| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Verdacht auf infizierten RouterWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.05.2016, 14:54
| #1 |
| |  Verdacht auf infizierten Router Guten Tag, ich habe ein Problem mit einigen Dingen! 1. mein Vater hat sich mal bei einem unserioesen Internet hilfedienst eine "Behandlung" fuer seinen damals schon "langsamen" Comupter geholt  , doch daraufhin hat dieser den PC dann gesteuert und angeblich alle viren geloescht... Natuerlich wurde es dann immer schlimmer und die 85 Euro waren fuer die Katz  ! Nun ist der PC TOTAL langsam und wurde schonmal bei einem PC Shop bereinigt, was anscheinend auch funktioniert hat, doch nun ist er wieder total langsam und wir haben langsam den Verdacht, dass das etwas schlimmes ist, denn -2. Problem - unser Internet wurde auf einemal auch sehr langsam... Unser Telefon, was auch uebers Internet laeuft, hat immer eine wartezeit von ca. 5 sekunden, bis man den anrufer am hoerer hoert, liegt das vielleicht daran, dass der Router infiziert ist oder sowas? Tut mir wirklich leid fuer meine unwissenheit! Ich haette ihm jetzt ESET Smart security installiert, doch irgendwie funktioniert das nicht, da es anscheinend ein Problem mit dem Internet gibt, obwohl dem nicht so ist... CPU last IMMER auf 98-100%, also ja rgendwas stimmt da ja dann nicht... Ich hoffe wirklich, ihr koennt mir da helfen! Liebe Gruesse, lesta99 PS: Wenn ihr irgendetwas braucht, meckert einfach!  |
|
05.05.2016, 12:25
| #2 |
| /// TB-Ausbilder   | Verdacht auf infizierten Router Router zurücksetzen schon gemacht? |
|
06.05.2016, 13:08
| #3 |
| | Verdacht auf infizierten Router Dankeschoen
__________________Werde ich direkt mal versuchen! (Macht er irgendwie auch dauernd alleine, also neustarten  )Liebe Gruesse, lesta99 [EDIT] Hallo zusammen, es gab nichts bemerkenswertes nach dem neustarten... Dafuer gab es etwas neues hinsichtlich des Laptops... Man kann ueberhaupt nichts mehr darauf installieren... Sei es Microsoft Office oder Eset smart security, nichts funktioniert! Kommt immer ein Installationsfehler... Was kann ich tun? In aller Not wuerde ich die Festplatte auch ausbauen und eine neue reinschrauben, nur waere das mit viel Arbeit verbunden... Gibt es vielleicht irgendwelche Loesungsansaetze euerseits? Vielen Dank schonmal! Lesta99 Geändert von lesta99 (06.05.2016 um 13:15 Uhr) |
|
06.05.2016, 19:39
| #4 |
| /// TB-Ausbilder | Verdacht auf infizierten Router Servus, kannst du diese Tools ausführen? Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
07.05.2016, 05:01
| #5 |
| | Verdacht auf infizierten Router Hallo, hier die FRST.txt: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-05-2016 03
Ran by John (administrator) on JOHN_ROFE (07-05-2016 13:03:34)
Running from C:\Users\John\Downloads
Loaded Profiles: John (Available Profiles: John)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\tbaseprovisioning.exe
(AMD) C:\Windows\System32\atiesrxx.exe
() C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\NIS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\NIS.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TDUSrv64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\nacl64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\nacl64.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\coNatHst.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3363544 2015-09-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-06] (TOSHIBA CORPORATION)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.0.124\buShell.dll [2015-06-06] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{b77e6ac5-d189-4f59-aabe-c852f1b136c1}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
HKU\S-1-5-21-3002129986-4019307150-3248660692-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com.au/?gfe_rd=cr&ei=ZgJcVr6fJ-SW8QfvtLfIAQ&gws_rd=ssl
HKU\S-1-5-21-3002129986-4019307150-3248660692-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TAJB
HKU\S-1-5-21-3002129986-4019307150-3248660692-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.mytoshiba.com.au/start
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-05] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-05] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\coIEPlg.dll [2015-06-05] (Symantec Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-05] (Microsoft Corporation)
FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn [2016-04-21] [not signed]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908&prt=cr
CHR DefaultSearchKeyword: Default -> NortonSafe
CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff
CHR Profile: C:\Users\John\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-05]
CHR Extension: (Google Docs) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-05]
CHR Extension: (Google Drive) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-05]
CHR Extension: (YouTube) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-05]
CHR Extension: (Norton Security Toolbar) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-04-21]
CHR Extension: (uBlock Origin) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-05-05]
CHR Extension: (Google Search) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-05]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2016-04-28]
CHR Extension: (Google Sheets) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-05]
CHR Extension: (100 Free Invoice PDF Templates) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjojlgfndagefobincmkfihcleabmcik [2016-01-18]
CHR Extension: (Google Docs Offline) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Norton Identity Safe) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-04-21]
CHR Extension: (Norton Safe) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2016-04-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\Exts\Chrome.crx [2016-04-21]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\Exts\Chrome.crx [2016-04-21]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [140288 2014-04-23] () [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [319104 2014-03-19] (Windows (R) Win 7 DDK provider) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911464 2016-04-29] (Microsoft Corporation)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-04] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [156384 2015-09-25] (ELAN Microelectronics Corp.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe [282016 2015-07-17] (Symantec Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [202288 2016-04-28] (Microsoft Corporation) [File not signed]
R2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60432 2015-06-23] (Advanced Micro Devices, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\Windows\System32\drivers\AmdAS4.sys [17640 2013-10-24] (Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101104 2015-06-23] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2015-06-23] (Advanced Micro Devices, Inc. )
R3 athr; C:\Windows\System32\drivers\athw10x.sys [4342936 2015-09-21] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20160502.001\BHDrvx64.sys [1766640 2016-04-18] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1605020.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-05-04] (Symantec Corporation)
U3 EraserUtilDrv11510; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11510.sys [145200 2015-05-15] (Symantec Corporation)
U3 EraserUtilDrv11520; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11520.sys [157520 2016-04-20] (Symantec Corporation)
U3 EraserUtilDrv11521; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11521.sys [156912 2016-05-04] (Symantec Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [40016 2015-09-25] (ELAN Microelectronic Corp.)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20160503.001\IDSvia64.sys [767224 2016-04-20] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20160505.018\ENG64.SYS [138488 2016-04-20] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20160505.018\EX64.SYS [2148080 2016-04-20] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-09] (Realtek Semiconductor Corp.)
R3 SRTSP; C:\Windows\system32\drivers\NISx64\1605000.07C\SRTSP64.SYS [917720 2015-06-04] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-11] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1605020.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102616 2016-04-21] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1605020.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation)
R3 SymNetS; C:\Windows\system32\drivers\NISx64\1605000.07C\SYMNETS.SYS [567512 2015-06-04] (Symantec Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-07 13:03 - 2016-05-07 13:05 - 00016846 _____ C:\Users\John\Downloads\FRST.txt
2016-05-07 13:03 - 2016-05-07 13:03 - 00000000 ____D C:\FRST
2016-05-07 13:01 - 2016-05-07 13:02 - 02379264 _____ (Farbar) C:\Users\John\Downloads\FRST64.exe
2016-05-05 19:48 - 2016-05-05 19:48 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-05-05 19:48 - 2016-05-05 19:48 - 00002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-05-05 19:48 - 2016-05-05 19:48 - 00002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-05-05 19:48 - 2016-05-05 19:48 - 00002162 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-05-05 19:48 - 2016-05-05 19:48 - 00002158 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-05-05 19:48 - 2016-05-05 19:48 - 00002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-05-05 19:40 - 2016-05-05 19:42 - 03191496 _____ (Microsoft Corporation) C:\Users\John\Downloads\Setup.X86.en-US_O365HomePremRetail_ddf8c99b-a8fc-42b6-8357-c52e9534fa81_TX_SG_.exe
2016-05-04 22:51 - 2016-05-04 22:57 - 00007603 _____ C:\Users\John\AppData\Local\Resmon.ResmonCfg
2016-05-04 22:35 - 2016-05-04 22:36 - 02993824 _____ (ESET) C:\Users\John\Downloads\eset_smart_security_live_installer.exe
2016-04-26 09:51 - 2016-04-26 09:51 - 00111344 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SY1
2016-04-21 12:35 - 2016-04-26 10:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Internet Security
2016-04-21 12:32 - 2016-04-26 09:51 - 00008214 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2016-04-21 12:32 - 2016-04-21 12:32 - 00102616 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2016-04-21 12:32 - 2016-04-21 12:32 - 00003406 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2016-04-21 12:32 - 2016-04-21 12:32 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2016-04-21 12:31 - 2016-04-21 12:31 - 00002554 _____ C:\Users\Public\Desktop\Norton Internet Security.LNK
2016-04-21 12:27 - 2016-04-21 12:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2016-04-21 12:27 - 2016-04-21 12:27 - 00000000 ____D C:\Program Files (x86)\Norton Internet Security
2016-04-20 14:30 - 2016-04-21 12:27 - 00000000 ____D C:\WINDOWS\system32\Drivers\NISx64
2016-04-20 14:26 - 2016-04-21 12:26 - 00000000 ____D C:\Program Files (x86)\NortonInstaller
2016-04-15 22:50 - 2016-03-29 17:31 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-15 22:50 - 2016-03-29 17:28 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-15 22:50 - 2016-03-29 17:28 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-15 22:50 - 2016-03-29 17:16 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-15 22:50 - 2016-03-29 16:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-15 22:50 - 2016-03-29 16:45 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-15 22:50 - 2016-03-29 16:42 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-15 22:50 - 2016-03-29 16:42 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-15 22:50 - 2016-03-29 16:32 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-15 22:50 - 2016-03-29 16:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-15 22:50 - 2016-03-29 16:02 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-15 22:50 - 2016-03-29 15:56 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-15 22:50 - 2016-03-29 15:35 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-15 22:50 - 2016-03-29 15:32 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-15 22:50 - 2016-03-29 15:11 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-15 22:50 - 2016-03-29 15:08 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-15 22:50 - 2016-03-29 15:07 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-15 22:49 - 2016-04-02 12:44 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-15 22:49 - 2016-03-29 19:50 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-15 22:49 - 2016-03-29 19:50 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-15 22:49 - 2016-03-29 19:48 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-15 22:49 - 2016-03-29 19:07 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-15 22:49 - 2016-03-29 18:11 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-15 22:49 - 2016-03-29 17:36 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-15 22:49 - 2016-03-29 17:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-15 22:49 - 2016-03-29 17:06 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-15 22:49 - 2016-03-29 16:45 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-15 22:49 - 2016-03-29 16:44 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-15 22:49 - 2016-03-29 16:37 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-15 22:49 - 2016-03-29 16:32 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-15 22:49 - 2016-03-29 16:30 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-15 22:49 - 2016-03-29 16:12 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-15 22:49 - 2016-03-29 16:07 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-15 22:49 - 2016-03-29 16:07 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-15 22:49 - 2016-03-29 16:01 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-15 22:49 - 2016-03-29 15:58 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-15 22:49 - 2016-03-29 15:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-15 22:49 - 2016-03-29 15:35 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-15 22:49 - 2016-03-29 15:31 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-15 22:49 - 2016-03-29 15:26 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-15 22:49 - 2016-03-29 15:22 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-15 22:49 - 2016-03-29 15:21 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-15 22:49 - 2016-03-29 15:21 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-15 22:49 - 2016-03-29 15:11 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-15 22:49 - 2016-03-29 15:09 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-15 22:49 - 2016-03-29 14:57 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-15 22:49 - 2016-03-29 14:57 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-15 22:48 - 2016-04-02 13:43 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-15 22:48 - 2016-04-02 12:56 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-15 22:48 - 2016-04-02 12:51 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-15 22:48 - 2016-04-02 12:49 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-15 22:48 - 2016-04-02 12:48 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-15 22:48 - 2016-04-02 12:45 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-15 22:48 - 2016-04-02 12:39 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-15 22:48 - 2016-04-02 12:37 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-15 22:48 - 2016-04-02 12:37 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-15 22:48 - 2016-04-02 12:30 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-15 22:48 - 2016-03-29 19:52 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-15 22:48 - 2016-03-29 19:52 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-15 22:48 - 2016-03-29 19:50 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-15 22:48 - 2016-03-29 19:50 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-15 22:48 - 2016-03-29 19:32 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-15 22:48 - 2016-03-29 19:26 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-15 22:48 - 2016-03-29 18:58 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-15 22:48 - 2016-03-29 18:43 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-15 22:48 - 2016-03-29 18:41 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-15 22:48 - 2016-03-29 17:56 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-15 22:48 - 2016-03-29 17:09 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-15 22:48 - 2016-03-29 17:04 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-15 22:48 - 2016-03-29 16:58 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-15 22:48 - 2016-03-29 16:57 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-15 22:48 - 2016-03-29 16:52 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-15 22:48 - 2016-03-29 16:50 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-15 22:48 - 2016-03-29 16:49 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-15 22:48 - 2016-03-29 16:46 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-15 22:48 - 2016-03-29 16:46 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-15 22:48 - 2016-03-29 16:44 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-15 22:48 - 2016-03-29 16:44 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-15 22:48 - 2016-03-29 16:43 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-15 22:48 - 2016-03-29 16:42 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-15 22:48 - 2016-03-29 16:41 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-15 22:48 - 2016-03-29 16:40 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-15 22:48 - 2016-03-29 16:40 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-15 22:48 - 2016-03-29 16:36 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-15 22:48 - 2016-03-29 16:35 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-15 22:48 - 2016-03-29 16:32 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-15 22:48 - 2016-03-29 16:30 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-15 22:48 - 2016-03-29 16:29 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-15 22:48 - 2016-03-29 16:26 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-15 22:48 - 2016-03-29 16:18 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-15 22:48 - 2016-03-29 16:14 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-15 22:48 - 2016-03-29 16:06 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-15 22:48 - 2016-03-29 16:05 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-15 22:48 - 2016-03-29 16:04 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-15 22:48 - 2016-03-29 16:04 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-15 22:48 - 2016-03-29 16:02 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-15 22:48 - 2016-03-29 16:01 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-15 22:48 - 2016-03-29 16:00 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-15 22:48 - 2016-03-29 15:57 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-15 22:48 - 2016-03-29 15:49 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-15 22:48 - 2016-03-29 15:47 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-15 22:48 - 2016-03-29 15:44 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-15 22:48 - 2016-03-29 15:35 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-15 22:48 - 2016-03-29 15:35 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-15 22:48 - 2016-03-29 15:28 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-15 22:48 - 2016-03-29 15:19 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-15 22:48 - 2016-03-29 15:15 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-15 22:48 - 2016-03-29 15:13 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-15 22:48 - 2016-03-29 15:08 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-15 22:48 - 2016-03-29 15:06 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-15 22:48 - 2016-03-29 14:56 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-15 22:47 - 2016-04-02 13:40 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-15 22:47 - 2016-04-02 13:40 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-15 22:47 - 2016-04-02 13:40 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-15 22:47 - 2016-04-02 12:59 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-15 22:47 - 2016-04-02 12:59 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-15 22:47 - 2016-04-02 12:53 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-15 22:47 - 2016-03-29 19:53 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-15 22:47 - 2016-03-29 19:45 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-15 22:47 - 2016-03-29 19:41 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-15 22:47 - 2016-03-29 19:35 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-15 