "//./root/microsoft/protectionManagement" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (02/23/2015 10:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sc.exe, Version: 6.3.9600.16384, Zeitstempel: 0x5215e1de
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17630, Zeitstempel: 0x54b0e17a
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00000000000ec4a0
ID des fehlerhaften Prozesses: 0x4774
Startzeit der fehlerhaften Anwendung: 0xsc.exe0
Pfad der fehlerhaften Anwendung: sc.exe1
Pfad des fehlerhaften Moduls: sc.exe2
Berichtskennung: sc.exe3
Vollständiger Name des fehlerhaften Pakets: sc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: sc.exe5
System errors:
=============
Error: (05/14/2015 00:23:52 PM) (Source: DCOM) (EventID: 10010) (User: xyz)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/14/2015 11:30:21 AM) (Source: DCOM) (EventID: 10010) (User: xyz)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (05/14/2015 00:57:09 AM) (Source: DCOM) (EventID: 10010) (User: xyz)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (05/14/2015 00:57:09 AM) (Source: DCOM) (EventID: 10010) (User: xyz)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (05/14/2015 00:57:09 AM) (Source: DCOM) (EventID: 10010) (User: xyz)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (05/14/2015 00:57:07 AM) (Source: DCOM) (EventID: 10010) (User: xyz)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}
Error: (05/12/2015 09:23:39 PM) (Source: DCOM) (EventID: 10010) (User: xyz)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/12/2015 09:23:09 PM) (Source: DCOM) (EventID: 10010) (User: xyz)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 09:19:30 PM) (Source: DCOM) (EventID: 10010) (User: xyz)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2015 09:19:00 PM) (Source: DCOM) (EventID: 10010) (User: xyz)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Microsoft Office Sessions:
=========================
Error: (05/14/2015 10:26:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: tdsskiller.exe3.0.0.4454c08a45tdsskiller.exe3.0.0.4454c08a45400000150014348c100801d08e1f5bc4b278C:\Users\nomad81\Desktop\tdsskiller.exeC:\Users\nomad81\Desktop\tdsskiller.exee0241487-fa12-11e4-8299-a08869037590
Error: (05/14/2015 10:06:33 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101
Error: (05/01/2015 01:31:53 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./ROOT/defaultselect * from CIntelWLANEvent0x80041010
Error: (04/03/2015 11:17:28 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ZeroConfigService.exe16.5.0.052179ea0MurocApi.dll16.5.0.052179d03c0000005000000000002bcd8aec01d06dee9f8b0745C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exeC:\Program Files\Intel\WiFi\bin\MurocApi.dll3f59a177-d9e2-11e4-8295-0c54a5f2d6a9
Error: (03/28/2015 10:30:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GFExperience.exe17.12.8.054b8aef5ntdll.dll6.3.9600.1766854c846bbc00000050001eef710a401d0698518489b34C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exeC:\Windows\SYSTEM32\ntdll.dll3c7b1c49-d589-11e4-8294-a08869037590
Error: (03/28/2015 10:30:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: GFExperience.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.AccessViolationException
Stapel:
bei System.Runtime.Interop.UnsafeNativeMethods.EventUnregister(Int64)
bei System.Runtime.Diagnostics.DiagnosticsEventProvider.Deregister()
bei System.Runtime.Diagnostics.DiagnosticsEventProvider.Dispose(Boolean)
bei System.Runtime.Diagnostics.DiagnosticsEventProvider.Finalize()
Error: (03/19/2015 11:45:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: xyz)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2144927141
Error: (03/12/2015 09:43:12 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: ProtectionManagementselect * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement
Error: (03/12/2015 09:43:12 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: select * from MSFT_MpEventMSFT_MpEvent//./root/microsoft/protectionManagement
Error: (02/23/2015 10:33:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sc.exe6.3.9600.163845215e1deKERNELBASE.dll6.3.9600.1763054b0e17ac000014200000000000ec4a0477401d04fa7f60e55e8C:\Windows\system32\sc.exeKERNELBASE.dll33bffb53-bb9b-11e4-8290-a08869037590
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Percentage of memory in use: 26%
Total physical RAM: 8103.95 MB
Available physical RAM: 5922.77 MB
Total Pagefile: 9383.95 MB
Available Pagefile: 7102.25 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
==================== Drives ================================
Drive c: (TI31252400A) (Fixed) (Total:919.71 GB) (Free:882.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
14.05.2015, 20:54
| #4 |
| /// the machine /// TB-Ausbilder | DHL-Trojaner-EMail mit PDF-Anhang geöffnet genau  Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.05.2015, 13:18
| #5 |
| | DHL-Trojaner-EMail mit PDF-Anhang geöffnet Hallo, anbei die angeforderten Logs TDSS Code:
ATTFilter 13:47:39.0399 0x12ec TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
13:47:39.0399 0x12ec UEFI system
13:47:42.0336 0x12ec ============================================================
13:47:42.0336 0x12ec Current date / time: 2015/05/15 13:47:42.0336
13:47:42.0336 0x12ec SystemInfo:
13:47:42.0336 0x12ec
13:47:42.0336 0x12ec OS Version: 6.3.9600 ServicePack: 0.0
13:47:42.0336 0x12ec Product type: Workstation
13:47:42.0336 0x12ec ComputerName: XYZ
13:47:42.0336 0x12ec UserName: ***
13:47:42.0336 0x12ec Windows directory: C:\Windows
13:47:42.0336 0x12ec System windows directory: C:\Windows
13:47:42.0336 0x12ec Running under WOW64
13:47:42.0336 0x12ec Processor architecture: Intel x64
13:47:42.0336 0x12ec Number of processors: 8
13:47:42.0336 0x12ec Page size: 0x1000
13:47:42.0336 0x12ec Boot type: Normal boot
13:47:42.0336 0x12ec ============================================================
13:47:42.0568 0x12ec System UUID: {28A0D665-0AC1-297E-120D-068C282CEFD5}
13:47:43.0099 0x12ec Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:47:43.0099 0x12ec ============================================================
13:47:43.0099 0x12ec \Device\Harddisk0\DR0:
13:47:43.0130 0x12ec GPT partitions:
13:47:43.0130 0x12ec \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {778E6269-6364-11E3-9FAA-0C54A54D3E5A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
13:47:43.0130 0x12ec \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {778E626F-6364-11E3-9FAA-0C54A54D3E5A}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x32000
13:47:43.0130 0x12ec \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {778E6271-6364-11E3-9FAA-0C54A54D3E5A}, Name: Basic data partition, StartLBA 0x232800, BlocksNum 0x40000
13:47:43.0130 0x12ec \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {778E6277-6364-11E3-9FAA-0C54A54D3E5A}, Name: Basic data partition, StartLBA 0x272800, BlocksNum 0x72F69800
13:47:43.0130 0x12ec \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FCCF060D-6D01-11E3-976A-0C54A5F2D6A9}, Name: Basic data partition, StartLBA 0x731DC000, BlocksNum 0x152AAFB
13:47:43.0130 0x12ec MBR partitions:
13:47:43.0130 0x12ec ============================================================
13:47:43.0177 0x12ec C: <-> \Device\Harddisk0\DR0\Partition4
13:47:43.0177 0x12ec ============================================================
13:47:43.0177 0x12ec Initialize success
13:47:43.0177 0x12ec ============================================================
13:47:54.0482 0x0bb4 ============================================================
13:47:54.0482 0x0bb4 Scan started
13:47:54.0482 0x0bb4 Mode: Manual; SigCheck; TDLFS;
13:47:54.0482 0x0bb4 ============================================================
13:47:54.0482 0x0bb4 KSN ping started
13:47:57.0026 0x0bb4 KSN ping finished: true
13:47:57.0967 0x0bb4 ================ Scan system memory ========================
13:47:57.0967 0x0bb4 System memory - ok
13:47:57.0967 0x0bb4 ================ Scan services =============================
13:47:58.0155 0x0bb4 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
13:47:58.0233 0x0bb4 1394ohci - ok
13:47:58.0249 0x0bb4 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
13:47:58.0264 0x0bb4 3ware - ok
13:47:58.0296 0x0bb4 [ E656FE10D6D27794AFA08136685A69E8, 2D38603B546235B555978340A63E052D06CA7E7EF117CF148F9A002D423B2949 ] 59536739 C:\Windows\system32\DRIVERS\59536739.sys
13:47:58.0311 0x0bb4 59536739 - ok
13:47:58.0389 0x0bb4 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:47:58.0421 0x0bb4 ACPI - ok
13:47:58.0436 0x0bb4 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
13:47:58.0436 0x0bb4 acpiex - ok
13:47:58.0452 0x0bb4 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
13:47:58.0467 0x0bb4 acpipagr - ok
13:47:58.0483 0x0bb4 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
13:47:58.0483 0x0bb4 AcpiPmi - ok
13:47:58.0499 0x0bb4 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
13:47:58.0514 0x0bb4 acpitime - ok
