Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

[SOLVED] Strange Occurrences I'm suspicious

This is a discussion on [SOLVED] Strange Occurrences I'm suspicious within the Resolved HJT Threads forums, part of the Tech Support Forum category. OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 64 bit Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz,


 
 
Thread Tools Search this Thread
Old 07-01-2015, 09:54 AM   #1
TSF Enthusiast
 
Join Date: Jul 2009
Posts: 687
OS: vista home premium, Windows 10



OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 64 bit
Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz, Intel64 Family 6 Model 15 Stepping 13
Processor Count: 2
RAM: 3963 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1853 Mb
Hard Drives: C: Total – SandiskSDSSDP128G (Properties indicates it only has 107G?)
Motherboard: TOSHIBA, Portable PC
Antivirus: Microsoft Security Essentials, Updated and Enabled

Yesterday I thought I had a problem that was a brain fart. My post had been moved to a different forum on the site I was using.
This confusion lead me to realise I had had a change in how my FF browser was operating. I use noscript, ad block plus, better privacy and Ghostery.
When I log in to a website it goes to the redirect page and normally it stays there. Then I refresh or go back and refresh to get on the site.
A few weeks ago I do not recall exactly when it started logging straight through after a pause for a couple seconds. When I realized this yesterday I ran an ESET online scan. It showed nothing but the issue no longer occurs.
This morning I noticed FF hesitating and taking much longer than usual. Again it came to me that I had been ignoring this for several weeks now.
That SSD is only a couple months old and it does not run hot. I do not understand why its properties window describes it as only having 107Gb total since it is a 128Gb drive which I just installed within the last couple months. I used this site for help trying to save the old drive. I have done the emergency backup and I have a Macrium clone on USB, which I made as soon as I had the system set up after replacing the drive and loading the OS by the discs I made when it was new.
After considering it I decided that I should go through a malware scan process with a professional so I am posting here.


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16659 BrowserJavaVersion: 11.45.2
Run by Me at 9:39:16 on 2015-07-01
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3963.2399 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k rpcss
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RAVCpl64.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
uRun: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [jswtrayutil] "C:\Program Files (x86)\Jumpstart\jswtrayutil.exe"
mRun: [cfFncEnabler.exe] cfFncEnabler.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{C12D3495-9B83-4917-A534-5FCF1ED20B86} : DHCPNameServer = 75.75.75.75 75.75.76.76
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
x64-mDefault_Page_URL = hxxp://www.toshibadirect.com/dpdstart
x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [Skytel] Skytel.exe
x64-Run: [RtHDVCpl] RAVCpl64.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [IAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-Notify: igfxcui - igfxdev.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\yuyu9mct.default-1431394808295\
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2015-3-4 280376]
R0 tos_sps64;TOSHIBA tos_sps64 Service;C:\Windows\System32\drivers\tos_sps64.sys [2015-5-9 504912]
R1 JSWPSLWF;JumpStart Wireless Filter Driver;C:\Windows\System32\drivers\jswpslwfx.sys [2015-5-9 26624]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [2015-3-28 89840]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2014-11-15 124568]
R3 FwLnk;FwLnk Driver;C:\Windows\System32\drivers\FwLnk.sys [2008-8-18 8704]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2015-4-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 PSMounterEx;Macrium Reflect Image Explorer Driver;C:\Windows\System32\drivers\psmounterex.sys [2015-4-2 169992]
S3 PSVolAcc;PSVolAcc;C:\Windows\System32\drivers\PSVolAcc.sys [2014-7-21 12760]
S3 WIMMount;WIMMount;C:\Program Files\Macrium\Reflect\wimmount.sys [2015-5-14 22096]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2014-4-11 1009864]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2015-5-10 90776]
S4 ConfigFree Gadget Service;ConfigFree Gadget Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFProcSRVC.exe [2008-4-3 36864]
S4 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe [2008-4-17 40960]
S4 jswpsapi;Jumpstart Wifi Protected Setup;C:\Program Files (x86)\Jumpstart\jswpsapi.exe [2015-5-9 954368]
S4 KR10I64;KR10I64;C:\Windows\System32\drivers\KR10I64.sys [2008-8-18 248320]
S4 KR10N64;KR10N64;C:\Windows\System32\drivers\KR10N64.sys [2008-8-18 237568]
S4 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2014-7-21 3272656]
S4 SmartFaceVWatchSrv;SmartFaceVWatchSrv;C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe [2008-4-24 84992]
S4 TMachInfo;TMachInfo;C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe [2008-8-18 46392]
S4 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-3 175104]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2015-06-23 21:13:22 778416 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-06-23 21:13:22 142512 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-10 19:25:06 140135120 ----a-w- C:\Windows\System32\mrt.exe
2015-05-31 01:05:54 17884672 ----a-w- C:\Windows\System32\mshtml.dll
2015-05-31 00:50:00 448512 ----a-w- C:\Windows\System32\html.iec
2015-05-31 00:49:52 10935296 ----a-w- C:\Windows\System32\ieframe.dll
2015-05-31 00:48:14 2343424 ----a-w- C:\Windows\System32\jscript9.dll
2015-05-31 00:42:56 1387520 ----a-w- C:\Windows\System32\urlmon.dll
2015-05-31 00:42:34 1392128 ----a-w- C:\Windows\System32\wininet.dll
2015-05-31 00:41:33 1494016 ----a-w- C:\Windows\System32\inetcpl.cpl
2015-05-31 00:41:23 2158080 ----a-w- C:\Windows\System32\iertutil.dll
2015-05-31 00:41:20 237056 ----a-w- C:\Windows\System32\url.dll
2015-05-31 00:41:17 85504 ----a-w- C:\Windows\System32\jsproxy.dll
2015-05-31 00:41:17 599040 ----a-w- C:\Windows\System32\vbscript.dll
2015-05-31 00:41:08 816640 ----a-w- C:\Windows\System32\jscript.dll
2015-05-31 00:41:04 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-05-31 00:41:03 729088 ----a-w- C:\Windows\System32\msfeeds.dll
2015-05-31 00:40:48 453120 ----a-w- C:\Windows\System32\dxtmsft.dll
2015-05-31 00:40:44 282112 ----a-w- C:\Windows\System32\dxtrans.dll
2015-05-31 00:40:40 55296 ----a-w- C:\Windows\System32\msfeedsbs.dll
2015-05-31 00:40:37 96768 ----a-w- C:\Windows\System32\mshtmled.dll
2015-05-31 00:40:33 248320 ----a-w- C:\Windows\System32\ieui.dll
2015-05-31 00:40:33 11264 ----a-w- C:\Windows\System32\msfeedssync.exe
2015-05-31 00:40:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2015-05-31 00:40:18 12800 ----a-w- C:\Windows\System32\mshta.exe
2015-05-31 00:03:39 12385280 ----a-w- C:\Windows\SysWow64\mshtml.dll
2015-05-30 23:55:03 1809920 ----a-w- C:\Windows\SysWow64\jscript9.dll
2015-05-30 23:54:04 367616 ----a-w- C:\Windows\SysWow64\html.iec
2015-05-30 23:53:16 9750528 ----a-w- C:\Windows\SysWow64\ieframe.dll
2015-05-30 23:50:17 1139712 ----a-w- C:\Windows\SysWow64\urlmon.dll
2015-05-30 23:49:49 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
2015-05-30 23:49:08 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2015-05-30 23:49:04 718336 ----a-w- C:\Windows\SysWow64\jscript.dll
2015-05-30 23:49:02 421888 ----a-w- C:\Windows\SysWow64\vbscript.dll
2015-05-30 23:48:48 1804288 ----a-w- C:\Windows\SysWow64\iertutil.dll
2015-05-30 23:48:44 231936 ----a-w- C:\Windows\SysWow64\url.dll
2015-05-30 23:48:39 65024 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2015-05-30 23:48:29 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2015-05-30 23:48:22 607744 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2015-05-30 23:48:10 353792 ----a-w- C:\Windows\SysWow64\dxtmsft.dll
2015-05-30 23:48:05 223232 ----a-w- C:\Windows\SysWow64\dxtrans.dll
2015-05-30 23:48:03 41472 ----a-w- C:\Windows\SysWow64\msfeedsbs.dll
2015-05-30 23:47:59 73216 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2015-05-30 23:47:55 10752 ----a-w- C:\Windows\SysWow64\msfeedssync.exe
2015-05-30 23:47:50 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2015-05-30 23:47:50 11776 ----a-w- C:\Windows\SysWow64\mshta.exe
2015-05-30 23:47:49 176640 ----a-w- C:\Windows\SysWow64\ieui.dll
2015-05-21 14:36:06 2795520 ----a-w- C:\Windows\System32\win32k.sys
2015-05-10 20:33:00 979456 ----a-w- C:\Windows\SysWow64\MFH264Dec.dll
2015-05-10 20:33:00 1257984 ----a-w- C:\Windows\System32\MFH264Dec.dll
2015-05-10 20:31:33 252928 ----a-w- C:\Windows\SysWow64\dxdiag.exe
2015-05-10 20:31:33 195584 ----a-w- C:\Windows\SysWow64\dxdiagn.dll
2015-05-10 20:31:32 792576 ----a-w- C:\Windows\System32\d3d11.dll
2015-05-10 20:31:32 519680 ----a-w- C:\Windows\SysWow64\d3d11.dll
2015-05-10 20:31:32 328192 ----a-w- C:\Windows\System32\dxdiag.exe
2015-05-10 20:31:32 321024 ----a-w- C:\Windows\SysWow64\PhotoMetadataHandler.dll
2015-05-10 20:31:32 262656 ----a-w- C:\Windows\System32\dxdiagn.dll
2015-05-10 20:31:32 245248 ----a-w- C:\Windows\System32\WindowsCodecsExt.dll
2015-05-10 20:31:31 411648 ----a-w- C:\Windows\System32\PhotoMetadataHandler.dll
2015-05-10 20:31:31 189440 ----a-w- C:\Windows\SysWow64\WindowsCodecsExt.dll
2015-05-10 15:20:28 97888 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2015-05-10 15:20:26 271968 ----a-w- C:\Windows\SysWow64\javaws.exe
2015-05-10 15:20:26 191072 ----a-w- C:\Windows\SysWow64\javaw.exe
2015-05-10 15:20:26 190560 ----a-w- C:\Windows\SysWow64\java.exe
2015-05-10 06:37:06 13 --sh--r- C:\Windows\SysWow64\drivers\fbd.sys
2015-05-09 09:46:43 525792 ----a-w- C:\Windows\DIFxAPI.dll
2015-05-09 09:46:41 315392 ----a-w- C:\Windows\HideWin.exe
2015-05-08 23:09:57 861696 ----a-w- C:\Windows\SysWow64\kernel32.dll
2015-05-08 23:01:32 1212416 ----a-w- C:\Windows\System32\kernel32.dll
2015-05-04 22:51:13 10627584 ----a-w- C:\Windows\SysWow64\wmp.dll
2015-05-04 22:50:57 4096 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2015-05-04 22:50:57 4096 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2015-05-04 22:50:44 7680 ----a-w- C:\Windows\SysWow64\spwmp.dll
2015-05-04 22:33:27 13427712 ----a-w- C:\Windows\System32\wmp.dll
2015-05-04 22:33:07 5120 ----a-w- C:\Windows\System32\msdxm.ocx
2015-05-04 22:33:07 5120 ----a-w- C:\Windows\System32\dxmasf.dll
2015-05-04 22:32:53 9216 ----a-w- C:\Windows\System32\spwmp.dll
2015-05-04 21:39:20 8147456 ----a-w- C:\Windows\System32\wmploc.DLL
2015-05-04 21:21:20 8147456 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2015-04-30 16:03:33 279040 ----a-w- C:\Windows\SysWow64\schannel.dll
2015-04-30 15:41:49 347648 ----a-w- C:\Windows\System32\schannel.dll
2015-04-30 13:14:01 124112 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-04-30 13:14:01 102608 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-04-24 15:54:56 532480 ----a-w- C:\Windows\SysWow64\comctl32.dll
2015-04-24 15:41:07 633856 ----a-w- C:\Windows\System32\comctl32.dll
2015-04-19 21:24:52 219648 ----a-w- C:\Windows\SysWow64\d3d10_1core.dll
2015-04-19 21:24:52 189952 ----a-w- C:\Windows\SysWow64\d3d10core.dll
2015-04-19 21:24:52 160768 ----a-w- C:\Windows\SysWow64\d3d10_1.dll
2015-04-19 21:24:52 1029120 ----a-w- C:\Windows\SysWow64\d3d10.dll
2015-04-19 20:19:37 1172480 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2015-04-19 20:18:56 486400 ----a-w- C:\Windows\SysWow64\d3d10level9.dll
2015-04-19 20:13:15 682496 ----a-w- C:\Windows\SysWow64\d2d1.dll
2015-04-19 20:12:25 1072640 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-04-18 00:16:49 327680 ----a-w- C:\Windows\System32\d3d10_1core.dll
2015-04-18 00:16:49 287232 ----a-w- C:\Windows\System32\d3d10core.dll
2015-04-18 00:16:49 196096 ----a-w- C:\Windows\System32\d3d10_1.dll
2015-04-18 00:16:49 1268224 ----a-w- C:\Windows\System32\d3d10.dll
2015-04-17 23:45:08 2002944 ----a-w- C:\Windows\System32\d3d10warp.dll
2015-04-17 23:44:12 566272 ----a-w- C:\Windows\System32\d3d10level9.dll
2015-04-17 23:35:11 834048 ----a-w- C:\Windows\System32\d2d1.dll
.
============= FINISH: 9:39:41.99 ===============
Attached Files
File Type: txt attach.txt (11.6 KB, 32 views)
win98forever is offline  
Sponsored Links
Advertisement
 
Old 07-05-2015, 10:19 AM   #2
TSF Enthusiast
 
Join Date: Jul 2009
Posts: 687
OS: vista home premium, Windows 10



Bump? Will I be notified one way or the other?
win98forever is offline  
Old 07-06-2015, 01:32 AM   #3
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello win98forever,

My name is Tolga and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.
First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
Please download to and run all requested tools from your Desktop.
Perform everything in the correct order. Sometimes one step requires the previous one.
If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
My native language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Now, let's get started, shall we?