22:47 - 2016-03-29 19:32 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-15 22:47 - 2016-03-29 18:58 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-15 22:47 - 2016-03-29 18:58 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-15 22:47 - 2016-03-29 18:55 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-15 22:47 - 2016-03-29 18:55 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-15 22:47 - 2016-03-29 18:49 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-15 22:47 - 2016-03-29 18:48 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-15 22:47 - 2016-03-29 18:47 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-15 22:47 - 2016-03-29 18:41 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-15 22:47 - 2016-03-29 18:40 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-15 22:47 - 2016-03-29 18:39 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-15 22:47 - 2016-03-29 18:38 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-15 22:47 - 2016-03-29 18:38 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-15 22:47 - 2016-03-29 18:37 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-15 22:47 - 2016-03-29 18:14 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-15 22:47 - 2016-03-29 18:14 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-15 22:47 - 2016-03-29 18:11 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-15 22:47 - 2016-03-29 18:02 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-15 22:47 - 2016-03-29 17:56 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-15 22:47 - 2016-03-29 17:56 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-15 22:47 - 2016-03-29 17:55 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-15 22:47 - 2016-03-29 17:54 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-15 22:47 - 2016-03-29 17:53 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-15 22:47 - 2016-03-29 17:51 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-15 22:47 - 2016-03-29 17:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-15 22:47 - 2016-03-29 17:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-15 22:47 - 2016-03-29 17:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-15 22:47 - 2016-03-29 17:27 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-15 22:47 - 2016-03-29 17:21 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-15 22:47 - 2016-03-29 17:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-15 22:47 - 2016-03-29 17:20 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-15 22:47 - 2016-03-29 17:18 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-15 22:47 - 2016-03-29 17:14 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-15 22:47 - 2016-03-29 17:12 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-15 22:47 - 2016-03-29 17:08 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-15 22:47 - 2016-03-29 17:07 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-15 22:47 - 2016-03-29 17:06 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-15 22:47 - 2016-03-29 17:05 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-15 22:47 - 2016-03-29 17:05 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-15 22:47 - 2016-03-29 17:04 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-15 22:47 - 2016-03-29 17:04 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-15 22:47 - 2016-03-29 17:00 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-15 22:47 - 2016-03-29 17:00 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-15 22:47 - 2016-03-29 16:56 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-15 22:47 - 2016-03-29 16:53 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-15 22:47 - 2016-03-29 16:53 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-15 22:47 - 2016-03-29 16:53 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-15 22:47 - 2016-03-29 16:51 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-15 22:47 - 2016-03-29 16:50 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-15 22:47 - 2016-03-29 16:47 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-15 22:47 - 2016-03-29 16:47 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-15 22:47 - 2016-03-29 16:47 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-15 22:47 - 2016-03-29 16:41 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-15 22:47 - 2016-03-29 16:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-15 22:47 - 2016-03-29 16:39 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-15 22:47 - 2016-03-29 16:38 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-15 22:47 - 2016-03-29 16:38 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-15 22:47 - 2016-03-29 16:37 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-15 22:47 - 2016-03-29 16:36 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-15 22:47 - 2016-03-29 16:34 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-15 22:47 - 2016-03-29 16:33 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-15 22:47 - 2016-03-29 16:29 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-15 22:47 - 2016-03-29 16:26 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-15 22:47 - 2016-03-29 16:25 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-15 22:47 - 2016-03-29 16:23 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-15 22:47 - 2016-03-29 16:19 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-15 22:47 - 2016-03-29 16:13 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-15 22:47 - 2016-03-29 16:12 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-15 22:47 - 2016-03-29 16:11 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-15 22:47 - 2016-03-29 16:10 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-15 22:47 - 2016-03-29 16:09 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-15 22:47 - 2016-03-29 16:09 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-15 22:47 - 2016-03-29 16:08 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-15 22:47 - 2016-03-29 16:06 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-15 22:47 - 2016-03-29 16:04 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-15 22:47 - 2016-03-29 16:02 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-15 22:47 - 2016-03-29 16:02 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-15 22:47 - 2016-03-29 16:02 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-15 22:47 - 2016-03-29 16:02 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-15 22:47 - 2016-03-29 16:02 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-15 22:47 - 2016-03-29 16:01 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-15 22:47 - 2016-03-29 16:01 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-15 22:47 - 2016-03-29 15:59 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-15 22:47 - 2016-03-29 15:59 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-15 22:47 - 2016-03-29 15:58 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-15 22:47 - 2016-03-29 15:57 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-15 22:47 - 2016-03-29 15:53 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-15 22:47 - 2016-03-29 15:52 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-15 22:47 - 2016-03-29 15:43 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-15 22:47 - 2016-03-29 15:40 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-15 22:47 - 2016-03-29 15:36 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-15 22:47 - 2016-03-29 15:35 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-15 22:47 - 2016-03-29 15:34 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-15 22:47 - 2016-03-29 15:34 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-15 22:47 - 2016-03-29 15:31 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-15 22:47 - 2016-03-29 15:15 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-15 22:47 - 2016-03-29 15:13 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-15 22:47 - 2016-03-29 14:55 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-15 22:46 - 2016-04-02 13:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-15 22:46 - 2016-04-02 12:55 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-15 22:46 - 2016-04-02 12:55 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-15 22:46 - 2016-04-02 12:53 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-15 22:46 - 2016-04-02 12:38 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-15 22:46 - 2016-04-02 12:33 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-15 22:46 - 2016-03-29 17:47 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-15 22:46 - 2016-03-29 17:37 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-15 22:46 - 2016-03-29 17:37 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-15 22:46 - 2016-03-29 17:37 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-15 22:46 - 2016-03-29 17:36 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-15 22:46 - 2016-03-29 17:30 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-15 22:46 - 2016-03-29 17:30 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-15 22:46 - 2016-03-29 17:30 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-15 22:46 - 2016-03-29 17:29 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-15 22:46 - 2016-03-29 17:27 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-15 22:46 - 2016-03-29 17:27 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-15 22:46 - 2016-03-29 17:27 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-15 22:46 - 2016-03-29 17:25 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-15 22:46 - 2016-03-29 17:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-15 22:46 - 2016-03-29 17:25 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-15 22:46 - 2016-03-29 17:24 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-15 22:46 - 2016-03-29 17:24 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-15 22:46 - 2016-03-29 17:23 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-15 22:46 - 2016-03-29 17:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-15 22:46 - 2016-03-29 17:21 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-15 22:46 - 2016-03-29 17:20 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-15 22:46 - 2016-03-29 17:20 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-15 22:46 - 2016-03-29 17:20 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-15 22:46 - 2016-03-29 17:20 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-15 22:46 - 2016-03-29 17:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-15 22:46 - 2016-03-29 17:19 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-15 22:46 - 2016-03-29 17:18 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-15 22:46 - 2016-03-29 17:16 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-15 22:46 - 2016-03-29 17:04 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-15 22:46 - 2016-03-29 17:03 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-15 22:46 - 2016-03-29 17:02 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-15 22:46 - 2016-03-29 17:02 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-15 22:46 - 2016-03-29 16:50 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-15 22:46 - 2016-03-29 16:50 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-15 22:46 - 2016-03-29 16:49 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-15 22:46 - 2016-03-29 16:48 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-15 22:46 - 2016-03-29 16:44 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-15 22:46 - 2016-03-29 16:41 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-15 22:46 - 2016-03-29 16:41 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-15 22:46 - 2016-03-29 16:41 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-15 22:46 - 2016-03-29 16:39 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-15 22:46 - 2016-03-29 16:39 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-15 22:46 - 2016-03-29 16:38 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-15 22:46 - 2016-03-29 16:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-15 22:46 - 2016-03-29 16:35 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-15 22:46 - 2016-03-29 16:30 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-15 22:46 - 2016-03-29 16:30 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-15 22:46 - 2016-03-29 16:29 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-15 22:46 - 2016-03-29 16:23 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-15 22:46 - 2016-03-29 16:22 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-15 22:46 - 2016-03-29 16:22 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-15 22:46 - 2016-03-29 16:12 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-15 22:46 - 2016-03-29 16:09 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-15 22:46 - 2016-03-29 16:04 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-15 22:46 - 2016-03-29 16:02 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-15 22:46 - 2016-03-29 15:57 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-15 22:46 - 2016-03-29 15:57 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-15 22:46 - 2016-03-29 15:35 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-15 22:46 - 2016-03-29 15:30 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-15 22:46 - 2016-03-29 15:05 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-15 22:46 - 2016-03-29 14:58 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-15 22:46 - 2016-03-29 14:57 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-15 22:46 - 2016-03-29 14:56 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-15 22:46 - 2016-03-29 14:55 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-15 22:46 - 2016-03-29 14:51 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-07 12:57 - 2015-12-05 01:30 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{20669208-7BE7-4F0D-A7BB-E07DEABF2CC3}
2016-05-07 12:56 - 2015-12-05 00:59 - 00000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-07 12:54 - 2015-10-30 16:54 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-07 12:54 - 2015-10-30 16:54 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-06 17:10 - 2015-12-05 00:59 - 00000926 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-05 20:25 - 2015-12-04 20:49 - 00002415 _____ C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-05 20:25 - 2015-12-03 21:01 - 00000000 __RDO C:\Users\John\OneDrive
2016-05-05 20:24 - 2015-10-30 16:54 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-05 20:14 - 2015-12-05 01:00 - 00002243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-05 20:14 - 2015-12-05 01:00 - 00002231 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-05 19:48 - 2014-07-03 13:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-28 21:13 - 2015-12-03 20:53 - 00000000 ____D C:\Users\John\AppData\Local\Packages
2016-04-26 19:39 - 2015-12-04 02:02 - 00879220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-26 19:39 - 2015-10-30 16:51 - 00000000 ____D C:\WINDOWS\INF
2016-04-22 22:56 - 2015-10-30 15:58 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-04-21 12:43 - 2015-10-30 16:54 - 00000000 ____D C:\WINDOWS\rescache
2016-04-21 12:32 - 2015-10-30 16:54 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-04-21 12:27 - 2014-07-03 13:49 - 00000000 ____D C:\ProgramData\Norton
2016-04-21 12:05 - 2014-07-03 13:27 - 00570795 _____ C:\WINDOWS\SysWOW64\rootpa.e2e
2016-04-21 12:04 - 2015-12-04 01:59 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-21 12:03 - 2015-12-04 01:41 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-04-21 12:03 - 2015-10-30 15:58 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-04-21 11:28 - 2015-10-30 16:54 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-04-20 15:05 - 2015-12-04 01:35 - 00343872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-20 15:00 - 2015-10-30 16:54 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-20 15:00 - 2015-10-30 16:54 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-20 15:00 - 2015-10-30 16:54 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-20 15:00 - 2015-10-30 16:54 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-20 14:39 - 2015-10-30 16:41 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-20 14:38 - 2015-12-05 01:29 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-04-20 14:17 - 2015-12-13 18:55 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-04-20 14:17 - 2015-12-13 18:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-14 09:15 - 2015-12-05 01:06 - 00453280 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-07 04:02 - 2015-10-30 16:56 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-07 04:02 - 2015-10-30 16:56 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2016-05-04 22:51 - 2016-05-04 22:57 - 0007603 _____ () C:\Users\John\AppData\Local\Resmon.ResmonCfg
2015-12-04 01:40 - 2015-12-04 01:40 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-01 19:23
==================== End of FRST.txt ============================
--- --- --- Die Addition.txt hier: [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:06-05-2016 03
Ran by John (2016-05-07 13:08:15)
Running from C:\Users\John\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-03 21:00:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3002129986-4019307150-3248660692-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3002129986-4019307150-3248660692-503 - Limited - Disabled)
Guest (S-1-5-21-3002129986-4019307150-3248660692-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3002129986-4019307150-3248660692-1003 - Limited - Enabled)
John (S-1-5-21-3002129986-4019307150-3248660692-1001 - Administrator - Enabled) => C:\Users\John
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{99213849-249E-7726-EBA7-ADFCA48E2246}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3920.05 - CyberLink Corp.)
DTS Sound (HKLM-x32\...\{9B17BBEC-CF31-4C23-949E-E65A14365CE1}) (Version: 1.01.6100 - DTS, Inc.)
ELAN Touchpad 15.8.8.2_X64_WHQL (HKLM\...\Elantech) (Version: 15.8.8.2 - ELAN Microelectronic Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6868.2060 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Word 2016 - en-us (HKLM\...\WordRetail - en-us) (Version: 16.0.6868.2060 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.5.0.124 - Symantec Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
PSP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7592 - Realtek Semiconductor Corp.)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.18.0 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.02.6402 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{484A4296-6F3D-4182-8CFA-D664F7DA34AA}) (Version: 1.1.17.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{94D2A899-0C34-4420-880E-AE337E635AB0}) (Version: 2.5.0.6404 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.2C - TOSHIBA CORPORATION)
TOSHIBA Function Key (HKLM\...\{1844CFE2-EBA3-490A-8A5E-9BFC646342FD}) (Version: 1.1.5.6402 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.15C - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 3.01.02.6400 - Toshiba Corporation)
Toshiba Quality Application (HKLM-x32\...\InstallShield_{716C8275-A4A9-48CB-88C0-9829334CA3C5}) (Version: 1.0.9.4B1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.2.00.56006005 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{BFE4C813-4DD4-4B1C-97F4-76A459055C8D}) (Version: 2.6.13 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0033 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{4D57ED72-6B01-40BD-9CA9-012B8FC09CEB}) (Version: 2.0.1.32003 - Toshiba Corporation)
Utility Common Driver (x32 Version: 1.0.53.3 - Compal) Hidden
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3002129986-4019307150-3248660692-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\John\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {041C9C1B-155E-4623-8430-4A0F9BB5C298} - System32\Tasks\TOSHIBA\TosWaitSrv => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2013-08-14] (TOSHIBA Corporation)
Task: {0D72AE19-158D-4202-A942-CB1F72540305} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-09-25] (TOSHIBA Corporation)
Task: {1588A6BB-BDE5-4C0F-B784-A3782ADB0F47} - System32\Tasks\TOSHIBA\TSVU => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [2013-07-24] (TOSHIBA)
Task: {207ED0DC-C33D-4A28-BC75-5EFAFF2DC26D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {3CCBA424-999D-46B9-B86E-9B27500CB152} - System32\Tasks\TOSHIBA\StartCCC => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
Task: {490F8FD1-E551-4948-B82F-35B007839570} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-29] (Microsoft Corporation)
Task: {551174D0-8FA1-42F5-A5AC-E2B5EA2E63C1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-05] (Google Inc.)