13:47:58.0625 0x0bb4 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:47:58.0656 0x0bb4 AdobeFlashPlayerUpdateSvc - ok
13:47:58.0720 0x0bb4 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
13:47:58.0767 0x0bb4 ADP80XX - ok
13:47:58.0778 0x0bb4 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:47:58.0794 0x0bb4 AeLookupSvc - ok
13:47:58.0825 0x0bb4 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
13:47:58.0856 0x0bb4 AFD - ok
13:47:58.0856 0x0bb4 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
13:47:58.0872 0x0bb4 agp440 - ok
13:47:58.0888 0x0bb4 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
13:47:58.0934 0x0bb4 ahcache - ok
13:47:58.0950 0x0bb4 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
13:47:58.0981 0x0bb4 ALG - ok
13:47:59.0013 0x0bb4 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
13:47:59.0044 0x0bb4 AmdK8 - ok
13:47:59.0075 0x0bb4 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
13:47:59.0091 0x0bb4 AmdPPM - ok
13:47:59.0122 0x0bb4 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:47:59.0137 0x0bb4 amdsata - ok
13:47:59.0169 0x0bb4 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:47:59.0200 0x0bb4 amdsbs - ok
13:47:59.0216 0x0bb4 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:47:59.0231 0x0bb4 amdxata - ok
13:47:59.0262 0x0bb4 [ 4126D30992B26303E47E8981313FD6D6, 4C8DB2DDDB88FBEA87CDBFB93D9855B40043778878AF4A5571C174434F9C0D4C ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
13:47:59.0262 0x0bb4 AmUStor - ok
13:47:59.0294 0x0bb4 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
13:47:59.0325 0x0bb4 AppID - ok
13:47:59.0341 0x0bb4 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:47:59.0356 0x0bb4 AppIDSvc - ok
13:47:59.0387 0x0bb4 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
13:47:59.0403 0x0bb4 Appinfo - ok
13:47:59.0450 0x0bb4 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
13:47:59.0466 0x0bb4 AppReadiness - ok
13:47:59.0528 0x0bb4 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
13:47:59.0559 0x0bb4 AppXSvc - ok
13:47:59.0591 0x0bb4 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:47:59.0606 0x0bb4 arcsas - ok
13:47:59.0622 0x0bb4 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
13:47:59.0622 0x0bb4 atapi - ok
13:47:59.0653 0x0bb4 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
13:47:59.0669 0x0bb4 AudioEndpointBuilder - ok
13:47:59.0731 0x0bb4 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\Windows\System32\Audiosrv.dll
13:47:59.0762 0x0bb4 Audiosrv - ok
13:47:59.0825 0x0bb4 [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
13:47:59.0872 0x0bb4 AVP15.0.0 - ok
13:47:59.0903 0x0bb4 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:47:59.0935 0x0bb4 AxInstSV - ok
13:47:59.0982 0x0bb4 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:48:00.0013 0x0bb4 b06bdrv - ok
13:48:00.0044 0x0bb4 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
13:48:00.0044 0x0bb4 BasicDisplay - ok
13:48:00.0075 0x0bb4 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
13:48:00.0091 0x0bb4 BasicRender - ok
13:48:00.0107 0x0bb4 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
13:48:00.0107 0x0bb4 bcmfn2 - ok
13:48:00.0153 0x0bb4 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\Windows\System32\bdesvc.dll
13:48:00.0185 0x0bb4 BDESVC - ok
13:48:00.0216 0x0bb4 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
13:48:00.0216 0x0bb4 Beep - ok
13:48:00.0294 0x0bb4 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\Windows\System32\bfe.dll
13:48:00.0325 0x0bb4 BFE - ok
13:48:00.0364 0x0bb4 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
13:48:00.0395 0x0bb4 BITS - ok
13:48:00.0411 0x0bb4 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:48:00.0411 0x0bb4 bowser - ok
13:48:00.0442 0x0bb4 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
13:48:00.0442 0x0bb4 BrokerInfrastructure - ok
13:48:00.0457 0x0bb4 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
13:48:00.0473 0x0bb4 Browser - ok
13:48:00.0489 0x0bb4 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
13:48:00.0504 0x0bb4 BthAvrcpTg - ok
13:48:00.0520 0x0bb4 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
13:48:00.0536 0x0bb4 BthEnum - ok
13:48:00.0551 0x0bb4 [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
13:48:00.0567 0x0bb4 BthHFEnum - ok
13:48:00.0582 0x0bb4 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
13:48:00.0582 0x0bb4 bthhfhid - ok
13:48:00.0614 0x0bb4 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
13:48:00.0629 0x0bb4 BthHFSrv - ok
13:48:00.0676 0x0bb4 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\System32\drivers\BthLEEnum.sys
13:48:00.0676 0x0bb4 BthLEEnum - ok
13:48:00.0707 0x0bb4 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
13:48:00.0707 0x0bb4 BTHMODEM - ok
13:48:00.0754 0x0bb4 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\Windows\System32\drivers\bthpan.sys
13:48:00.0786 0x0bb4 BthPan - ok
13:48:00.0848 0x0bb4 [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
13:48:00.0947 0x0bb4 BTHPORT - ok
13:48:00.0978 0x0bb4 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
13:48:01.0119 0x0bb4 bthserv - ok
13:48:01.0150 0x0bb4 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
13:48:01.0197 0x0bb4 BTHUSB - ok
13:48:01.0212 0x0bb4 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:48:01.0306 0x0bb4 cdfs - ok
13:48:01.0353 0x0bb4 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
13:48:01.0416 0x0bb4 cdrom - ok
13:48:01.0447 0x0bb4 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
13:48:01.0525 0x0bb4 CertPropSvc - ok
13:48:01.0541 0x0bb4 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
13:48:01.0572 0x0bb4 circlass - ok
13:48:01.0619 0x0bb4 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
13:48:01.0666 0x0bb4 CLFS - ok
13:48:01.0837 0x0bb4 [ 03F5F6B3FA0BACD7D385C5CE6D309F7A, 068CC6DBF3A9BB5AB59C3DA913BA198D160F32717F8E8D09ABCFC2FF405A09B4 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
13:48:01.0884 0x0bb4 ClickToRunSvc - ok
13:48:01.0916 0x0bb4 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
13:48:01.0994 0x0bb4 CmBatt - ok
13:48:02.0056 0x0bb4 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\Windows\system32\Drivers\cng.sys
13:48:02.0103 0x0bb4 CNG - ok
13:48:02.0119 0x0bb4 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
13:48:02.0150 0x0bb4 CompositeBus - ok
13:48:02.0150 0x0bb4 COMSysApp - ok
13:48:02.0166 0x0bb4 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
13:48:02.0244 0x0bb4 condrv - ok
13:48:02.0370 0x0bb4 [ 6344504D5A9D8ED299239FBC03AB5D35, 27299078C93E0CA9304B5F5624D801C66054A6CB277AB868B5DE9E6178EAEF52 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
13:48:02.0401 0x0bb4 cphs - ok
13:48:02.0432 0x0bb4 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:48:02.0541 0x0bb4 CryptSvc - ok
13:48:02.0573 0x0bb4 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
13:48:02.0604 0x0bb4 dam - ok
13:48:02.0682 0x0bb4 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:48:02.0745 0x0bb4 DcomLaunch - ok
13:48:02.0807 0x0bb4 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
13:48:02.0916 0x0bb4 defragsvc - ok
13:48:02.0963 0x0bb4 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
13:48:03.0026 0x0bb4 DeviceAssociationService - ok
13:48:03.0073 0x0bb4 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
13:48:03.0463 0x0bb4 DeviceInstall - ok
13:48:03.0495 0x0bb4 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
13:48:03.0588 0x0bb4 Dfsc - ok
13:48:03.0635 0x0bb4 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
13:48:03.0729 0x0bb4 Dhcp - ok
13:48:03.0760 0x0bb4 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
13:48:03.0791 0x0bb4 disk - ok
13:48:03.0807 0x0bb4 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
13:48:03.0901 0x0bb4 dmvsc - ok
13:48:03.0948 0x0bb4 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:48:03.0979 0x0bb4 Dnscache - ok
13:48:03.0995 0x0bb4 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
13:48:04.0088 0x0bb4 dot3svc - ok
13:48:04.0135 0x0bb4 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
13:48:04.0182 0x0bb4 DPS - ok
13:48:04.0213 0x0bb4 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:48:04.0229 0x0bb4 drmkaud - ok
13:48:04.0276 0x0bb4 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
13:48:04.0323 0x0bb4 DsmSvc - ok
13:48:04.0370 0x0bb4 [ 40CFC6671B2442D32E149FF1683212D1, ADC1743CDB98EAC736783156D659364DF8613BCC4C0B6D0AC0D8F05AF18E0BF7 ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
13:48:04.0385 0x0bb4 dts_apo_service - ok
13:48:04.0495 0x0bb4 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:48:04.0604 0x0bb4 DXGKrnl - ok
13:48:04.0620 0x0bb4 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
13:48:04.0698 0x0bb4 Eaphost - ok
13:48:04.0854 0x0bb4 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:48:05.0011 0x0bb4 ebdrv - ok
13:48:05.0042 0x0bb4 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
13:48:05.0042 0x0bb4 EFS - ok