Please do the following instructions.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
Make sure the Addition.txt button is ticked.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply.
__________________
tekir06 is offline  
Sponsored Links
Advertisement
 
Old 07-06-2015, 06:52 AM   #4
TSF Enthusiast
 
Join Date: Jul 2009
Posts: 687
OS: vista home premium, Windows 10



Here are the scan results.
Attached Files
File Type: txt Addition.txt (27.5 KB, 31 views)
File Type: txt FRST.txt (26.6 KB, 32 views)
win98forever is offline  
Old 07-06-2015, 11:21 PM   #5
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello win98forever,

Thanks for the logs. Let's move on.

I didn't see any problems in your logs. Please do the following instructions:

Please download AdwCleaner on to your desktop.
Close all open programs and internet browsers.
Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
Click on Scan.
After the scan is complete click on "Cleaning"
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.
__________________
tekir06 is offline  
Old 07-07-2015, 07:35 AM   #6
TSF Enthusiast
 
Join Date: Jul 2009
Posts: 687
OS: vista home premium, Windows 10



# AdwCleaner v4.207 - Logfile created 07/07/2015 at 07:30:07
# Updated 21/06/2015 by Xplode
# Database : 2015-06-21.1 [Local]
# Operating system : Windows (TM) Vista Home Premium Service Pack 2 (x64)
# Username : Me - ME-PC
# Running from : C:\Users\Me\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v9.0.8112.16659


-\\ Mozilla Firefox v38.0.5 (x86 en-US)


*************************

AdwCleaner[R0].txt - [751 bytes] - [07/07/2015 07:28:26]
AdwCleaner[S0].txt - [677 bytes] - [07/07/2015 07:30:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [735 bytes] ##########
win98forever is offline  
Old 07-07-2015, 11:14 PM   #7
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello win98forever,

The result looks like I expected. Please do the following:

Please download TDSSKiller here or here. to the desktop.
Right-click on TDSSKiller.exe and select Run as Administrator to start the program and follow the prompts.
Under Additional options, select both Verify driver digital signatures & Detect TDLFS File System >> OK
If a suspicious file is detected, the default action will be Skip, click on Continue.
Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
Copy and paste its contents in your next reply.
__________________
tekir06 is offline  
Old 07-08-2015, 08:52 AM   #8
TSF Enthusiast
 