Task: {579F8B7F-C160-4EA5-A7DE-04819030A918} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {60DB541A-1D55-4D94-958B-1CA0E5AA29C5} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-14] (Realtek Semiconductor)
Task: {6603E89E-AF5B-453E-AA37-9943F19B79AB} - System32\Tasks\TOSHIBA\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {66B147B2-5B17-4018-BB56-C57D698169EC} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\SymErr.exe [2015-05-20] (Symantec Corporation)
Task: {68B02EDA-DF2F-48D5-ABA0-D05E4B5E0B28} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {833AB241-A3CF-4924-91CF-D47486ACB0DE} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\SymErr.exe [2015-05-20] (Symantec Corporation)
Task: {8CE417BD-80D2-498D-A3BC-FAC9050578B9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-29] (Microsoft Corporation)
Task: {97431B4D-2959-4348-80AC-6C92EE19604C} - System32\Tasks\Norton Internet Security\Norton Autofix => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\SymErr.exe [2015-05-20] (Symantec Corporation)
Task: {99D4FFE7-D9DD-499B-9057-6CF0A1C851D3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9A2EF37E-2DC4-460C-AA38-1B90B2158482} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\WSCStub.exe [2015-06-18] (Symantec Corporation)
Task: {A266457F-50A1-4084-9734-C4D7D1F894A8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-04-20] (Microsoft Corporation)
Task: {B1A4F9AC-AB1F-4E1E-9DAE-B81AED522B3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-05] (Google Inc.)
Task: {B7FA57BC-A38F-478A-B408-B820CD3764FC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-05-05] (Microsoft Corporation)
Task: {BC1A8BC9-BDF2-4109-844D-ADFA9E7A0F0C} - System32\Tasks\TOSHIBA\SacReminderBOX => C:\ProgramData\Clickfree\BoxSoftware\reminder\SacReminder.exe
Task: {C148DC8E-574E-4013-A14C-641B7AB9FAD4} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C60441F4-DF14-4DC3-9A42-90F74790EEFA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-05-05] (Microsoft Corporation)
Task: {EAD7DAB0-F0D3-4C2F-8B53-B94C255B5036} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F800BE3A-EC5C-42AB-83B5-19808495F46D} - System32\Tasks\TOSHIBA\TecoResident => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [2014-04-18] (TOSHIBA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 22:55 - 2013-08-22 22:55 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3002129986-4019307150-3248660692-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\TOSHIBA\TOSHIBA1.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "TCrdMain"
HKU\S-1-5-21-3002129986-4019307150-3248660692-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9BF55949-82D0-4177-9A72-BB8C5E7261BF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{38CB3541-8C28-4CBB-AD9D-50541CC5EC5F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E60ABBA9-80D5-41D6-9855-F343416CD907}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Restore Points =========================
28-03-2016 19:31:13 Windows Modules Installer
20-04-2016 14:04:10 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/07/2016 01:00:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.28, time stamp: 0x52fd56d1
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6dc
Faulting process id: 0x1e94
Faulting application start time: 0xTPCHSrv.exe0
Faulting application path: TPCHSrv.exe1
Faulting module path: TPCHSrv.exe2
Report Id: TPCHSrv.exe3
Faulting package full name: TPCHSrv.exe4
Faulting package-relative application ID: TPCHSrv.exe5
Error: (05/06/2016 05:02:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.28, time stamp: 0x52fd56d1
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6dc
Faulting process id: 0x2b4
Faulting application start time: 0xTPCHSrv.exe0
Faulting application path: TPCHSrv.exe1
Faulting module path: TPCHSrv.exe2
Report Id: TPCHSrv.exe3
Faulting package full name: TPCHSrv.exe4
Faulting package-relative application ID: TPCHSrv.exe5
Error: (05/05/2016 11:09:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.28, time stamp: 0x52fd56d1
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6dc
Faulting process id: 0x1a4c
Faulting application start time: 0xTPCHSrv.exe0
Faulting application path: TPCHSrv.exe1
Faulting module path: TPCHSrv.exe2
Report Id: TPCHSrv.exe3
Faulting package full name: TPCHSrv.exe4
Faulting package-relative application ID: TPCHSrv.exe5
Error: (05/05/2016 07:27:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.28, time stamp: 0x52fd56d1
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6dc
Faulting process id: 0x1cf0
Faulting application start time: 0xTPCHSrv.exe0
Faulting application path: TPCHSrv.exe1
Faulting module path: TPCHSrv.exe2
Report Id: TPCHSrv.exe3
Faulting package full name: TPCHSrv.exe4
Faulting package-relative application ID: TPCHSrv.exe5
Error: (05/04/2016 10:31:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.28, time stamp: 0x52fd56d1
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6dc
Faulting process id: 0xf54
Faulting application start time: 0xTPCHSrv.exe0
Faulting application path: TPCHSrv.exe1
Faulting module path: TPCHSrv.exe2
Report Id: TPCHSrv.exe3
Faulting package full name: TPCHSrv.exe4
Faulting package-relative application ID: TPCHSrv.exe5
Error: (05/02/2016 05:55:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.28, time stamp: 0x52fd56d1
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6dc
Faulting process id: 0x1594
Faulting application start time: 0xTPCHSrv.exe0
Faulting application path: TPCHSrv.exe1
Faulting module path: TPCHSrv.exe2
Report Id: TPCHSrv.exe3
Faulting package full name: TPCHSrv.exe4
Faulting package-relative application ID: TPCHSrv.exe5
Error: (05/02/2016 04:15:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.28, time stamp: 0x52fd56d1
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6dc
Faulting process id: 0xedc
Faulting application start time: 0xTPCHSrv.exe0
Faulting application path: TPCHSrv.exe1
Faulting module path: TPCHSrv.exe2
Report Id: TPCHSrv.exe3
Faulting package full name: TPCHSrv.exe4
Faulting package-relative application ID: TPCHSrv.exe5
Error: (05/01/2016 07:24:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (05/01/2016 07:11:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.28, time stamp: 0x52fd56d1
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6dc
Faulting process id: 0xa80
Faulting application start time: 0xTPCHSrv.exe0
Faulting application path: TPCHSrv.exe1
Faulting module path: TPCHSrv.exe2
Report Id: TPCHSrv.exe3
Faulting package full name: TPCHSrv.exe4
Faulting package-relative application ID: TPCHSrv.exe5
Error: (05/01/2016 11:53:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TPCHSrv.exe, version: 1.0.0.28, time stamp: 0x52fd56d1
Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6dc
Faulting process id: 0xc40
Faulting application start time: 0xTPCHSrv.exe0
Faulting application path: TPCHSrv.exe1
Faulting module path: TPCHSrv.exe2
Report Id: TPCHSrv.exe3
Faulting package full name: TPCHSrv.exe4
Faulting package-relative application ID: TPCHSrv.exe5
System errors:
=============
Error: (05/07/2016 01:02:08 PM) (Source: DCOM) (EventID: 10010) (User: JOHN_ROFE)
Description: {45CC1698-D1CF-417B-BC32-80EB79E05EF1}
Error: (05/07/2016 01:01:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TPCH Service service terminated unexpectedly. It has done this 21 time(s).
Error: (05/07/2016 12:59:01 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/07/2016 12:54:17 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/06/2016 05:22:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_3537b8e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/06/2016 05:22:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_3537b8e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/06/2016 05:22:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_3537b8e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/06/2016 05:22:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_3537b8e service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (05/06/2016 05:22:41 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (05/06/2016 05:18:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_332a978 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2016-05-05 20:01:29.602
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-05 19:24:32.094
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-21 12:07:52.745
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-20 15:07:37.670
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-20 14:39:02.893
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-20 14:39:00.442
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-12 20:29:47.674
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-31 20:27:55.788
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-29 14:20:22.885
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-24 20:57:10.510
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD E1-6010 APU with AMD Radeon R2 Graphics
Percentage of memory in use: 59%
Total physical RAM: 3518.9 MB
Available physical RAM: 1430.39 MB
Total Virtual: 4158.9 MB
Available Virtual: 1659.02 MB
==================== Drives ================================
Drive c: (TI31278800C) (Fixed) (Total:453.31 GB) (Free:417.56 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
|
|
07.05.2016, 05:12
| #6 |
| | Verdacht auf infizierten Router Der TDSS scan: Code:
ATTFilter 13:23:12.0432 0x1a8c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
13:23:12.0432 0x1a8c UEFI system
13:23:16.0019 0x1a8c ============================================================
13:23:16.0019 0x1a8c Current date / time: 2016/05/07 13:23:16.0019
13:23:16.0019 0x1a8c SystemInfo:
13:23:16.0036 0x1a8c
13:23:16.0036 0x1a8c OS Version: 10.0.10586 ServicePack: 0.0
13:23:16.0036 0x1a8c Product type: Workstation
13:23:16.0036 0x1a8c ComputerName: JOHN_ROFE
13:23:16.0036 0x1a8c UserName: John
13:23:16.0036 0x1a8c Windows directory: C:\WINDOWS
13:23:16.0037 0x1a8c System windows directory: C:\WINDOWS
13:23:16.0037 0x1a8c Running under WOW64
13:23:16.0037 0x1a8c Processor architecture: Intel x64
13:23:16.0037 0x1a8c Number of processors: 2
13:23:16.0037 0x1a8c Page size: 0x1000
13:23:16.0037 0x1a8c Boot type: Normal boot
13:23:16.0037 0x1a8c ============================================================
13:23:16.0817 0x1a8c System UUID: {A10E479B-070D-9E45-0A91-A1C5F56C96BA}
13:23:18.0489 0x1a8c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:23:18.0502 0x1a8c ============================================================
13:23:18.0502 0x1a8c \Device\Harddisk0\DR0:
13:23:18.0502 0x1a8c GPT partitions:
13:23:18.0503 0x1a8c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6805AABE-DF8A-11E3-89E4-201A06D8CD6E}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x200000
13:23:18.0503 0x1a8c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6805AAC4-DF8A-11E3-89E4-201A06D8CD6E}, Name: Basic data partition, StartLBA 0x200800, BlocksNum 0x32000
13:23:18.0503 0x1a8c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6805AAC6-DF8A-11E3-89E4-201A06D8CD6E}, Name: Basic data partition, StartLBA 0x232800, BlocksNum 0x40000
13:23:18.0503 0x1a8c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6805AACE-DF8A-11E3-89E4-201A06D8CD6E}, Name: Basic data partition, StartLBA 0x272800, BlocksNum 0x38A9C7CD
13:23:18.0504 0x1a8c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0B583424-5119-427D-AB85-08DCFC6843FB}, Name: , StartLBA 0x38D0F000, BlocksNum 0xEE000
13:23:18.0504 0x1a8c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {37E1AD7B-0276-11E4-A128-F8A963CDF803}, Name: Basic data partition, StartLBA 0x38DFD000, BlocksNum 0x15888DA
13:23:18.0504 0x1a8c MBR partitions:
13:23:18.0504 0x1a8c ============================================================
13:23:18.0525 0x1a8c C: <-> \Device\Harddisk0\DR0\Partition4
13:23:18.0525 0x1a8c ============================================================
13:23:18.0525 0x1a8c Initialize success
13:23:18.0525 0x1a8c ============================================================
13:23:22.0455 0x17c8 ============================================================
13:23:22.0455 0x17c8 Scan started
13:23:22.0455 0x17c8 Mode: Manual; SigCheck; TDLFS;
13:23:22.0455 0x17c8 ============================================================
13:23:22.0455 0x17c8 KSN ping started
13:23:25.0063 0x17c8 KSN ping finished: true
13:23:26.0686 0x17c8 ================ Scan system memory ========================
13:23:26.0686 0x17c8 System memory - ok
13:23:26.0692 0x17c8 ================ Scan services =============================
13:23:26.0889 0x17c8 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
13:23:27.0037 0x17c8 1394ohci - ok
13:23:27.0121 0x17c8 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
13:23:27.0165 0x17c8 3ware - ok
13:23:27.0233 0x17c8 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
13:23:27.0319 0x17c8 ACPI - ok
13:23:27.0346 0x17c8 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
13:23:27.0393 0x17c8 acpiex - ok
13:23:27.0424 0x17c8 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
13:23:27.0468 0x17c8 acpipagr - ok
13:23:27.0496 0x17c8 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
13:23:27.0543 0x17c8 AcpiPmi - ok
13:23:27.0559 0x17c8 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
13:23:27.0610 0x17c8 acpitime - ok
13:23:27.0670 0x17c8 [ FB8815B55912AD95597C898C242339D8, 2B0DC067AA21295960A8A2C97F039E6B9F4FED13AD45795B43166C3AC074A49D ] AdaptiveSleepService C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
13:23:27.0700 0x17c8 AdaptiveSleepService - detected UnsignedFile.Multi.Generic ( 1 )
13:23:30.0720 0x17c8 Detect skipped due to KSN trusted
13:23:30.0720 0x17c8 AdaptiveSleepService - ok
13:23:30.0776 0x17c8 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:23:30.0808 0x17c8 AdobeARMservice - ok
13:23:30.0897 0x17c8 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:23:31.0030 0x17c8 ADP80XX - ok
13:23:31.0103 0x17c8 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys
13:23:31.0190 0x17c8 AFD - ok
13:23:31.0220 0x17c8 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
13:23:31.0262 0x17c8 agp440 - ok
13:23:31.0298 0x17c8 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:23:31.0362 0x17c8 ahcache - ok
13:23:31.0397 0x17c8 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
13:23:31.0439 0x17c8 AJRouter - ok
13:23:31.0484 0x17c8 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe
13:23:31.0536 0x17c8 ALG - ok
13:23:31.0581 0x17c8 [ FB1548ED9CD0E1D0881D572328A53AF8, 1D5D6CF31ECE2890EC18042139EAF5B30FF831923CFCF90B9D92A49C4AF41964 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
13:23:31.0640 0x17c8 AMD External Events Utility - ok
13:23:31.0660 0x17c8 [ C3E8F88B4D196110673DA03E2E95D83B, E4F80DCAD69BCF6D0821AB27BA3BBAEB3C5A9C3CB089BC86B6FAE78B7A441EA1 ] AmdAS4 C:\WINDOWS\System32\drivers\AmdAS4.sys
13:23:31.0702 0x17c8 AmdAS4 - ok
13:23:31.0739 0x17c8 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
13:23:31.0793 0x17c8 AmdK8 - ok
13:23:31.0821 0x17c8 [ 63DBE05B7EE2040F3E4C443057150D75, 79614F828B765E6CEDB6E0D6D032935F7C7EE21F0E186549B3A56DD5BA23D77E ] amdkmcsp C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys
13:23:31.0880 0x17c8 amdkmcsp - ok
13:23:31.0890 0x17c8 amdkmdag - ok
13:23:31.0963 0x17c8 [ 5F72D93E780AB93609070182ECB50338, D1609E2EF03A3807C2EEAE2C8D03D64106E887B0A8CB4796FB5AB506108A4FDB ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
13:23:32.0063 0x17c8 amdkmdap - ok
13:23:32.0096 0x17c8 [ C04F35935BF6274F5593B78C7B295760, 29BC36696B3D5C75DEF9C9D96D3C06E5C6D964A00B4D5CD354CB08002E085191 ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
13:23:32.0124 0x17c8 amdkmpfd - ok
13:23:32.0148 0x17c8 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
13:23:32.0203 0x17c8 AmdPPM - ok
13:23:32.0242 0x17c8 [ A6A2F105FCCEF4CC07CD61CC004D8951, 43570B6FE5C82375E66B0C61DD3B72FA570A225CDC1356285259998B3ECD2B53 ] amdpsp C:\WINDOWS\system32\DRIVERS\amdpsp.sys
13:23:32.0285 0x17c8 amdpsp - ok
13:23:32.0315 0x17c8 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
13:23:32.0356 0x17c8 amdsata - ok
13:23:32.0387 0x17c8 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
13:23:32.0442 0x17c8 amdsbs - ok
13:23:32.0467 0x17c8 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
13:23:32.0504 0x17c8 amdxata - ok
13:23:32.0535 0x17c8 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys
13:23:32.0583 0x17c8 AppID - ok
13:23:32.0620 0x17c8 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
13:23:32.0689 0x17c8 AppIDSvc - ok
13:23:32.0715 0x17c8 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
13:23:32.0776 0x17c8 Appinfo - ok
13:23:32.0828 0x17c8 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
13:23:32.0927 0x17c8 AppReadiness - ok
13:23:33.0061 0x17c8 [ 0F3C165B71F8140F50A1DB5DE3E6D695, 7AD0F130088B3A964739C3194CF09E79B6B5D761B064071B9AC11D9B65F5D523 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
13:23:33.0300 0x17c8 AppXSvc - ok
13:23:33.0367 0x17c8 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
13:23:33.0413 0x17c8 arcsas - ok
13:23:33.0438 0x17c8 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
13:23:33.0488 0x17c8 AsyncMac - ok
13:23:33.0512 0x17c8 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
13:23:33.0549 0x17c8 atapi - ok
13:23:33.0613 0x17c8 [ BCE510EB5CFB8814CF1EADE941E853EC, B354524414557225355BD8EEF81324BE3B354EF2F4103D3C5E1EB43651264917 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:23:33.0687 0x17c8 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:23:36.0510 0x17c8 Detect skipped due to KSN trusted
13:23:36.0510 0x17c8 AtherosSvc - ok
13:23:36.0796 0x17c8 [ 7E7F48278A0697353765495BB94E3BA7, DBBA5C9093B572798D624E4021C56D425C05686BFF86DA0B19E67AFE68E9CE76 ] athr C:\WINDOWS\System32\drivers\athw10x.sys
13:23:37.0252 0x17c8 athr - ok
13:23:37.0302 0x17c8 [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
13:23:37.0358 0x17c8 AtiHDAudioService - ok
13:23:37.0407 0x17c8 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:23:37.0475 0x17c8 AudioEndpointBuilder - ok
13:23:37.0565 0x17c8 [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
13:23:37.0719 0x17c8 Audiosrv - ok
13:23:37.0757 0x17c8 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
13:23:37.0819 0x17c8 AxInstSV - ok
13:23:37.0879 0x17c8 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
13:23:37.0960 0x17c8 b06bdrv - ok
13:23:37.0981 0x17c8 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:23:38.0029 0x17c8 BasicDisplay - ok
13:23:38.0041 0x17c8 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
13:23:38.0088 0x17c8 BasicRender - ok
13:23:38.0112 0x17c8 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
13:23:38.0156 0x17c8 bcmfn - ok
13:23:38.0167 0x17c8 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
13:23:38.0217 0x17c8 bcmfn2 - ok
13:23:38.0267 0x17c8 [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
13:23:38.0341 0x17c8 BDESVC - ok
13:23:38.0370 0x17c8 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:23:38.0416 0x17c8 Beep - ok
13:23:38.0488 0x17c8 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\WINDOWS\System32\bfe.dll
13:23:38.0607 0x17c8 BFE - ok
13:23:38.0894 0x17c8 [ 21F9843380D6151AE0E220B6CE73B9E4, 295142D36FEB1A993DACAA3302789877DDCB3EB527E4B0BA6A55AAC8975600D6 ] BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20160502.001\BHDrvx64.sys
13:23:39.0042 0x17c8 BHDrvx64 - ok
13:23:39.0133 0x17c8 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
13:23:39.0299 0x17c8 BITS - ok
13:23:39.0329 0x17c8 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
13:23:39.0395 0x17c8 bowser - ok
13:23:39.0451 0x17c8 [ 492FB85E61768950CDD27C87AED6E8FA, 1BFF11D899581E406D1AB5F2C66C9D816161ECF4B81AAACCCA3663875E86C0A5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:23:39.0564 0x17c8 BrokerInfrastructure - ok
13:23:39.0599 0x17c8 [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser C:\WINDOWS\System32\browser.dll
13:23:39.0652 0x17c8 Browser - ok
13:23:39.0710 0x17c8 [ 2FA11B43AAF89758459A1098DE244B27, 044C3F1129187D1F546F049AF84F7C114CF80E693DFB9946A4325162EEE746D6 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
13:23:39.0788 0x17c8 BtFilter - ok
13:23:39.0823 0x17c8 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:23:39.0871 0x17c8 BthAvrcpTg - ok
13:23:39.0908 0x17c8 [ FD74F7C4D04496FC46D2BB8464FA2CA4, 24F3750187D4A4CD3DB1451E358E36AC5169C83E794B6DFEF4E3D16BA2AC3951 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
13:23:39.0959 0x17c8 BthEnum - ok
13:23:39.0983 0x17c8 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
13:23:40.0032 0x17c8 BthHFEnum - ok
13:23:40.0045 0x17c8 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
13:23:40.0092 0x17c8 bthhfhid - ok
13:23:40.0430 0x17c8 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
13:23:40.0504 0x17c8 BthHFSrv - ok
13:23:40.0568 0x17c8 [ 3B3BF88BB54CB9A18DE1EF07292B5A3D, 7B9C1E7E07435B976E4AE89425F10541E1DEB153172A375CBC2D03A4D7B7F3D2 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys
13:23:40.0639 0x17c8 BthLEEnum - ok
13:23:40.0676 0x17c8 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
13:23:40.0723 0x17c8 BTHMODEM - ok
13:23:40.0764 0x17c8 [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
13:23:40.0837 0x17c8 BthPan - ok
13:23:40.0918 0x17c8 [ 2A0EF9AF5FD3FCCC25E17C47198D6E25, 4B548DD7235EF5EEC36AC443F9F44A042332BA01CB38B3D2E804618F2DC31813 ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
13:23:41.0055 0x17c8 BTHPORT - ok
13:23:41.0098 0x17c8 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\WINDOWS\system32\bthserv.dll
13:23:41.0146 0x17c8 bthserv - ok
13:23:41.0171 0x17c8 [ B13CB5CCEE91ACA77C985B8E0D53A7D4, 1DB76A52E30B3DCC0FAF8579A7D5A24AD010ACA7613FB00B541FDDED7BE3F08E ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
13:23:41.0224 0x17c8 BTHUSB - ok
13:23:41.0251 0x17c8 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
13:23:41.0295 0x17c8 buttonconverter - ok
13:23:41.0332 0x17c8 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
13:23:41.0388 0x17c8 CapImg - ok
13:23:41.0472 0x17c8 [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_NIS C:\WINDOWS\system32\drivers\NISx64\1605020.00F\ccSetx64.sys
13:23:41.0507 0x17c8 ccSet_NIS - ok
13:23:41.0533 0x17c8 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:23:41.0608 0x17c8 cdfs - ok
13:23:41.0649 0x17c8 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
13:23:41.0734 0x17c8 CDPSvc - ok
13:23:41.0767 0x17c8 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
13:23:41.0837 0x17c8 cdrom - ok
13:23:41.0865 0x17c8 [ 11F35C8E745ADF8BF595E3EC2B390972, 754ACDF6226A142D753C136D7C0A2461705B05A0C2251287ABC06D89D78F81A8 ] CeKbFilter C:\WINDOWS\system32\DRIVERS\CeKbFilter.sys
13:23:41.0892 0x17c8 CeKbFilter - ok
13:23:41.0927 0x17c8 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
13:23:41.0999 0x17c8 CertPropSvc - ok
13:23:42.0031 0x17c8 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys
13:23:42.0079 0x17c8 circlass - ok
13:23:42.0125 0x17c8 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
13:23:42.0189 0x17c8 CLFS - ok
13:23:42.0497 0x17c8 [ 2B95B68B712ACEF2D14A3C25D0204635, 857A9EDEE32540DFD0FEB718EB0EB9DCFC9269A1A248D586B9D83A818B9485E6 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
13:23:42.0765 0x17c8 ClickToRunSvc - ok
13:23:42.0845 0x17c8 [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
13:23:42.0943 0x17c8 ClipSVC - ok
13:23:43.0007 0x17c8 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
13:23:43.0051 0x17c8 CmBatt - ok
13:23:43.0112 0x17c8 [ 3B866F8CB10719A5AF9E410B1B149714, B0A32B526290ED8E1DD93C70AB49DD417B82CA23D6B815163131247091D61DBA ] CNG C:\WINDOWS\system32\Drivers\cng.sys
13:23:43.0210 0x17c8 CNG - ok
13:23:43.0241 0x17c8 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
13:23:43.0282 0x17c8 cnghwassist - ok
13:23:43.0360 0x17c8 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
13:23:43.0405 0x17c8 CompositeBus - ok
13:23:43.0417 0x17c8 COMSysApp - ok
13:23:43.0441 0x17c8 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
13:23:43.0486 0x17c8 condrv - ok
13:23:43.0563 0x17c8 [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
13:23:43.0662 0x17c8 CoreMessagingRegistrar - ok
13:23:43.0717 0x17c8 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
13:23:43.0768 0x17c8 CryptSvc - ok
13:23:43.0784 0x17c8 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys
13:23:43.0825 0x17c8 dam - ok
13:23:43.0908 0x17c8 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:23:44.0033 0x17c8 DcomLaunch - ok
13:23:44.0082 0x17c8 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
13:23:44.0155 0x17c8 DcpSvc - ok
13:23:44.0218 0x17c8 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
13:23:44.0329 0x17c8 defragsvc - ok
13:23:44.0381 0x17c8 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:23:44.0465 0x17c8 DeviceAssociationService - ok
13:23:44.0507 0x17c8 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
13:23:44.0578 0x17c8 DeviceInstall - ok
13:23:44.0600 0x17c8 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
13:23:44.0645 0x17c8 DevQueryBroker - ok
13:23:44.0682 0x17c8 [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
13:23:44.0736 0x17c8 Dfsc - ok
13:23:44.0782 0x17c8 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
13:23:44.0879 0x17c8 Dhcp - ok
13:23:44.0975 0x17c8 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
13:23:45.0032 0x17c8 diagnosticshub.standardcollector.service - ok
13:23:45.0146 0x17c8 [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
13:23:45.0312 0x17c8 DiagTrack - ok
13:23:45.0347 0x17c8 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys
13:23:45.0390 0x17c8 disk - ok
13:23:45.0431 0x17c8 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
13:23:45.0524 0x17c8 DmEnrollmentSvc - ok
13:23:45.0537 0x17c8 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
13:23:45.0583 0x17c8 dmvsc - ok
13:23:45.0618 0x17c8 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
13:23:45.0674 0x17c8 dmwappushservice - ok
13:23:45.0726 0x17c8 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:23:45.0799 0x17c8 Dnscache - ok
13:23:45.0842 0x17c8 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
13:23:45.0915 0x17c8 dot3svc - ok
13:23:45.0946 0x17c8 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
13:23:46.0007 0x17c8 DPS - ok
13:23:46.0038 0x17c8 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
13:23:46.0075 0x17c8 drmkaud - ok
13:23:46.0112 0x17c8 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
13:23:46.0173 0x17c8 DsmSvc - ok
13:23:46.0207 0x17c8 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll
13:23:46.0270 0x17c8 DsSvc - ok
13:23:46.0324 0x17c8 [ B2A2CAF9E5682AD6BC0B4926C3B78B73, 7A9BB9A49041CE4D8AAF00504A58B1FB1F733561667E5FAB32703415899DBB9F ] dts_apo_service C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
13:23:46.0353 0x17c8 dts_apo_service - ok
13:23:46.0487 0x17c8 [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:23:46.0682 0x17c8 DXGKrnl - ok
13:23:46.0719 0x17c8 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
13:23:46.0782 0x17c8 Eaphost - ok
13:23:46.0987 0x17c8 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
13:23:47.0297 0x17c8 ebdrv - ok
13:23:47.0413 0x17c8 [ E5C10FCFA331D2BA13B211D0454FEA38, 9363545317C655EED282BA1FE7C71B26E2C3599F35E42E7496F413961303A24D ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
13:23:47.0469 0x17c8 eeCtrl - ok
13:23:47.0501 0x17c8 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
13:23:47.0547 0x17c8 EFS - ok
13:23:47.0582 0x17c8 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
13:23:47.0623 0x17c8 EhStorClass - ok
13:23:47.0651 0x17c8 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:23:47.0696 0x17c8 EhStorTcgDrv - ok
13:23:47.0729 0x17c8 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
13:23:47.0786 0x17c8 embeddedmode - ok
13:23:47.0817 0x17c8 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
13:23:47.0888 0x17c8 EntAppSvc - ok
13:23:47.0954 0x17c8 [ 13E3BBC4578742E80854451FA16F272A, A9B2D972B114ED2E18246CCBDEE97F6C1AFA8B143791AD5DAED70100E58CD25F ] EraserUtilDrv11510 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11510.sys
13:23:47.0989 0x17c8 EraserUtilDrv11510 - ok
13:23:48.0065 0x17c8 [ A47F76D4AAFD6193AAC5E049C560213D, 2B6E4EB31394C4D8D2444A197FFCC3C702BC17B0F7BDF0D6FF87DF5C14016FC1 ] EraserUtilDrv11520 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11520.sys
13:23:48.0101 0x17c8 EraserUtilDrv11520 - ok
13:23:48.0178 0x17c8 [ 2BD3F1059975CE90F8D968DADD790DFF, 9FD4FA7DB54B0E1E4A48863435F728220978A271D2A28BB3E9E112C1A59B1D4C ] EraserUtilDrv11521 C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11521.sys
13:23:48.0213 0x17c8 EraserUtilDrv11521 - ok
13:23:48.0237 0x17c8 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
13:23:48.0295 0x17c8 ErrDev - ok
13:23:48.0360 0x17c8 [ BE5F1A83E4BD18EEB234DB83DA27113B, A02B9DA2036CBE90EE472F2428F7A91CC2F22E5BC10A8D6F5CBC461135120EE0 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
13:23:48.0418 0x17c8 ETD - ok
13:23:48.0466 0x17c8 [ DC2AA8BD6F3C63220B58CC67B4B53507, 72F33C5F0B89735213C77B53E4EA1180B599D80F7FCCFD6C8CAAFE993188D5AD ] ETDService C:\Program Files\Elantech\ETDService.exe
13:23:48.0505 0x17c8 ETDService - ok
13:23:48.0534 0x17c8 [ 4F2688EFDD7E4D765CC9FA6B9E669996, 77C62C8F425586397804D795F5ACC6AFBDDEE2BF1E23FD80B02856A6369F3BDA ] ETDSMBus C:\WINDOWS\System32\drivers\ETDSMBus.sys
13:23:48.0564 0x17c8 ETDSMBus - ok
13:23:48.0635 0x17c8 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
13:23:48.0728 0x17c8 EventSystem - ok
13:23:48.0779 0x17c8 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
13:23:48.0848 0x17c8 exfat - ok
13:23:48.0885 0x17c8 [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
13:23:48.0945 0x17c8 fastfat - ok
13:23:49.0015 0x17c8 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe
13:23:49.0128 0x17c8 Fax - ok
13:23:49.0166 0x17c8 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
13:23:49.0211 0x17c8 fdc - ok
13:23:49.0241 0x17c8 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
13:23:49.0303 0x17c8 fdPHost - ok
13:23:49.0325 0x17c8 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll
13:23:49.0387 0x17c8 FDResPub - ok
13:23:49.0415 0x17c8 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll
13:23:49.0482 0x17c8 fhsvc - ok
13:23:49.0518 0x17c8 [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
13:23:49.0572 0x17c8 FileCrypt - ok
13:23:49.0598 0x17c8 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
13:23:49.0640 0x17c8 FileInfo - ok
13:23:49.0661 0x17c8 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
13:23:49.0719 0x17c8 Filetrace - ok
13:23:49.0753 0x17c8 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
13:23:49.0801 0x17c8 flpydisk - ok
13:23:49.0830 0x17c8 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:23:49.0893 0x17c8 FltMgr - ok
13:23:50.0016 0x17c8 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\WINDOWS\system32\FntCache.dll
13:23:50.0226 0x17c8 FontCache - ok
13:23:50.0332 0x17c8 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:23:50.0370 0x17c8 FontCache3.0.0.0 - ok
13:23:50.0388 0x17c8 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
13:23:50.0429 0x17c8 FsDepends - ok
13:23:50.0454 0x17c8 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:23:50.0492 0x17c8 Fs_Rec - ok
13:23:50.0552 0x17c8 [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:23:50.0635 0x17c8 fvevol - ok
13:23:50.0661 0x17c8 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
13:23:50.0702 0x17c8 gagp30kx - ok
13:23:50.0725 0x17c8 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
13:23:50.0776 0x17c8 gencounter - ok
13:23:50.0794 0x17c8 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
13:23:50.0838 0x17c8 genericusbfn - ok
13:23:50.0871 0x17c8 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:23:50.0919 0x17c8 GPIOClx0101 - ok
13:23:51.0014 0x17c8 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
13:23:51.0203 0x17c8 gpsvc - ok
13:23:51.0260 0x17c8 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
13:23:51.0316 0x17c8 GpuEnergyDrv - ok
13:23:51.0410 0x17c8 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:23:51.0444 0x17c8 gupdate - ok
13:23:51.0461 0x17c8 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:23:51.0495 0x17c8 gupdatem - ok
13:23:51.0535 0x17c8 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
13:23:51.0588 0x17c8 HDAudBus - ok
13:23:51.0616 0x17c8 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
13:23:51.0695 0x17c8 HidBatt - ok
13:23:51.0732 0x17c8 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
13:23:51.0792 0x17c8 HidBth - ok
13:23:51.0820 0x17c8 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
13:23:51.0869 0x17c8 hidi2c - ok
13:23:51.0894 0x17c8 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
13:23:51.0936 0x17c8 hidinterrupt - ok
13:23:51.0962 0x17c8 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
13:23:52.0013 0x17c8 HidIr - ok
13:23:52.0043 0x17c8 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
13:23:52.0096 0x17c8 hidserv - ok
13:23:52.0111 0x17c8 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
13:23:52.0162 0x17c8 HidUsb - ok
13:23:52.0211 0x17c8 [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:23:52.0283 0x17c8 HomeGroupListener - ok
13:23:52.0340 0x17c8 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:23:52.0428 0x17c8 HomeGroupProvider - ok
13:23:52.0456 0x17c8 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
13:23:52.0498 0x17c8 HpSAMD - ok
13:23:52.0577 0x17c8 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
13:23:52.0707 0x17c8 HTTP - ok
13:23:52.0740 0x17c8 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
13:23:52.0777 0x17c8 hwpolicy - ok
13:23:52.0805 0x17c8 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
13:23:52.0848 0x17c8 hyperkbd - ok
13:23:52.0871 0x17c8 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
13:23:52.0922 0x17c8 i8042prt - ok
13:23:52.0945 0x17c8 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
13:23:52.0996 0x17c8 iai2c - ok
13:23:53.0021 0x17c8 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
13:23:53.0082 0x17c8 iaLPSS2i_I2C - ok
13:23:53.0108 0x17c8 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:23:53.0161 0x17c8 iaLPSSi_GPIO - ok
13:23:53.0191 0x17c8 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:23:53.0276 0x17c8 iaLPSSi_I2C - ok
13:23:53.0333 0x17c8 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
13:23:53.0430 0x17c8 iaStorAV - ok
13:23:53.0473 0x17c8 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
13:23:53.0539 0x17c8 iaStorV - ok
13:23:53.0586 0x17c8 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
13:23:53.0655 0x17c8 ibbus - ok
13:23:53.0705 0x17c8 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\WINDOWS\System32\tetheringservice.dll
13:23:53.0768 0x17c8 icssvc - ok
13:23:53.0887 0x17c8 [ 3448DB2B812AA873ED6E5D609B1DB067, E0F9B35FE59713C09BD838FAD5305DF5FDF24DF1D88F8849F7F88466CF93A7F7 ] IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20160503.001\IDSvia64.sys
13:23:53.0969 0x17c8 IDSVia64 - ok
13:23:53.0981 0x17c8 IEEtwCollectorService - ok
13:23:54.0070 0x17c8 [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
13:23:54.0221 0x17c8 IKEEXT - ok
13:23:54.0496 0x17c8 [ 0C6FE5A90020119197156F1B01588DB8, DFB4E9329865DB5593580F9BA4B7DFB914059740B204ED9E9B37EFCDED3DE627 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:23:54.0855 0x17c8 IntcAzAudAddService - ok
13:23:54.0889 0x17c8 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
13:23:54.0927 0x17c8 intelide - ok
13:23:54.0951 0x17c8 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
13:23:54.0992 0x17c8 intelpep - ok
13:23:55.0018 0x17c8 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
13:23:55.0075 0x17c8 intelppm - ok
13:23:55.0101 0x17c8 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
13:23:55.0148 0x17c8 IoQos - ok
13:23:55.0178 0x17c8 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:23:55.0239 0x17c8 IpFilterDriver - ok
13:23:55.0314 0x17c8 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
13:23:55.0461 0x17c8 iphlpsvc - ok
13:23:55.0505 0x17c8 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:23:55.0557 0x17c8 IPMIDRV - ok
13:23:55.0589 0x17c8 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
13:23:55.0659 0x17c8 IPNAT - ok
13:23:55.0675 0x17c8 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
13:23:55.0728 0x17c8 IRENUM - ok
13:23:55.0754 0x17c8 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
13:23:55.0791 0x17c8 isapnp - ok
13:23:55.0836 0x17c8 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
13:23:55.0896 0x17c8 iScsiPrt - ok
13:23:55.0925 0x17c8 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
13:23:55.0969 0x17c8 kbdclass - ok
13:23:55.0988 0x17c8 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
13:23:56.0034 0x17c8 kbdhid - ok
13:23:56.0045 0x17c8 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
13:23:56.0091 0x17c8 kdnic - ok
13:23:56.0110 0x17c8 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
13:23:56.0154 0x17c8 KeyIso - ok
13:23:56.0181 0x17c8 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
13:23:56.0227 0x17c8 KSecDD - ok
13:23:56.0260 0x17c8 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:23:56.0307 0x17c8 KSecPkg - ok
13:23:56.0328 0x17c8 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
13:23:56.0378 0x17c8 ksthunk - ok
13:23:56.0426 0x17c8 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
13:23:56.0503 0x17c8 KtmRm - ok
13:23:56.0546 0x17c8 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
13:23:56.0620 0x17c8 LanmanServer - ok
13:23:56.0656 0x17c8 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:23:56.0750 0x17c8 LanmanWorkstation - ok
13:23:56.0796 0x17c8 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
13:23:56.0841 0x17c8 lfsvc - ok
13:23:56.0854 0x17c8 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
13:23:56.0902 0x17c8 LicenseManager - ok
13:23:56.0930 0x17c8 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
13:23:56.0986 0x17c8 lltdio - ok
13:23:57.0026 0x17c8 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
13:23:57.0102 0x17c8 lltdsvc - ok
13:23:57.0127 0x17c8 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
13:23:57.0174 0x17c8 lmhosts - ok
13:23:57.0190 0x17c8 [ 36077028C32E25E69645CCA02F55E1DE, 34E23BC6441B46638F9C80331FCCFEF360D520D9B4B4077BE4C1DE7B9BD3EA50 ] LPCFilter C:\WINDOWS\system32\drivers\LPCFilter.sys
13:23:57.0221 0x17c8 LPCFilter - ok
13:23:57.0257 0x17c8 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
13:23:57.0303 0x17c8 LSI_SAS - ok
13:23:57.0323 0x17c8 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
13:23:57.0369 0x17c8 LSI_SAS2i - ok
13:23:57.0389 0x17c8 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
13:23:57.0432 0x17c8 LSI_SAS3i - ok
13:23:57.0458 0x17c8 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
13:23:57.0500 0x17c8 LSI_SSS - ok
13:23:57.0568 0x17c8 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
13:23:57.0689 0x17c8 LSM - ok
13:23:57.0712 0x17c8 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
13:23:57.0778 0x17c8 luafv - ok
13:23:57.0808 0x17c8 [ 9BC40C5A140B5F380042E391CC95993F, 4FFE8A6A473530CE171AC47C7E8D51B8C29BDC209E7129F66B06F8D40F07DAED ] MapsBroker C:\WINDOWS\System32\moshost.dll
13:23:57.0859 0x17c8 MapsBroker - ok
13:23:57.0885 0x17c8 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
13:23:57.0926 0x17c8 megasas - ok
13:23:57.0971 0x17c8 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
13:23:58.0054 0x17c8 megasr - ok
13:23:58.0081 0x17c8 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
13:23:58.0140 0x17c8 MessagingService - ok
13:23:58.0264 0x17c8 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
13:23:58.0368 0x17c8 mlx4_bus - ok
13:23:58.0409 0x17c8 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
13:23:58.0481 0x17c8 MMCSS - ok
13:23:58.0506 0x17c8 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys
13:23:58.0620 0x17c8 Modem - ok
13:23:58.0638 0x17c8 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
13:23:58.0685 0x17c8 monitor - ok
13:23:58.0707 0x17c8 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
13:23:58.0749 0x17c8 mouclass - ok
13:23:58.0761 0x17c8 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
13:23:58.0808 0x17c8 mouhid - ok
13:23:58.0824 0x17c8 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
13:23:58.0870 0x17c8 mountmgr - ok
13:23:58.0886 0x17c8 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
13:23:58.0935 0x17c8 mpsdrv - ok
13:23:59.0012 0x17c8 [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
13:23:59.0166 0x17c8 MpsSvc - ok
13:23:59.0209 0x17c8 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
13:23:59.0273 0x17c8 MRxDAV - ok
13:23:59.0339 0x17c8 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:23:59.0409 0x17c8 mrxsmb - ok
13:23:59.0448 0x17c8 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:23:59.0514 0x17c8 mrxsmb10 - ok
13:23:59.0541 0x17c8 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:23:59.0592 0x17c8 mrxsmb20 - ok
13:23:59.0624 0x17c8 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
13:23:59.0693 0x17c8 MsBridge - ok
13:23:59.0726 0x17c8 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
13:23:59.0784 0x17c8 MSDTC - ok
13:23:59.0809 0x17c8 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:23:59.0870 0x17c8 Msfs - ok
13:23:59.0905 0x17c8 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:23:59.0945 0x17c8 msgpiowin32 - ok
13:23:59.0985 0x17c8 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:24:00.0040 0x17c8 mshidkmdf - ok
13:24:00.0063 0x17c8 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
13:24:00.0106 0x17c8 mshidumdf - ok
13:24:00.0122 0x17c8 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
13:24:00.0162 0x17c8 msisadrv - ok
13:24:00.0198 0x17c8 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
13:24:00.0259 0x17c8 MSiSCSI - ok
13:24:00.0271 0x17c8 msiserver - ok
13:24:00.0294 0x17c8 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
13:24:00.0339 0x17c8 MSKSSRV - ok
13:24:00.0377 0x17c8 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
13:24:00.0437 0x17c8 MsLldp - ok
13:24:00.0465 0x17c8 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
13:24:00.0509 0x17c8 MSPCLOCK - ok
13:24:00.0524 0x17c8 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
13:24:00.0569 0x17c8 MSPQM - ok
13:24:00.0606 0x17c8 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
13:24:00.0669 0x17c8 MsRPC - ok
13:24:00.0689 0x17c8 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
13:24:00.0728 0x17c8 mssmbios - ok
13:24:00.0754 0x17c8 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
13:24:00.0802 0x17c8 MSTEE - ok
13:24:00.0822 0x17c8 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
13:24:00.0870 0x17c8 MTConfig - ok
13:24:00.0895 0x17c8 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
13:24:00.0941 0x17c8 Mup - ok
13:24:00.0960 0x17c8 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
13:24:01.0002 0x17c8 mvumis - ok
13:24:01.0069 0x17c8 [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:24:01.0168 0x17c8 NativeWifiP - ok
13:24:01.0264 0x17c8 [ FE7B38240E86075E6BC5953496B5C2F1, 13CBDCFD5E63A49D6E66D9EBA701037F014EEED9BBFE8588CE2968A35FF2E16E ] NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20160506.004\ENG64.SYS
13:24:01.0299 0x17c8 NAVENG - ok
13:24:01.0437 0x17c8 [ C002FA84570CA35F704ACF0AC4A5EAB0, E4246631E5D7AFD31CE642157A9102CB0DDE5B5051D08C3A5EA736CB3C99C6D9 ] NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\VirusDefs\20160506.004\EX64.SYS
13:24:01.0578 0x17c8 NAVEX15 - ok
13:24:01.0658 0x17c8 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
13:24:01.0759 0x17c8 NcaSvc - ok
13:24:01.0818 0x17c8 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll
13:24:01.0928 0x17c8 NcbService - ok
13:24:01.0955 0x17c8 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
13:24:02.0047 0x17c8 NcdAutoSetup - ok
13:24:02.0067 0x17c8 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
13:24:02.0108 0x17c8 ndfltr - ok
13:24:02.0220 0x17c8 [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
13:24:02.0351 0x17c8 NDIS - ok
13:24:02.0382 0x17c8 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
13:24:02.0434 0x17c8 NdisCap - ok
13:24:02.0467 0x17c8 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
13:24:02.0527 0x17c8 NdisImPlatform - ok
13:24:02.0557 0x17c8 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:24:02.0608 0x17c8 NdisTapi - ok
13:24:02.0629 0x17c8 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
13:24:02.0689 0x17c8 Ndisuio - ok
13:24:02.0700 0x17c8 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:24:02.0753 0x17c8 NdisVirtualBus - ok
13:24:02.0783 0x17c8 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
13:24:02.0849 0x17c8 NdisWan - ok
13:24:02.0870 0x17c8 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:24:02.0939 0x17c8 ndiswanlegacy - ok
13:24:02.0968 0x17c8 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
13:24:03.0024 0x17c8 ndproxy - ok
13:24:03.0058 0x17c8 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
13:24:03.0110 0x17c8 Ndu - ok
|
|
07.05.2016, 05:17
| #7 |
| | Verdacht auf infizierten Router Hier Part 2 Code:
ATTFilter 13:24:03.0129 0x17c8 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
13:24:03.0171 0x17c8 NetBIOS - ok
13:24:03.0204 0x17c8 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:24:03.0272 0x17c8 NetBT - ok
13:24:03.0300 0x17c8 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:24:03.0342 0x17c8 Netlogon - ok
13:24:03.0385 0x17c8 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
13:24:03.0467 0x17c8 Netman - ok
13:24:03.0518 0x17c8 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
13:24:03.0623 0x17c8 netprofm - ok
13:24:03.0667 0x17c8 [ C5DEEC4F7ED591D1E322899ADC4EE45F, CA3BE40FA1216F77C6D5B9FD518378DB9561163BFDC90C8CB1C2C2EA4112B263 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
13:24:03.0732 0x17c8 NetSetupSvc - ok
13:24:03.0794 0x17c8 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:24:03.0842 0x17c8 NetTcpPortSharing - ok
13:24:03.0902 0x17c8 [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
13:24:03.0976 0x17c8 NgcCtnrSvc - ok
13:24:04.0045 0x17c8 [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
13:24:04.0160 0x17c8 NgcSvc - ok
13:24:04.0269 0x17c8 [ F0A55A6DF23D7E9E16D81BE9867679D1, E245F45962A50EF4AED46AC097110E7C27508EC79328CC7F62CFB4A75765C659 ] NIS C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
13:24:04.0314 0x17c8 NIS - ok
13:24:04.0388 0x17c8 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
13:24:04.0482 0x17c8 NlaSvc - ok
13:24:04.0538 0x17c8 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:24:04.0598 0x17c8 Npfs - ok
13:24:04.0633 0x17c8 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
13:24:04.0703 0x17c8 npsvctrig - ok
13:24:04.0743 0x17c8 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
13:24:04.0791 0x17c8 nsi - ok
13:24:04.0837 0x17c8 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
13:24:04.0881 0x17c8 nsiproxy - ok
13:24:05.0197 0x17c8 [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
13:24:05.0407 0x17c8 NTFS - ok
13:24:05.0455 0x17c8 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
13:24:05.0500 0x17c8 Null - ok
13:24:05.0526 0x17c8 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
13:24:05.0575 0x17c8 nvraid - ok
13:24:05.0616 0x17c8 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
13:24:05.0663 0x17c8 nvstor - ok
13:24:05.0685 0x17c8 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
13:24:05.0731 0x17c8 nv_agp - ok
13:24:05.0789 0x17c8 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
13:24:05.0918 0x17c8 OneSyncSvc - ok
13:24:06.0053 0x17c8 [ 133447A27BFA334B0EFE25359D3DF580, C97C18A3EEB6489CAA240E00211905B423DF4F17F075A7160F6534BDC4888900 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:24:06.0117 0x17c8 ose - detected UnsignedFile.Multi.Generic ( 1 )
13:24:10.0437 0x17c8 ose ( UnsignedFile.Multi.Generic ) - warning
13:24:10.0437 0x17c8 Force sending object to P2P due to detect: ose
13:24:14.0625 0x0424 Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
13:24:14.0727 0x17c8 Object send P2P result: true
13:24:17.0641 0x17c8 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
13:24:17.0733 0x17c8 p2pimsvc - ok
13:24:17.0756 0x0424 Object send P2P result: true
13:24:17.0776 0x0424 Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
13:24:17.0789 0x17c8 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
13:24:17.0871 0x17c8 p2psvc - ok
13:24:17.0915 0x17c8 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
13:24:17.0970 0x17c8 Parport - ok
13:24:18.0009 0x17c8 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
13:24:18.0052 0x17c8 partmgr - ok
13:24:18.0114 0x17c8 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
13:24:18.0200 0x17c8 PcaSvc - ok
13:24:18.0231 0x17c8 [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci C:\WINDOWS\system32\drivers\pci.sys
13:24:18.0292 0x17c8 pci - ok
13:24:18.0313 0x17c8 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
13:24:18.0354 0x17c8 pciide - ok
13:24:18.0382 0x17c8 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
13:24:18.0429 0x17c8 pcmcia - ok
13:24:18.0443 0x17c8 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
13:24:18.0487 0x17c8 pcw - ok
13:24:18.0503 0x17c8 [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc C:\WINDOWS\system32\drivers\pdc.sys
13:24:18.0549 0x17c8 pdc - ok
13:24:18.0610 0x17c8 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
13:24:18.0740 0x17c8 PEAUTH - ok
13:24:18.0763 0x17c8 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
13:24:18.0807 0x17c8 percsas2i - ok
13:24:18.0829 0x17c8 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
13:24:18.0873 0x17c8 percsas3i - ok
13:24:18.0964 0x17c8 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
13:24:19.0014 0x17c8 PerfHost - ok
13:24:19.0101 0x17c8 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
13:24:19.0224 0x17c8 PhoneSvc - ok
13:24:19.0280 0x17c8 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
13:24:19.0350 0x17c8 PimIndexMaintenanceSvc - ok
13:24:19.0470 0x17c8 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
13:24:19.0679 0x17c8 pla - ok
13:24:19.0744 0x17c8 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
13:24:19.0815 0x17c8 PlugPlay - ok
13:24:19.0839 0x17c8 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
13:24:19.0887 0x17c8 PNRPAutoReg - ok
13:24:19.0933 0x17c8 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
13:24:20.0011 0x17c8 PNRPsvc - ok
13:24:20.0064 0x17c8 [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
13:24:20.0152 0x17c8 PolicyAgent - ok
13:24:20.0175 0x17c8 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
13:24:20.0244 0x17c8 Power - ok
13:24:20.0289 0x17c8 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
13:24:20.0347 0x17c8 PptpMiniport - ok
13:24:20.0603 0x17c8 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:24:20.0971 0x17c8 PrintNotify - ok
13:24:21.0037 0x17c8 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
13:24:21.0087 0x17c8 Processor - ok
13:24:21.0141 0x17c8 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
13:24:21.0215 0x17c8 ProfSvc - ok
13:24:21.0246 0x17c8 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
13:24:21.0292 0x17c8 Psched - ok
13:24:21.0334 0x17c8 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
13:24:21.0406 0x17c8 QWAVE - ok
13:24:21.0428 0x17c8 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
13:24:21.0431 0x0424 Object send P2P result: true
13:24:21.0431 0x0424 Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
13:24:21.0481 0x17c8 QWAVEdrv - ok
13:24:21.0508 0x17c8 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:24:21.0555 0x17c8 RasAcd - ok
13:24:21.0592 0x17c8 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
13:24:21.0672 0x17c8 RasAgileVpn - ok
13:24:21.0746 0x17c8 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:24:21.0800 0x17c8 RasAuto - ok
13:24:21.0844 0x17c8 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
13:24:21.0894 0x17c8 Rasl2tp - ok
13:24:21.0959 0x17c8 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:24:22.0080 0x17c8 RasMan - ok
13:24:22.0104 0x17c8 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:24:22.0158 0x17c8 RasPppoe - ok
13:24:22.0172 0x17c8 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
13:24:22.0229 0x17c8 RasSstp - ok
13:24:22.0277 0x17c8 [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:24:22.0342 0x17c8 rdbss - ok
13:24:22.0369 0x17c8 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
13:24:22.0427 0x17c8 rdpbus - ok
13:24:22.0460 0x17c8 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
13:24:22.0518 0x17c8 RDPDR - ok
13:24:22.0542 0x17c8 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:24:22.0581 0x17c8 RdpVideoMiniport - ok
13:24:22.0610 0x17c8 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
13:24:22.0663 0x17c8 rdyboost - ok
13:24:22.0733 0x17c8 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
13:24:22.0846 0x17c8 ReFSv1 - ok
13:24:22.0907 0x17c8 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:24:23.0011 0x17c8 RemoteAccess - ok
13:24:23.0052 0x17c8 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:24:23.0124 0x17c8 RemoteRegistry - ok
13:24:23.0212 0x17c8 [ 518A992A6700A86A47F79388F91737C0, 29B5D48F1E360714F9BCB26939AD49ED07F6D9C82E0DB5C9C6AF5B0BBFF04341 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
13:24:23.0369 0x17c8 RetailDemo - ok
13:24:23.0415 0x17c8 [ AEEF76F938188EBF27DF70C1806877F2, 08560C5DE13EBC46EE77F369E92B89350135D5E01A2AF61AA2EA46BEC41EEDD6 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
13:24:23.0486 0x17c8 RFCOMM - ok
13:24:23.0524 0x17c8 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
13:24:23.0575 0x17c8 RpcEptMapper - ok
13:24:23.0599 0x17c8 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe
13:24:23.0648 0x17c8 RpcLocator - ok
13:24:23.0712 0x17c8 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:24:23.0833 0x17c8 RpcSs - ok
13:24:23.0875 0x17c8 [ B2EEF108F0C627C88A3C8B8A3D509E81, 9CA069E51AAEACEBCBC0AF6709373E684694932D92CF75D649CAC644DF45AC7A ] RSP2STOR C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
13:24:23.0921 0x17c8 RSP2STOR - ok
13:24:23.0962 0x17c8 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
13:24:24.0018 0x17c8 rspndr - ok
13:24:24.0151 0x17c8 [ 7CC0D898D00675F14BA0C4BF056C1CF4, E9203DD2A201AEF206C1A4177FD564DDFC8E7468DC268BD99389626A2C6593D3 ] RTL8168 C:\WINDOWS\System32\drivers\Rt630x64.sys
13:24:24.0238 0x17c8 RTL8168 - ok
13:24:24.0321 0x17c8 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
13:24:24.0413 0x17c8 s3cap - ok
13:24:24.0446 0x17c8 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
13:24:24.0469 0x0424 Object send P2P result: true
13:24:24.0480 0x0424 Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
13:24:24.0491 0x17c8 SamSs - ok
13:24:24.0577 0x17c8 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
13:24:24.0622 0x17c8 sbp2port - ok
13:24:24.0661 0x17c8 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
13:24:24.0737 0x17c8 SCardSvr - ok
13:24:24.0762 0x17c8 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
13:24:24.0834 0x17c8 ScDeviceEnum - ok
13:24:24.0870 0x17c8 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:24:24.0928 0x17c8 scfilter - ok
13:24:25.0016 0x17c8 [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:24:25.0165 0x17c8 Schedule - ok
13:24:25.0207 0x17c8 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
13:24:25.0276 0x17c8 SCPolicySvc - ok
13:24:25.0322 0x17c8 [ B24408471C1BCB17FC44F5B47EA8DEA3, 1CFE07C793F2A3D883E9071B8703C01A7619C8C0A02AAEBAA1130F36654AFD4F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
13:24:25.0377 0x17c8 sdbus - ok
13:24:25.0423 0x17c8 [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
13:24:25.0480 0x17c8 SDRSVC - ok
13:24:25.0519 0x17c8 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
13:24:25.0563 0x17c8 sdstor - ok
13:24:25.0595 0x17c8 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll
13:24:25.0643 0x17c8 seclogon - ok
13:24:25.0678 0x17c8 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
13:24:25.0742 0x17c8 SENS - ok
13:24:25.0842 0x17c8 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
13:24:26.0051 0x17c8 SensorDataService - ok
13:24:26.0113 0x17c8 [ 45D26646E3AD737E5DE3DB91CCCE7DBA, B05AB32700998C8347BC5797B18EB97F303FCB2302BED852348F2703DEDE72F9 ] SensorService C:\WINDOWS\system32\SensorService.dll
13:24:26.0187 0x17c8 SensorService - ok
13:24:26.0230 0x17c8 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
13:24:26.0291 0x17c8 SensrSvc - ok
13:24:26.0325 0x17c8 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
13:24:26.0365 0x17c8 SerCx - ok
13:24:26.0401 0x17c8 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
13:24:26.0449 0x17c8 SerCx2 - ok
13:24:26.0484 0x17c8 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
13:24:26.0530 0x17c8 Serenum - ok
13:24:26.0572 0x17c8 [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial C:\WINDOWS\System32\drivers\serial.sys
13:24:26.0620 0x17c8 Serial - ok
13:24:26.0640 0x17c8 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
13:24:26.0693 0x17c8 sermouse - ok
13:24:26.0752 0x17c8 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll
13:24:26.0837 0x17c8 SessionEnv - ok
13:24:26.0867 0x17c8 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
13:24:26.0911 0x17c8 sfloppy - ok
13:24:26.0961 0x17c8 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:24:27.0046 0x17c8 SharedAccess - ok
13:24:27.0122 0x17c8 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:24:27.0257 0x17c8 ShellHWDetection - ok
13:24:27.0284 0x17c8 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:24:27.0326 0x17c8 SiSRaid2 - ok
13:24:27.0360 0x17c8 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
13:24:27.0401 0x17c8 SiSRaid4 - ok
13:24:27.0443 0x17c8 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll
13:24:27.0505 0x17c8 smphost - ok
13:24:27.0543 0x0424 Object send P2P result: true
13:24:27.0565 0x17c8 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
13:24:27.0674 0x17c8 SmsRouter - ok
13:24:27.0715 0x17c8 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
13:24:27.0769 0x17c8 SNMPTRAP - ok
13:24:27.0831 0x17c8 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
13:24:27.0912 0x17c8 spaceport - ok
13:24:27.0940 0x17c8 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
13:24:27.0981 0x17c8 SpbCx - ok
13:24:28.0063 0x17c8 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe
13:24:28.0190 0x17c8 Spooler - ok
13:24:28.0564 0x17c8 [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc C:\WINDOWS\system32\sppsvc.exe
13:24:29.0149 0x17c8 sppsvc - ok
13:24:29.0297 0x17c8 [ 91CCA8F28E6C445BE35C41E35BED7184, A1034BD1A67B17AAA07513CAC6BF291A061D7A71A5D50ADC6CE3534E2AD111DA ] SRTSP C:\WINDOWS\system32\drivers\NISx64\1605000.07C\SRTSP64.SYS
13:24:29.0382 0x17c8 SRTSP - ok
13:24:29.0447 0x17c8 [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX C:\WINDOWS\system32\drivers\NISx64\1605020.00F\SRTSPX64.SYS
13:24:29.0478 0x17c8 SRTSPX - ok
13:24:29.0528 0x17c8 [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:24:29.0611 0x17c8 srv - ok
13:24:29.0660 0x17c8 [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
13:24:29.0767 0x17c8 srv2 - ok
13:24:29.0791 0x17c8 [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:24:29.0857 0x17c8 srvnet - ok
13:24:29.0902 0x17c8 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:24:29.0978 0x17c8 SSDPSRV - ok
13:24:30.0027 0x17c8 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
13:24:30.0099 0x17c8 SstpSvc - ok
13:24:30.0272 0x17c8 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
13:24:30.0576 0x17c8 StateRepository - ok
13:24:30.0627 0x17c8 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
13:24:30.0667 0x17c8 stexstor - ok
13:24:30.0728 0x17c8 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll
13:24:30.0846 0x17c8 stisvc - ok
13:24:30.0883 0x17c8 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
13:24:30.0928 0x17c8 storahci - ok
13:24:30.0958 0x17c8 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
13:24:30.0998 0x17c8 storflt - ok
13:24:31.0025 0x17c8 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
13:24:31.0067 0x17c8 stornvme - ok
13:24:31.0085 0x17c8 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
13:24:31.0135 0x17c8 storqosflt - ok
13:24:31.0196 0x17c8 [ E5C3042B68D4EA89B3C52E150E553DA0, 83428E8EFC584778745F6B30F6F8FD96A645AD33F39AA955E97F9A0D458847B1 ] StorSvc C:\WINDOWS\system32\storsvc.dll
13:24:31.0306 0x17c8 StorSvc - ok
13:24:31.0340 0x17c8 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
13:24:31.0378 0x17c8 storufs - ok
13:24:31.0395 0x17c8 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
13:24:31.0434 0x17c8 storvsc - ok
13:24:31.0467 0x17c8 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll
13:24:31.0530 0x17c8 svsvc - ok
13:24:31.0549 0x17c8 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
13:24:31.0589 0x17c8 swenum - ok
13:24:31.0632 0x17c8 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll
13:24:31.0731 0x17c8 swprv - ok
13:24:31.0845 0x17c8 [ C9EC22D5B3C6B32A7C8B4A73870A7379, BA530C64FDE63D9A4023BB9E667497D5248B2910BC1A214B592318CC64034735 ] SymEFASI C:\WINDOWS\system32\drivers\NISx64\1605020.00F\SYMEFASI64.SYS
13:24:31.0978 0x17c8 SymEFASI - ok
13:24:32.0010 0x17c8 [ 1DE0CBF15AC67AE0E5B456ADEFB89493, C764815313BB4332279730AA02531A448A1D32F5B6D5689FF04549406A5B5212 ] SymELAM C:\WINDOWS\system32\drivers\NISx64\1605020.00F\SymELAM.sys
13:24:32.0072 0x17c8 SymELAM - ok
13:24:32.0125 0x17c8 [ 37092FA03A0885DF9B8F2F1C82609327, 3FF066ABCF60883D7A6757408F435C9D6EA659B540B86DC4238FC85629AE8371 ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
13:24:32.0156 0x17c8 SymEvent - ok
13:24:32.0193 0x17c8 [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON C:\WINDOWS\system32\drivers\NISx64\1605020.00F\Ironx64.SYS
13:24:32.0237 0x17c8 SymIRON - ok
13:24:32.0324 0x17c8 [ 928617B35CA08B50E1C3B74DDD08EB86, 537A4E931495FF59753F44F0E176A7EA0CA48255007CDB8EF2B4AA1AD0E20B9A ] SymNetS C:\WINDOWS\system32\drivers\NISx64\1605000.07C\SYMNETS.SYS
13:24:32.0392 0x17c8 SymNetS - ok
13:24:32.0418 0x17c8 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
13:24:32.0465 0x17c8 Synth3dVsc - ok
13:24:32.0551 0x17c8 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
13:24:32.0721 0x17c8 SysMain - ok
13:24:32.0770 0x17c8 [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:24:32.0862 0x17c8 SystemEventsBroker - ok
13:24:32.0902 0x17c8 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:24:32.0962 0x17c8 TabletInputService - ok
13:24:33.0003 0x17c8 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:24:33.0077 0x17c8 TapiSrv - ok
13:24:33.0109 0x17c8 [ B4CB306845507AB3D494EEAAD38EC5E4, 8C1D7D4CF90A834B9F7EE7BADD1A84B425DAAF41072CE4987F9F022C8A1ABD39 ] tbaseprovisioning C:\WINDOWS\SysWOW64\tbaseprovisioning.exe
13:24:33.0157 0x17c8 tbaseprovisioning - ok
13:24:33.0312 0x17c8 [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
13:24:33.0529 0x17c8 Tcpip - ok
13:24:33.0701 0x17c8 [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
13:24:33.0895 0x17c8 Tcpip6 - ok
13:24:33.0952 0x17c8 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
13:24:34.0009 0x17c8 tcpipreg - ok
13:24:34.0062 0x17c8 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
13:24:34.0105 0x17c8 tdx - ok
13:24:34.0132 0x17c8 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
13:24:34.0174 0x17c8 terminpt - ok
13:24:34.0255 0x17c8 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll
13:24:34.0407 0x17c8 TermService - ok
13:24:34.0433 0x17c8 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
13:24:34.0509 0x17c8 Themes - ok
13:24:34.0537 0x17c8 [ 04F4382FF6CF40F4DB99EF01448AAAF5, 96C26B1703964FAFAB9ABC8F4337C28AAEC3198138145644C50B47EC4DEB4F9E ] Thotkey C:\WINDOWS\System32\drivers\Thotkey.sys
13:24:34.0571 0x17c8 Thotkey - ok
13:24:34.0624 0x17c8 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
13:24:34.0711 0x17c8 TieringEngineService - ok
13:24:34.0777 0x17c8 [ 62300878366762EABAC7834543964A6E, 84E3DE6C93B31CBA71BA90669EB52C3122774E0EF803390EE8A483164D2CFE18 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:24:34.0865 0x17c8 tiledatamodelsvc - ok
13:24:34.0900 0x17c8 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
13:24:34.0960 0x17c8 TimeBroker - ok
13:24:35.0018 0x17c8 [ 18688C5B1ED56FAF6310D07709F81EC0, 4631774A2274E9D4340D67AED026622BD3B74696F4F62E6A1EFBD6DA2267E36E ] TMachInfo C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
13:24:35.0048 0x17c8 TMachInfo - ok
13:24:35.0098 0x17c8 [ D8069B711BE5BEA3D769C1C7547F535B, EFC32951BA7B9CCB46BAD076E267D40295B46CCC884163D391E4ACC55C47B149 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\Teco\TecoService.exe
13:24:35.0144 0x17c8 TOSHIBA eco Utility Service - ok
13:24:35.0172 0x17c8 [ A884A627C0B6E8B238759FC73C1AAAAF, 5D6E38664B6175F5F541D838675429CEE9FA1492A7E25B48E98794B5EB8B6973 ] tosrfec C:\WINDOWS\System32\drivers\tosrfec.sys
13:24:35.0199 0x17c8 tosrfec - ok
13:24:35.0292 0x17c8 [ ADC56716CAF55E3ABDF549E9425004F8, FDA93F583AAB6FA6E8447B169BDA6E6E8547959133BD95933228C137B69129B7 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
13:24:35.0346 0x17c8 TPCHSrv - ok
13:24:35.0396 0x17c8 [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
13:24:35.0448 0x17c8 TPM - ok
13:24:35.0490 0x17c8 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
13:24:35.0546 0x17c8 TrkWks - ok
13:24:35.0600 0x17c8 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:24:35.0651 0x17c8 TrustedInstaller - ok
13:24:35.0687 0x17c8 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
13:24:35.0734 0x17c8 tsusbflt - ok
13:24:35.0755 0x17c8 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:24:35.0799 0x17c8 TsUsbGD - ok
13:24:35.0838 0x17c8 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
13:24:35.0900 0x17c8 tunnel - ok
13:24:35.0933 0x17c8 [ 54BDBF3D4DED58DA78B702471C68D4CA, D12F9F09FFE7D38A5EE6BF79DB74D775A9861C3C87E06D7C23259E47247B1782 ] TVALZ C:\WINDOWS\system32\drivers\TVALZ_O.SYS
13:24:35.0962 0x17c8 TVALZ - ok
13:24:35.0990 0x17c8 [ 7B05B5B492E6E248C2B38CD04B4D3A96, 1E18025DDB5EDEBD30F2FAC8D121F55D768B71DA42D919E1A0E98E2E31AA73C8 ] TVALZFL C:\WINDOWS\system32\Drivers\TVALZFL.sys
13:24:36.0019 0x17c8 TVALZFL - ok
13:24:36.0044 0x17c8 [ 56C238ACFE4CB020D3E38508249039EA, 172868080F07D98175229A02410FE751B5958ED5A3D567D4AE5736F4025DF432 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
13:24:36.0096 0x17c8 tzautoupdate - ok
13:24:36.0129 0x17c8 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
13:24:36.0169 0x17c8 uagp35 - ok
13:24:36.0190 0x17c8 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
13:24:36.0231 0x17c8 UASPStor - ok
13:24:36.0259 0x17c8 [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
13:24:36.0304 0x17c8 UcmCx0101 - ok
13:24:36.0328 0x17c8 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
13:24:36.0376 0x17c8 UcmUcsi - ok
13:24:36.0405 0x17c8 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
13:24:36.0457 0x17c8 Ucx01000 - ok
13:24:36.0484 0x17c8 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
13:24:36.0530 0x17c8 UdeCx - ok
13:24:36.0568 0x17c8 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
13:24:36.0652 0x17c8 udfs - ok
13:24:36.0674 0x17c8 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
13:24:36.0714 0x17c8 UEFI - ok
13:24:36.0754 0x17c8 [ 28B8E1C6CBCF9FFE2FABFF3160C26ADF, 1C90E6C4E17C9B5555151943970BB6CC196E7EFC6665D9B9DCBB1EC51C70C715 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
13:24:36.0808 0x17c8 Ufx01000 - ok
13:24:36.0836 0x17c8 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
13:24:36.0879 0x17c8 UfxChipidea - ok
13:24:36.0907 0x17c8 [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
13:24:36.0953 0x17c8 ufxsynopsys - ok
13:24:37.0001 0x17c8 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
13:24:37.0059 0x17c8 UI0Detect - ok
13:24:37.0087 0x17c8 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
13:24:37.0128 0x17c8 uliagpkx - ok
13:24:37.0155 0x17c8 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
13:24:37.0207 0x17c8 umbus - ok
13:24:37.0230 0x17c8 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
13:24:37.0276 0x17c8 UmPass - ok
13:24:37.0323 0x17c8 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
13:24:37.0392 0x17c8 UmRdpService - ok
13:24:37.0483 0x17c8 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
13:24:37.0653 0x17c8 UnistoreSvc - ok
13:24:37.0724 0x17c8 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll
13:24:37.0817 0x17c8 upnphost - ok
13:24:37.0841 0x17c8 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
13:24:37.0879 0x17c8 UrsChipidea - ok
13:24:37.0899 0x17c8 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
13:24:37.0940 0x17c8 UrsCx01000 - ok
13:24:37.0951 0x17c8 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
13:24:37.0993 0x17c8 UrsSynopsys - ok
13:24:38.0038 0x17c8 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
13:24:38.0085 0x17c8 usbccgp - ok
13:24:38.0108 0x17c8 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
13:24:38.0159 0x17c8 usbcir - ok
13:24:38.0174 0x17c8 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
13:24:38.0218 0x17c8 usbehci - ok
13:24:38.0259 0x17c8 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
13:24:38.0330 0x17c8 usbhub - ok
13:24:38.0387 0x17c8 [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
13:24:38.0468 0x17c8 USBHUB3 - ok
13:24:38.0506 0x17c8 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
13:24:38.0551 0x17c8 usbohci - ok
13:24:38.0566 0x17c8 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
13:24:38.0622 0x17c8 usbprint - ok
13:24:38.0642 0x17c8 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:24:38.0688 0x17c8 usbscan - ok
13:24:38.0724 0x17c8 [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
13:24:38.0774 0x17c8 usbser - ok
13:24:38.0813 0x17c8 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:24:38.0857 0x17c8 USBSTOR - ok
13:24:38.0894 0x17c8 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
13:24:38.0938 0x17c8 usbuhci - ok
13:24:38.0975 0x17c8 [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
13:24:39.0038 0x17c8 usbvideo - ok
13:24:39.0089 0x17c8 [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:24:39.0153 0x17c8 USBXHCI - ok
13:24:39.0257 0x17c8 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
13:24:39.0450 0x17c8 UserDataSvc - ok
13:24:39.0565 0x17c8 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll
13:24:39.0700 0x17c8 UserManager - ok
13:24:39.0753 0x17c8 [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc C:\WINDOWS\system32\usocore.dll
13:24:39.0845 0x17c8 UsoSvc - ok
13:24:39.0868 0x17c8 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
13:24:39.0910 0x17c8 VaultSvc - ok
13:24:39.0935 0x17c8 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
13:24:39.0975 0x17c8 vdrvroot - ok
13:24:40.0047 0x17c8 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe
13:24:40.0170 0x17c8 vds - ok
13:24:40.0204 0x17c8 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
13:24:40.0255 0x17c8 VerifierExt - ok
13:24:40.0314 0x17c8 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
13:24:40.0409 0x17c8 vhdmp - ok
13:24:40.0450 0x17c8 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys
13:24:40.0509 0x17c8 vhf - ok
13:24:40.0532 0x17c8 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
13:24:40.0576 0x17c8 vmbus - ok
13:24:40.0599 0x17c8 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
13:24:40.0643 0x17c8 VMBusHID - ok
13:24:40.0692 0x17c8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
13:24:40.0795 0x17c8 vmicguestinterface - ok
13:24:40.0830 0x17c8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
13:24:40.0915 0x17c8 vmicheartbeat - ok
13:24:40.0950 0x17c8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
13:24:41.0036 0x17c8 vmickvpexchange - ok
13:24:41.0072 0x17c8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
13:24:41.0158 0x17c8 vmicrdv - ok
13:24:41.0193 0x17c8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
13:24:41.0276 0x17c8 vmicshutdown - ok
13:24:41.0311 0x17c8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
13:24:41.0397 0x17c8 vmictimesync - ok
13:24:41.0431 0x17c8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
13:24:41.0517 0x17c8 vmicvmsession - ok
13:24:41.0552 0x17c8 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll
13:24:41.0636 0x17c8 vmicvss - ok
13:24:41.0660 0x17c8 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
13:24:41.0702 0x17c8 volmgr - ok
13:24:41.0729 0x17c8 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
13:24:41.0795 0x17c8 volmgrx - ok
13:24:41.0835 0x17c8 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
13:24:41.0899 0x17c8 volsnap - ok
13:24:41.0924 0x17c8 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
13:24:41.0965 0x17c8 vpci - ok
13:24:41.0993 0x17c8 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
13:24:42.0040 0x17c8 vsmraid - ok
13:24:42.0146 0x17c8 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe
13:24:42.0353 0x17c8 VSS - ok
13:24:42.0415 0x17c8 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
13:24:42.0474 0x17c8 VSTXRAID - ok
13:24:42.0501 0x17c8 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
13:24:42.0554 0x17c8 vwifibus - ok
13:24:42.0569 0x17c8 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
13:24:42.0626 0x17c8 vwififlt - ok
13:24:42.0641 0x17c8 [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
13:24:42.0692 0x17c8 vwifimp - ok
13:24:42.0750 0x17c8 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll
13:24:42.0859 0x17c8 W32Time - ok
13:24:42.0879 0x17c8 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
13:24:42.0925 0x17c8 WacomPen - ok
13:24:42.0977 0x17c8 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll
13:24:43.0067 0x17c8 WalletService - ok
13:24:43.0107 0x17c8 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:24:43.0163 0x17c8 wanarp - ok
13:24:43.0174 0x17c8 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:24:43.0230 0x17c8 wanarpv6 - ok
13:24:43.0344 0x17c8 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe
13:24:43.0539 0x17c8 wbengine - ok
13:24:43.0639 0x17c8 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
13:24:43.0751 0x17c8 WbioSrvc - ok
13:24:43.0815 0x17c8 [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
13:24:43.0926 0x17c8 Wcmsvc - ok
13:24:43.0985 0x17c8 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
13:24:44.0080 0x17c8 wcncsvc - ok
13:24:44.0100 0x17c8 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
13:24:44.0151 0x17c8 WcsPlugInService - ok
13:24:44.0181 0x17c8 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
13:24:44.0222 0x17c8 WdBoot - ok
13:24:44.0284 0x17c8 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
13:24:44.0375 0x17c8 Wdf01000 - ok
13:24:44.0403 0x17c8 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
13:24:44.0461 0x17c8 WdFilter - ok
13:24:44.0494 0x17c8 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
13:24:44.0563 0x17c8 WdiServiceHost - ok
13:24:44.0588 0x17c8 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
13:24:44.0656 0x17c8 WdiSystemHost - ok
13:24:44.0727 0x17c8 [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
13:24:44.0861 0x17c8 wdiwifi - ok
13:24:44.0910 0x17c8 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:24:44.0953 0x17c8 WdNisDrv - ok
13:24:44.0988 0x17c8 WdNisSvc - ok
13:24:45.0030 0x17c8 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:24:45.0113 0x17c8 WebClient - ok
13:24:45.0139 0x17c8 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
13:24:45.0210 0x17c8 Wecsvc - ok
13:24:45.0234 0x17c8 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
13:24:45.0292 0x17c8 WEPHOSTSVC - ok
13:24:45.0320 0x17c8 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
13:24:45.0392 0x17c8 wercplsupport - ok
13:24:45.0425 0x17c8 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
13:24:45.0499 0x17c8 WerSvc - ok
13:24:45.0523 0x17c8 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
13:24:45.0573 0x17c8 WFPLWFS - ok
13:24:45.0595 0x17c8 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
13:24:45.0648 0x17c8 WiaRpc - ok
13:24:45.0691 0x17c8 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
13:24:45.0729 0x17c8 WIMMount - ok
13:24:45.0739 0x17c8 WinDefend - ok
13:24:45.0771 0x17c8 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
13:24:45.0817 0x17c8 WindowsTrustedRT - ok
13:24:45.0846 0x17c8 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
13:24:45.0885 0x17c8 WindowsTrustedRTProxy - ok
13:24:45.0966 0x17c8 [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:24:46.0100 0x17c8 WinHttpAutoProxySvc - ok
13:24:46.0137 0x17c8 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
13:24:46.0174 0x17c8 WinMad - ok
13:24:46.0234 0x17c8 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:24:46.0296 0x17c8 Winmgmt - ok
13:24:46.0460 0x17c8 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:24:46.0818 0x17c8 WinRM - ok
13:24:46.0901 0x17c8 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
13:24:46.0960 0x17c8 WINUSB - ok
13:24:46.0978 0x17c8 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
13:24:47.0018 0x17c8 WinVerbs - ok
13:24:47.0183 0x17c8 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
13:24:47.0446 0x17c8 WlanSvc - ok
13:24:47.0624 0x17c8 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
13:24:47.0875 0x17c8 wlidsvc - ok
13:24:47.0947 0x17c8 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
13:24:47.0988 0x17c8 WmiAcpi - ok
13:24:48.0038 0x17c8 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:24:48.0097 0x17c8 wmiApSrv - ok
13:24:48.0133 0x17c8 WMPNetworkSvc - ok
13:24:48.0163 0x17c8 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
13:24:48.0223 0x17c8 Wof - ok
13:24:48.0357 0x17c8 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
13:24:48.0589 0x17c8 workfolderssvc - ok
13:24:48.0652 0x17c8 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
13:24:48.0692 0x17c8 wpcfltr - ok
13:24:48.0714 0x17c8 [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
13:24:48.0768 0x17c8 WPDBusEnum - ok
13:24:48.0784 0x17c8 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:24:48.0823 0x17c8 WpdUpFltr - ok
13:24:48.0841 0x17c8 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll
13:24:48.0893 0x17c8 WpnService - ok
13:24:48.0921 0x17c8 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:24:48.0970 0x17c8 ws2ifsl - ok
13:24:49.0020 0x17c8 [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
13:24:49.0084 0x17c8 wscsvc - ok
13:24:49.0108 0x17c8 [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
13:24:49.0153 0x17c8 WSDPrintDevice - ok
13:24:49.0163 0x17c8 WSearch - ok
13:24:49.0382 0x17c8 [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService C:\WINDOWS\System32\WSService.dll
13:24:49.0701 0x17c8 WSService - ok
13:24:49.0891 0x17c8 [ 3D0DE8170ECCEC20CBF205D79C535BA1, 9249A420B9024AB3B18D7E4DAC20E2080E0759C620F46D37D467DC25A77F2025 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
13:24:50.0187 0x17c8 wuauserv - ok
13:24:50.0223 0x17c8 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
13:24:50.0276 0x17c8 WudfPf - ok
13:24:50.0309 0x17c8 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
13:24:50.0382 0x17c8 WUDFRd - ok
13:24:50.0421 0x17c8 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
13:24:50.0478 0x17c8 wudfsvc - ok
13:24:50.0500 0x17c8 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:24:50.0564 0x17c8 WUDFWpdFs - ok
13:24:50.0659 0x17c8 [ 7F7591CCC146EC7D9EB77C1277D605F4, 80D6D45BD3C3C7F79BFA98B864CBFA443245416ED64C0BC16E9E7C8C5E958AFB ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
13:24:50.0828 0x17c8 WwanSvc - ok
13:24:50.0916 0x17c8 [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
13:24:51.0066 0x17c8 XblAuthManager - ok
13:24:51.0157 0x17c8 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
13:24:51.0316 0x17c8 XblGameSave - ok
13:24:51.0369 0x17c8 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
13:24:51.0433 0x17c8 xboxgip - ok
13:24:51.0532 0x17c8 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
13:24:51.0689 0x17c8 XboxNetApiSvc - ok
13:24:51.0720 0x17c8 [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
13:24:51.0766 0x17c8 xinputhid - ok
13:24:51.0772 0x17c8 ================ Scan global ===============================
13:24:51.0852 0x17c8 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
13:24:51.0890 0x17c8 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
13:24:51.0944 0x17c8 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
13:24:52.0000 0x17c8 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
13:24:52.0022 0x17c8 [ Global ] - ok
13:24:52.0024 0x17c8 ================ Scan MBR ==================================
13:24:52.0039 0x17c8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:24:52.0156 0x17c8 \Device\Harddisk0\DR0 - ok
13:24:52.0158 0x17c8 ================ Scan VBR ==================================
13:24:52.0192 0x17c8 [ 3876EE006AC1643EFDE975431A284DC5 ] \Device\Harddisk0\DR0\Partition1
13:24:52.0207 0x17c8 \Device\Harddisk0\DR0\Partition1 - ok
13:24:52.0230 0x17c8 [ 0A817122A5E07A5D7047DECAF5C2B9DE ] \Device\Harddisk0\DR0\Partition2
13:24:52.0243 0x17c8 \Device\Harddisk0\DR0\Partition2 - ok
13:24:52.0256 0x17c8 [ 991373B22EC306978CDEFC6272DED4EC ] \Device\Harddisk0\DR0\Partition3
13:24:52.0269 0x17c8 \Device\Harddisk0\DR0\Partition3 - ok
13:24:52.0288 0x17c8 [ C76142C96CB40B4160ABB55B9B6B0212 ] \Device\Harddisk0\DR0\Partition4
13:24:52.0297 0x17c8 \Device\Harddisk0\DR0\Partition4 - ok
13:24:52.0336 0x17c8 [ 3820F0EC7742AC4F7438F451C915D61D ] \Device\Harddisk0\DR0\Partition5
13:24:52.0340 0x17c8 \Device\Harddisk0\DR0\Partition5 - ok
13:24:52.0357 0x17c8 [ 11854209BA2FE09A72D6A68AA113F02A ] \Device\Harddisk0\DR0\Partition6
13:24:52.0362 0x17c8 \Device\Harddisk0\DR0\Partition6 - ok
13:24:52.0363 0x17c8 ================ Scan generic autorun ======================
13:24:52.0363 0x17c8 ETDCtrl - ok
13:24:52.0547 0x17c8 [ 63D9BB372FAD1C9C35FE07F28E2B6D17, 219775084E58FDA864A8E7DE3AA46BB55543AA95771991B73D04CFCAFC23DF06 ] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
13:24:52.0744 0x17c8 TCrdMain - ok
13:24:52.0817 0x17c8 [ 1B95F3170F8DCCE11EF2F01BC5BA18E7, 766CEF016CC67D066A411DBB2E3A55E89C5D9D2E2CB1AB258EE733BE44DE303A ] C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe
13:24:52.0855 0x17c8 TSSSrv - ok
13:24:52.0869 0x17c8 [ 1FAA54E9FFEA6FD3E0CEAD951CDDFEF6, 222E10CAB93C02CFDB7B4208C053B8CA3683C6978BE964F9E801D6645B9B2182 ] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
13:24:52.0896 0x17c8 KeNotify - ok
13:24:53.0441 0x17c8 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:24:53.0983 0x17c8 OneDriveSetup - ok
13:24:54.0518 0x17c8 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:24:55.0070 0x17c8 OneDriveSetup - ok
13:24:55.0237 0x17c8 [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\John\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:24:55.0299 0x17c8 OneDrive - ok
13:24:55.0303 0x17c8 Waiting for KSN requests completion. In queue: 263
13:24:56.0305 0x17c8 Waiting for KSN requests completion. In queue: 263
13:24:57.0305 0x17c8 Waiting for KSN requests completion. In queue: 263
13:24:58.0306 0x17c8 Waiting for KSN requests completion. In queue: 263
13:24:59.0306 0x17c8 Waiting for KSN requests completion. In queue: 263
13:24:59.0372 0x1884 Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
13:25:00.0307 0x17c8 Waiting for KSN requests completion. In queue: 182
13:25:01.0307 0x17c8 Waiting for KSN requests completion. In queue: 182
13:25:02.0308 0x17c8 Waiting for KSN requests completion. In queue: 182
13:25:02.0669 0x1884 Object send P2P result: true
13:25:02.0680 0x1884 Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
13:25:03.0309 0x17c8 Waiting for KSN requests completion. In queue: 155
13:25:04.0321 0x17c8 Waiting for KSN requests completion. In queue: 155
13:25:05.0340 0x17c8 Waiting for KSN requests completion. In queue: 155
13:25:06.0112 0x1884 Object send P2P result: true
13:25:06.0127 0x1884 Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
13:25:06.0343 0x17c8 Waiting for KSN requests completion. In queue: 69
13:25:07.0344 0x17c8 Waiting for KSN requests completion. In queue: 69
13:25:08.0345 0x17c8 Waiting for KSN requests completion. In queue: 69
13:25:09.0317 0x1884 Object send P2P result: true
13:25:09.0339 0x1884 Object required for P2P: [ 63D9BB372FAD1C9C35FE07F28E2B6D17 ] C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
13:25:09.0347 0x17c8 Waiting for KSN requests completion. In queue: 6
13:25:10.0348 0x17c8 Waiting for KSN requests completion. In queue: 6
13:25:11.0349 0x17c8 Waiting for KSN requests completion. In queue: 6
13:25:12.0349 0x17c8 Waiting for KSN requests completion. In queue: 6
13:25:12.0418 0x1884 Object send P2P result: true
13:25:12.0419 0x1884 Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\John\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:25:13.0350 0x17c8 Waiting for KSN requests completion. In queue: 1
13:25:14.0350 0x17c8 Waiting for KSN requests completion. In queue: 1
13:25:15.0350 0x17c8 Waiting for KSN requests completion. In queue: 1
13:25:15.0475 0x1884 Object send P2P result: true
13:25:16.0493 0x17c8 AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated )
13:25:16.0535 0x17c8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
13:25:16.0540 0x17c8 FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\22.5.0.124\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled )
13:25:19.0305 0x17c8 ============================================================
13:25:19.0305 0x17c8 Scan finished
13:25:19.0305 0x17c8 ============================================================
13:25:19.0339 0x1ce8 Detected object count: 1
13:25:19.0339 0x1ce8 Actual detected object count: 1
13:25:24.0804 0x1ce8 ose ( UnsignedFile.Multi.Generic ) - skipped by user
13:25:24.0805 0x1ce8 ose ( UnsignedFile.Multi.Generic ) - User select action: Skip
Echt super service hier! |
|
07.05.2016, 15:06
| #8 |
| /// TB-Ausbilder | Verdacht auf infizierten Router Servus, ich sehe keine Malware. Du könntest mit Windows 10 den Rechner komplett zurücksetzen, vorher Daten sichern. Wäre das eine Option? Bei Bedarf könnte ich dir dazu ein paar Infos posten. |
|
10.05.2016, 10:54
| #9 |
| | Verdacht auf infizierten Router Guten Tag, Ich wuerde gerne den Rechner zuruecksetzen, doch wie genau funktioniert das?  Vielen vielen Dank, fuer deine Hilfe schonmal! Liebe Gruesse, lesta99 |
|
10.05.2016, 16:32
| #10 |
| /// TB-Ausbilder | Verdacht auf infizierten Router Servus, also zuerst alle privaten Daten extern sichern. Dann kannst du so alles entfernen (zurücksetzen): Start > Einstellungen > Update und Sicherheit > Wiederherstellung > Diesen PC zurücksetzen > Los geht's > Alles entfernen > Alle Daten von allen Laufwerken entfernen lassen. Zum Abschluss wird Windows 10 komplett frisch installiert. |
|
13.05.2016, 21:45
| #11 |
| /// TB-Ausbilder | Verdacht auf infizierten Router Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Verdacht auf infizierten Router |
| angeblich, brauch, cpu, dinge, einfach, eset, euro, funktioniert, guten, infiziert, infizierte, installiert, interne, internet, laptop, problem, router, schlimmes, schonmal, security, sekunden, total, vater, verdacht, viren, virus, windows 10, wirklich |
Linear-Darstellung