13:48:05.0058 0x0bb4 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
13:48:05.0073 0x0bb4 EhStorClass - ok
13:48:05.0089 0x0bb4 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
13:48:05.0089 0x0bb4 EhStorTcgDrv - ok
13:48:05.0105 0x0bb4 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
13:48:05.0136 0x0bb4 ErrDev - ok
13:48:05.0176 0x0bb4 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
13:48:05.0254 0x0bb4 EventSystem - ok
13:48:05.0379 0x0bb4 [ 9D78D6D795393291029A587D25F65949, 76570673AA788A8F725EDA2A7B991F8E12D66ADE5F12E38D87E85C5E6CCD140E ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:48:05.0426 0x0bb4 EvtEng - ok
13:48:05.0519 0x0bb4 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
13:48:05.0629 0x0bb4 exfat - ok
13:48:05.0645 0x0bb4 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:48:05.0676 0x0bb4 fastfat - ok
13:48:05.0738 0x0bb4 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
13:48:05.0832 0x0bb4 Fax - ok
13:48:05.0863 0x0bb4 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
13:48:05.0894 0x0bb4 fdc - ok
13:48:05.0926 0x0bb4 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
13:48:06.0004 0x0bb4 fdPHost - ok
13:48:06.0020 0x0bb4 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
13:48:06.0051 0x0bb4 FDResPub - ok
13:48:06.0082 0x0bb4 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
13:48:06.0176 0x0bb4 fhsvc - ok
13:48:06.0207 0x0bb4 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:48:06.0238 0x0bb4 FileInfo - ok
13:48:06.0254 0x0bb4 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:48:06.0301 0x0bb4 Filetrace - ok
13:48:06.0316 0x0bb4 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
13:48:06.0363 0x0bb4 flpydisk - ok
13:48:06.0410 0x0bb4 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:48:06.0441 0x0bb4 FltMgr - ok
13:48:06.0535 0x0bb4 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\Windows\system32\FntCache.dll
13:48:06.0629 0x0bb4 FontCache - ok
13:48:06.0723 0x0bb4 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:48:06.0738 0x0bb4 FontCache3.0.0.0 - ok
13:48:06.0770 0x0bb4 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:48:06.0785 0x0bb4 FsDepends - ok
13:48:06.0801 0x0bb4 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:48:06.0816 0x0bb4 Fs_Rec - ok
13:48:06.0879 0x0bb4 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:48:06.0941 0x0bb4 fvevol - ok
13:48:06.0973 0x0bb4 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
13:48:07.0004 0x0bb4 FxPPM - ok
13:48:07.0020 0x0bb4 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:48:07.0035 0x0bb4 gagp30kx - ok
13:48:07.0051 0x0bb4 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
13:48:07.0082 0x0bb4 gencounter - ok
13:48:07.0191 0x0bb4 [ 4DF4ABCA09AF1530D712FA589CE3BE9F, 573C04358BBAEAEDFDC4F265627E8029295C31BB17C13B428D5694119AECEDAD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
13:48:07.0238 0x0bb4 GfExperienceService - ok
13:48:07.0307 0x0bb4 [ 045AE8D818B2E74B839597BB9C19C13B, 5C46F86C16E7F9740FEA56D5153B8E438A87B6011AA2C589FF0C1BE21D4BA701 ] GFNEXSrv C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
13:48:07.0323 0x0bb4 GFNEXSrv - ok
13:48:07.0370 0x0bb4 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
13:48:07.0401 0x0bb4 GPIOClx0101 - ok
13:48:07.0495 0x0bb4 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
13:48:07.0557 0x0bb4 gpsvc - ok
13:48:07.0604 0x0bb4 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:48:07.0621 0x0bb4 HdAudAddService - ok
13:48:07.0652 0x0bb4 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
13:48:07.0714 0x0bb4 HDAudBus - ok
13:48:07.0746 0x0bb4 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
13:48:07.0777 0x0bb4 HidBatt - ok
13:48:07.0808 0x0bb4 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
13:48:07.0855 0x0bb4 HidBth - ok
13:48:07.0871 0x0bb4 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
13:48:07.0902 0x0bb4 hidi2c - ok
13:48:07.0949 0x0bb4 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
13:48:07.0980 0x0bb4 HidIr - ok
13:48:08.0011 0x0bb4 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
13:48:08.0089 0x0bb4 hidserv - ok
13:48:08.0121 0x0bb4 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
13:48:08.0200 0x0bb4 HidUsb - ok
13:48:08.0247 0x0bb4 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
13:48:08.0356 0x0bb4 hkmsvc - ok
13:48:08.0403 0x0bb4 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:48:08.0450 0x0bb4 HomeGroupListener - ok
13:48:08.0481 0x0bb4 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:48:08.0528 0x0bb4 HomeGroupProvider - ok
13:48:08.0559 0x0bb4 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:48:08.0575 0x0bb4 HpSAMD - ok
13:48:08.0637 0x0bb4 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:48:08.0684 0x0bb4 HTTP - ok
13:48:08.0700 0x0bb4 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:48:08.0700 0x0bb4 hwpolicy - ok
13:48:08.0716 0x0bb4 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
13:48:08.0731 0x0bb4 hyperkbd - ok
13:48:08.0747 0x0bb4 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
13:48:08.0747 0x0bb4 HyperVideo - ok
13:48:08.0778 0x0bb4 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
13:48:08.0881 0x0bb4 i8042prt - ok
13:48:08.0913 0x0bb4 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
13:48:08.0928 0x0bb4 iaLPSSi_GPIO - ok
13:48:08.0960 0x0bb4 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
13:48:08.0975 0x0bb4 iaLPSSi_I2C - ok
13:48:09.0053 0x0bb4 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
13:48:09.0085 0x0bb4 iaStorA - ok
13:48:09.0116 0x0bb4 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
13:48:09.0147 0x0bb4 iaStorAV - ok
13:48:09.0178 0x0bb4 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:48:09.0194 0x0bb4 iaStorV - ok
13:48:09.0256 0x0bb4 [ B1E9019A1A2573A112D6FA6FBD4E60AC, 8282A9830ACBC6407B4593A249F5AF3EEA745FE2842E72CB4014709B3ED8190E ] ibtsiva C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
13:48:09.0288 0x0bb4 ibtsiva - ok
13:48:09.0335 0x0bb4 [ 78DC93872CF915831F98DD46DF6283EE, 084E6BF12835A6DABC8F6EB6A758866DE1C44396A9F5078262F89ECC27A9A1BD ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
13:48:09.0366 0x0bb4 ibtusb - ok
13:48:09.0381 0x0bb4 IEEtwCollectorService - ok
13:48:09.0538 0x0bb4 [ 16D939A13CFB82DEE0B9DB12E45C7B4E, D09C57DE3EF7F6BEDD354FEEDB46260FDCF9F9A0F2D096FFD518509AD041AAC5 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:48:09.0794 0x0bb4 igfx - ok
13:48:09.0904 0x0bb4 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\Windows\System32\ikeext.dll
13:48:09.0936 0x0bb4 IKEEXT - ok
13:48:09.0981 0x0bb4 [ DB65573521AB51941F4FA799D0968136, 418F5E3FE725B7B114F3DAEBDCEBCE7F4AD8ECAAFF572C02BA9ACCE86D55BFD8 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
13:48:09.0981 0x0bb4 intaud_WaveExtensible - ok
13:48:10.0024 0x0bb4 [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
13:48:10.0056 0x0bb4 IntcDAud - ok
13:48:10.0106 0x0bb4 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:48:10.0185 0x0bb4 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
13:48:12.0754 0x0bb4 Detect skipped due to KSN trusted
13:48:12.0754 0x0bb4 Intel(R) Capability Licensing Service Interface - ok
13:48:12.0832 0x0bb4 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
13:48:12.0910 0x0bb4 Intel(R) Capability Licensing Service TCP IP Interface - ok
13:48:12.0957 0x0bb4 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:48:12.0973 0x0bb4 Intel(R) ME Service - ok
13:48:12.0989 0x0bb4 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
13:48:13.0004 0x0bb4 intelide - ok
13:48:13.0035 0x0bb4 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
13:48:13.0051 0x0bb4 intelpep - ok
13:48:13.0082 0x0bb4 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
13:48:13.0114 0x0bb4 intelppm - ok
13:48:13.0129 0x0bb4 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:48:13.0192 0x0bb4 IpFilterDriver - ok
13:48:13.0270 0x0bb4 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:48:13.0348 0x0bb4 iphlpsvc - ok
13:48:13.0379 0x0bb4 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
13:48:13.0520 0x0bb4 IPMIDRV - ok
13:48:13.0551 0x0bb4 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:48:13.0692 0x0bb4 IPNAT - ok
13:48:13.0707 0x0bb4 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:48:13.0754 0x0bb4 IRENUM - ok
13:48:13.0770 0x0bb4 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:48:13.0785 0x0bb4 isapnp - ok
13:48:13.0832 0x0bb4 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
13:48:13.0864 0x0bb4 iScsiPrt - ok
13:48:13.0895 0x0bb4 [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
13:48:13.0910 0x0bb4 iwdbus - ok
13:48:13.0957 0x0bb4 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:48:13.0973 0x0bb4 jhi_service - ok
13:48:13.0989 0x0bb4 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
13:48:14.0020 0x0bb4 kbdclass - ok
13:48:14.0051 0x0bb4 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