Join Date: Jul 2009
Posts: 687
OS: vista home premium, Windows 10



I had to stop the scan and restart it after checking the two items you mentioned. FF also updated to version 39 during the process in case that matters.
Report
08:41:33.0560 0x0df8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
08:41:50.0305 0x0df8 ============================================================
08:41:50.0305 0x0df8 Current date / time: 2015/07/08 08:41:50.0305
08:41:50.0305 0x0df8 SystemInfo:
08:41:50.0305 0x0df8
08:41:50.0305 0x0df8 OS Version: 6.0.6002 ServicePack: 2.0
08:41:50.0305 0x0df8 Product type: Workstation
08:41:50.0305 0x0df8 ComputerName: ME-PC
08:41:50.0306 0x0df8 UserName: Me
08:41:50.0306 0x0df8 Windows directory: C:\Windows
08:41:50.0306 0x0df8 System windows directory: C:\Windows
08:41:50.0306 0x0df8 Running under WOW64
08:41:50.0306 0x0df8 Processor architecture: Intel x64
08:41:50.0306 0x0df8 Number of processors: 2
08:41:50.0306 0x0df8 Page size: 0x1000
08:41:50.0306 0x0df8 Boot type: Normal boot
08:41:50.0306 0x0df8 ============================================================
08:41:50.0491 0x0df8 KLMD registered as C:\Windows\system32\drivers\99736869.sys
08:41:50.0702 0x0df8 System UUID: {D2FF1C69-7EA1-CE1A-B01C-3B69B5C33117}
08:41:52.0473 0x0df8 Drive \Device\Harddisk0\DR0 - Size: 0x1D5849E000 ( 117.38 Gb ), SectorSize: 0x200, Cylinders: 0x3BDA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:41:53.0257 0x0df8 ============================================================
08:41:53.0257 0x0df8 \Device\Harddisk0\DR0:
08:41:53.0258 0x0df8 MBR partitions:
08:41:53.0258 0x0df8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0xD7AE000
08:41:53.0258 0x0df8 ============================================================
08:41:53.0259 0x0df8 C: <-> \Device\Harddisk0\DR0\Partition1
08:41:53.0260 0x0df8 ============================================================
08:41:53.0260 0x0df8 Initialize success
08:41:53.0260 0x0df8 ============================================================
08:42:23.0373 0x07d0 ============================================================
08:42:23.0373 0x07d0 Scan started
08:42:23.0373 0x07d0 Mode: Manual;
08:42:23.0373 0x07d0 ============================================================
08:42:23.0373 0x07d0 KSN ping started
08:42:36.0883 0x07d0 KSN ping finished: true
08:42:37.0164 0x07d0 ================ Scan system memory ========================
08:42:37.0164 0x07d0 Scan was interrupted by user!
08:42:37.0195 0x07d0 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
08:42:37.0210 0x07d0 Win FW state via NFP2: enabled
08:42:39.0769 0x07d0 ============================================================
08:42:39.0769 0x07d0 Scan finished
08:42:39.0769 0x07d0 ============================================================
08:42:39.0769 0x0ebc Detected object count: 0
08:42:39.0769 0x0ebc Actual detected object count: 0
08:43:57.0599 0x0d88 ============================================================
08:43:57.0599 0x0d88 Scan started
08:43:57.0599 0x0d88 Mode: Manual; SigCheck; TDLFS;
08:43:57.0599 0x0d88 ============================================================
08:43:57.0599 0x0d88 KSN ping started
08:44:11.0062 0x0d88 KSN ping finished: true
08:44:11.0296 0x0d88 ================ Scan system memory ========================
08:44:11.0296 0x0d88 System memory - ok
08:44:11.0296 0x0d88 ================ Scan services =============================
08:44:11.0389 0x0d88 [ 1965AAFFAB07E3FB03C77F81BEBA3547, 351A1EBB1B95C8E03ED125C8F997DEE810B4DF36AD290E7685FC01963B522BFC ] ACPI C:\Windows\system32\drivers\acpi.sys
08:44:11.0483 0x0d88 ACPI - ok
08:44:11.0483 0x0d88 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:44:11.0499 0x0d88 AdobeARMservice - ok
08:44:11.0592 0x0d88 [ 1234A12B71DAE034E45C714AE5A54412, 079E6BC834F38322ED5ED76295EC3961ED894084EF5CB171DFFBD9B3822CC78D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
08:44:11.0608 0x0d88 AdobeFlashPlayerUpdateSvc - ok
08:44:11.0623 0x0d88 [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:44:11.0655 0x0d88 adp94xx - ok
08:44:11.0686 0x0d88 [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:44:11.0701 0x0d88 adpahci - ok
08:44:11.0717 0x0d88 [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
08:44:11.0733 0x0d88 adpu160m - ok
08:44:11.0779 0x0d88 [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:44:11.0811 0x0d88 adpu320 - ok
08:44:11.0826 0x0d88 [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:44:11.0889 0x0d88 AeLookupSvc - ok
08:44:11.0935 0x0d88 [ E58A17E945593544C707423F9772EEA0, FC17AFF979354EB89DCA307BF07C52B84629AF540D4C6A32DD537695CA654205 ] AFD C:\Windows\system32\drivers\afd.sys
08:44:11.0982 0x0d88 AFD - ok
08:44:11.0998 0x0d88 [ 8B0D8B5BAFD4C9D57B41426BC68B32F9, 28875E7A1BE4AFAFCCB13C6BE5891B0CE5C1735AC3CE5C84A773D445AF1D9596 ] AgereModemAudio C:\Windows\system32\agr64svc.exe
08:44:12.0013 0x0d88 AgereModemAudio - ok
08:44:12.0091 0x0d88 [ 3627A62B10284FFBF862BFD49928EDF4, 09670D886A736573A2F6E41515C18951E3E63D0979FD46ABC17F1D5AE3269B41 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
08:44:12.0169 0x0d88 AgereSoftModem - ok
08:44:12.0185 0x0d88 [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:44:12.0201 0x0d88 agp440 - ok
08:44:12.0216 0x0d88 [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx C:\Windows\system32\drivers\djsvs.sys
08:44:12.0232 0x0d88 aic78xx - ok
08:44:12.0263 0x0d88 [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG C:\Windows\System32\alg.exe
08:44:12.0294 0x0d88 ALG - ok
08:44:12.0310 0x0d88 [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide C:\Windows\system32\drivers\aliide.sys
08:44:12.0325 0x0d88 aliide - ok
08:44:12.0357 0x0d88 [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide C:\Windows\system32\drivers\amdide.sys
08:44:12.0372 0x0d88 amdide - ok
08:44:12.0388 0x0d88 [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:44:12.0419 0x0d88 AmdK8 - ok
08:44:12.0450 0x0d88 [ 7C8ECAAD76EA1D076A450C8303D9BD98, 90904B2BE380A51BDCEDADA530214CE5321C06456E10F5985B40E3282902BEF6 ] Appinfo C:\Windows\System32\appinfo.dll
08:44:12.0481 0x0d88 Appinfo - ok
08:44:12.0513 0x0d88 [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc C:\Windows\system32\drivers\arc.sys
08:44:12.0528 0x0d88 arc - ok
08:44:12.0559 0x0d88 [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:44:12.0591 0x0d88 arcsas - ok
08:44:12.0653 0x0d88 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
08:44:12.0684 0x0d88 aspnet_state - ok
08:44:12.0715 0x0d88 [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:44:12.0747 0x0d88 AsyncMac - ok
08:44:12.0762 0x0d88 [ E68D9B3A3905619732F7FE039466A623, 74C0B29E54EF064660B9C756E03D5A7EB78F261EFF768EB6E74D261FBD34340D ] atapi C:\Windows\system32\drivers\atapi.sys
08:44:12.0793 0x0d88 atapi - ok
08:44:13.0308 0x0d88 [ 45511C7E870D3ADDDD60049232EA96B3, 02982BE10E4882E140345BEBE3E60A6FF139B936740F98AA1E72696856F62491 ] athr C:\Windows\system32\DRIVERS\athrx.sys
08:44:13.0386 0x0d88 athr - ok
08:44:13.0417 0x0d88 [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:44:13.0464 0x0d88 AudioEndpointBuilder - ok
08:44:13.0511 0x0d88 [ 4FCE8096191D260028FB6585A4159D6F, FCCB53A93CE69C8A21B61A4DE678AB3A59A55828BCA655D5E5AB6B08CE6FB412 ] AudioSrv C:\Windows\System32\Audiosrv.dll
08:44:13.0542 0x0d88 AudioSrv - ok
08:44:13.0605 0x0d88 [ FFB96C2589FFA60473EAD78B39FBDE29, 6A2792753E2CB580672B3107C0DBB9D26B6DAA14B37D5EC314BD0E304197E03E ] BFE C:\Windows\System32\bfe.dll
08:44:13.0636 0x0d88 BFE - ok
08:44:13.0714 0x0d88 [ 6D316F4859634071CC25C4FD4589AD2C, 73F69AC9E505F3B11A3CCFF8571930229A9058E672CD008A4BF26C0189564EAE ] BITS C:\Windows\System32\qmgr.dll
08:44:13.0870 0x0d88 BITS - ok
08:44:13.0901 0x0d88 [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
08:44:13.0948 0x0d88 blbdrive - ok
08:44:13.0979 0x0d88 [ 2348447A80920B2493A9B582A23E81E1, 50F9242B7104607E633ABAF4E0A213C1C1226BF81F7FB4E216A9E878247B868C ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:44:13.0995 0x0d88 bowser - ok
08:44:14.0010 0x0d88 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
08:44:14.0041 0x0d88 BrFiltLo - ok
08:44:14.0073 0x0d88 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
08:44:14.0104 0x0d88 BrFiltUp - ok
08:44:14.0135 0x0d88 [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser C:\Windows\System32\browser.dll
08:44:14.0182 0x0d88 Browser - ok
08:44:14.0229 0x0d88 [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid C:\Windows\system32\drivers\brserid.sys
08:44:14.0369 0x0d88 Brserid - ok
08:44:14.0416 0x0d88 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
08:44:14.0463 0x0d88 BrSerWdm - ok
08:44:14.0494 0x0d88 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
08:44:14.0541 0x0d88 BrUsbMdm - ok
08:44:14.0572 0x0d88 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
08:44:14.0634 0x0d88 BrUsbSer - ok
08:44:14.0650 0x0d88 [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:44:14.0712 0x0d88 BTHMODEM - ok
08:44:14.0743 0x0d88 [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:44:14.0790 0x0d88 cdfs - ok
08:44:14.0821 0x0d88 [ C025AA69BE3D0D25C7A2E746EF6F94FC, F4754B23CC256ADF92FDD42A9BA80F1ACB74834A58FCBEA2C52650FAFC7F9483 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:44:14.0868 0x0d88 cdrom - ok
08:44:14.0868 0x0d88 [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] CertPropSvc C:\Windows\System32\certprop.dll
08:44:14.0899 0x0d88 CertPropSvc - ok
08:44:14.0931 0x0d88 [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass C:\Windows\system32\drivers\circlass.sys
08:44:14.0962 0x0d88 circlass - ok
08:44:15.0009 0x0d88 [ D44BA2F707838E0FEF35BCEC5CBD9D60, A9E85E801B0B08F7E5AD6206C61F36E42B4A99878D8AA66EAD8B4E667E50D813 ] CLFS C:\Windows\system32\CLFS.sys
08:44:15.0040 0x0d88 CLFS - ok
08:44:15.0055 0x0d88 [ 6B6943A0CA56B47D6FB2EE476890854F, 6DA779879487F4A187DF54B0362642643D7871AA8F7E30992D781F558C50F052 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:44:15.0071 0x0d88 clr_optimization_v2.0.50727_32 - ok
08:44:15.0118 0x0d88 [ 753049933D5326D835F4FCACDF4AD5E3, 715BEE09C19BCBCAD2A93E4725DB3A1FDD8E2FEFFF6E0C3D2F98FC607FED5D3A ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:44:15.0133 0x0d88 clr_optimization_v2.0.50727_64 - ok
08:44:15.0243 0x0d88 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:44:15.0274 0x0d88 clr_optimization_v4.0.30319_32 - ok
08:44:15.0289 0x0d88 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:44:15.0305 0x0d88 clr_optimization_v4.0.30319_64 - ok
08:44:15.0336 0x0d88 [ B52D9A14CE4101577900A364BA86F3DF, A8AA928DDF5FE3861973D4EA03A5B700E99138236F1E8FF594293B9705BF470C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:44:15.0367 0x0d88 CmBatt - ok
08:44:15.0383 0x0d88 [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:44:15.0399 0x0d88 cmdide - ok
08:44:15.0430 0x0d88 [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:44:15.0445 0x0d88 Compbatt - ok
08:44:15.0445 0x0d88 COMSysApp - ok
08:44:15.0477 0x0d88 [ 5AC8A997E8D9C131B5F90B4F3CCFAE34, D2FFC4F12299D9500390345A707F3FE844CBBE13163D004665FCD82B6C3B6FC6 ] ConfigFree Gadget Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFProcSRVC.exe
08:44:15.0492 0x0d88 ConfigFree Gadget Service - detected UnsignedFile.Multi.Generic ( 1 )
08:44:17.0988 0x0d88 Detect skipped due to KSN trusted
08:44:17.0988 0x0d88 ConfigFree Gadget Service - ok
08:44:18.0004 0x0d88 [ D10D01B2DFCD8D2F32A32ED29E8DA1C2, D5F89AFF51D690494A70F0E17CB5609DB81F7C9BACD2952D411C7959E90BEEE3 ] ConfigFree Service C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
08:44:18.0004 0x0d88 ConfigFree Service - detected UnsignedFile.Multi.Generic ( 1 )
08:44:20.0515 0x0d88 Detect skipped due to KSN trusted
08:44:20.0515 0x0d88 ConfigFree Service - ok
08:44:20.0531 0x0d88 [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:44:20.0547 0x0d88 crcdisk - ok
08:44:20.0593 0x0d88 [ 5AAC48EAF8EACF247DB44FB61B900D89, D20FCD5C71CA18F284D3DFD0CED37F6888A296E76B7B0563F2F4668CF90FE752 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:44:20.0625 0x0d88 CryptSvc - ok
08:44:20.0687 0x0d88 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] DcomLaunch C:\Windows\system32\rpcss.dll
08:44:20.0749 0x0d88 DcomLaunch - ok
08:44:20.0749 0x0d88 [ 8B722BA35205C71E7951CDC4CDBADE19, 39720A60DFD0532F7E1A1976240E9828559BF9E0C6D1CFBF4D911965BFD94158 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:44:20.0781 0x0d88 DfsC - ok
08:44:20.0905 0x0d88 [ C647F468F7DE343DF8C143655C5557D4, E2D35FE49C408B952D8FE0C7EF70D42798229D30B89CEF9858BAC9F4F9E98EF2 ] DFSR C:\Windows\system32\DFSR.exe
08:44:21.0108 0x0d88 DFSR - ok
08:44:21.0202 0x0d88 [ 3ED0321127CE70ACDAABBF77E157C2A7, 10973BD0AEF9597A4EA0A4947BDE922F9168F33D6ED97BFFEE6176AADAD78980 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
08:44:21.0249 0x0d88 Dhcp - ok
08:44:21.0280 0x0d88 [ B0107E40ECDB5FA692EBF832F295D905, 76466BB9E4F12436ECCCB9D89EB20762B4785F82F02591B51A735A590E248264 ] disk C:\Windows\system32\drivers\disk.sys
08:44:21.0295 0x0d88 disk - ok
08:44:21.0358 0x0d88 [ 06230F1B721494A6DF8D47FD395BB1B0, F6CA8270740E01D9CE2FE8E34BC067C7EDC15BA610F461860E1D17D135C8A379 ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:44:21.0373 0x0d88 Dnscache - ok
08:44:21.0405 0x0d88 [ 1A7156DD1E850E9914E5E991E3225B94, 99FF0C7125B01FCB0B92DC44756AE8FAA486F2E7F38DC6204F7EFE5918F8480A ] dot3svc C:\Windows\System32\dot3svc.dll
08:44:21.0451 0x0d88 dot3svc - ok
08:44:21.0467 0x0d88 [ 74C02B1717740C3B8039539E23E4B53F, FF17BC1DAAE92C99D17EAE5C43FCFCC4B76E390D05EE2C603E5579C78A5536F0 ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
08:44:21.0545 0x0d88 Dot4 - ok
08:44:21.0592 0x0d88 [ 08321D1860235BF42CF2854234337AEA, 39BD593B373A43C34FDDE283BA17F8127558036E8B5604D7C7091BC99CA9D739 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
08:44:21.0639 0x0d88 Dot4Print - ok
08:44:21.0654 0x0d88 [ 4ADCCF0124F2B6911D3786A5D0E779E5, 950B6FA2B9ABF353036A64133ED441EF58EEE36DC4BF5D5C4FFB71796438B5AA ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
08:44:21.0701 0x0d88 dot4usb - ok
08:44:21.0732 0x0d88 [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS C:\Windows\system32\dps.dll
08:44:21.0795 0x0d88 DPS - ok
08:44:21.0841 0x0d88 [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:44:21.0857 0x0d88 drmkaud - ok