13:48:14.0082 0x0bb4 kbdhid - ok
13:48:14.0114 0x0bb4 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
13:48:14.0207 0x0bb4 kdnic - ok
13:48:14.0223 0x0bb4 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
13:48:14.0239 0x0bb4 KeyIso - ok
13:48:14.0287 0x0bb4 [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
13:48:14.0334 0x0bb4 kl1 - ok
13:48:14.0349 0x0bb4 [ F2EB9202FCCC81E0902D3C5A70037A44, 9554851BB68228500E69536B0C484B32FC92B85A76A7F1F268549212D0D5CFCA ] klelam C:\Windows\system32\DRIVERS\klelam.sys
13:48:14.0365 0x0bb4 klelam - ok
13:48:14.0381 0x0bb4 [ C10F8065188403857CD3AE1397185877, 347BDA6371D25B6BE5FE1CB7FB7FBE2F469D74FCDBBD9BB25DD928D90D7BD235 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
13:48:14.0396 0x0bb4 klflt - ok
13:48:14.0412 0x0bb4 [ AB9F0954450B132CCC1CAD40AC3190B5, 2C8F31B4C93F2F7CB78B1FE47A38FC924BF7D4B68E861035921AD79FC27A9BEF ] klhk C:\Windows\system32\DRIVERS\klhk.sys
13:48:14.0428 0x0bb4 klhk - ok
13:48:14.0474 0x0bb4 [ 0620A7BE4C98C4B1DDFE2BCBE6B29D1D, 72C0516A09CB852BE63DA6C4F1A4EE2544D0FCCFA5D86FE2600101038B7802CE ] KLIF C:\Windows\system32\DRIVERS\klif.sys
13:48:14.0506 0x0bb4 KLIF - ok
13:48:14.0521 0x0bb4 [ 753BFA638ACE05983D4C64988CC13926, FE0D2604AE845D9AC35C793E1E0523BFF7FCA396183D7FED005E4CDF29381252 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
13:48:14.0537 0x0bb4 KLIM6 - ok
13:48:14.0537 0x0bb4 [ 37ADA02E498051A4D533F21096789597, 569D0D29C509695C5136D5039AACAF3CAD70FA92AB3F7FE92B6F58C0C691F3F6 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
13:48:14.0553 0x0bb4 klkbdflt - ok
13:48:14.0584 0x0bb4 [ 8849D8F6259D3494E8C5C9482EE40A08, 62C60FD28916407AEF3C4F8B8FF7E5FCDFAE261E772E672E3E06F0D0CA6D6729 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
13:48:14.0584 0x0bb4 klmouflt - ok
13:48:14.0599 0x0bb4 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
13:48:14.0615 0x0bb4 klpd - ok
13:48:14.0631 0x0bb4 [ B14A25C9035DCE1108743CFE3340CB8E, 001E7FC5EB197D5863A00F0750E39FA94B2812BC975C721DFEA95F2A5396FB39 ] klwfp C:\Windows\system32\DRIVERS\klwfp.sys
13:48:14.0631 0x0bb4 klwfp - ok
13:48:14.0646 0x0bb4 [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
13:48:14.0662 0x0bb4 kneps - ok
13:48:14.0678 0x0bb4 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:48:14.0693 0x0bb4 KSecDD - ok
13:48:14.0709 0x0bb4 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:48:14.0724 0x0bb4 KSecPkg - ok
13:48:14.0756 0x0bb4 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:48:14.0787 0x0bb4 ksthunk - ok
13:48:14.0834 0x0bb4 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
13:48:14.0881 0x0bb4 KtmRm - ok
13:48:14.0912 0x0bb4 [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\Windows\system32\DRIVERS\L1C63x64.sys
13:48:14.0943 0x0bb4 L1C - ok
13:48:14.0990 0x0bb4 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
13:48:15.0053 0x0bb4 LanmanServer - ok
13:48:15.0099 0x0bb4 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:48:15.0162 0x0bb4 LanmanWorkstation - ok
13:48:15.0209 0x0bb4 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
13:48:15.0318 0x0bb4 lfsvc - ok
13:48:15.0349 0x0bb4 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:48:15.0381 0x0bb4 lltdio - ok
13:48:15.0412 0x0bb4 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:48:15.0459 0x0bb4 lltdsvc - ok
13:48:15.0490 0x0bb4 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:48:15.0537 0x0bb4 lmhosts - ok
13:48:15.0599 0x0bb4 [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:48:15.0615 0x0bb4 LMS - ok
13:48:15.0646 0x0bb4 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:48:15.0662 0x0bb4 LSI_SAS - ok
13:48:15.0678 0x0bb4 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:48:15.0693 0x0bb4 LSI_SAS2 - ok
13:48:15.0709 0x0bb4 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
13:48:15.0724 0x0bb4 LSI_SAS3 - ok
13:48:15.0740 0x0bb4 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
13:48:15.0756 0x0bb4 LSI_SSS - ok
13:48:15.0818 0x0bb4 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
13:48:15.0943 0x0bb4 LSM - ok
13:48:15.0974 0x0bb4 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
13:48:16.0068 0x0bb4 luafv - ok
13:48:16.0099 0x0bb4 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
13:48:16.0131 0x0bb4 megasas - ok
13:48:16.0178 0x0bb4 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
13:48:16.0256 0x0bb4 megasr - ok
13:48:16.0271 0x0bb4 [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
13:48:16.0287 0x0bb4 MEIx64 - ok
13:48:16.0318 0x0bb4 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
13:48:16.0396 0x0bb4 MMCSS - ok
13:48:16.0412 0x0bb4 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
13:48:16.0443 0x0bb4 Modem - ok
13:48:16.0490 0x0bb4 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
13:48:16.0553 0x0bb4 monitor - ok
13:48:16.0584 0x0bb4 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\Windows\System32\drivers\mouclass.sys
13:48:16.0615 0x0bb4 mouclass - ok
13:48:16.0631 0x0bb4 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\Windows\System32\drivers\mouhid.sys
13:48:16.0678 0x0bb4 mouhid - ok
13:48:16.0709 0x0bb4 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:48:16.0740 0x0bb4 mountmgr - ok
13:48:16.0787 0x0bb4 [ 9F7A0C2775C9FF1EFD6892B165A95143, CCE6535E3693A08A599A5C1B4986411B89E2198ADBCB3A69F4536286B652AD5F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:48:16.0803 0x0bb4 MozillaMaintenance - ok
13:48:16.0834 0x0bb4 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:48:16.0896 0x0bb4 mpsdrv - ok
13:48:16.0959 0x0bb4 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
13:48:17.0068 0x0bb4 MpsSvc - ok
13:48:17.0099 0x0bb4 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:48:17.0146 0x0bb4 MRxDAV - ok
13:48:17.0193 0x0bb4 [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:48:17.0303 0x0bb4 mrxsmb - ok
13:48:17.0349 0x0bb4 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:48:17.0459 0x0bb4 mrxsmb10 - ok
13:48:17.0501 0x0bb4 [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:48:17.0548 0x0bb4 mrxsmb20 - ok
13:48:17.0579 0x0bb4 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
13:48:17.0626 0x0bb4 MsBridge - ok
13:48:17.0642 0x0bb4 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
13:48:17.0689 0x0bb4 MSDTC - ok
13:48:17.0705 0x0bb4 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:48:17.0736 0x0bb4 Msfs - ok
13:48:17.0752 0x0bb4 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
13:48:17.0768 0x0bb4 msgpiowin32 - ok
13:48:17.0783 0x0bb4 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:48:17.0815 0x0bb4 mshidkmdf - ok
13:48:17.0830 0x0bb4 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
13:48:17.0861 0x0bb4 mshidumdf - ok
13:48:17.0877 0x0bb4 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:48:17.0908 0x0bb4 msisadrv - ok
13:48:17.0940 0x0bb4 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:48:17.0971 0x0bb4 MSiSCSI - ok
13:48:17.0986 0x0bb4 msiserver - ok
13:48:18.0002 0x0bb4 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:48:18.0018 0x0bb4 MSKSSRV - ok
13:48:18.0049 0x0bb4 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
13:48:18.0096 0x0bb4 MsLldp - ok
13:48:18.0127 0x0bb4 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:48:18.0158 0x0bb4 MSPCLOCK - ok
13:48:18.0174 0x0bb4 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:48:18.0205 0x0bb4 MSPQM - ok
13:48:18.0268 0x0bb4 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:48:18.0299 0x0bb4 MsRPC - ok
13:48:18.0315 0x0bb4 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
13:48:18.0330 0x0bb4 mssmbios - ok
13:48:18.0330 0x0bb4 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:48:18.0361 0x0bb4 MSTEE - ok
13:48:18.0377 0x0bb4 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
13:48:18.0393 0x0bb4 MTConfig - ok
13:48:18.0408 0x0bb4 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
13:48:18.0424 0x0bb4 Mup - ok
13:48:18.0455 0x0bb4 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
13:48:18.0486 0x0bb4 mvumis - ok
13:48:18.0518 0x0bb4 [ D7817027F42377B94F53A8F9CDF6A3D3, F7A707E383732A1F6283F0C79591C7D4CC32EAA58F071E7E930E57AC820F55D5 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
13:48:18.0549 0x0bb4 MyWiFiDHCPDNS - ok
13:48:18.0596 0x0bb4 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
13:48:18.0627 0x0bb4 napagent - ok
13:48:18.0674 0x0bb4 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:48:18.0752 0x0bb4 NativeWifiP - ok
13:48:18.0783 0x0bb4 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
13:48:18.0830 0x0bb4 NcaSvc - ok
13:48:18.0861 0x0bb4 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
13:48:18.0940 0x0bb4 NcbService - ok
13:48:18.0971 0x0bb4 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
13:48:19.0033 0x0bb4 NcdAutoSetup - ok
13:48:19.0127 0x0bb4 [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\Windows\system32\drivers\ndis.sys
13:48:19.0190 0x0bb4 NDIS - ok
13:48:19.0221 0x0bb4 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:48:19.0237 0x0bb4 NdisCap - ok
13:48:19.0252 0x0bb4 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
13:48:19.0315 0x0bb4 NdisImPlatform - ok
13:48:19.0330 0x0bb4 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:48:19.0377 0x0bb4 NdisTapi - ok
13:48:19.0404 0x0bb4 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:48:19.0467 0x0bb4 Ndisuio - ok
13:48:19.0483 0x0bb4 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
13:48:19.0529 0x0bb4 NdisVirtualBus - ok
13:48:19.0561 0x0bb4 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:48:19.0623 0x0bb4 NdisWan - ok
13:48:19.0639 0x0bb4 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
13:48:19.0670 0x0bb4 NdisWanLegacy - ok
13:48:19.0689 0x0bb4 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:48:19.0704 0x0bb4 NDProxy - ok
13:48:19.0736 0x0bb4 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
13:48:19.0798 0x0bb4 Ndu - ok
13:48:19.0814 0x0bb4 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:48:19.0860 0x0bb4 NetBIOS - ok
13:48:19.0907 0x0bb4 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:48:19.0985 0x0bb4 NetBT - ok
13:48:20.0001 0x0bb4 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
13:48:20.0032 0x0bb4 Netlogon - ok
13:48:20.0079 0x0bb4 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
13:48:20.0110 0x0bb4 Netman - ok
13:48:20.0142 0x0bb4 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
13:48:20.0189 0x0bb4 netprofm - ok
13:48:20.0251 0x0bb4 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:48:20.0282 0x0bb4 NetTcpPortSharing - ok
13:48:20.0314 0x0bb4 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
13:48:20.0392 0x0bb4 netvsc - ok
13:48:20.0548 0x0bb4 [ 014F50D0B439B9202DAD37AD2167D0D4, 6F5E799A5460DA285CB816D76A13851F0A243B6F2985A773E6CD5F09D44EA8BE ] NETwNb64 C:\Windows\system32\DRIVERS\NETwbw02.sys
13:48:20.0736 0x0bb4 NETwNb64 - ok
13:48:20.0767 0x0bb4 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
13:48:20.0845 0x0bb4 NlaSvc - ok
13:48:20.0876 0x0bb4 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:48:20.0923 0x0bb4 Npfs - ok
13:48:20.0939 0x0bb4 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
13:48:21.0001 0x0bb4 npsvctrig - ok
13:48:21.0033 0x0bb4 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
13:48:21.0095 0x0bb4 nsi - ok
13:48:21.0111 0x0bb4 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:48:21.0142 0x0bb4 nsiproxy - ok
13:48:21.0267 0x0bb4 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:48:21.0329 0x0bb4 Ntfs - ok
13:48:21.0345 0x0bb4 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
13:48:21.0361 0x0bb4 Null - ok
13:48:21.0673 0x0bb4 [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:48:22.0058 0x0bb4 nvlddmkm - ok
13:48:22.0230 0x0bb4 [ EC4F787905DC5753C46A4C05CEBADF45, 334E7E277A6FDABD91108DC4FE0D861DE6C00616CCFDC5E2D390CDDED62AF5D5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
13:48:22.0276 0x0bb4 NvNetworkService - ok
13:48:22.0292 0x0bb4 [ F54C556FB7BE00CA0CC2E5C11194D2C5, 9956F5B3F37C545A20C005282F774D264CDBA3546AFFB942E69BDB24EDA1F6CD ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
13:48:22.0308 0x0bb4 nvpciflt - ok
13:48:22.0323 0x0bb4 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:48:22.0339 0x0bb4 nvraid - ok
13:48:22.0339 0x0bb4 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:48:22.0355 0x0bb4 nvstor - ok
13:48:22.0402 0x0bb4 [ D92F4ED189C8207D0274B8B6BB494892, 8F7656662D3F26BE51AED9B7368278B18915F98A627E70021F914016BF3E22DB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
13:48:22.0417 0x0bb4 NvStreamKms - ok
13:48:22.0417 0x0bb4 NvStreamSvc - ok
13:48:22.0511 0x0bb4 [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc C:\Windows\system32\nvvsvc.exe
13:48:22.0542 0x0bb4 nvsvc - ok
13:48:22.0573 0x0bb4 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
13:48:22.0573 0x0bb4 nvvad_WaveExtensible - ok
13:48:22.0605 0x0bb4 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:48:22.0620 0x0bb4 nv_agp - ok
13:48:22.0652 0x0bb4 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:48:22.0683 0x0bb4 ose - ok
13:48:22.0730 0x0bb4 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:48:22.0792 0x0bb4 p2pimsvc - ok
13:48:22.0823 0x0bb4 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
13:48:22.0870 0x0bb4 p2psvc - ok
13:48:22.0901 0x0bb4 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
13:48:22.0917 0x0bb4 Parport - ok
13:48:22.0933 0x0bb4 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:48:22.0948 0x0bb4 partmgr - ok
13:48:23.0011 0x0bb4 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:48:23.0058 0x0bb4 PcaSvc - ok
13:48:23.0105 0x0bb4 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
13:48:23.0151 0x0bb4 pci - ok
13:48:23.0183 0x0bb4 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
13:48:23.0245 0x0bb4 pciide - ok
13:48:23.0261 0x0bb4 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:48:23.0308 0x0bb4 pcmcia - ok
13:48:23.0323 0x0bb4 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
13:48:23.0355 0x0bb4 pcw - ok
13:48:23.0386 0x0bb4 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
13:48:23.0417 0x0bb4 pdc - ok
13:48:23.0480 0x0bb4 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:48:23.0589 0x0bb4 PEAUTH - ok
13:48:23.0605 0x0bb4 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys
13:48:23.0620 0x0bb4 PEGAGFN - ok
13:48:23.0696 0x0bb4 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:48:23.0771 0x0bb4 PerfHost - ok
13:48:23.0881 0x0bb4 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
13:48:23.0959 0x0bb4 pla - ok
13:48:23.0974 0x0bb4 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:48:23.0990 0x0bb4 PlugPlay - ok
13:48:24.0006 0x0bb4 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:48:24.0053 0x0bb4 PNRPAutoReg - ok
13:48:24.0084 0x0bb4 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:48:24.0131 0x0bb4 PNRPsvc - ok
13:48:24.0178 0x0bb4 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:48:24.0209 0x0bb4 PolicyAgent - ok
13:48:24.0240 0x0bb4 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
13:48:24.0318 0x0bb4 Power - ok
13:48:24.0490 0x0bb4 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
13:48:24.0678 0x0bb4 PrintNotify - ok
13:48:24.0724 0x0bb4 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
13:48:24.0771 0x0bb4 Processor - ok
13:48:24.0803 0x0bb4 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\Windows\system32\profsvc.dll
13:48:24.0896 0x0bb4 ProfSvc - ok
13:48:24.0928 0x0bb4 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:48:24.0959 0x0bb4 Psched - ok
13:48:24.0990 0x0bb4 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
13:48:25.0068 0x0bb4 QWAVE - ok
13:48:25.0099 0x0bb4 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:48:25.0131 0x0bb4 QWAVEdrv - ok
13:48:25.0162 0x0bb4 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:48:25.0193 0x0bb4 RasAcd - ok
13:48:25.0224 0x0bb4 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
13:48:25.0256 0x0bb4 RasAuto - ok
13:48:25.0303 0x0bb4 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
13:48:25.0349 0x0bb4 RasMan - ok
13:48:25.0365 0x0bb4 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:48:25.0412 0x0bb4 RasPppoe - ok
13:48:25.0459 0x0bb4 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:48:25.0584 0x0bb4 rdbss - ok
13:48:25.0615 0x0bb4 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
13:48:25.0678 0x0bb4 rdpbus - ok
13:48:25.0709 0x0bb4 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
13:48:25.0787 0x0bb4 RDPDR - ok
13:48:25.0834 0x0bb4 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:48:25.0849 0x0bb4 RdpVideoMiniport - ok
13:48:25.0881 0x0bb4 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:48:25.0928 0x0bb4 rdyboost - ok
13:48:25.0990 0x0bb4 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
13:48:26.0053 0x0bb4 ReFS - ok
13:48:26.0115 0x0bb4 [ A2F664C5556A37F60D9DE89A0AE3510C, 630AB93C1BC8EBF1EA9CAFF644EE09E41AD45695AA9AC09DDA67B4ADB23CC5BC ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:48:26.0146 0x0bb4 RegSrvc - ok
13:48:26.0178 0x0bb4 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:48:26.0224 0x0bb4 RemoteAccess - ok
13:48:26.0256 0x0bb4 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:48:26.0318 0x0bb4 RemoteRegistry - ok
13:48:26.0365 0x0bb4 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
13:48:26.0396 0x0bb4 RFCOMM - ok
13:48:26.0428 0x0bb4 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:48:26.0474 0x0bb4 RpcEptMapper - ok
13:48:26.0490 0x0bb4 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
13:48:26.0521 0x0bb4 RpcLocator - ok
13:48:26.0599 0x0bb4 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
13:48:26.0646 0x0bb4 RpcSs - ok
13:48:26.0678 0x0bb4 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:48:26.0693 0x0bb4 rspndr - ok
13:48:26.0787 0x0bb4 [ A307450FE19F99CC8AC750EB13959F94, D74B054B116C8E4295AFE1826D3E560D7F6885980C711F692CCDF4D9A87978AB ] RTWlanE C:\Windows\system32\DRIVERS\rtwlane.sys