08:44:21.0935 0x0d88 [ 362CCEF305F45829316D62D3410F2062, 35033749E9B6B5AFC9C8C305F4AA1597E9776D465E7BBC24A20E836B7BEF0D73 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:44:22.0013 0x0d88 DXGKrnl - ok
08:44:22.0029 0x0d88 [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
08:44:22.0075 0x0d88 E1G60 - ok
08:44:22.0107 0x0d88 [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost C:\Windows\System32\eapsvc.dll
08:44:22.0138 0x0d88 EapHost - ok
08:44:22.0169 0x0d88 [ 5F94962BE5A62DB6E447FF6470C4F48A, D00F9B3315DE8610BBE93FFD3CA3E2CF5B10697C518FC25FA4274CC6894D022B ] Ecache C:\Windows\system32\drivers\ecache.sys
08:44:22.0200 0x0d88 Ecache - ok
08:44:22.0216 0x0d88 [ 14CE384D2E27B64C256BDA4DC39C312D, D5FA9C2BB162F1C22E419D33671B8202AAC245A87F6B183B97F83F5BFA165B41 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:44:22.0247 0x0d88 ehRecvr - ok
08:44:22.0294 0x0d88 [ B93159C1313D66FDFBBE876F5189CD52, 51E39160EA56F6B08449267EDF2A0F604612663768D2348DE23554AB07BDBB62 ] ehSched C:\Windows\ehome\ehsched.exe
08:44:22.0325 0x0d88 ehSched - ok
08:44:22.0325 0x0d88 [ F5EE2527D74449868E3C3227A59BCD28, 11640E97EE9D8F9A5DC3FEA6BA7A737AA796A7235C7F5C7EF1ABFB51C9D730D3 ] ehstart C:\Windows\ehome\ehstart.dll
08:44:22.0341 0x0d88 ehstart - ok
08:44:22.0387 0x0d88 [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:44:22.0419 0x0d88 elxstor - ok
08:44:22.0481 0x0d88 [ A9B18B63A4FD6BAAB83326706D857FAB, 7721CC67C0F8CE3060D0EB35A10E4ADC1E3CB470C0797B17D606060C270F96D7 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
08:44:22.0512 0x0d88 EMDMgmt - ok
08:44:22.0528 0x0d88 [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:44:22.0575 0x0d88 ErrDev - ok
08:44:22.0637 0x0d88 [ E12F22B73F153DECE721CD45EC05B4AF, 41887EEF4BB024329B4079AD50FC5FB705F0EB8BAF6C93A8242DC2A73D3AFD86 ] EventSystem C:\Windows\system32\es.dll
08:44:22.0699 0x0d88 EventSystem - ok
08:44:22.0746 0x0d88 [ 486844F47B6636044A42454614ED4523, 3E24E78584B199C0FAA59613EEB7DF67B3B878B277A0130C7A3FF608C130BA2F ] exfat C:\Windows\system32\drivers\exfat.sys
08:44:22.0793 0x0d88 exfat - ok
08:44:22.0855 0x0d88 [ 1E34B436811CCA4A2783C0BC7A0BEB2E, 7C9496100DEA53FBADDA8B1EFF9F943FD13E75601A039632887A35F190C1F799 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:44:22.0887 0x0d88 fastfat - ok
08:44:22.0887 0x0d88 [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:44:22.0933 0x0d88 fdc - ok
08:44:22.0965 0x0d88 [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost C:\Windows\system32\fdPHost.dll
08:44:22.0996 0x0d88 fdPHost - ok
08:44:23.0027 0x0d88 [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub C:\Windows\system32\fdrespub.dll
08:44:23.0089 0x0d88 FDResPub - ok
08:44:23.0105 0x0d88 [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:44:23.0121 0x0d88 FileInfo - ok
08:44:23.0136 0x0d88 [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:44:23.0183 0x0d88 Filetrace - ok
08:44:23.0183 0x0d88 [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:44:23.0230 0x0d88 flpydisk - ok
08:44:23.0261 0x0d88 [ E3041BC26D6930D61F42AEDB79C91720, 3556C033BB78445EC8B2F98A82455914764AFC70CBFF634DDBD3539885A1E457 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:44:23.0292 0x0d88 FltMgr - ok
08:44:23.0323 0x0d88 [ 141C91F7D7F26730921B2A4FC93C2114, EFD3BF5557684C22FB2104676E669DC5624433A6895E3F9FB28114C116E82CA2 ] FontCache C:\Windows\system32\FntCache.dll
08:44:23.0464 0x0d88 FontCache - ok
08:44:23.0479 0x0d88 [ BC5B0BE5AF3510B0FD8C140EE42C6D3E, B21CA5F14BDB6CFD97A24C28BB2AD0D704C46058F13B01FF4203514FE8B92591 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:44:23.0495 0x0d88 FontCache3.0.0.0 - ok
08:44:23.0526 0x0d88 [ 5779B86CD8B32519FBECB136394D946A, 68A395CD2287D22CB5C8CFE5A3006A61AC0C3FDAADF166C93240FF83C0315DCF ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:44:23.0557 0x0d88 Fs_Rec - ok
08:44:23.0573 0x0d88 [ 6D06B5EEBBA23C16789EFC820EE1F253, 24920CF69DE6413DBF17554CFFBD3BF9B73F3311F6EBB53678360A42F7A6F280 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
08:44:23.0589 0x0d88 FwLnk - ok
08:44:23.0604 0x0d88 [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:44:23.0620 0x0d88 gagp30kx - ok
08:44:23.0667 0x0d88 [ A0E1B575BA8F504968CD40C0FAEB2384, F64A24A5A93F4E757882E97C65DA612F07A87F4DDD2E10C1AB0250AFA03BCEF1 ] gpsvc C:\Windows\System32\gpsvc.dll
08:44:23.0729 0x0d88 gpsvc - ok
08:44:23.0745 0x0d88 [ DF45F8142DC6DF9D18C39B3EFFBD0409, E0F04525530FF403C5A34B7E9A03CDE70B7BACE12E2E50103554E92AF374BD09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:44:23.0807 0x0d88 HdAudAddService - ok
08:44:23.0854 0x0d88 [ F942C5820205F2FB453243EDFEC82A3D, 17A6A3DCF884FB524C93F2477D97E9F2B8E547709F8F2AEA93BEEA322B62E914 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:44:23.0963 0x0d88 HDAudBus - ok
08:44:23.0994 0x0d88 [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:44:24.0041 0x0d88 HidBth - ok
08:44:24.0057 0x0d88 [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr C:\Windows\system32\drivers\hidir.sys
08:44:24.0119 0x0d88 HidIr - ok
08:44:24.0150 0x0d88 [ 59361D38A297755D46A540E450202B2A, ED97800A3FF9B90EC58BC5122C42B53F46D9C157EFE488481E8677ED7058E33D ] hidserv C:\Windows\system32\hidserv.dll
08:44:24.0181 0x0d88 hidserv - ok
08:44:24.0197 0x0d88 [ 443BDD2D30BB4F00795C797E2CF99EDF, BCE1A241AE5CCE3E1C65CCF07ECB4305C7106F2EFFD51F2C519EB00026B474C4 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:44:24.0228 0x0d88 HidUsb - ok
08:44:24.0259 0x0d88 [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:44:24.0306 0x0d88 hkmsvc - ok
08:44:24.0322 0x0d88 [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
08:44:24.0337 0x0d88 HpCISSs - ok
08:44:24.0431 0x0d88 [ FCB563B0A23643E5F80B6FF1E60F610F, C1FCECF406E154065BF3FD93C4853ED96F5300E0E218FF0AA20B34D614710735 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
08:44:24.0431 0x0d88 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
08:44:27.0145 0x0d88 Detect skipped due to KSN trusted
08:44:27.0145 0x0d88 hpqcxs08 - ok
08:44:27.0161 0x0d88 [ 25E443E27165C652723A92D9BDFD4649, 58528E888176D236C683F5135BE0B35F43F9F521022ED0E66D5B688F3BAF7D0F ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
08:44:27.0255 0x0d88 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
08:44:30.0187 0x0d88 Detect skipped due to KSN trusted
08:44:30.0187 0x0d88 hpqddsvc - ok
08:44:30.0203 0x0d88 [ 1878A79551F2EDAE7EBD110AAE6D33AD, 1F409360B44AEB3A6023E953EAB350FFB3EB8322F589E2422AB312288B33A2DA ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
08:44:30.0219 0x0d88 HPSupportSolutionsFrameworkService - ok
08:44:30.0265 0x0d88 [ 098F1E4E5C9CB5B0063A959063631610, 36B02A738413E4745978E3E90D9CE8ABC08376BEE411008A4312A752CB4A2E13 ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:44:30.0328 0x0d88 HTTP - ok
08:44:30.0359 0x0d88 [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp C:\Windows\system32\drivers\i2omp.sys
08:44:30.0375 0x0d88 i2omp - ok
08:44:30.0390 0x0d88 [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:44:30.0421 0x0d88 i8042prt - ok
08:44:30.0531 0x0d88 [ CB686F44BF955EA02520710A56874FA4, D898E897171B07136FCB94726AB16738C923A170B166EB5D758E404C8A6EFD0F ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
08:44:30.0577 0x0d88 IAANTMON - ok
08:44:30.0640 0x0d88 [ 8D58627FEF3F8767665D9F4DC91CBD97, 1E0C1701220A73633C53766F3BD469468135D4B97827F1659A719FCCCA34E26E ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
08:44:30.0655 0x0d88 iaStor - ok
08:44:30.0671 0x0d88 [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
08:44:30.0702 0x0d88 iaStorV - ok
08:44:30.0702 0x0d88 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
08:44:30.0718 0x0d88 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
08:44:33.0417 0x0d88 Detect skipped due to KSN trusted
08:44:33.0417 0x0d88 IDriverT - ok
08:44:33.0448 0x0d88 [ A9AA69F749AC1D318151E77372CC83DB, 2A50A4D6ED22F5F6CB5DC56A639D904AD71E511DC744A6F6C3D1D4D39756AF31 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:44:33.0526 0x0d88 idsvc - ok
08:44:33.0791 0x0d88 [ 663E7364F650A915D415EEB2DA98D86A, EC5BFFCBD5D13902597902CA11B61B46C616DC42E5632AB8DF08F9A723531347 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
08:44:34.0197 0x0d88 igfx - ok
08:44:34.0228 0x0d88 [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:44:34.0243 0x0d88 iirsp - ok
08:44:34.0275 0x0d88 [ 0401A380C88754B2399F8043AC9B2BF9, BFF3B53FAFAE6622AA9F74BAA4A3D522C06E2D732B88916766603B9FE8D0D77F ] IKEEXT C:\Windows\System32\ikeext.dll
08:44:34.0321 0x0d88 IKEEXT - ok
08:44:34.0368 0x0d88 [ 1835B384D2D66752ED1460E9085230BD, 39287BB1755402E23C7A84926DBFE9007D1DC6CB52F827E90786F1D187717CC1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:44:34.0446 0x0d88 IntcAzAudAddService - ok
08:44:34.0462 0x0d88 [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide C:\Windows\system32\drivers\intelide.sys
08:44:34.0477 0x0d88 intelide - ok
08:44:34.0509 0x0d88 [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:44:34.0555 0x0d88 intelppm - ok
08:44:34.0571 0x0d88 [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:44:34.0618 0x0d88 IPBusEnum - ok
08:44:34.0649 0x0d88 [ D8AABC341311E4780D6FCE8C73C0AD81, 141E8032A934777567E6DAC35FB1C77C40D9B6EE477F17F872F35833A8F57F72 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:44:34.0680 0x0d88 IpFilterDriver - ok
08:44:34.0711 0x0d88 [ BF0DBFA9792C5C14FA00F61C75116C1B, 24C14DCAF57013F1C238E3C123279737420A714EB29CB69239C9838C9A269A59 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:44:34.0758 0x0d88 iphlpsvc - ok
08:44:34.0758 0x0d88 IpInIp - ok
08:44:34.0789 0x0d88 [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
08:44:34.0821 0x0d88 IPMIDRV - ok
08:44:34.0852 0x0d88 [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
08:44:34.0914 0x0d88 IPNAT - ok
08:44:34.0945 0x0d88 [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:44:34.0977 0x0d88 IRENUM - ok
08:44:35.0023 0x0d88 [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:44:35.0039 0x0d88 isapnp - ok
08:44:35.0086 0x0d88 [ E4FDF99599F27EC25D2CF6D754243520, 9139E708EE30F10652C9A458BD58B0343A3C05E84CD3E71FA0B0E4123503CF7B ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
08:44:35.0101 0x0d88 iScsiPrt - ok
08:44:35.0148 0x0d88 [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
08:44:35.0164 0x0d88 iteatapi - ok
08:44:35.0211 0x0d88 [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid C:\Windows\system32\drivers\iteraid.sys
08:44:35.0226 0x0d88 iteraid - ok
08:44:35.0320 0x0d88 [ 957135960E7533EA5C7EA0BFB34F8EFD, 036B11D7639C49F02A6C15022BC9629BAE023B7FE1F86451F12B0D5C92D5B57E ] jswpsapi C:\Program Files (x86)\Jumpstart\jswpsapi.exe
08:44:35.0569 0x0d88 jswpsapi - detected UnsignedFile.Multi.Generic ( 1 )
08:44:38.0112 0x0d88 Detect skipped due to KSN trusted
08:44:38.0112 0x0d88 jswpsapi - ok
08:44:38.0128 0x0d88 [ 9D86C5091209CA4BD3762BED6F654501, 7396D4D9B25097DB22BD067FA8E58260AD31D4225A30DAA0F2CCFC43796741C3 ] JSWPSLWF C:\Windows\system32\DRIVERS\jswpslwfx.sys
08:44:38.0143 0x0d88 JSWPSLWF - ok
08:44:38.0159 0x0d88 [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:44:38.0175 0x0d88 kbdclass - ok
08:44:38.0175 0x0d88 [ BF8783A5066CFECF45095459E8010FA7, 90845E1A154189258B2754C4FF8E6732AA462FF3777E8DFBAF8246C7C5B2740D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:44:38.0221 0x0d88 kbdhid - ok
08:44:38.0237 0x0d88 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] KeyIso C:\Windows\system32\lsass.exe
08:44:38.0253 0x0d88 KeyIso - ok
08:44:38.0284 0x0d88 [ 7C999F96B239E214154DB3C808E6736A, A043262E6971E67510C8D4CA95F04DF82DFE6409160F39C924104D85F76C52D7 ] KR10I64 C:\Windows\system32\drivers\kr10i64.sys
08:44:38.0299 0x0d88 KR10I64 - ok
08:44:38.0315 0x0d88 [ 8CB9A9164D4E789424F943FA718FA3F2, 7B102ED8D39D981D6D61591272EA24DBE8E85E543E3290272485B59F9FA5CE60 ] KR10N64 C:\Windows\system32\drivers\kr10n64.sys
08:44:38.0346 0x0d88 KR10N64 - ok
08:44:38.0362 0x0d88 [ 12A76FE3D133B0D5BEBD7CB19E8B4E07, 4147DB35D51427ABA1BBA9DEF44DF26697B3A17063990528C049980D4BF836CD ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:44:38.0393 0x0d88 KSecDD - ok
08:44:38.0409 0x0d88 [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
08:44:38.0455 0x0d88 ksthunk - ok
08:44:38.0518 0x0d88 [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm C:\Windows\system32\msdtckrm.dll
08:44:38.0580 0x0d88 KtmRm - ok
08:44:38.0643 0x0d88 [ 50C7A3CB427E9BB5ED0708A669956AB5, 3DAD1C01AE58FE2C6134283B19118E2F3C884DDFFBAE4A46B7B5E4FB1A2567A1 ] LanmanServer C:\Windows\system32\srvsvc.dll
08:44:38.0658 0x0d88 LanmanServer - ok
08:44:38.0705 0x0d88 [ CAF86FC1388BE1E470F1A7B43E348ADB, 9E9AE0B617D1031E8462524802A2D997AE7C944A7D00D403FF903145A7FEB761 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:44:38.0736 0x0d88 LanmanWorkstation - ok
08:44:38.0752 0x0d88 [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:44:38.0783 0x0d88 lltdio - ok
08:44:38.0830 0x0d88 [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:44:38.0877 0x0d88 lltdsvc - ok
08:44:38.0892 0x0d88 [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts C:\Windows\System32\lmhsvc.dll
08:44:38.0939 0x0d88 lmhosts - ok
08:44:38.0970 0x0d88 [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:44:38.0986 0x0d88 LSI_FC - ok
08:44:39.0017 0x0d88 [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:44:39.0033 0x0d88 LSI_SAS - ok
08:44:39.0048 0x0d88 [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:44:39.0064 0x0d88 LSI_SCSI - ok
08:44:39.0126 0x0d88 [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv C:\Windows\system32\drivers\luafv.sys
08:44:39.0157 0x0d88 luafv - ok
08:44:39.0189 0x0d88 [ 76A58DF02BD4EA29F189B82D0BEF17F8, B3A96AABE050BB332ECD9AF7C35D08B468AC459D30FF4D49B609BA3F95ECEEDA ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:44:39.0204 0x0d88 Mcx2Svc - ok
08:44:39.0235 0x0d88 [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas C:\Windows\system32\drivers\megasas.sys
08:44:39.0251 0x0d88 megasas - ok
08:44:39.0282 0x0d88 [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR C:\Windows\system32\drivers\megasr.sys
08:44:39.0313 0x0d88 MegaSR - ok
08:44:39.0329 0x0d88 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS C:\Windows\system32\mmcss.dll