13:48:26.0865 0x0bb4 RTWlanE - ok
13:48:26.0896 0x0bb4 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
13:48:26.0912 0x0bb4 s3cap - ok
13:48:26.0943 0x0bb4 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
13:48:26.0943 0x0bb4 SamSs - ok
13:48:26.0959 0x0bb4 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:48:26.0974 0x0bb4 sbp2port - ok
13:48:27.0006 0x0bb4 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:48:27.0021 0x0bb4 SCardSvr - ok
13:48:27.0037 0x0bb4 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
13:48:27.0068 0x0bb4 ScDeviceEnum - ok
13:48:27.0068 0x0bb4 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:48:27.0099 0x0bb4 scfilter - ok
13:48:27.0146 0x0bb4 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\Windows\system32\schedsvc.dll
13:48:27.0224 0x0bb4 Schedule - ok
13:48:27.0224 0x0bb4 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:48:27.0240 0x0bb4 SCPolicySvc - ok
13:48:27.0271 0x0bb4 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\Windows\System32\drivers\sdbus.sys
13:48:27.0287 0x0bb4 sdbus - ok
13:48:27.0318 0x0bb4 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
13:48:27.0334 0x0bb4 sdstor - ok
13:48:27.0349 0x0bb4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:48:27.0349 0x0bb4 secdrv - ok
13:48:27.0381 0x0bb4 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
13:48:27.0381 0x0bb4 seclogon - ok
13:48:27.0412 0x0bb4 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
13:48:27.0443 0x0bb4 SENS - ok
13:48:27.0459 0x0bb4 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:48:27.0490 0x0bb4 SensrSvc - ok
13:48:27.0506 0x0bb4 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
13:48:27.0506 0x0bb4 SerCx - ok
13:48:27.0537 0x0bb4 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
13:48:27.0553 0x0bb4 SerCx2 - ok
13:48:27.0568 0x0bb4 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
13:48:27.0584 0x0bb4 Serenum - ok
13:48:27.0599 0x0bb4 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
13:48:27.0631 0x0bb4 Serial - ok
13:48:27.0662 0x0bb4 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\Windows\System32\drivers\sermouse.sys
13:48:27.0693 0x0bb4 sermouse - ok
13:48:27.0756 0x0bb4 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
13:48:27.0865 0x0bb4 SessionEnv - ok
13:48:27.0896 0x0bb4 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
13:48:27.0928 0x0bb4 sfloppy - ok
13:48:27.0974 0x0bb4 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:48:28.0021 0x0bb4 SharedAccess - ok
13:48:28.0068 0x0bb4 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:48:28.0146 0x0bb4 ShellHWDetection - ok
13:48:28.0162 0x0bb4 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:48:28.0193 0x0bb4 SiSRaid2 - ok
13:48:28.0209 0x0bb4 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:48:28.0240 0x0bb4 SiSRaid4 - ok
13:48:28.0256 0x0bb4 [ 4A233E3477FE43F6AEBBEE4FE157E05F, ADDC666E0C0891FA7DC4B98205E31546D5753537955D477722BF0BF350A5712C ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
13:48:28.0271 0x0bb4 SmbDrvI - ok
13:48:28.0318 0x0bb4 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
13:48:28.0350 0x0bb4 smphost - ok
13:48:28.0365 0x0bb4 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:48:28.0412 0x0bb4 SNMPTRAP - ok
13:48:28.0459 0x0bb4 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
13:48:28.0506 0x0bb4 spaceport - ok
13:48:28.0521 0x0bb4 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
13:48:28.0537 0x0bb4 SpbCx - ok
13:48:28.0615 0x0bb4 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
13:48:28.0756 0x0bb4 Spooler - ok
13:48:28.0991 0x0bb4 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
13:48:29.0257 0x0bb4 sppsvc - ok
13:48:29.0304 0x0bb4 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:48:29.0413 0x0bb4 srv - ok
13:48:29.0491 0x0bb4 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:48:29.0570 0x0bb4 srv2 - ok
13:48:29.0601 0x0bb4 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:48:29.0710 0x0bb4 srvnet - ok
13:48:29.0757 0x0bb4 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:48:29.0820 0x0bb4 SSDPSRV - ok
13:48:29.0866 0x0bb4 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:48:29.0898 0x0bb4 SstpSvc - ok
13:48:29.0960 0x0bb4 [ D67F951F6BA708812420195B8D0AB8B6, 6583DB22EB8AA5FF0134D2536C9A46BC0D7D8F8B2829D5719DD68968C22F5917 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
13:48:29.0991 0x0bb4 STacSV - detected UnsignedFile.Multi.Generic ( 1 )
13:48:33.0483 0x0bb4 Detect skipped due to KSN trusted
13:48:33.0483 0x0bb4 STacSV - ok
13:48:33.0530 0x0bb4 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:48:33.0561 0x0bb4 stexstor - ok
13:48:33.0608 0x0bb4 [ 71CB3BB20F08BB724769DAAAFD5AB26E, FC4B2BD03037EC07F4443BBE13A28859035F7229CA06D4E42AFB42ABF1A89F09 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
13:48:33.0718 0x0bb4 STHDA - ok
13:48:33.0796 0x0bb4 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
13:48:33.0936 0x0bb4 stisvc - ok
13:48:33.0968 0x0bb4 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
13:48:33.0999 0x0bb4 storahci - ok
13:48:34.0014 0x0bb4 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
13:48:34.0046 0x0bb4 storflt - ok
13:48:34.0061 0x0bb4 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
13:48:34.0077 0x0bb4 stornvme - ok
13:48:34.0108 0x0bb4 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
13:48:34.0202 0x0bb4 StorSvc - ok
13:48:34.0233 0x0bb4 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
13:48:34.0249 0x0bb4 storvsc - ok
13:48:34.0280 0x0bb4 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
13:48:34.0311 0x0bb4 svsvc - ok
13:48:34.0343 0x0bb4 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
13:48:34.0358 0x0bb4 swenum - ok
13:48:34.0436 0x0bb4 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
13:48:34.0530 0x0bb4 swprv - ok
13:48:34.0577 0x0bb4 [ 90AAE45676DDF13048FFB9D01FBE1669, 983FFA615E42B5E039DE5F1033F643D0E87C93A715043A9A642518FC66E3F9F5 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:48:34.0624 0x0bb4 SynTP - ok
13:48:34.0766 0x0bb4 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\Windows\system32\sysmain.dll
13:48:34.0844 0x0bb4 SysMain - ok
13:48:34.0891 0x0bb4 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
13:48:34.0922 0x0bb4 SystemEventsBroker - ok
13:48:34.0954 0x0bb4 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:48:35.0016 0x0bb4 TabletInputService - ok
13:48:35.0063 0x0bb4 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
13:48:35.0141 0x0bb4 TapiSrv - ok
13:48:35.0251 0x0bb4 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:48:35.0344 0x0bb4 Tcpip - ok
13:48:35.0425 0x0bb4 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:48:35.0488 0x0bb4 TCPIP6 - ok
13:48:35.0527 0x0bb4 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:48:35.0605 0x0bb4 tcpipreg - ok
13:48:35.0620 0x0bb4 [ 58480A57ACF2671C343FD1D4BA990E34, 24AD9C808D06FABFE8E81242CAC8B5A91829F7D951B245865EF77B79BB795E3D ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
13:48:35.0652 0x0bb4 tdcmdpst - ok
13:48:35.0667 0x0bb4 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:48:35.0699 0x0bb4 tdx - ok
13:48:35.0761 0x0bb4 [ E964837B2A702D82E51DE879FEFDF22B, 3C24E4E3486F4D6B4AB0E202BD45AF4D344123EB6467476A4317DB0CFA37EC86 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
13:48:35.0792 0x0bb4 TemproMonitoringService - ok
13:48:35.0808 0x0bb4 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
13:48:35.0839 0x0bb4 terminpt - ok
13:48:35.0933 0x0bb4 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
13:48:35.0980 0x0bb4 TermService - ok
13:48:35.0995 0x0bb4 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
13:48:36.0011 0x0bb4 Themes - ok
13:48:36.0042 0x0bb4 [ 77CF0ECC1C2B5E616B650AB5D4931114, FFB54C264EE10AABA076B591196A98DA5F57E975A4A143AFB5424DFF726AF66F ] Thotkey C:\Windows\System32\drivers\Thotkey.sys
13:48:36.0042 0x0bb4 Thotkey - ok
13:48:36.0074 0x0bb4 [ C543A60A5629BE336A5BF844A802F725, D29FE96B636A9C8AE06AC0F10CCDE57062BDA35C4FB707D4945B46662217C519 ] Thpdrv C:\Windows\system32\DRIVERS\thpdrv.sys
13:48:36.0089 0x0bb4 Thpdrv - ok
13:48:36.0105 0x0bb4 [ 981FF023805AF650B8900DAA9C78B929, C78E8CFD20E5C90755DA0E29B222902EC9C2A061006FE1015FC3F64A2DC81CF4 ] Thpevm C:\Windows\system32\drivers\Thpevm.SYS
13:48:36.0120 0x0bb4 Thpevm - ok
13:48:36.0136 0x0bb4 [ 7255A83AC83413F827088EDBF943F65C, F7BEBB0109D2147EC95C382D3150754AC76C9934E2F238BC98F57198FAE2BD8B ] Thpsrv C:\Windows\system32\ThpSrv.exe
13:48:36.0167 0x0bb4 Thpsrv - ok
13:48:36.0183 0x0bb4 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
13:48:36.0199 0x0bb4 THREADORDER - ok
13:48:36.0245 0x0bb4 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
13:48:36.0308 0x0bb4 TimeBroker - ok
13:48:36.0370 0x0bb4 [ 6C4F5CD42074DB52AE88FC4BAB2C54F7, B4E3B6A23C99A11186F4EE875871D459A7A03EF4565CA114B41FB3C982841A45 ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
13:48:36.0386 0x0bb4 TMachInfo - ok