08:44:39.0360 0x0d88 MMCSS - ok
08:44:39.0407 0x0d88 [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem C:\Windows\system32\drivers\modem.sys
08:44:39.0438 0x0d88 Modem - ok
08:44:39.0485 0x0d88 [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:44:39.0516 0x0d88 monitor - ok
08:44:39.0532 0x0d88 [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:44:39.0547 0x0d88 mouclass - ok
08:44:39.0594 0x0d88 [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:44:39.0625 0x0d88 mouhid - ok
08:44:39.0657 0x0d88 [ 11BC9B1E8801B01F7F6ADB9EAD30019B, 1BAF820C0AB1B70A114E767B2155A58BF86CD0D9CF582813C1635A86BE3A7A05 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
08:44:39.0688 0x0d88 MountMgr - ok
08:44:39.0719 0x0d88 [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:44:39.0781 0x0d88 MozillaMaintenance - ok
08:44:39.0844 0x0d88 [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
08:44:39.0875 0x0d88 MpFilter - ok
08:44:39.0875 0x0d88 [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio C:\Windows\system32\drivers\mpio.sys
08:44:39.0891 0x0d88 mpio - ok
08:44:39.0937 0x0d88 [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:44:39.0969 0x0d88 mpsdrv - ok
08:44:40.0000 0x0d88 [ 897E3BAF68BA406A61682AE39C83900C, 13F61D5C22BED061BE7C2669CCCAA2BAD4A0CE83800DF57A50306DE0A476FC27 ] MpsSvc C:\Windows\system32\mpssvc.dll
08:44:40.0062 0x0d88 MpsSvc - ok
08:44:40.0062 0x0d88 [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
08:44:40.0078 0x0d88 Mraid35x - ok
08:44:40.0109 0x0d88 [ F0142D3C0505B1B6DB8591A49C005C16, 3C773A2F8D8CE359B81AE6F4112EACBB0582169E4A09CD610E3DCE6DCF9403AF ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:44:40.0125 0x0d88 MRxDAV - ok
08:44:40.0140 0x0d88 [ 1485811B320FF8C7EDAD1CAEBB1C6C2B, 9F157AAA1A793EF7E52817E4126B774C17FFA0036DADCF10A024FDC068F94F67 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:44:40.0156 0x0d88 mrxsmb - ok
08:44:40.0203 0x0d88 [ 3B929A60C833FC615FD97FBA82BC7632, 40EEBEB43F42A1A37FAA529E0C21984426F90C1EEFE1EF9BB2F696164595F91D ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:44:40.0234 0x0d88 mrxsmb10 - ok
08:44:40.0234 0x0d88 [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3, 197F70E24D2BBDEC35C2D5BC442267ACC4C5AE3FD5BB30A0928976BE9758C942 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:44:40.0265 0x0d88 mrxsmb20 - ok
08:44:40.0296 0x0d88 [ 730B784962D22D2C6481EAE2370E7C8C, D797363808125247CFCE49E5E427193B95292260B70CDB882331CD9F58F8979B ] msahci C:\Windows\system32\drivers\msahci.sys
08:44:40.0312 0x0d88 msahci - ok
08:44:40.0343 0x0d88 [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:44:40.0374 0x0d88 msdsm - ok
08:44:40.0390 0x0d88 [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC C:\Windows\System32\msdtc.exe
08:44:40.0437 0x0d88 MSDTC - ok
08:44:40.0468 0x0d88 [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:44:40.0499 0x0d88 Msfs - ok
08:44:40.0530 0x0d88 [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:44:40.0546 0x0d88 msisadrv - ok
08:44:40.0577 0x0d88 [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:44:40.0624 0x0d88 MSiSCSI - ok
08:44:40.0624 0x0d88 msiserver - ok
08:44:40.0639 0x0d88 [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:44:40.0686 0x0d88 MSKSSRV - ok
08:44:40.0686 0x0d88 [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
08:44:40.0717 0x0d88 MsMpSvc - ok
08:44:40.0749 0x0d88 [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:44:40.0780 0x0d88 MSPCLOCK - ok
08:44:40.0795 0x0d88 [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:44:40.0842 0x0d88 MSPQM - ok
08:44:40.0873 0x0d88 [ DC6CCF440CDEDE4293DB41C37A5060A5, 768D08A67508E1CE69B67642A5E5A639C0DD1E93C956C56ECC5A56B0E502C953 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:44:40.0905 0x0d88 MsRPC - ok
08:44:40.0905 0x0d88 [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:44:40.0920 0x0d88 mssmbios - ok
08:44:40.0951 0x0d88 [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:44:40.0983 0x0d88 MSTEE - ok
08:44:41.0014 0x0d88 [ 0CC49F78D8ACA0877D885F149084E543, 984DDCB52F0DFC1B26C6504FE500E8D9C2CA7F79ED34608AE9866A0915B8BA67 ] Mup C:\Windows\system32\Drivers\mup.sys
08:44:41.0029 0x0d88 Mup - ok
08:44:41.0076 0x0d88 [ A5B10C845E7538C60C0F5D87A57CB3F5, 2B4E16702591C59BC2CA2B99DBB504BAB4F4EF0835B0D9C7453D340CBF0BDF16 ] napagent C:\Windows\system32\qagentRT.dll
08:44:41.0123 0x0d88 napagent - ok
08:44:41.0139 0x0d88 [ 2007B826C4ACD94AE32232B41F0842B9, 6267D165C3C8C5F83194890A6DBF71226D4B891AECD1D06F7AEB5D738C3DC9CA ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:44:41.0170 0x0d88 NativeWifiP - ok
08:44:41.0201 0x0d88 [ 65950E07329FCEE8E6516B17C8D0ABB6, 4429D9FF9B6E376D28D8FA4906B7554DF566EC23E455E3166C496B579622F204 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:44:41.0248 0x0d88 NDIS - ok
08:44:41.0248 0x0d88 [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:44:41.0279 0x0d88 NdisTapi - ok
08:44:41.0310 0x0d88 [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:44:41.0357 0x0d88 Ndisuio - ok
08:44:41.0388 0x0d88 [ F8158771905260982CE724076419EF19, B86FFA790A30ED614A11C87F4D738C913EFC0924DC14750D544001D4E9556071 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:44:41.0435 0x0d88 NdisWan - ok
08:44:41.0435 0x0d88 [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:44:41.0466 0x0d88 NDProxy - ok
08:44:41.0482 0x0d88 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:44:41.0513 0x0d88 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
08:44:44.0383 0x0d88 Detect skipped due to KSN trusted
08:44:44.0383 0x0d88 Net Driver HPZ12 - ok
08:44:44.0383 0x0d88 [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:44:44.0430 0x0d88 NetBIOS - ok
08:44:44.0477 0x0d88 [ FC2C792EBDDC8E28DF939D6A92C83D61, 9EDF8B56E2B47C31457074DA371B604E5F7EB2B3B5CD4688CBEEDD5B266D119B ] netbt C:\Windows\system32\DRIVERS\netbt.sys
08:44:44.0508 0x0d88 netbt - ok
08:44:44.0539 0x0d88 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] Netlogon C:\Windows\system32\lsass.exe
08:44:44.0555 0x0d88 Netlogon - ok
08:44:44.0602 0x0d88 [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman C:\Windows\System32\netman.dll
08:44:44.0649 0x0d88 Netman - ok
08:44:44.0695 0x0d88 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:44:44.0727 0x0d88 NetMsmqActivator - ok
08:44:44.0727 0x0d88 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:44:44.0758 0x0d88 NetPipeActivator - ok
08:44:44.0773 0x0d88 [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm C:\Windows\System32\netprofm.dll
08:44:44.0820 0x0d88 netprofm - ok
08:44:44.0836 0x0d88 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:44:44.0851 0x0d88 NetTcpActivator - ok
08:44:44.0867 0x0d88 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:44:44.0883 0x0d88 NetTcpPortSharing - ok
08:44:44.0883 0x0d88 [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:44:44.0898 0x0d88 nfrd960 - ok
08:44:44.0945 0x0d88 [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
08:44:44.0976 0x0d88 NisDrv - ok
08:44:45.0007 0x0d88 [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
08:44:45.0039 0x0d88 NisSrv - ok
08:44:45.0054 0x0d88 [ 9DC33E66BB7E6470BFE8AA9EF5FBED43, 23E583B264BBD7933E3A000F00D646ABE526D1068C41BC24CF93739529FCA339 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:44:45.0085 0x0d88 NlaSvc - ok
08:44:45.0117 0x0d88 [ B298874F8E0EA93F06EC40AA8D146478, 275D769E5EFD3153985DAF84C5B22B9D65428E09AB41099901ABDD03B3A2625D ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:44:45.0148 0x0d88 Npfs - ok
08:44:45.0163 0x0d88 [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi C:\Windows\system32\nsisvc.dll
08:44:45.0195 0x0d88 nsi - ok
08:44:45.0226 0x0d88 [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:44:45.0273 0x0d88 nsiproxy - ok
08:44:45.0351 0x0d88 [ 2ACCAA3C3C55370A32F17B3595E1A217, 8539A293A5E1EBA2CC0FA9E999099D3B6B035D41069398AE17D737BBE4D9FEA8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:44:45.0429 0x0d88 Ntfs - ok
08:44:45.0444 0x0d88 [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null C:\Windows\system32\drivers\Null.sys
08:44:45.0475 0x0d88 Null - ok
08:44:45.0507 0x0d88 [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:44:45.0522 0x0d88 nvraid - ok
08:44:45.0553 0x0d88 [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:44:45.0569 0x0d88 nvstor - ok
08:44:45.0600 0x0d88 [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:44:45.0616 0x0d88 nv_agp - ok
08:44:45.0616 0x0d88 NwlnkFlt - ok
08:44:45.0631 0x0d88 NwlnkFwd - ok
08:44:45.0663 0x0d88 [ 7B58953E2F263421FDBB09A192712A85, 50F2E667BDD477514BC5B9513E3E8837F4964CFE96ADE849ED6DBE1D7BEA4928 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
08:44:45.0709 0x0d88 ohci1394 - ok
08:44:45.0772 0x0d88 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2pimsvc C:\Windows\system32\p2psvc.dll
08:44:45.0834 0x0d88 p2pimsvc - ok
08:44:45.0865 0x0d88 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] p2psvc C:\Windows\system32\p2psvc.dll
08:44:45.0912 0x0d88 p2psvc - ok
08:44:45.0912 0x0d88 [ AECD57F94C887F58919F307C35498EA0, CD8E8B54A445EF0DC485D5F221588875C98328596F64EE03B2D8BD0B860504FB ] Parport C:\Windows\system32\drivers\parport.sys
08:44:45.0975 0x0d88 Parport - ok
08:44:46.0006 0x0d88 [ B43751085E2ABE389DA466BC62A4B987, 167CB6B18B6B7B74A229A976833E1FBE6D51C9C0EB8A23C92FC2465B692DF383 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:44:46.0021 0x0d88 partmgr - ok
08:44:46.0068 0x0d88 [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc C:\Windows\System32\pcasvc.dll
08:44:46.0084 0x0d88 PcaSvc - ok
08:44:46.0099 0x0d88 [ 47AB1E0FC9D0E12BB53BA246E3A0906D, 82B452D614B535FAD3AFEEA06DFBBF8F7C5031563A2558CFA04F9B94C76E45DF ] pci C:\Windows\system32\drivers\pci.sys
08:44:46.0146 0x0d88 pci - ok
08:44:46.0146 0x0d88 [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
08:44:46.0162 0x0d88 pciide - ok
08:44:46.0209 0x0d88 [ 037661F3D7C507C9993B7010CEEE6288, A7B415675B14FD755D0167BBA458A902AA9ABFC4343A1B887289D31DE8A55285 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
08:44:46.0240 0x0d88 pcmcia - ok
08:44:46.0271 0x0d88 [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:44:46.0349 0x0d88 PEAUTH - ok
08:44:46.0411 0x0d88 [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost C:\Windows\SysWow64\perfhost.exe
08:44:46.0458 0x0d88 PerfHost - ok
08:44:46.0536 0x0d88 [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla C:\Windows\system32\pla.dll
08:44:46.0661 0x0d88 pla - ok
08:44:46.0723 0x0d88 [ FE6B0F59215C9FD9F9D26539C58C8B82, 52CF8BE31A28430226D117EB80974AEAE5EA07F39DE881164232D44BF67FF752 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:44:46.0770 0x0d88 PlugPlay - ok
08:44:46.0801 0x0d88 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:44:46.0833 0x0d88 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
08:44:49.0344 0x0d88 Detect skipped due to KSN trusted
08:44:49.0344 0x0d88 Pml Driver HPZ12 - ok
08:44:49.0375 0x0d88 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
08:44:49.0422 0x0d88 PNRPAutoReg - ok
08:44:49.0453 0x0d88 [ 9AE31D2E1D15C10D91318E0EC149CEAC, CEA8A4AD1D6BB9C1ECBDE7A1946DD655104E20224436B96AD69A76F8E2B25680 ] PNRPsvc C:\Windows\system32\p2psvc.dll
08:44:49.0500 0x0d88 PNRPsvc - ok
08:44:49.0531 0x0d88 [ 89A5560671C2D8B4A4B51F3E1AA069D8, 07DEE5D73DDE09F954E2E13BB5603F0033829B6199C81A7C1709D94AB92B351E ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:44:49.0594 0x0d88 PolicyAgent - ok
08:44:49.0609 0x0d88 [ 23386E9952025F5F21C368971E2E7301, F7241C1799A8AA0E9106B101B841670304DC695FD8D290C690CE0ED5C13BC514 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:44:49.0641 0x0d88 PptpMiniport - ok
08:44:49.0672 0x0d88 [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor C:\Windows\system32\drivers\processr.sys
08:44:49.0703 0x0d88 Processor - ok
08:44:49.0734 0x0d88 [ EF321BEED9CF3DF60EBA29A1D618AD8A, FE277119BCC9938054DFA670844B31E4F66C19EBC6E59E747F99C38F76A433BD ] ProfSvc C:\Windows\system32\profsvc.dll
08:44:49.0765 0x0d88 ProfSvc - ok
08:44:49.0765 0x0d88 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:44:49.0781 0x0d88 ProtectedStorage - ok
08:44:49.0812 0x0d88 [ C5AB7F0809392D0DA027F4A2A81BFA31, B5BC9712AD93661A77AF4D67DB5F05C58A93CF7CDD6F7BA20568C0A9F4630321 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
08:44:49.0859 0x0d88 PSched - ok
08:44:49.0906 0x0d88 [ 17D59556F42529221A1B057E9BAF3C40, 9F0522DCD83EE95462F945205683C9F7A3AE812AE3FCEA54A7806BD4D05DA1C6 ] PSMounterEx C:\Windows\system32\drivers\psmounterex.sys
08:44:49.0937 0x0d88 PSMounterEx - ok
08:44:49.0953 0x0d88 [ 436E1F795F0495B2715116A4EC176803, F2C123BC5B78BEB908F4C743619388F3BB57370B43E2431D73A23DEB4FAF411A ] PSVolAcc C:\Windows\system32\drivers\PSVolAcc.sys
08:44:49.0984 0x0d88 PSVolAcc - ok
08:44:50.0062 0x0d88 [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:44:50.0124 0x0d88 ql2300 - ok
08:44:50.0140 0x0d88 [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:44:50.0155 0x0d88 ql40xx - ok
08:44:50.0187 0x0d88 [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE C:\Windows\system32\qwave.dll
08:44:50.0218 0x0d88 QWAVE - ok
08:44:50.0233 0x0d88 [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:44:50.0249 0x0d88 QWAVEdrv - ok
08:44:50.0265 0x0d88 [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:44:50.0311 0x0d88 RasAcd - ok
08:44:50.0343 0x0d88 [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto C:\Windows\System32\rasauto.dll
08:44:50.0374 0x0d88 RasAuto - ok
08:44:50.0405 0x0d88 [ AC7BC4D42A7E558718DFDEC599BBFC2C, E059EB9472FDDB73AF09FFEBA58D8284AFCDAB1516E0C5759980E60C892F8126 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:44:50.0436 0x0d88 Rasl2tp - ok
08:44:50.0483 0x0d88 [ 3AD83E4046C43BE510DE681588ACB8AF, C5445A23F35395B3EA3974C0D5E314E23D900C694D31F7B7A83FE9027D95A91C ] RasMan C:\Windows\System32\rasmans.dll
08:44:50.0530 0x0d88 RasMan - ok
08:44:50.0545 0x0d88 [ 4517FBF8B42524AFE4EDE1DE102AAE3E, F01C8A773A637B66192BD16DDE467CAECC6E62853DBDB507FF3FC67B4B388988 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:44:50.0577 0x0d88 RasPppoe - ok
08:44:50.0608 0x0d88 [ C6A593B51F34C33E5474539544072527, 8182C1D15CDC164363D3DD355197160167A00BA9FA833AA444317D06344EF7CE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:44:50.0639 0x0d88 RasSstp - ok
08:44:50.0670 0x0d88 [ 322DB5C6B55E8D8EE8D6F358B2AAABB1, 07B89F701594F680F50A885B923521763A6131104CEE63D422E1C359C23AE2F6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:44:50.0717 0x0d88 rdbss - ok
08:44:50.0748 0x0d88 [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:44:50.0779 0x0d88 RDPCDD - ok
08:44:50.0826 0x0d88 [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
08:44:50.0873 0x0d88 rdpdr - ok
08:44:50.0889 0x0d88 [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:44:50.0935 0x0d88 RDPENCDD - ok
08:44:50.0951 0x0d88 [ AE4BD9E1C33D351D8E607FC81F15160C, AD785CA72B7C6EB9F94B2E797C758C0F804DB26EE056DDC6D4F85BB562A02EA4 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:44:50.0967 0x0d88 RDPWD - ok
08:44:51.0091 0x0d88 [ F51E6123B1897B3F1641259F5E354887, AE0E4E04C64E3FA063D311EFF1476D844ACEF0A41CF70BA33C16F1E61EE00402 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
08:44:51.0294 0x0d88 ReflectService.exe - ok
08:44:51.0310 0x0d88 [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:44:51.0357 0x0d88 RemoteAccess - ok
08:44:51.0388 0x0d88 [ 44B9D8EC2F3EF3A0EFB00857AF70D861, A45D8024A242456A73337C91663A3E1633BF163234CDFD5DF86840F31FFFE84D ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:44:51.0435 0x0d88 RemoteRegistry - ok
08:44:51.0481 0x0d88 [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator C:\Windows\system32\locator.exe
08:44:51.0497 0x0d88 RpcLocator - ok
08:44:51.0559 0x0d88 [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF, 3BE4B8EE22FA55D3A17D3718781C8BCA631C78F7928092561F6B79BB60E7D7FE ] RpcSs C:\Windows\system32\rpcss.dll
08:44:51.0606 0x0d88 RpcSs - ok
08:44:51.0637 0x0d88 [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:44:51.0684 0x0d88 rspndr - ok
08:44:51.0715 0x0d88 [ F49D8DF8895D809CB0A4DEB44113DE6F, F2481B7A6331388024D1841A6F926F4BDEB4AC9A4B7D6786CC9CCCFEA25C38D7 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh64.sys
08:44:51.0747 0x0d88 RTL8169 - ok
08:44:51.0747 0x0d88 [ 108729909CE285A352A1D1CB96BB1B2E, CC6E6E069567283BF85F4CE648DE0DDC8F79CBF28EA9D33F86B01A827543F1D4 ] RTSTOR C:\Windows\system32\drivers\RTSTOR64.SYS
08:44:51.0762 0x0d88 RTSTOR - ok
08:44:51.0793 0x0d88 [ 260BF9C43EE12C6898A9F5AAB0FB0E5D, 6585A87CE55EE5C51B18DF86E8EDFC6A909D96C87522FF4183F8BA9355E8DD44 ] SamSs C:\Windows\system32\lsass.exe
08:44:51.0809 0x0d88 SamSs - ok
08:44:51.0825 0x0d88 [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:44:51.0840 0x0d88 sbp2port - ok
08:44:51.0871 0x0d88 [ FD1CDCF108D5EF3366F00D18B70FB89B, 5BCE3A9D5DC0B6937A734264C5B8DE0E6B8F77A869A118F94D57E662AAB28FE2 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:44:51.0918 0x0d88 SCardSvr - ok
08:44:51.0981 0x0d88 [ 0F838C811AD295D2A4489B9993096C63, 3DF2F973359249735810CB5AD52E05126A93A1C7D9F6274ACB018A0A125846BD ] Schedule C:\Windows\system32\schedsvc.dll
08:44:52.0059 0x0d88 Schedule - ok
08:44:52.0059 0x0d88 [ 5A268127633C7EE2A7FB87F39D748D56, 45C530A0EE0108543A75B9427F77EBB5E8350AE16C235763B6F32E72CE15C449 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:44:52.0090 0x0d88 SCPolicySvc - ok
08:44:52.0121 0x0d88 [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:44:52.0183 0x0d88 SDRSVC - ok
08:44:52.0199 0x0d88 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:44:52.0261 0x0d88 secdrv - ok
08:44:52.0293 0x0d88 [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon C:\Windows\system32\seclogon.dll
08:44:52.0324 0x0d88 seclogon - ok
08:44:52.0355 0x0d88 [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS C:\Windows\System32\sens.dll
08:44:52.0402 0x0d88 SENS - ok
08:44:52.0417 0x0d88 [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum C:\Windows\system32\drivers\serenum.sys
08:44:52.0464 0x0d88 Serenum - ok
08:44:52.0495 0x0d88 [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial C:\Windows\system32\drivers\serial.sys
08:44:52.0542 0x0d88 Serial - ok
08:44:52.0573 0x0d88 [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:44:52.0605 0x0d88 sermouse - ok
08:44:52.0636 0x0d88 [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv C:\Windows\system32\sessenv.dll
08:44:52.0683 0x0d88 SessionEnv - ok
08:44:52.0698 0x0d88 [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:44:52.0745 0x0d88 sffdisk - ok
08:44:52.0792 0x0d88 [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:44:52.0823 0x0d88 sffp_mmc - ok
08:44:52.0839 0x0d88 [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:44:52.0885 0x0d88 sffp_sd - ok
08:44:52.0901 0x0d88 [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:44:52.0948 0x0d88 sfloppy - ok
08:44:53.0026 0x0d88 [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:44:53.0073 0x0d88 SharedAccess - ok
08:44:53.0463 0x0d88 [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:44:53.0478 0x0d88 ShellHWDetection - ok
08:44:53.0494 0x0d88 [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
08:44:53.0509 0x0d88 SiSRaid2 - ok
08:44:53.0556 0x0d88 [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:44:53.0572 0x0d88 SiSRaid4 - ok
08:44:53.0681 0x0d88 [ A9A27A8E257B45A604FDAD4F26FE7241, C5A1056522EE2BA7B70D34E391477A0E9351569CEF28B875172F4B363F6D4177 ] slsvc C:\Windows\system32\SLsvc.exe
08:44:53.0853 0x0d88 slsvc - ok
08:44:53.0915 0x0d88 [ FD74B4B7C2088E390A30C85A896FC3AF, 897F1F89A4DDB356CF6E59EFBC32A2081C0CADE283793DB6879D263F7B2E313F ] SLUINotify C:\Windows\system32\SLUINotify.dll
08:44:53.0946 0x0d88 SLUINotify - ok
08:44:54.0009 0x0d88 [ 79ED2D6DEC26E0FEFB93EA21F09E6A51, 484E083E1D39AE8D54080E77EB199A447EE983EBDEC021EAAF4D478BD651AFE5 ] SmartFaceVWatchSrv C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatchSrv.exe
08:44:54.0024 0x0d88 SmartFaceVWatchSrv - detected UnsignedFile.Multi.Generic ( 1 )
08:44:56.0754 0x0d88 Detect skipped due to KSN trusted
08:44:56.0754 0x0d88 SmartFaceVWatchSrv - ok
08:44:56.0770 0x0d88 [ 290B6F6A0EC4FCDFC90F5CB6D7020473, 971888FE760641FF86165B9876E6FC12DBC309C0FED2734C60B9E0EBC078AAE0 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:44:56.0801 0x0d88 Smb - ok
08:44:56.0832 0x0d88 [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:44:56.0848 0x0d88 SNMPTRAP - ok
08:44:56.0895 0x0d88 [ 386C3C63F00A7040C7EC5E384217E89D, DD8766BCBD77EC6F67979A8B37B943A3A0E5478CE3FB129BF8FCA29B66529721 ] spldr C:\Windows\system32\drivers\spldr.sys
08:44:56.0910 0x0d88 spldr - ok
08:44:56.0973 0x0d88 [ F66FF751E7EFC816D266977939EF5DC3, 689BDD0B442830E162F2F9A8EFBD0E137F518C7F0CD92EDF4A43EFBA188B69F4 ] Spooler C:\Windows\System32\spoolsv.exe
08:44:56.0988 0x0d88 Spooler - ok
08:44:57.0051 0x0d88 [ 880A57FCCB571EBD063D4DD50E93E46D, D46BA584D1C33F17C4156127742FA470AA044C4BCE9E6A209E5B1F3A44C73350 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:44:57.0097 0x0d88 srv - ok
08:44:57.0113 0x0d88 [ A1AD14A6D7A37891FFFECA35EBBB0730, AE00950D330EE4C05F5AA9BC7E63E974766D8E93B607CB3E683C727E8A65049D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:44:57.0144 0x0d88 srv2 - ok
08:44:57.0191 0x0d88 [ 4BED62F4FA4D8300973F1151F4C4D8A7, 1835895B3E837F8862F7F669DFBDF5EAB627E5656377624474C17E92CF440D2A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:44:57.0222 0x0d88 srvnet - ok
08:44:57.0238 0x0d88 [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:44:57.0285 0x0d88 SSDPSRV - ok
08:44:57.0316 0x0d88 [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:44:57.0347 0x0d88 SstpSvc - ok
08:44:57.0394 0x0d88 [ 14B4DB4381E4A55F570D8BB699B791D6, 14975F249C59F9D13359FF064433246C46A8A3328ED69A23712649ACAAE9121D ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
08:44:57.0409 0x0d88 StillCam - ok
08:44:57.0456 0x0d88 [ 15825C1FBFB8779992CB65087F316AF5, E9431C016D209A7322C0586F11EEF0AB461AB5822960287BB1D0FBC30183614D ] stisvc C:\Windows\System32\wiaservc.dll
08:44:57.0487 0x0d88 stisvc - ok
08:44:57.0503 0x0d88 [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:44:57.0519 0x0d88 swenum - ok
08:44:57.0565 0x0d88 [ 6DE37F4DE19D4EFD9C48C43ADDBC949A, 9C3714238571704CEE2AD4F1E15029243E00B494345C41F74EFDF3F0328CC9EA ] swprv C:\Windows\System32\swprv.dll
08:44:57.0612 0x0d88 swprv - ok
08:44:57.0643 0x0d88 [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
08:44:57.0659 0x0d88 Symc8xx - ok
08:44:57.0690 0x0d88 [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
08:44:57.0706 0x0d88 Sym_hi - ok
08:44:57.0737 0x0d88 [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
08:44:57.0753 0x0d88 Sym_u3 - ok
08:44:57.0784 0x0d88 [ D8EDB37F6E235A47E12F1EAFD85C2B6F, 794F0D57ED175355C7A52F9047FDB8BF43655B450BC2120335AF98F0D8AC5830 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:44:57.0831 0x0d88 SynTP - ok
08:44:57.0893 0x0d88 [ 92D7A8B0F87B036F17D25885937897A6, 6759BAB11E5FBB143BE13DF1611AE5D41D379DF423D881E92E910DF6A37CBA85 ] SysMain C:\Windows\system32\sysmain.dll
08:44:58.0018 0x0d88 SysMain - ok
08:44:58.0033 0x0d88 [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll
08:44:58.0065 0x0d88 TabletInputService - ok
08:44:58.0111 0x0d88 [ CC2562B4D55E0B6A4758C65407F63B79, C6AD05B345C699A715EC13830D8EA6EE9822F4B713D15B1F29AC044674A0F498 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:44:58.0158 0x0d88 TapiSrv - ok
08:44:58.0174 0x0d88 [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS C:\Windows\System32\tbssvc.dll
08:44:58.0221 0x0d88 TBS - ok
08:44:58.0299 0x0d88 [ 89399663A2F0393AFFC79E8397ECA844, BA7D4DF5A2F5EB5328522D6136BB71F56263305B9396A437A8AFEF5A8C5C496C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:44:58.0377 0x0d88 Tcpip - ok
08:44:58.0423 0x0d88 [ 89399663A2F0393AFFC79E8397ECA844, BA7D4DF5A2F5EB5328522D6136BB71F56263305B9396A437A8AFEF5A8C5C496C ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
08:44:58.0548 0x0d88 Tcpip6 - ok
08:44:58.0564 0x0d88 [ A7FF25D9B9DA36797BD1EA48DB292DCE, D89C946633E77765923BD698F2665DC03C5CF1676EB2BAF4450A856B2E856997 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:44:58.0579 0x0d88 tcpipreg - ok
08:44:58.0595 0x0d88 [ D45586A9FACB2C9708B10E491EF748A6, 04F6A9D8B89DC8C2FAA77D415ACB12C51AA7FF65A2C9F209088232E447878B9C ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
08:44:58.0611 0x0d88 tdcmdpst - ok
08:44:58.0642 0x0d88 [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:44:58.0673 0x0d88 TDPIPE - ok
08:44:58.0689 0x0d88 [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:44:58.0735 0x0d88 TDTCP - ok
08:44:58.0767 0x0d88 [ 458919C8C42E398DC4802178D5FFEE27, E38828411DCE0AE2E2BF0D270FD80E47B46EDE4B44DAFD1DF11F54D427EACEB5 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:44:58.0798 0x0d88 tdx - ok
08:44:58.0813 0x0d88 [ 8C19678D22649EC002EF2282EAE92F98, 551E7EBA54C2345F2B7FD7AAA7ADA4C852C94F1B35E6E4BBEF883BAFA34F6262 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:44:58.0829 0x0d88 TermDD - ok
08:44:58.0876 0x0d88 [ 5A67A1108E347FCA6A64B74FFB108BDE, F9EC8932366FF4101C6F059567DDF099D895C90567C3E770DDDC71562434A821 ] TermService C:\Windows\System32\termsrv.dll
08:44:58.0923 0x0d88 TermService - ok
08:44:58.0938 0x0d88 [ 56793271ECDEDD350C5ADD305603E963, 7A29407C1C550FF3A6A3544811ABD971E9C760B984A7E64D5A1440C69D6AF483 ] Themes C:\Windows\system32\shsvcs.dll
08:44:58.0969 0x0d88 Themes - ok
08:44:58.0985 0x0d88 [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER C:\Windows\system32\mmcss.dll
08:44:59.0032 0x0d88 THREADORDER - ok
08:44:59.0094 0x0d88 [ E09CAAFB2B323A6FF120CEFB96DA0A44, E7CDC3ACA868B3F110004E0C717DA2F0EA776C29B123E68C41A381168A335640 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
08:44:59.0110 0x0d88 TMachInfo - ok
08:44:59.0172 0x0d88 [ 89F74C86523F5E334628DBCE66E6D165, 81BEA43618E7EBFF0F8C417CCCBC8E39D20948F99653AC859229F8E0CB50DB54 ] TNaviSrv C:\Program Files (x86)\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
08:44:59.0188 0x0d88 TNaviSrv - ok
08:44:59.0235 0x0d88 [ 19AF3434564E973BC232BBD629EC2BF6, 1791B3221F83E7E77A773F9635F1D304E06DCAAD5366292A227A2A453A9B196B ] TODDSrv C:\Windows\system32\TODDSrv.exe
08:44:59.0250 0x0d88 TODDSrv - detected UnsignedFile.Multi.Generic ( 1 )
08:45:01.0809 0x0d88 Detect skipped due to KSN trusted
08:45:01.0809 0x0d88 TODDSrv - ok
08:45:01.0824 0x0d88 [ E17A81E6AD0E89630A3B0F2ED5CBBDF5, BD5B4C1133E0A7ED1A11249ABAB43F42C840F9A4B2168ED1A1B227275E2585D8 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
08:45:01.0855 0x0d88 TosCoSrv - ok
08:45:01.0871 0x0d88 [ 19D979B9F6373A7CB17EBB7594FEB819, BCA98AE2AFA37E9FCEB5AFAABB565E4C8F6D4F0D621B43EE0E07D37C57817DB9 ] TOSHIBA SMART Log Service C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
08:45:01.0887 0x0d88 TOSHIBA SMART Log Service - detected UnsignedFile.Multi.Generic ( 1 )
08:45:04.0398 0x0d88 Detect skipped due to KSN trusted
08:45:04.0398 0x0d88 TOSHIBA SMART Log Service - ok
08:45:04.0429 0x0d88 [ DD50A5DF5F7B29FDB6B5FEA728C43DC3, 93D91A0821D6255DCCBF0466DB7B040801D15FACDE7AD053173E6E4999C61826 ] tos_sps64 C:\Windows\system32\DRIVERS\tos_sps64.sys
08:45:04.0461 0x0d88 tos_sps64 - ok
08:45:04.0476 0x0d88 [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks C:\Windows\System32\trkwks.dll
08:45:04.0523 0x0d88 TrkWks - ok
08:45:04.0554 0x0d88 [ 66328B08EF5A9305D8EDE36B93930369, FD8136BF15AB8D2DB15D011C4F813737D68EED1178462DB8CE40606C16185A30 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:45:04.0585 0x0d88 TrustedInstaller - ok
08:45:04.0601 0x0d88 [ B2388462329ACD17AF50D8701E0C1B18, 959D7B7CCB526367645BAA11C56C88C9AD741EE338BAD6513C54FC7ED43F3AC0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:45:04.0617 0x0d88 tssecsrv - ok
08:45:04.0648 0x0d88 [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
08:45:04.0663 0x0d88 tunmp - ok
08:45:04.0679 0x0d88 [ 30A9B3F45AD081BFFC3BCAA9C812B609, 57204F1F72FEFA086FF1D8A14487D56F4DEDD3C50FBB6903E0C4AC749EA720DE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:45:04.0695 0x0d88 tunnel - ok
08:45:04.0726 0x0d88 [ 9A744CC3D804EC38A6C2C65BC3C6FCD8, 28CDF1A8614444F4A7249FB7189B423579CA91D1373138CD3E6C048CE6D2799F ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
08:45:04.0741 0x0d88 TVALZ - ok
08:45:04.0788 0x0d88 [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:45:04.0804 0x0d88 uagp35 - ok
08:45:04.0819 0x0d88 [ FAF2640A2A76ED03D449E443194C4C34, CC2517DCFE6962EB2EDEB93E44CB53B113974C9C69A050E3F36385C8D78E810B ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:45:04.0866 0x0d88 udfs - ok