13:48:36.0417 0x0bb4 [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv C:\Windows\system32\TODDSrv.exe
13:48:36.0449 0x0bb4 TODDSrv - ok
13:48:36.0527 0x0bb4 [ AEAAB8C7EDD5981CA422617C6B612EEC, 543A15DF7011A5BC70AB6AFFC901F663E7121B7DEA90CEC308BFA54866F81625 ] TOSHIBA Bluetooth Service C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
13:48:36.0574 0x0bb4 TOSHIBA Bluetooth Service - ok
13:48:36.0620 0x0bb4 [ 380192EE4C9FA50A083C14522E6240C8, 539EF29B97E552F655F73EFB54AE300587F3C6FCE9AF89C81B838997E9E0CD43 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
13:48:36.0652 0x0bb4 TOSHIBA eco Utility Service - ok
13:48:36.0683 0x0bb4 [ E4C35827E0830E5ECBA77F4DC6ABF37F, 8270B34A361EE6EC054B2D1C482B0BDF7EC8949D82B6E8E0D5F44CECF9296D71 ] tosrfbd C:\Windows\system32\DRIVERS\tosrfbd.sys
13:48:36.0699 0x0bb4 tosrfbd - ok
13:48:36.0714 0x0bb4 Tosrfcom - ok
13:48:36.0730 0x0bb4 [ 8E5E4DAB54D20CA50D9B7B45F9D46F10, EF20D91E7AB0A8B4DF25D11CFEF10431A28DEF1384FD53A161E8C81DC5A536F6 ] tosrfec C:\Windows\System32\drivers\tosrfec.sys
13:48:36.0745 0x0bb4 tosrfec - ok
13:48:36.0745 0x0bb4 [ 3D0D685F520CE2ED0B4D15AFE38362F8, AE133CEAF1477832551DB4520C9D39A188A7B387F5955D6CBB674C77288F1A91 ] Tosrfhid C:\Windows\system32\DRIVERS\Tosrfhid.sys
13:48:36.0761 0x0bb4 Tosrfhid - ok
13:48:36.0777 0x0bb4 [ F121F588D901563BBCE1D828679F1432, 2A294A9A5ED7CD55909149FFA6043A6F7056285CBD4D3BFD0EA6023B9E1EB9EF ] Tosrfusb C:\Windows\system32\DRIVERS\tosrfusb.sys
13:48:36.0792 0x0bb4 Tosrfusb - ok
13:48:36.0839 0x0bb4 [ 36391C3953D191A2AF4556D5D706C641, 5191A35C86B6C98F2CBDDC23B5311ED62310345CEDE084A54BBF70CCF0F84C50 ] tos_sps64 C:\Windows\system32\drivers\tos_sps64.sys
13:48:36.0870 0x0bb4 tos_sps64 - ok
13:48:36.0933 0x0bb4 [ 67F2A8FCD91A06E445C374C9E6BB0DD3, 3087D762421A265A0E4BB41496284B092F7F71476CC7BEC5334E3FB6414B4F41 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
13:48:36.0980 0x0bb4 TPCHSrv - ok
13:48:37.0011 0x0bb4 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
13:48:37.0027 0x0bb4 TPM - ok
13:48:37.0058 0x0bb4 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
13:48:37.0089 0x0bb4 TrkWks - ok
13:48:37.0136 0x0bb4 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:48:37.0199 0x0bb4 TrustedInstaller - ok
13:48:37.0214 0x0bb4 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:48:37.0277 0x0bb4 TsUsbFlt - ok
13:48:37.0308 0x0bb4 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
13:48:37.0370 0x0bb4 TsUsbGD - ok
13:48:37.0402 0x0bb4 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:48:37.0433 0x0bb4 tunnel - ok
13:48:37.0449 0x0bb4 [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ C:\Windows\system32\drivers\TVALZ_O.SYS
13:48:37.0449 0x0bb4 TVALZ - ok
13:48:37.0464 0x0bb4 [ 55A9A23DD64EB7781FCAB565B028CD0E, 44CE0C8244F9AE6CCCDB49C29F6D35FE4CE8C92DE5B5D44D22DBD088DE83AA10 ] TVALZFL C:\Windows\system32\Drivers\TVALZFL.sys
13:48:37.0480 0x0bb4 TVALZFL - ok
13:48:37.0495 0x0bb4 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:48:37.0527 0x0bb4 uagp35 - ok
13:48:37.0558 0x0bb4 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
13:48:37.0574 0x0bb4 UASPStor - ok
13:48:37.0636 0x0bb4 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
13:48:37.0667 0x0bb4 UCX01000 - ok
13:48:37.0683 0x0bb4 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:48:37.0730 0x0bb4 udfs - ok
13:48:37.0745 0x0bb4 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
13:48:37.0761 0x0bb4 UEFI - ok
13:48:37.0792 0x0bb4 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:48:37.0824 0x0bb4 UI0Detect - ok
13:48:37.0862 0x0bb4 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:48:37.0878 0x0bb4 uliagpkx - ok
13:48:37.0894 0x0bb4 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
13:48:37.0925 0x0bb4 umbus - ok
13:48:37.0925 0x0bb4 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
13:48:37.0956 0x0bb4 UmPass - ok
13:48:37.0987 0x0bb4 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
13:48:38.0050 0x0bb4 UmRdpService - ok
13:48:38.0112 0x0bb4 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
13:48:38.0190 0x0bb4 upnphost - ok
13:48:38.0268 0x0bb4 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
13:48:38.0300 0x0bb4 usbccgp - ok
13:48:38.0362 0x0bb4 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
13:48:38.0409 0x0bb4 usbcir - ok
13:48:38.0456 0x0bb4 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
13:48:38.0472 0x0bb4 usbehci - ok
13:48:38.0518 0x0bb4 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
13:48:38.0565 0x0bb4 usbhub - ok
13:48:38.0612 0x0bb4 [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
13:48:38.0628 0x0bb4 USBHUB3 - ok
13:48:38.0675 0x0bb4 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
13:48:38.0815 0x0bb4 usbohci - ok
13:48:38.0831 0x0bb4 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
13:48:38.0909 0x0bb4 usbprint - ok
13:48:38.0925 0x0bb4 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\Windows\System32\drivers\usbscan.sys
13:48:38.0987 0x0bb4 usbscan - ok
13:48:39.0019 0x0bb4 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
13:48:39.0065 0x0bb4 USBSTOR - ok
13:48:39.0081 0x0bb4 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
13:48:39.0128 0x0bb4 usbuhci - ok
13:48:39.0159 0x0bb4 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:48:39.0222 0x0bb4 usbvideo - ok
13:48:39.0237 0x0bb4 [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
13:48:39.0268 0x0bb4 USBXHCI - ok
13:48:39.0284 0x0bb4 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
13:48:39.0300 0x0bb4 VaultSvc - ok
13:48:39.0331 0x0bb4 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:48:39.0347 0x0bb4 vdrvroot - ok
13:48:39.0440 0x0bb4 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
13:48:39.0518 0x0bb4 vds - ok
13:48:39.0534 0x0bb4 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
13:48:39.0550 0x0bb4 VerifierExt - ok
13:48:39.0581 0x0bb4 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
13:48:39.0612 0x0bb4 vhdmp - ok
13:48:39.0628 0x0bb4 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
13:48:39.0643 0x0bb4 viaide - ok
13:48:39.0675 0x0bb4 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
13:48:39.0675 0x0bb4 vmbus - ok
13:48:39.0690 0x0bb4 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
13:48:39.0706 0x0bb4 VMBusHID - ok
13:48:39.0753 0x0bb4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
13:48:39.0800 0x0bb4 vmicguestinterface - ok
13:48:39.0831 0x0bb4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
13:48:39.0847 0x0bb4 vmicheartbeat - ok
13:48:39.0878 0x0bb4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
13:48:39.0893 0x0bb4 vmickvpexchange - ok
13:48:39.0925 0x0bb4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
13:48:39.0940 0x0bb4 vmicrdv - ok
13:48:39.0956 0x0bb4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
13:48:39.0987 0x0bb4 vmicshutdown - ok
13:48:40.0003 0x0bb4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
13:48:40.0034 0x0bb4 vmictimesync - ok
13:48:40.0050 0x0bb4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
13:48:40.0065 0x0bb4 vmicvss - ok
13:48:40.0097 0x0bb4 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:48:40.0112 0x0bb4 volmgr - ok
13:48:40.0112 0x0bb4 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:48:40.0143 0x0bb4 volmgrx - ok
13:48:40.0190 0x0bb4 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:48:40.0222 0x0bb4 volsnap - ok
13:48:40.0284 0x0bb4 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
13:48:40.0315 0x0bb4 vpci - ok
13:48:40.0347 0x0bb4 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:48:40.0378 0x0bb4 vsmraid - ok
13:48:40.0456 0x0bb4 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\Windows\system32\vssvc.exe
13:48:40.0565 0x0bb4 VSS - ok
13:48:40.0612 0x0bb4 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
13:48:40.0659 0x0bb4 VSTXRAID - ok
13:48:40.0675 0x0bb4 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
13:48:40.0737 0x0bb4 vwifibus - ok
13:48:40.0769 0x0bb4 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:48:40.0831 0x0bb4 vwififlt - ok
13:48:40.0847 0x0bb4 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
13:48:40.0878 0x0bb4 vwifimp - ok
13:48:40.0940 0x0bb4 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
13:48:41.0034 0x0bb4 W32Time - ok
13:48:41.0065 0x0bb4 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
13:48:41.0097 0x0bb4 WacomPen - ok
13:48:41.0206 0x0bb4 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
13:48:41.0347 0x0bb4 wbengine - ok
13:48:41.0409 0x0bb4 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:48:41.0487 0x0bb4 WbioSrvc - ok
13:48:41.0518 0x0bb4 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
13:48:41.0565 0x0bb4 Wcmsvc - ok
13:48:41.0597 0x0bb4 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:48:41.0628 0x0bb4 wcncsvc - ok
13:48:41.0644 0x0bb4 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:48:41.0737 0x0bb4 WcsPlugInService - ok
13:48:41.0753 0x0bb4 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
13:48:41.0784 0x0bb4 WdBoot - ok
13:48:41.0862 0x0bb4 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:48:41.0909 0x0bb4 Wdf01000 - ok
13:48:41.0925 0x0bb4 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
13:48:41.0940 0x0bb4 WdFilter - ok
13:48:41.0972 0x0bb4 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:48:42.0018 0x0bb4 WdiServiceHost - ok
13:48:42.0034 0x0bb4 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:48:42.0050 0x0bb4 WdiSystemHost - ok
13:48:42.0081 0x0bb4 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
13:48:42.0097 0x0bb4 WdNisDrv - ok
13:48:42.0112 0x0bb4 WdNisSvc - ok
13:48:42.0159 0x0bb4 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\Windows\System32\webclnt.dll
13:48:42.0237 0x0bb4 WebClient - ok
13:48:42.0284 0x0bb4 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:48:42.0347 0x0bb4 Wecsvc - ok
13:48:42.0378 0x0bb4 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
13:48:42.0409 0x0bb4 WEPHOSTSVC - ok
13:48:42.0425 0x0bb4 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:48:42.0487 0x0bb4 wercplsupport - ok
13:48:42.0518 0x0bb4 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
13:48:42.0550 0x0bb4 WerSvc - ok
13:48:42.0581 0x0bb4 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
13:48:42.0612 0x0bb4 WFPLWFS - ok
13:48:42.0643 0x0bb4 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
13:48:42.0675 0x0bb4 WiaRpc - ok
13:48:42.0706 0x0bb4 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:48:42.0722 0x0bb4 WIMMount - ok
13:48:42.0722 0x0bb4 WinDefend - ok
13:48:42.0800 0x0bb4 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
13:48:42.0862 0x0bb4 WinHttpAutoProxySvc - ok
13:48:42.0910 0x0bb4 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:48:42.0989 0x0bb4 Winmgmt - ok
13:48:43.0131 0x0bb4 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
13:48:43.0225 0x0bb4 WinRM - ok
13:48:43.0334 0x0bb4 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
13:48:43.0412 0x0bb4 WlanSvc - ok
13:48:43.0506 0x0bb4 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
13:48:43.0584 0x0bb4 wlidsvc - ok
13:48:43.0615 0x0bb4 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
13:48:43.0615 0x0bb4 WmiAcpi - ok
13:48:43.0647 0x0bb4 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:48:43.0693 0x0bb4 wmiApSrv - ok
13:48:43.0709 0x0bb4 WMPNetworkSvc - ok
13:48:43.0756 0x0bb4 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
13:48:43.0771 0x0bb4 Wof - ok
13:48:43.0881 0x0bb4 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
13:48:44.0006 0x0bb4 workfolderssvc - ok
13:48:44.0037 0x0bb4 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
13:48:44.0053 0x0bb4 wpcfltr - ok
13:48:44.0084 0x0bb4 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:48:44.0131 0x0bb4 WPCSvc - ok
13:48:44.0162 0x0bb4 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:48:44.0225 0x0bb4 WPDBusEnum - ok
13:48:44.0256 0x0bb4 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
13:48:44.0287 0x0bb4 WpdUpFltr - ok
13:48:44.0303 0x0bb4 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:48:44.0350 0x0bb4 ws2ifsl - ok
13:48:44.0381 0x0bb4 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
13:48:44.0443 0x0bb4 wscsvc - ok
13:48:44.0443 0x0bb4 WSearch - ok
13:48:44.0615 0x0bb4 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
13:48:44.0803 0x0bb4 WSService - ok
13:48:44.0975 0x0bb4 [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv C:\Windows\system32\wuaueng.dll
13:48:45.0179 0x0bb4 wuauserv - ok
13:48:45.0210 0x0bb4 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:48:45.0288 0x0bb4 WudfPf - ok
13:48:45.0319 0x0bb4 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
13:48:45.0366 0x0bb4 WUDFRd - ok
13:48:45.0382 0x0bb4 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:48:45.0398 0x0bb4 wudfsvc - ok
13:48:45.0413 0x0bb4 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
13:48:45.0429 0x0bb4 WUDFWpdFs - ok
13:48:45.0460 0x0bb4 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
13:48:45.0491 0x0bb4 WwanSvc - ok
13:48:45.0711 0x0bb4 [ 51842449D6076C512D626C77E2665167, 2409BDEE5F607DE651A190C3DFAAB8EE0EEF18F04E6B2F34A7FF855021D5ED66 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
13:48:45.0789 0x0bb4 ZeroConfigService - ok
13:48:45.0789 0x0bb4 ================ Scan global ===============================
13:48:45.0867 0x0bb4 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
13:48:45.0914 0x0bb4 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
13:48:45.0945 0x0bb4 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
13:48:45.0992 0x0bb4 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
13:48:46.0023 0x0bb4 [ Global ] - ok
13:48:46.0023 0x0bb4 ================ Scan MBR ==================================
13:48:46.0039 0x0bb4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:48:46.0305 0x0bb4 \Device\Harddisk0\DR0 - ok
13:48:46.0305 0x0bb4 ================ Scan VBR ==================================
13:48:46.0340 0x0bb4 [ DB1510D0CB12BFD9A1B1EEA144C719A5 ] \Device\Harddisk0\DR0\Partition1
13:48:46.0402 0x0bb4 \Device\Harddisk0\DR0\Partition1 - ok
13:48:46.0418 0x0bb4 [ B9F2CB3153FB24A1743524889B5DD4B2 ] \Device\Harddisk0\DR0\Partition2
13:48:46.0481 0x0bb4 \Device\Harddisk0\DR0\Partition2 - ok
13:48:46.0496 0x0bb4 [ A93F8866A00C69ECA1CFB4AD9BF0C715 ] \Device\Harddisk0\DR0\Partition3
13:48:46.0559 0x0bb4 \Device\Harddisk0\DR0\Partition3 - ok
13:48:46.0574 0x0bb4 [ B71986B774443F78EA280ED860C6DB37 ] \Device\Harddisk0\DR0\Partition4
13:48:46.0637 0x0bb4 \Device\Harddisk0\DR0\Partition4 - ok
13:48:46.0668 0x0bb4 [ 808750EA8123E1F9D616F50FEB6546AF ] \Device\Harddisk0\DR0\Partition5
13:48:46.0684 0x0bb4 \Device\Harddisk0\DR0\Partition5 - ok
13:48:46.0684 0x0bb4 ================ Scan generic autorun ======================
13:48:46.0762 0x0bb4 [ AC698132EDEA96B022FCB48E180EA567, 06F3BFC5FCFF1577399EF3D9C53B00D481AEBA8BA36930AF11F9AFD334A1C70D ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
13:48:46.0793 0x0bb4 AmIcoSinglun64 - ok
13:48:46.0904 0x0bb4 [ 9C1BDB837A2DA4FFC60CB61CEEA3E334, 31007C53EC7E077A6B9518FAF4D2566376C6F23FCE614AE29F2DA78DBF6BF564 ] C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe
13:48:46.0966 0x0bb4 1.TPUReg - ok
13:48:47.0013 0x0bb4 [ 18DBA177BD009B91D1884C9DB62BB039, 74777A7B69BB2886920B6F1A1039A90FCA8DC2DAA1D6F985ED7F49A35C2E0D42 ] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe
13:48:47.0029 0x0bb4 TSVU - ok
13:48:47.0154 0x0bb4 [ AABD3E439647167142FFA5567512B3A4, 9C90D4638B072BE1E49FE1704127F62FA1A98D4A7D8A17A4DE2F797FDFB85FAE ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
13:48:47.0201 0x0bb4 CanonQuickMenu - ok
13:48:47.0216 0x0bb4 [ C8AEBDDAAD605E68DBCCD41CD58FC841, 97243EB73BD358D23E74AEEA8998A45B2DF23637282E892D39FDA0EFCB2EFB69 ] C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe
13:48:47.0216 0x0bb4 ITSecMng - ok
13:48:47.0232 0x0bb4 Waiting for KSN requests completion. In queue: 144
13:48:48.0248 0x0bb4 Waiting for KSN requests completion. In queue: 144
13:48:49.0248 0x0bb4 Waiting for KSN requests completion. In queue: 144
13:48:50.0326 0x0bb4 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated )
13:48:50.0342 0x0bb4 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
13:48:50.0342 0x0bb4 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled )
13:48:52.0831 0x0bb4 ============================================================
13:48:52.0831 0x0bb4 Scan finished
13:48:52.0831 0x0bb4 ============================================================
13:48:52.0847 0x1fc8 Detected object count: 0
13:48:52.0847 0x1fc8 Actual detected object count: 0
MBAR Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.15.02
rootkit: v2015.05.14.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17801
*** :: XYZ [administrator]
15.05.2015 13:19:20
mbar-log-2015-05-15 (13-19-20).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 346860
Time elapsed: 25 minute(s), 4 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
16.05.2015, 06:26
| #6 |
| /// the machine /// TB-Ausbilder | DHL-Trojaner-EMail mit PDF-Anhang geöffnet hi, Scan mit Combofix
__________________ --> DHL-Trojaner-EMail mit PDF-Anhang geöffnet |
|
16.05.2015, 13:16
| #7 |
| | DHL-Trojaner-EMail mit PDF-Anhang geöffnet eine Frage hätte ich noch: auf der Homepage von ComboFix findet sich folgende Info zur Version 15.5.13.1: This program does not work on Windows 8.1 at this time! Und ich habe Windows 8.1...D.h. mit Combofix würde es nicht funktionieren?! Gruß, rrm7 |
|
17.05.2015, 07:33
| #8 |
| /// the machine /// TB-Ausbilder | DHL-Trojaner-EMail mit PDF-Anhang geöffnet mein Fehler Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu DHL-Trojaner-EMail mit PDF-Anhang geöffnet |
| angeklickt, bleibe, dasselbe, defogger, e-mail, freue, gefunde, geklickt, gestern, gmer, hilfe, kaspersky, link, nicht mehr, nichts, ordnung, pdf-anhang, pdf-datei, runtergeladen, schnell, system, würde |
WARNUNG an die MITLESER: 
Linear-Darstellung