08:45:04.0897 0x0d88 [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:45:04.0944 0x0d88 UI0Detect - ok
08:45:04.0975 0x0d88 [ 332D341D92B933600D41953B08360DFB, 213A5C84ABB0D627C05B355084A26A5081645D4EC398FF19EF6BBCB690B10055 ] UleadBurningHelper C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
08:45:04.0991 0x0d88 UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
08:45:07.0581 0x0d88 Detect skipped due to KSN trusted
08:45:07.0581 0x0d88 UleadBurningHelper - ok
08:45:07.0596 0x0d88 [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:45:07.0612 0x0d88 uliagpkx - ok
08:45:07.0674 0x0d88 [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci C:\Windows\system32\drivers\uliahci.sys
08:45:07.0690 0x0d88 uliahci - ok
08:45:07.0705 0x0d88 [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata C:\Windows\system32\drivers\ulsata.sys
08:45:07.0721 0x0d88 UlSata - ok
08:45:07.0737 0x0d88 [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
08:45:07.0752 0x0d88 ulsata2 - ok
08:45:07.0768 0x0d88 [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:45:07.0799 0x0d88 umbus - ok
08:45:07.0830 0x0d88 [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost C:\Windows\System32\upnphost.dll
08:45:07.0893 0x0d88 upnphost - ok
08:45:07.0939 0x0d88 [ 858CC93477F9A9383E07861892600FF9, C72B25E7F6AF46AC22F8D2A1FA0345B290AAE642442C8A388EA75944334BB289 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:45:07.0971 0x0d88 usbccgp - ok
08:45:08.0002 0x0d88 [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:45:08.0049 0x0d88 usbcir - ok
08:45:08.0095 0x0d88 [ 82C3790E4E6F35087EF00994C7A72988, 95FA022BDAC65DCD2DA52C8FCC1F2C186B321F4599F40CB90262E24FD10AE16C ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:45:08.0111 0x0d88 usbehci - ok
08:45:08.0142 0x0d88 [ BE2EB33AF6EE2E5DA07EB987E0A321F5, 0FCFABA080C553451AE4FAFB54DFE57639251D97DA204C07EC66F469826F3B46 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:45:08.0173 0x0d88 usbhub - ok
08:45:08.0189 0x0d88 [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:45:08.0236 0x0d88 usbohci - ok
08:45:08.0251 0x0d88 [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:45:08.0314 0x0d88 usbprint - ok
08:45:08.0329 0x0d88 [ C024814884CE9E6C2E6ED76A63AC3B9A, 39C9EB54998547B0B65EEE6391AA326B02C7CA52FAE9CEB98D538FEC8D9F1858 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:45:08.0361 0x0d88 usbscan - ok
08:45:08.0392 0x0d88 [ B854C1558FCA0C269A38663E8B59B581, 08CC36B33FA2281FC88671BE051863AA8CA911446D24596049DB77FB4CB09EA6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:45:08.0439 0x0d88 USBSTOR - ok
08:45:08.0454 0x0d88 [ 308F6DDC052C970D679DA37D8A305279, E0F4C3C8F27E21C186289B115ECAB771777BC7E848F29D683C53C9F936F30848 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:45:08.0470 0x0d88 usbuhci - ok
08:45:08.0501 0x0d88 [ BF7A051DCCBA57C95541135B29CE0FB4, F3570ED5B57CB64A8222164038D53D1C2009013C50CFDE2E6105E8D4F642FEA6 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:45:08.0532 0x0d88 usbvideo - ok
08:45:08.0563 0x0d88 [ 060B7863943625E0193A3575C0C59E52, BF1DD3FEA873D7FCFC1A1E2FC342D4BAA1A244F47FCC8F6A00F11FF164086A51 ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS
08:45:08.0595 0x0d88 UVCFTR - ok
08:45:08.0626 0x0d88 [ D76E231E4850BB3F88A3D9A78DF191E3, 98CAD31C41AD155EA853DF850D94FA29543C3A7D26262D1B6881281D033CEBAF ] UxSms C:\Windows\System32\uxsms.dll
08:45:08.0657 0x0d88 UxSms - ok
08:45:08.0719 0x0d88 [ 294945381DFA7CE58CECF0A9896AF327, 67414C6D79D2826BC86BB37349C9D74DB4B667310CBC1ABFD103E26332AE4A00 ] vds C:\Windows\System32\vds.exe
08:45:08.0766 0x0d88 vds - ok
08:45:08.0813 0x0d88 [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:45:08.0844 0x0d88 vga - ok
08:45:08.0875 0x0d88 [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave C:\Windows\System32\drivers\vga.sys
08:45:08.0922 0x0d88 VgaSave - ok
08:45:08.0969 0x0d88 [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide C:\Windows\system32\drivers\viaide.sys
08:45:08.0985 0x0d88 viaide - ok
08:45:09.0016 0x0d88 [ 2B7E885ED951519A12C450D24535DFCA, 249009EBC1D306D51FDFA4A89588462AA2D8B6DF0A20BE250B60DD73200CB7F3 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:45:09.0031 0x0d88 volmgr - ok
08:45:09.0078 0x0d88 [ CEC5AC15277D75D9E5DEC2E1C6EAF877, EA989E257C4409F9AF3B35C4D7ED9134D930FE3733B077C4F3AA5497796F2CB0 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:45:09.0109 0x0d88 volmgrx - ok
08:45:09.0141 0x0d88 [ 582F710097B46140F5A89A19A6573D4B, 6F695B17BF476D027D3012352F3D4DFD0E0815823DA51A136767ECEF6D64A1CA ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:45:09.0156 0x0d88 volsnap - ok
08:45:09.0172 0x0d88 [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:45:09.0187 0x0d88 vsmraid - ok
08:45:09.0234 0x0d88 [ B75232DAD33BFD95BF6F0A3E6BFF51E1, A8120040F144AD42A39347A615F31BF752634994D4D134E2FAD23FEA9C1D71DF ] VSS C:\Windows\system32\vssvc.exe
08:45:09.0328 0x0d88 VSS - ok
08:45:09.0390 0x0d88 [ F14A7DE2EA41883E250892E1E5230A9A, EBCB74BE26437F6FE84A3B41AD034F451D4BD12CA77D4C7A433DB912E7D31593 ] W32Time C:\Windows\system32\w32time.dll
08:45:09.0718 0x0d88 W32Time - ok
08:45:09.0749 0x0d88 [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:45:09.0811 0x0d88 WacomPen - ok
08:45:09.0843 0x0d88 [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
08:45:09.0874 0x0d88 Wanarp - ok
08:45:09.0905 0x0d88 [ B8E7049622300D20BA6D8BE0C47C0CFD, 57CF218D1F7D505E354A15C552D94E3C5A68C2B07D7A76EBB0C87A0BFF5772D9 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:45:09.0921 0x0d88 Wanarpv6 - ok
08:45:09.0999 0x0d88 [ B4E4C37D0AA6100090A53213EE2BF1C1, 67107F542F3C937FA5D9B28BA2EBFE994FFE287F16C0BFCF79AD20B95C13F78B ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:45:10.0529 0x0d88 wcncsvc - ok
08:45:10.0545 0x0d88 [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:45:10.0576 0x0d88 WcsPlugInService - ok
08:45:10.0607 0x0d88 [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd C:\Windows\system32\drivers\wd.sys
08:45:10.0623 0x0d88 Wd - ok
08:45:10.0685 0x0d88 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:45:10.0732 0x0d88 Wdf01000 - ok
08:45:10.0747 0x0d88 [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost C:\Windows\system32\wdi.dll
08:45:10.0794 0x0d88 WdiServiceHost - ok
08:45:10.0810 0x0d88 [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost C:\Windows\system32\wdi.dll
08:45:10.0841 0x0d88 WdiSystemHost - ok
08:45:10.0872 0x0d88 [ 3E6D05381CF35F75EBB055544A8ED9AC, BEC43932BD6C34406B8850E28178B937BFD9512E49FD9F8C54DA7EE272B478A9 ] WebClient C:\Windows\System32\webclnt.dll
08:45:10.0903 0x0d88 WebClient - ok
08:45:10.0950 0x0d88 [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:45:10.0981 0x0d88 Wecsvc - ok
08:45:10.0981 0x0d88 [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:45:11.0028 0x0d88 wercplsupport - ok
08:45:11.0044 0x0d88 [ 66B9ECEBC46683F47EDC06333C075FEF, 35C33596D97DB65DE0A687644E9AD924AD5FCBAFD83FE4D23E7E58EF4BC4CC87 ] WerSvc C:\Windows\System32\WerSvc.dll
08:45:11.0091 0x0d88 WerSvc - ok
08:45:11.0106 0x0d88 [ 17291A612431D3E8B731A932DD88E8DB, 4AB325DB9871344C23F523C5FE10D351DF4CEF61E450180C34B95141F038A4A0 ] WIMMount C:\Program Files\Macrium\Reflect\wimmount.sys
08:45:11.0122 0x0d88 WIMMount - ok
08:45:11.0153 0x0d88 WinDefend - ok
08:45:11.0169 0x0d88 WinHttpAutoProxySvc - ok
08:45:11.0231 0x0d88 [ D2E7296ED1BD26D8DB2799770C077A02, B494719C2DEB7B9D2505866868143C4E4F59B88461920AA49BD9F1251B6571B8 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:45:11.0262 0x0d88 Winmgmt - ok
08:45:11.0371 0x0d88 [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM C:\Windows\system32\WsmSvc.dll
08:45:11.0527 0x0d88 WinRM - ok
08:45:11.0605 0x0d88 [ EC339C8115E91BAED835957E9A677F16, 3BBE6D4F1731198E8F0CFEE67C4CCA5C31E6968F8E02EF9E029C1847A26F513B ] Wlansvc C:\Windows\System32\wlansvc.dll
08:45:11.0637 0x0d88 Wlansvc - ok
08:45:11.0652 0x0d88 [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:45:11.0683 0x0d88 WmiAcpi - ok
08:45:11.0730 0x0d88 [ 21FA389E65A852698B6A1341F36EE02D, 2D60911EAAE26C4CE3DEF4FAD1EDE093F912209AA90741AAA8B93F06B37DF605 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:45:11.0761 0x0d88 wmiApSrv - ok
08:45:11.0777 0x0d88 WMPNetworkSvc - ok
08:45:11.0808 0x0d88 [ CBC156C913F099E6680D1DF9307DB7A8, FD8B227F445679E31048CA41442A978A98F267FED96E22C235F63C72AEEE2AB0 ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:45:11.0839 0x0d88 WPCSvc - ok
08:45:11.0886 0x0d88 [ 490A18B4E4D53DC10879DEAA8E8B70D9, D069D8C22CF78A0970E85C0B9879E08FF19458FAA75AE447BCF9236731F64252 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:45:11.0902 0x0d88 WPDBusEnum - ok
08:45:11.0980 0x0d88 [ 4CF27ED8D93A30BAA6F4DF50E62B7675, BDD0BD5C8DF13E0617429775F717E7078537C85921750BD3FE8401D7302166FD ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
08:45:12.0042 0x0d88 WPFFontCache_v0400 - ok
08:45:12.0058 0x0d88 [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:45:12.0105 0x0d88 ws2ifsl - ok
08:45:12.0136 0x0d88 [ 9EA3E6D0EF7A5C2B9181961052A4B01A, F39BAF1FC7DD1600C0052C2A6AA3BCBC8CA3DA96D1AC7B42B0F2810D051EE1B0 ] wscsvc C:\Windows\System32\wscsvc.dll
08:45:12.0167 0x0d88 wscsvc - ok
08:45:12.0167 0x0d88 WSearch - ok
08:45:12.0261 0x0d88 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
08:45:12.0526 0x0d88 wuauserv - ok
08:45:12.0541 0x0d88 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
08:45:12.0557 0x0d88 WudfPf - ok
08:45:12.0604 0x0d88 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:45:12.0635 0x0d88 WUDFRd - ok
08:45:12.0635 0x0d88 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:45:12.0666 0x0d88 wudfsvc - ok
08:45:12.0666 0x0d88 ================ Scan global ===============================
08:45:12.0682 0x0d88 [ 060DC3A7A9A2626031EB23D90151428D, 4AADA06E83603E9D4894D6CFC8DADB018307B384F438C809D4BC8E22BD937C3B ] C:\Windows\system32\basesrv.dll
08:45:12.0744 0x0d88 [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
08:45:12.0760 0x0d88 [ D665D594B7E11133D29D726BDDC7A5B0, 8EE45E719ACB23F388F2BE7E4311588E90DE7CF50988927CF0FED36DE380FACB ] C:\Windows\system32\winsrv.dll
08:45:12.0791 0x0d88 [ E8E05C05FBFEBD47FB7DBF7233F15302, 3099E64022E0E5347F7C8EFAD6D6E577157FC6B49386F3203E5438B38AE1EE36 ] C:\Windows\system32\services.exe
08:45:12.0807 0x0d88 [ Global ] - ok
08:45:12.0807 0x0d88 ================ Scan MBR ==================================
08:45:12.0807 0x0d88 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
08:45:13.0243 0x0d88 \Device\Harddisk0\DR0 - ok
08:45:13.0243 0x0d88 ================ Scan VBR ==================================
08:45:13.0243 0x0d88 [ 0CF86215720F09F01F1A51A744003562 ] \Device\Harddisk0\DR0\Partition1
08:45:13.0259 0x0d88 \Device\Harddisk0\DR0\Partition1 - ok
08:45:13.0259 0x0d88 ================ Scan generic autorun ======================
08:45:13.0259 0x0d88 Windows Defender - ok
08:45:13.0259 0x0d88 TPwrMain - ok
08:45:13.0321 0x0d88 [ 39780BFA848D30002194FDB4C7512562, A6278A3B109D18856D89386CDD8C28BA15C4C9D2ECBB73DDC00E73AE40ADF8EF ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
08:45:13.0399 0x0d88 SynTPEnh - ok
08:45:13.0399 0x0d88 SmoothView - ok
08:45:13.0462 0x0d88 [ C8612E58FB7FCFA5EEA4E39F7B8CBC17, 91FAF64968D26992574D5078989493F5A5F24239C7CB6834B31A25ECA9AA189A ] C:\Windows\Skytel.exe
08:45:13.0571 0x0d88 Skytel - ok
08:45:13.0758 0x0d88 [ E5CC1DCA56E1B7741168A78D9BCC23A1, 05E2287D590DB9D9766B5FBF0CB34A613048CCCA02251C4B56893B5C56E1602E ] C:\Windows\RAVCpl64.exe
08:45:15.0100 0x0d88 RtHDVCpl - ok
08:45:15.0131 0x0d88 [ 9A6E6E109878297198F189FADD3C5F59, 4571225A3B57BEBBDFCB650AD11716EEF52D5F35FA7A2D03C889A684AB264AD2 ] C:\Windows\system32\igfxpers.exe
08:45:15.0147 0x0d88 Persistence - ok
08:45:15.0209 0x0d88 [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] c:\Program Files\Microsoft Security Client\msseces.exe
08:45:15.0303 0x0d88 MSC - ok
08:45:15.0349 0x0d88 [ B33B9DE7D59933AF9DA6B5AA53FE7808, 4D5DE04CAC66784CABF7EAA3B954F950E3F74FECB9F5328FFBB99B4B53309D28 ] C:\Windows\system32\igfxtray.exe
08:45:15.0365 0x0d88 IgfxTray - ok
08:45:15.0381 0x0d88 [ 6E1AC019C8FD1997BF5A17DA93627510, 28E8C2CDF1203318C1CDE525D08236057A9B6938201ABB216B810655A51F27B4 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
08:45:15.0396 0x0d88 IAAnotif - ok
08:45:15.0396 0x0d88 HSON - ok
08:45:15.0412 0x0d88 [ 1876F6C377580A94325014FC1357461D, 2015788E42C0DE33318EC5B82637A93FBB93765676A82502B6C28757151FD292 ] C:\Windows\system32\hkcmd.exe
08:45:15.0443 0x0d88 HotKeysCmds - ok
08:45:15.0443 0x0d88 00TCrdMain - ok
08:45:15.0459 0x0d88 NDSTray.exe - ok
08:45:15.0474 0x0d88 jswtrayutil - ok
08:45:15.0474 0x0d88 cfFncEnabler.exe - ok
08:45:15.0537 0x0d88 [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
08:45:15.0599 0x0d88 Adobe ARM - ok
08:45:15.0646 0x0d88 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:45:15.0724 0x0d88 Sidebar - ok
08:45:15.0739 0x0d88 WindowsWelcomeCenter - ok
08:45:15.0817 0x0d88 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
08:45:15.0880 0x0d88 Sidebar - ok
08:45:15.0895 0x0d88 WindowsWelcomeCenter - ok
08:45:15.0958 0x0d88 [ 8B9DDDC3127C4B7ECA262E61B576921E, 51A5BA39BABD86478A7BF02F2B7B5548054591B3097FA7A5F89B3BE3EE4CAD6A ] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
08:45:15.0989 0x0d88 TOSCDSPD - detected UnsignedFile.Multi.Generic ( 1 )
08:45:26.0098 0x0d88 TOSCDSPD ( UnsignedFile.Multi.Generic ) - warning
08:45:29.0592 0x0d88 Waiting for KSN requests completion. In queue: 78
08:45:30.0606 0x0d88 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
08:45:30.0606 0x0d88 Win FW state via NFP2: enabled
08:45:33.0180 0x0d88 ============================================================
08:45:33.0180 0x0d88 Scan finished
08:45:33.0180 0x0d88 ============================================================
08:45:33.0196 0x0e58 Detected object count: 1
08:45:33.0196 0x0e58 Actual detected object count: 1
08:47:06.0281 0x0e58 TOSCDSPD ( UnsignedFile.Multi.Generic ) - skipped by user
08:47:06.0282 0x0e58 TOSCDSPD ( UnsignedFile.Multi.Generic ) - User select action: Skip
win98forever is offline  
Old 07-09-2015, 12:00 AM   #9
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello,

Okay. Please do the following.

Please download Malwarebytes Anti-Malware and save it to your desktop.

Double-click mbam-setup-2.1.8.1057.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
Click Finish.
On the Settings tab > Detection and Protection subtab, Detection Options section, tick the box Scan for rootkits.
Click on the Scan tab, then click on Start Scan.
A check for database updates will be performed.
After the update check completes, a scan will begin.
With some infections, you may see this message box.
  • 'Could not load DDA driver'
Click Yes to this message, to allow the driver to load after a restart.
Allow the computer to restart. Continue with the rest of these instructions.
When the scan is complete, click 'Remove Selected'.
In most cases, a restart will be required and a prompt will be shown.
Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs:

After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click Export.
Click Text file (*.txt)
In the Save File dialog box which appears, click on Desktop.
In the File name: box type a name for your scan log.
A message box named File Saved should appear stating "Your file has been successfully exported".
Click Ok
Attach that saved log to your next reply.
__________________
tekir06 is offline  
Old 07-09-2015, 08:14 AM   #10
TSF Enthusiast
 
Join Date: Jul 2009
Posts: 687
OS: vista home premium, Windows 10



MWB Scan log
Attached Files
File Type: txt MWBscan7-9-15.txt (1.0 KB, 29 views)
win98forever is offline  
Old 07-09-2015, 11:07 PM   #11
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello win98forever,

As I wrote before, I did not see any issue in your logs. The issue does not seem malware related.

Since the issue still persists, I think you would be better served seeking further troubleshooting guidance at the Mozilla support forum. After all, it is their software.

Your reports are clear. Let's remove all tools and logs that we use.

Please download delfix to your desktop.

  • Close all other programs and start delfix.
  • Right-click on delfix.exe and select " Run as administrator " to run it.
  • Ensure Remove disinfection tools is ticked. Also tick: Create registry backup, Purge system restore
  • Click Run
  • delfix will now delete all found traces of our removal process.

Note: The program will run for a few moments and then notepad will open with a log. No need to post this log.

=========================================================

MICROSOFT UPDATES

It is very important that you get all of the critical updates for your Operating System. Another essential is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats, Microsoft releases security updates that help keep your computer from becoming vulnerable. It is best if you have these set to download automatically.

Turn ON Automatic Updates in Windows Vista

------------------------------------------------------

Make sure you backup your system, so possible reformatting in the future isn't necessary:

Backup and Restore - Microsoft Windows

------------------------------------------------------

PREVENTION

Please read the article below which will give you a few suggestions for how to minimise your chances of getting another infection.
  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware, or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop

    WOT has an add-on available for IE, Firefox, and Chrome.
  • MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is the IP of your local computer. See guide here and for Windows Vista here

Keep your antivirus program and antispyware programs updated and scan with them on a regular basis.

Please respond to this thread one more time so we can mark this thread as resolved.
__________________
tekir06 is offline  
Old 07-10-2015, 08:36 AM   #12
TSF Enthusiast
 
Join Date: Jul 2009
Posts: 687
OS: vista home premium, Windows 10



Thank You
win98forever is offline  
Old 07-10-2015, 01:56 PM   #13
Security Team
Analyst
 
tekir06's Avatar
 
Join Date: Oct 2010
Location: Turkiye
Posts: 1,859
OS: Windows 7 (32 Bit)



Hello win98forever,

You're welcome. Thank you for the patience and cooperation.
__________________
tekir06 is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Urgent help, No Internet- not start bar, not a lot of options....
Hi, I have an issue with my laptop. HP compaq nx6325 - it's on windows xp. I installed malwarebytes as instructed by a friend as I suspected that my computer was infected. But I know little about these things, so since doing this it's gotten worst. I can't access any Internet sites. I...
axelloughrey Inactive Malware Help Topics 73 11-14-2012 08:42 AM
possibly spyware, adware or what ever else.
Hi all, when i open a browser, it automatically direct me to some random sites. I tried making my default homepage something else but it still does the same thing. I would believe that it is either spyware or adware. Moreover, I have experienced that sometimes when i idol from my computer, it...
kewin118 Resolved HJT Threads 19 10-30-2012 04:49 AM
Strange and Suspicious Things Happen To My Laptop
Hi, When I try to install something to my laptop, or copy files from USBs, External HDDs, it says "There is not enough disk space", but I have 30GB free space? That was the first problem, the second is, my PC works too slow, I cleaned all the temporarily and unnecessary things. Also I have...
baronzemo Laptop Support 1 01-23-2012 06:53 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 02:53 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts