| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Skype hat eigenständig Nachrichten mit Links versendetWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.07.2015, 06:35
| #1 |
| |  Skype hat eigenständig Nachrichten mit Links versendet Guten Morgen, mein Skype hat gestern Abend irgendwelche Links an meine Kontakte gesendet. Ich bin mir unsicher, was die Ursache ist. Ich habe erst gedacht, dass mein Rechner ggf. infiziert ist, aber dann ist mir aufgefallen, dass der Rechner zum Versendezeitpunkt (je nach Kontakt 21:01 oder 21:02) vermutlich nicht an war. Ein Virenscan mit Zonealarm war ohne "Befund". Die nächste Idee war, dass mein Skype-Konto direkt gehackt wurde. Ich habe daraufhin das Passwort für das Konto geändert und Microsoft benachrichtigt (noch keine Rückmeldung). Meine Frage jetzt: Wie soll ich am besten weiter vorgehen? Mein Microsoft-Account war auch mit Skype gekoppelt, ich wollte aber das Passwort nicht ändern, solange ich nicht weiß ob mein Rechner infiziert ist. EDIT: Habe auf der Microsoft-Website die Zugriffe auf meinen Account überprüft und zum o.g. Zeitfenster keinen Zugriff festgestellt. Auch sonst keine Auffälligkeiten in den letzten Tagen. Vielen Dank für die Hilfe! Geändert von mwac2015 (10.07.2015 um 06:41 Uhr) |
|
10.07.2015, 07:26
| #2 |
| /// the machine /// TB-Ausbilder    | Skype hat eigenständig Nachrichten mit Links versendet hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
10.07.2015, 07:35
| #3 |
| | Skype hat eigenständig Nachrichten mit Links versendet FRST
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-07-2015
Ran by Marius (administrator) on MARIUS-CHRONOS on 10-07-2015 08:33:31
Running from C:\Users\Marius\Desktop
Loaded Profiles: Marius (Available Profiles: Marius)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIGAU.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.88\opera.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894152 2013-11-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13674712 2014-07-16] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [403888 2012-08-23] (Acronis)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-05-30] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [191528 2014-07-04] (Geek Software GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6049096 2012-08-23] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [943856 2012-07-24] (Acronis)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2372800 2014-11-26] (Microsoft Corp.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [708496 2015-04-20] (Cisco Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\Run: [Epson Stylus Office BX525WD(Netzwerk)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAU.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [8891304 2015-02-19] (SlySoft, Inc.)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\Run: [EPSON BX525WD Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAU.EXE [224768 2010-01-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\MountPoints2: {74545a93-89e8-11e4-8272-1867b045bb23} - "D:\DTVP_Launcher.exe"
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\MountPoints2: {a5197f6a-2147-11e4-8257-1867b045bb23} - "F:\AutoRun.exe"
Startup: C:\Users\Marius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-08-03]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2012-08-23] (Acronis)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2918710268-1203623505-3801247500-1001 -> DefaultScope {686F1142-98D7-4E71-9AC6-92C0519C20BF} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=DE&q={searchTerms}&gu=1b7616de46664418a1eebcb599becaf8&tu=10G9z00FF1D20F0&sku=&tstsId=&ver=&&r=921
SearchScopes: HKU\S-1-5-21-2918710268-1203623505-3801247500-1001 -> {686F1142-98D7-4E71-9AC6-92C0519C20BF} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=HFA5&Lan=DE&q={searchTerms}&gu=1b7616de46664418a1eebcb599becaf8&tu=10G9z00FF1D20F0&sku=&tstsId=&ver=&&r=921
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-05-19] (Microsoft Corporation)
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-05-28] (Microsoft Corporation)
BHO-x32: Zonealarm Helper Object -> {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} -> C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.29.17\bh\zonealarm.dll [2014-02-26] (Check Point Software Technologies LTD)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2013-08-22] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Hosts: 127.0.0.1 activation.acronis.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{690D39D4-D280-45E1-A163-5220F6E67471}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7F085F59-44FD-4F75-A859-8110C3C86677}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\wmnrb8uv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-08-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: iMacros for Firefox - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\wmnrb8uv.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-06-08]
FF Extension: Ghostery - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\wmnrb8uv.default\Extensions\firefox@ghostery.com.xpi [2014-08-15]
FF Extension: Modify Headers - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\wmnrb8uv.default\Extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2014-08-15]
FF Extension: Video DownloadHelper - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\wmnrb8uv.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-07-06]
FF Extension: Adblock Plus - C:\Users\Marius\AppData\Roaming\Mozilla\Firefox\Profiles\wmnrb8uv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-15]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2015-03-15]
Opera:
=======
OPR Extension: (Ghostery) - C:\Users\Marius\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2015-03-06]
OPR Extension: (DuckDuckGo) - C:\Users\Marius\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfbekbndggmbdkfhjandenfihkdkndil [2014-08-03]
OPR Extension: (Adblock Plus) - C:\Users\Marius\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-03-06]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corp.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2739888 2015-05-19] (Microsoft Corporation)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100104 2013-09-05] (ELAN Microelectronics Corp.)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-06-02] (Foxit Software Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-28] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [File not signed]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3020120 2015-04-21] (Samsung Electronics CO., LTD.)
R2 vmms; C:\Windows\system32\vmms.exe [13784064 2015-04-01] (Microsoft Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3592120 2014-05-30] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [90936 2014-05-29] (Check Point Software Technologies, Ltd.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-11] (Disc Soft Ltd)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [22832 2013-07-24] (ELAN Microelectronic Corp.)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2014-08-23] (Microsoft Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-04-30] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29616 2014-04-30] (Kaspersky Lab)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-04-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490080 2014-04-30] (Kaspersky Lab ZAO)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2014-08-23] (Microsoft Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-08-22] (Intel Corporation)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2014-08-23] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2014-08-23] (Microsoft Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
R3 SensorsAlsDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [1093256 2014-11-29] (Acronis)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-08-23] (Microsoft Corporation)
R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [688640 2014-10-08] (Microsoft Corporation)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2015-04-20] (Cisco Systems, Inc.)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [450968 2014-05-30] (Check Point Software Technologies Ltd.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-10 08:33 - 2015-07-10 08:33 - 00023532 _____ C:\Users\Marius\Desktop\FRST.txt
2015-07-10 07:35 - 2015-07-10 08:33 - 00000000 ____D C:\FRST
2015-07-10 07:22 - 2015-07-10 07:22 - 02112512 _____ (Farbar) C:\Users\Marius\Desktop\FRST64.exe
2015-07-03 09:30 - 2015-07-03 09:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-01 14:43 - 2015-07-01 14:43 - 00000000 ____D C:\Users\Public\Foxit Software
2015-07-01 14:43 - 2015-07-01 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2015-06-27 13:34 - 2015-06-27 13:34 - 00000000 ____D C:\Users\Marius\Documents\Adobe
2015-06-19 07:29 - 2015-06-19 07:29 - 00000000 ____D C:\Users\Marius\AppData\Local\GWX
2015-06-17 20:01 - 2015-04-01 05:30 - 13784064 _____ (Microsoft Corporation) C:\Windows\system32\vmms.exe
2015-06-17 19:48 - 2015-04-09 00:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
2015-06-17 19:47 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-17 19:47 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-17 19:47 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-17 19:47 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-17 19:47 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-17 19:47 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-17 19:47 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-17 19:47 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-17 19:44 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-06-17 19:44 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-06-17 19:44 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-06-17 19:44 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-06-17 19:44 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-06-17 19:44 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-06-17 19:38 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-06-17 19:38 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-06-17 19:38 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-06-17 19:38 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-06-17 19:38 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-06-17 19:38 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-06-17 19:38 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-06-17 19:38 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-06-17 19:38 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-06-17 19:38 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-06-17 19:38 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-06-17 19:38 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-06-17 19:38 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-06-17 19:33 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-17 19:33 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-17 19:33 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-06-17 19:32 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-06-17 19:32 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-06-17 19:31 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-06-17 19:31 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-06-17 19:30 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-06-17 19:30 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-06-17 19:30 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-06-16 07:51 - 2015-06-16 07:51 - 00000000 ____D C:\Users\Marius\AppData\Local\TempTaskUpdateDetection60866BA7-FF1C-4157-91CE-4D3CB1BF44AE
2015-06-11 08:13 - 2015-06-11 08:13 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-06-10 07:10 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 07:10 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 07:10 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 07:10 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 07:10 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 07:10 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 07:10 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 07:10 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 07:10 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 07:10 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 07:10 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-10 07:10 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-06-10 07:10 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 07:10 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 07:10 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 07:10 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 07:10 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-06-10 07:10 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 07:10 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 07:10 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 07:10 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 07:10 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 07:10 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 07:10 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 07:10 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 07:10 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 07:10 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 07:10 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 07:10 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-10 07:10 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 07:10 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-06-10 07:10 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-10 07:10 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 07:10 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 07:10 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 07:10 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 07:10 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 07:10 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-06-10 07:10 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 07:10 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 07:07 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 07:07 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 07:06 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-10 08:26 - 2014-08-03 10:09 - 01814593 _____ C:\Windows\WindowsUpdate.log
2015-07-10 08:20 - 2015-06-08 21:05 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-10 08:15 - 2014-08-03 13:08 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Skype
2015-07-10 08:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-07-10 08:06 - 2014-08-03 20:14 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-10 08:06 - 2014-08-03 20:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-10 08:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-10 07:38 - 2014-08-03 15:53 - 00005162 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MARIUS-CHRONOS-Marius Marius-Chronos
2015-07-10 07:20 - 2014-08-03 10:14 - 01776922 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-10 07:20 - 2013-08-23 01:24 - 00765762 _____ C:\Windows\system32\perfh007.dat
2015-07-10 07:20 - 2013-08-23 01:24 - 00159546 _____ C:\Windows\system32\perfc007.dat
2015-07-10 07:17 - 2014-08-23 12:40 - 27590656 _____ C:\Windows\system32\vmguest.iso
2015-07-10 07:15 - 2014-08-03 10:14 - 00000000 ____D C:\Users\Marius\SkyDrive
2015-07-10 07:14 - 2013-08-22 16:46 - 00024137 _____ C:\Windows\setupact.log
2015-07-10 07:14 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-09 23:38 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2015-07-09 16:32 - 2015-06-02 20:19 - 00001910 _____ C:\Users\Public\Desktop\SW Update.lnk
2015-07-09 15:39 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-09 15:38 - 2014-08-03 10:24 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2918710268-1203623505-3801247500-1001
2015-07-08 16:49 - 2014-08-15 20:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-06 23:24 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-06 23:24 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-06 13:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-02 09:37 - 2014-08-03 10:08 - 00029782 _____ C:\Windows\PFRO.log
2015-07-01 18:36 - 2014-08-03 10:12 - 00000000 ____D C:\Users\Marius\AppData\Local\Packages
2015-07-01 17:46 - 2014-08-03 10:12 - 00000000 ____D C:\Users\Marius
2015-07-01 14:43 - 2014-08-03 14:56 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Foxit Software
2015-07-01 14:36 - 2015-03-15 18:26 - 00000000 ____D C:\Users\Marius\Documents\Citavi 4
2015-07-01 09:57 - 2014-09-05 18:44 - 00000000 ____D C:\Users\Marius\AppData\Local\Adobe
2015-06-30 15:53 - 2014-11-17 19:13 - 00000000 __SHD C:\Users\Marius\AppData\Local\EmieBrowserModeList
2015-06-30 15:53 - 2014-08-05 09:03 - 00000000 __SHD C:\Users\Marius\AppData\Local\EmieUserList
2015-06-30 15:53 - 2014-08-05 09:03 - 00000000 __SHD C:\Users\Marius\AppData\Local\EmieSiteList
2015-06-30 15:53 - 2014-08-03 11:49 - 00000000 ____D C:\Users\Marius\AppData\Local\DoNotTrackPlus
2015-06-30 10:59 - 2014-08-03 15:39 - 00000000 ____D C:\Windows\system32\MRT
2015-06-30 10:56 - 2014-08-03 15:39 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-29 23:18 - 2015-03-18 23:20 - 00000000 ____D C:\Program Files (x86)\Tor Browser
2015-06-28 15:49 - 2015-05-24 12:46 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-28 14:54 - 2014-08-04 14:19 - 00033049 ____H C:\Windows\SysWOW64\BTImages.dat
2015-06-27 13:34 - 2014-08-03 10:12 - 00000000 ____D C:\Users\Marius\AppData\Roaming\Adobe
2015-06-27 13:33 - 2014-08-03 11:50 - 00003858 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1407059397
2015-06-27 13:33 - 2014-08-03 11:49 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-27 13:33 - 2014-08-03 11:49 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-25 10:08 - 2014-08-03 13:08 - 00000000 ____D C:\ProgramData\Skype
2015-06-19 06:50 - 2014-08-03 12:55 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-06-18 07:08 - 2015-04-16 23:28 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-18 07:08 - 2015-03-21 21:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-18 07:08 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-06-11 20:12 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-11 08:12 - 2014-08-16 22:40 - 00160132 _____ C:\Windows\DirectX.log
2015-06-11 08:12 - 2014-08-03 10:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-11 07:24 - 2013-08-22 16:44 - 00482936 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 07:55 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
==================== Files in the root of some directories =======
2015-02-14 14:56 - 2015-02-14 14:56 - 0007616 _____ () C:\Users\Marius\AppData\Local\Resmon.ResmonCfg
2015-03-05 20:57 - 2015-03-15 18:04 - 0000040 ___SH () C:\ProgramData\.zreglib
2014-08-03 10:23 - 2014-08-03 10:23 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Some files in TEMP:
====================
C:\Users\Marius\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Marius\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Marius\AppData\Local\Temp\install_flashplayer14x32_chrd_dn_aaa_aih.exe
C:\Users\Marius\AppData\Local\Temp\raptrpatch.exe
C:\Users\Marius\AppData\Local\Temp\raptr_stub.exe
C:\Users\Marius\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-08 08:00
==================== End of log ============================
Addition [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:09-07-2015
Ran by Marius at 2015-07-10 08:33:55
Running from C:\Users\Marius\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2918710268-1203623505-3801247500-500 - Administrator - Disabled)
Gast (S-1-5-21-2918710268-1203623505-3801247500-501 - Limited - Disabled)
Marius (S-1-5-21-2918710268-1203623505-3801247500-1001 - Administrator - Enabled) => C:\Users\Marius
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ZoneAlarm Antivirus (Enabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 18.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Access 97rt PAN EURO G (HKLM-x32\...\Access 97rt PAN EURO G) (Version: - )
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.191 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 4.4 64-bit (HKLM\...\{11A955CD-4398-405A-886D-E464C3618FBF}) (Version: 4.4.1 - Adobe)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.8.0 - SlySoft)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.08009 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.08009 - Cisco Systems, Inc.) Hidden
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.5.0.11 - Swiss Academic Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
EPSON BX525WD Series Printer Uninstall (HKLM\...\EPSON BX525WD Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.3 (HKLM-x32\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION)
ETDWare X64 11.7.19.9_WHQL (HKLM\...\Elantech) (Version: 11.7.19.9 - ELAN Microelectronic Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.5.116.602 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3304 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e1172fd4-a6d9-4cfa-8256-268f728fec31}) (Version: 16.5.3 - Intel Corporation)
LEGO® Worlds (HKLM-x32\...\Steam App 332310) (Version: - TT Games)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4727.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero Prerequisite Installer 3.0 (HKLM-x32\...\{929FAC65-06DD-4577-882C-E8A558C47B75}) (Version: 15.0.00900 - Nero AG)
Nero Recode 2014 (HKLM-x32\...\{EAB8C220-0446-4766-AF79-B7B8933EBA10}) (Version: 15.0.00400 - Nero AG)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden
Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
PDF24 Creator 6.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Prerequisite installer (x32 Version: 15.0.0010 - Nero AG) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7299 - Realtek Semiconductor Corp.)
S Agent (Version: 1.1.52 - Samsung Electronics CO., LTD.) Hidden
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SRS Premium Sound (HKLM-x32\...\{E44F8A34-529E-4318-A0E1-1893C337A47F}) (Version: 1.00.4700 - DTS, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SW Update (HKLM-x32\...\{AAFEFB05-CF98-48FC-985E-F04CD8AD620D}) (Version: 2.2.9 - Samsung Electronics CO., LTD.)
True Image 2013 (HKLM-x32\...\{59F3D2AC-5F1F-4A93-8F23-6FD4F029D9A9}Visible) (Version: 16.0.5551 - Acronis)
True Image 2013 (x32 Version: 16.0.5551 - Acronis) Hidden
True Image 2013 Plus Pack (HKLM-x32\...\{C408E706-94A7-454C-8B52-538AA6CBD0FB}) (Version: 16.0.5551 - Acronis)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Phone Recovery Tool 1.2.4 (HKLM-x32\...\{54718f79-d2d7-4832-b678-472bfd963bb1}) (Version: 1.2.4 - Microsoft)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
WinUsb CoInstallers (HKLM-x32\...\{B7D4B08A-9D89-4369-B51C-92CF8C03D2F8}) (Version: 1.1.8.1406 - Nokia)
WinUSB Compatible ID Drivers (HKLM-x32\...\{316ED84C-ACDA-4F1F-8E64-52B7AFF8677D}) (Version: 1.1.9.1439 - Nokia)
WinUSB Drivers ext (HKLM-x32\...\{238EAE31-4E9E-43CF-B244-C4879279E6AF}) (Version: 1.1.12.1439 - Nokia)
ZoneAlarm Antivirus (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.2.015.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar (HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2918710268-1203623505-3801247500-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Marius\AppData\Local\Microsoft\OneDrive\17.3.5860.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
17-06-2015 20:30:43 Windows Update
28-06-2015 14:52:54 Windows Update
05-07-2015 15:12:34 Geplanter Prüfpunkt
09-07-2015 15:38:57 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2014-11-29 19:19 - 00000860 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.acronis.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2104F350-F6A3-45C6-9450-4CB33FAC1B00} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-06-30] (Microsoft Corporation)
Task: {2D81EFF9-23D4-4159-BCD6-9A533C4935FA} - System32\Tasks\{4E84E688-F595-482F-85C6-FCE30EC88154} => c:\program files (x86)\opera\launcher.exe [2015-06-19] (Opera Software)
Task: {3C372233-9FA5-4268-A5CC-C940799F95CF} - System32\Tasks\Opera scheduled Autoupdate 1407059397 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software)
Task: {3C7C8E8B-3F2E-4523-AD4B-5DC718AF8976} - System32\Tasks\{2FAD313F-97C5-41A3-BC0B-332A7CACB750} => pcalua.exe -a D:\DirectX6\DirectX6\Directx\dinstall.exe -d D:\DirectX6\DirectX6\Directx
Task: {46F2920B-2A84-4584-B46C-087A5E83171B} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-2918710268-1203623505-3801247500-1001 => %localappdata%\Microsoft\OneDrive\OneDrive.exe
Task: {46FB1D2E-FE6E-40D7-972F-DBE33D5F204A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {764D533A-9944-4581-BAA1-B1AFBA5DD413} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MARIUS-CHRONOS-Marius Marius-Chronos => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-28] (Microsoft Corporation)
Task: {7838E32E-A13A-4F42-BF1C-D5B3E40276F3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-28] (Microsoft Corporation)
Task: {85217D18-D7CE-45BC-86E0-105C1D91A7E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {8F46185B-6E2E-431F-8EF0-7CC735731F9D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {93D57529-3A23-4BD8-BF9A-56C5701F7DF7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-10] (Adobe Systems Incorporated)
Task: {9707F2C1-9FA6-4108-A2B9-AD3CE142F242} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)
Task: {A6F65BDD-5CC2-44E5-B3E8-B29FCF05FC38} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2015-02-04] (Samsung Electronics CO., LTD.)
Task: {B9FA1C7C-8331-48C1-A45A-C943D14F0750} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation)
Task: {E4B39473-0E83-4FD6-9A00-8C111EC705CF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
2014-08-03 12:55 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2014-05-21 00:33 - 2014-05-21 00:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-04 16:11 - 2015-02-04 16:11 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2015-04-20 17:46 - 2015-04-20 17:46 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-08-23 01:42 - 2012-08-23 01:42 - 00435584 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-11-20 08:52 - 2014-11-20 08:52 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-11-20 08:57 - 2014-11-20 08:57 - 00316576 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-08-03 10:20 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-08 21:30 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-06-08 21:30 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-06-08 21:30 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-06-08 21:30 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-06-08 21:30 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-06-08 21:30 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-06-08 21:30 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-06-08 21:30 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-06-08 21:30 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-06-08 21:30 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-06-08 21:30 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-06-08 21:30 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-06-08 21:30 - 2015-05-11 21:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
2015-06-27 13:33 - 2015-06-27 13:33 - 00157304 _____ () C:\Program Files (x86)\Opera\30.0.1835.88\message_center_win8.dll
2015-06-27 13:33 - 2015-06-27 13:33 - 01649272 _____ () C:\Program Files (x86)\Opera\30.0.1835.88\libglesv2.dll
2015-06-27 13:33 - 2015-06-27 13:33 - 00081016 _____ () C:\Program Files (x86)\Opera\30.0.1835.88\libegl.dll
2012-08-23 02:12 - 2012-08-23 02:12 - 00019840 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Marius\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marius\AppData\Local\Microsoft\BingDesktop\themes\2015-07-02.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "BingDesktop"
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\StartupApproved\Run: => "HydraVisionDesktopManager"
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\StartupApproved\Run: => "Raptr"
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\StartupApproved\Run: => "Speech Recognition"
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\StartupApproved\Run: => "Epson Stylus Office BX525WD(Netzwerk)"
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\StartupApproved\Run: => "AnyDVD"
HKU\S-1-5-21-2918710268-1203623505-3801247500-1001\...\StartupApproved\Run: => "Steam"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2367385D-B1F1-4E72-8E79-3C664D64F3CE}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{F1B3F536-EB08-4CAA-9362-A1066F63444E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3C2C7136-9E48-4855-AB00-B537E35BF06E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{18B8FF8D-8C2A-40F0-9E21-706BA13987B5}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{D3B30D9D-2C6B-4C2E-A316-B51060EF2778}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{97F516C7-0F1C-471B-BB3E-C6CB3E1F9A4C}\\ngserv\netfiles\games\cryptic studios\star trek online\live\gameclient.exe] => (Allow) \\ngserv\netfiles\games\cryptic studios\star trek online\live\gameclient.exe
FirewallRules: [UDP Query User{4F562B26-D908-4C12-8FCA-A3A3E3A6631A}\\ngserv\netfiles\games\cryptic studios\star trek online\live\gameclient.exe] => (Allow) \\ngserv\netfiles\games\cryptic studios\star trek online\live\gameclient.exe
FirewallRules: [{BB0B7A76-1150-4326-BFEE-0459BFE6CA9B}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{68374F41-6AA8-43C4-BACB-FC2AC52570AE}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{5D14058E-539D-4492-9EE6-E8F7D6B99B91}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{A25F2FBC-308D-4B1B-A564-2E125968D108}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{99831BF4-1689-4357-A0E6-11E57FDD13D8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{3FFD3FA8-7A2C-4459-B714-9F03B483E082}] => (Allow) C:\Users\Marius\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{D47AD172-E5FD-47EC-92F0-E71C074E60EB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AB7BF4B4-401D-4AE7-8B2C-0FD502DB2E59}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D1E35C62-7E50-429C-87E9-1DCDEA3F7035}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{65CB025A-207C-4065-92D8-1FB64E947069}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E152A9D2-91FE-4416-B047-F50976D36C58}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lego Batman\LEGOBatman.exe
FirewallRules: [{4ABAC61F-01A9-4835-BDDA-28B0FEE94EF5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Lego Batman\LEGOBatman.exe
FirewallRules: [{8673C532-77FC-4357-9C27-12E7534859ED}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{97CFC74F-E4F4-4EE9-A517-35AFFAC9750E}] => (Allow) LPort=2869
FirewallRules: [{9505AC16-5764-4892-95AF-76B3E7BA5835}] => (Allow) LPort=1900
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [VIRT-MIGL-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [VIRT-REMOTEDESKTOP-In-TCP-NoScope] => (Allow) %systemroot%\system32\vmms.exe
FirewallRules: [{B27E9608-98BE-409A-A1CB-AACA19E111B5}] => (Allow) C:\Program Files (x86)\Electronic Arts\SimCity\SimCity\SimCity.exe
FirewallRules: [{FAB5E2BA-423D-4054-90C2-765BC6947817}] => (Allow) C:\Program Files (x86)\Electronic Arts\SimCity\SimCity\SimCity.exe
FirewallRules: [{5AF74DDF-1368-4D1E-A530-54666A2ABA97}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{8100AFF1-25F9-43C5-8C3C-7115BE4F0869}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{83667CDC-2A0E-47AC-B743-C77F62FFCEB6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1B22665F-A05F-4EA7-876F-F8F56AD51DAB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{385D3736-D7B8-482A-83FD-718B80FF7271}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ADB0C595-C6BC-4E86-82B3-9A9C75154A53}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/09/2015 11:38:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EasySettingsCmdServer.exe, Version: 0.0.0.0, Zeitstempel: 0x52e75292
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.30319.460, Zeitstempel: 0x4db13576
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008cb95
ID des fehlerhaften Prozesses: 0x1a60
Startzeit der fehlerhaften Anwendung: 0xEasySettingsCmdServer.exe0
Pfad der fehlerhaften Anwendung: EasySettingsCmdServer.exe1
Pfad des fehlerhaften Moduls: EasySettingsCmdServer.exe2
Berichtskennung: EasySettingsCmdServer.exe3
Vollständiger Name des fehlerhaften Pakets: EasySettingsCmdServer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: EasySettingsCmdServer.exe5
Error: (06/29/2015 11:25:07 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (06/29/2015 11:16:27 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (06/28/2015 09:17:32 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (06/28/2015 05:21:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (06/28/2015 02:53:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/28/2015 02:34:32 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (06/27/2015 10:10:22 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (06/27/2015 08:50:37 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (06/27/2015 02:19:32 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
System errors:
=============
Error: (07/09/2015 11:38:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (07/09/2015 11:38:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%16389
Error: (07/08/2015 04:49:26 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (07/08/2015 04:48:44 PM) (Source: DCOM) (EventID: 10010) (User: MARIUS-CHRONOS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (07/08/2015 04:48:44 PM) (Source: DCOM) (EventID: 10010) (User: MARIUS-CHRONOS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (07/08/2015 04:48:44 PM) (Source: DCOM) (EventID: 10010) (User: MARIUS-CHRONOS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (07/08/2015 04:48:44 PM) (Source: DCOM) (EventID: 10010) (User: MARIUS-CHRONOS)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (07/05/2015 11:24:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 04.07.2015 um 22:13:20 unerwartet heruntergefahren.
Error: (07/01/2015 02:43:26 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Foxit Cloud Safe Update Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (07/01/2015 02:11:09 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISTINA",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{7F085F59-44FD-4F75-A859-8110C3C86677}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office:
=========================
Error: (07/09/2015 11:38:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: EasySettingsCmdServer.exe0.0.0.052e75292MSVCR100.dll10.0.30319.4604db13576400000150008cb951a6001d0ba8fa2610301C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exeC:\Program Files (x86)\Samsung\Settings\CmdServer\MSVCR100.dlle1d29143-2682-11e5-82a3-1867b045bb23
Error: (06/29/2015 11:25:07 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (06/29/2015 11:16:27 AM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (06/28/2015 09:17:32 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (06/28/2015 05:21:27 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)
Error: (06/28/2015 02:53:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
Error: (06/28/2015 02:34:32 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (06/27/2015 10:10:22 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (06/27/2015 08:50:37 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (06/27/2015 02:19:32 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3635QM CPU @ 2.40GHz
Percentage of memory in use: 30%
Total physical RAM: 8078.79 MB
Available physical RAM: 5575.86 MB
Total Virtual: 9358.8 MB
Available Virtual: 6596.9 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.37 GB) (Free:136.21 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 43E0D60A)
Partition: GPT Partition Type.
==================== End of log ============================
|
|
10.07.2015, 14:56
| #4 |
| /// the machine /// TB-Ausbilder | Skype hat eigenständig Nachrichten mit Links versendet hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
10.07.2015, 18:02
| #5 |
| | Skype hat eigenständig Nachrichten mit Links versendet mbar Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.07.10.05
rootkit: v2015.07.10.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17842
Marius :: MARIUS-CHRONOS [administrator]
10.07.2015 18:43:19
mbar-log-2015-07-10 (18-43-19).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 356393
Time elapsed: 11 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter
18:54:49.0735 0x22d0 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:54:49.0735 0x22d0 UEFI system
18:55:03.0649 0x22d0 ============================================================
18:55:03.0649 0x22d0 Current date / time: 2015/07/10 18:55:03.0649
18:55:03.0650 0x22d0 SystemInfo:
18:55:03.0650 0x22d0
18:55:03.0650 0x22d0 OS Version: 6.3.9600 ServicePack: 0.0
18:55:03.0650 0x22d0 Product type: Workstation
18:55:03.0650 0x22d0 ComputerName: MARIUS-CHRONOS
18:55:03.0650 0x22d0 UserName: Marius
18:55:03.0650 0x22d0 Windows directory: C:\Windows
18:55:03.0650 0x22d0 System windows directory: C:\Windows
18:55:03.0650 0x22d0 Running under WOW64
18:55:03.0650 0x22d0 Processor architecture: Intel x64
18:55:03.0650 0x22d0 Number of processors: 8
18:55:03.0650 0x22d0 Page size: 0x1000
18:55:03.0650 0x22d0 Boot type: Normal boot
18:55:03.0650 0x22d0 ============================================================
18:55:03.0832 0x22d0 KLMD registered as C:\Windows\system32\drivers\06315668.sys
18:55:04.0082 0x22d0 System UUID: {9809EB1C-F285-9A90-73C1-69C11C4C6679}
18:55:07.0090 0x22d0 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:55:07.0097 0x22d0 ============================================================
18:55:07.0097 0x22d0 \Device\Harddisk0\DR0:
18:55:07.0097 0x22d0 GPT partitions:
18:55:07.0098 0x22d0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A63C26BF-3061-4122-85CB-4A7E62F8A671}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
18:55:07.0098 0x22d0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {1758BFF4-9D67-4C61-92ED-69CBAA279E63}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
18:55:07.0098 0x22d0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {56C2099A-A480-44E4-A9BE-E18546247ED2}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
18:55:07.0098 0x22d0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E6E0BA60-6C5B-4A34-8C7F-D712159F5805}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0x1D0BC800
18:55:07.0099 0x22d0 MBR partitions:
18:55:07.0099 0x22d0 ============================================================
18:55:07.0100 0x22d0 C: <-> \Device\Harddisk0\DR0\Partition4
18:55:07.0100 0x22d0 ============================================================
18:55:07.0100 0x22d0 Initialize success
18:55:07.0100 0x22d0 ============================================================
18:55:55.0800 0x1ab4 ============================================================
18:55:55.0800 0x1ab4 Scan started
18:55:55.0800 0x1ab4 Mode: Manual; SigCheck; TDLFS;
18:55:55.0800 0x1ab4 ============================================================
18:55:55.0800 0x1ab4 KSN ping started
18:55:58.0171 0x1ab4 KSN ping finished: true
18:55:58.0933 0x1ab4 ================ Scan system memory ========================
18:55:58.0933 0x1ab4 System memory - ok
18:55:58.0933 0x1ab4 ================ Scan services =============================
18:55:58.0987 0x1ab4 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
18:55:59.0042 0x1ab4 1394ohci - ok
18:55:59.0052 0x1ab4 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
18:55:59.0066 0x1ab4 3ware - ok
18:55:59.0088 0x1ab4 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:55:59.0119 0x1ab4 ACPI - ok
18:55:59.0124 0x1ab4 [ CFA8E06DEFA40BA2702FA92A98BDAA86, CDAD728F6E65026C6B8F348FE09312D024674FB4FDE08749D836EF4FFCF99F0F ] acpials C:\Windows\System32\drivers\acpials.sys
18:55:59.0143 0x1ab4 acpials - ok
18:55:59.0149 0x1ab4 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
18:55:59.0162 0x1ab4 acpiex - ok
18:55:59.0166 0x1ab4 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
18:55:59.0179 0x1ab4 acpipagr - ok
18:55:59.0185 0x1ab4 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
18:55:59.0202 0x1ab4 AcpiPmi - ok
18:55:59.0207 0x1ab4 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
18:55:59.0220 0x1ab4 acpitime - ok
18:55:59.0250 0x1ab4 [ 5C612044C7C9786D49C6BEC1BED33232, 9C1654050DCD6A1695109CEFC4129E481284BC1760E21EAF09A0F32E7D7D40E9 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
18:55:59.0282 0x1ab4 AcrSch2Svc - ok
18:55:59.0290 0x1ab4 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
18:55:59.0307 0x1ab4 acsock - ok
18:55:59.0313 0x1ab4 [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:55:59.0322 0x1ab4 AdobeARMservice - ok
18:55:59.0352 0x1ab4 [ 20531AFD5F34C9FED742D2399B63D37C, AED9D6529C006ACAA5F02AD1851C7118E50A6F24A616D60DD64C79F6A5AF12D9 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:55:59.0366 0x1ab4 AdobeFlashPlayerUpdateSvc - ok
18:55:59.0388 0x1ab4 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
18:55:59.0421 0x1ab4 ADP80XX - ok
18:55:59.0431 0x1ab4 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:55:59.0458 0x1ab4 AeLookupSvc - ok
18:55:59.0471 0x1ab4 [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
18:55:59.0487 0x1ab4 afcdp - ok
18:55:59.0569 0x1ab4 [ 1AEA25F70F12ABB494A4E35E1D717414, B6DB77C9C0DB8B660CE9933E4CC751B0B6C882FE84FAA39D551B38AF961F5722 ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
18:55:59.0658 0x1ab4 afcdpsrv - ok
18:55:59.0675 0x1ab4 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
18:55:59.0704 0x1ab4 AFD - ok
18:55:59.0709 0x1ab4 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:55:59.0717 0x1ab4 agp440 - ok
18:55:59.0722 0x1ab4 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
18:55:59.0737 0x1ab4 ahcache - ok
18:55:59.0742 0x1ab4 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
18:55:59.0756 0x1ab4 ALG - ok
18:55:59.0764 0x1ab4 [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:55:59.0788 0x1ab4 AMD External Events Utility - ok
18:55:59.0793 0x1ab4 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
18:55:59.0807 0x1ab4 AmdK8 - ok
18:56:00.0046 0x1ab4 [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:56:00.0316 0x1ab4 amdkmdag - ok
18:56:00.0340 0x1ab4 [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
18:56:00.0362 0x1ab4 amdkmdap - ok
18:56:00.0366 0x1ab4 [ C04F35935BF6274F5593B78C7B295760, 29BC36696B3D5C75DEF9C9D96D3C06E5C6D964A00B4D5CD354CB08002E085191 ] amdkmpfd C:\Windows\system32\drivers\amdkmpfd.sys
18:56:00.0372 0x1ab4 amdkmpfd - ok
18:56:00.0379 0x1ab4 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
18:56:00.0391 0x1ab4 AmdPPM - ok
18:56:00.0396 0x1ab4 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:56:00.0404 0x1ab4 amdsata - ok
18:56:00.0412 0x1ab4 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:56:00.0425 0x1ab4 amdsbs - ok
18:56:00.0428 0x1ab4 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:56:00.0436 0x1ab4 amdxata - ok
18:56:00.0442 0x1ab4 [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPAL C:\Windows\System32\drivers\AMPPAL.sys
18:56:00.0451 0x1ab4 AMPPAL - ok
18:56:00.0457 0x1ab4 [ 4DE4BE679205B3A712562507AEE75227, 1C40F14A2BFFFB8E9646B57419D9F810A86D0DCD94F9DE9D9851D498F86F343E ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
18:56:00.0464 0x1ab4 AMPPALP - ok
18:56:00.0480 0x1ab4 [ 03CA03047B1CEC93D459BAF5E5BB22B1, 7506CEBCE4A8B113467430BDB54A5434E538AAC39E4BB421E4E0B50F7C931457 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:56:00.0497 0x1ab4 AMPPALR3 - ok
18:56:00.0503 0x1ab4 [ 4D8EBB1749651A5BAF59EB89878B2EE4, EE1DE79F078D60978219EEECB29520D6BC035D69A3D5C86C232BA1B92F55577D ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
18:56:00.0511 0x1ab4 AnyDVD - ok
18:56:00.0516 0x1ab4 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
18:56:00.0530 0x1ab4 AppID - ok
18:56:00.0534 0x1ab4 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:56:00.0543 0x1ab4 AppIDSvc - ok
18:56:00.0548 0x1ab4 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
18:56:00.0563 0x1ab4 Appinfo - ok
18:56:00.0569 0x1ab4 [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\Windows\System32\appmgmts.dll
18:56:00.0586 0x1ab4 AppMgmt - ok
18:56:00.0599 0x1ab4 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
18:56:00.0623 0x1ab4 AppReadiness - ok
18:56:00.0648 0x1ab4 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
18:56:00.0684 0x1ab4 AppXSvc - ok
18:56:00.0690 0x1ab4 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:56:00.0700 0x1ab4 arcsas - ok
18:56:00.0704 0x1ab4 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
18:56:00.0711 0x1ab4 atapi - ok
18:56:00.0719 0x1ab4 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
18:56:00.0738 0x1ab4 AudioEndpointBuilder - ok
18:56:00.0756 0x1ab4 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:56:00.0782 0x1ab4 Audiosrv - ok
18:56:00.0788 0x1ab4 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:56:00.0801 0x1ab4 AxInstSV - ok
18:56:00.0813 0x1ab4 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:56:00.0832 0x1ab4 b06bdrv - ok
18:56:00.0836 0x1ab4 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
18:56:00.0849 0x1ab4 BasicDisplay - ok
18:56:00.0854 0x1ab4 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
18:56:00.0867 0x1ab4 BasicRender - ok
18:56:00.0872 0x1ab4 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
18:56:00.0877 0x1ab4 bcmfn2 - ok
18:56:00.0886 0x1ab4 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\Windows\System32\bdesvc.dll
18:56:00.0906 0x1ab4 BDESVC - ok
18:56:00.0909 0x1ab4 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
18:56:00.0922 0x1ab4 Beep - ok
18:56:00.0939 0x1ab4 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\Windows\System32\bfe.dll
18:56:00.0967 0x1ab4 BFE - ok
18:56:00.0973 0x1ab4 [ 75332ACF4843F1BABC8FFF6379B63501, 30415B7B3E09EF00A03A06AC6A071A89F0271E4788C8455B426E04C4FFC0B952 ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
18:56:00.0983 0x1ab4 BingDesktopUpdate - ok
18:56:01.0002 0x1ab4 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
18:56:01.0033 0x1ab4 BITS - ok
18:56:01.0055 0x1ab4 [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:56:01.0078 0x1ab4 Bluetooth Device Monitor - ok
18:56:01.0100 0x1ab4 [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:56:01.0123 0x1ab4 Bluetooth OBEX Service - ok
18:56:01.0128 0x1ab4 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:56:01.0153 0x1ab4 bowser - ok
18:56:01.0161 0x1ab4 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
18:56:01.0178 0x1ab4 BrokerInfrastructure - ok
18:56:01.0184 0x1ab4 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
18:56:01.0199 0x1ab4 Browser - ok
18:56:01.0203 0x1ab4 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
18:56:01.0215 0x1ab4 BthAvrcpTg - ok
18:56:01.0220 0x1ab4 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
18:56:01.0236 0x1ab4 BthEnum - ok
18:56:01.0240 0x1ab4 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
18:56:01.0252 0x1ab4 BthHFEnum - ok
18:56:01.0256 0x1ab4 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
18:56:01.0268 0x1ab4 bthhfhid - ok
18:56:01.0278 0x1ab4 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
18:56:01.0294 0x1ab4 BthHFSrv - ok
18:56:01.0303 0x1ab4 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\System32\drivers\BthLEEnum.sys
18:56:01.0321 0x1ab4 BthLEEnum - ok
18:56:01.0324 0x1ab4 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
18:56:01.0334 0x1ab4 BTHMODEM - ok
18:56:01.0339 0x1ab4 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\Windows\System32\drivers\bthpan.sys
18:56:01.0366 0x1ab4 BthPan - ok
18:56:01.0394 0x1ab4 [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:56:01.0431 0x1ab4 BTHPORT - ok
18:56:01.0436 0x1ab4 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
18:56:01.0451 0x1ab4 bthserv - ok
18:56:01.0455 0x1ab4 [ D30286FF3C7B6318C024D2BC2955C1BF, 47863D046C94A5C19F7D4E0BA393E6FE1E249C78FAB9B8705F7DD2CD87EAC16C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:56:01.0462 0x1ab4 BTHSSecurityMgr - ok
18:56:01.0467 0x1ab4 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:56:01.0477 0x1ab4 BTHUSB - ok
18:56:01.0483 0x1ab4 [ 4428C299BE7B9841ECFA82044B69FA6A, F8AB607D6CACBF2DDE3C392F9756B9F32CB99664A75F3140365CB916450660EC ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
18:56:01.0491 0x1ab4 btmaux - ok
18:56:01.0516 0x1ab4 [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
18:56:01.0546 0x1ab4 btmhsf - ok
18:56:01.0551 0x1ab4 [ 5A458422B4312BAEEFA3E64D321596E6, 1213D86B9B6FBB1414D1D3E5F4B0ED0C68D05EB98C902395AB0F0FC3D8A29AD5 ] busenum C:\Windows\System32\drivers\busenum.sys
18:56:01.0558 0x1ab4 busenum - ok
18:56:01.0563 0x1ab4 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:56:01.0579 0x1ab4 cdfs - ok
18:56:01.0586 0x1ab4 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
18:56:01.0597 0x1ab4 cdrom - ok
18:56:01.0602 0x1ab4 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
18:56:01.0619 0x1ab4 CertPropSvc - ok
18:56:01.0622 0x1ab4 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
18:56:01.0631 0x1ab4 circlass - ok
18:56:01.0640 0x1ab4 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
18:56:01.0655 0x1ab4 CLFS - ok
18:56:01.0708 0x1ab4 [ 85FF7BE64BF886933E4385FC5CA97C99, FFD5CBC07C016CC78342BC4DFBEF9E70285BEADEB0DB70CD92D065A68CB2814F ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:56:01.0755 0x1ab4 ClickToRunSvc - ok
18:56:01.0767 0x1ab4 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
18:56:01.0779 0x1ab4 CmBatt - ok
18:56:01.0791 0x1ab4 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\Windows\system32\Drivers\cng.sys
18:56:01.0810 0x1ab4 CNG - ok
18:56:01.0815 0x1ab4 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
18:56:01.0825 0x1ab4 CompositeBus - ok
18:56:01.0827 0x1ab4 COMSysApp - ok
18:56:01.0831 0x1ab4 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
18:56:01.0841 0x1ab4 condrv - ok
18:56:01.0865 0x1ab4 [ 7459091986F5A926AC807F2C85B49BA8, D115B2BB7BEE1191B10488C1C7686D75677E40DC8817E7F0F120671B54E9E9D2 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:56:01.0875 0x1ab4 cphs - ok
18:56:01.0882 0x1ab4 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:56:01.0898 0x1ab4 CryptSvc - ok
18:56:01.0911 0x1ab4 [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\Windows\system32\drivers\csc.sys
18:56:01.0933 0x1ab4 CSC - ok
18:56:01.0951 0x1ab4 [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\Windows\System32\cscsvc.dll
18:56:01.0973 0x1ab4 CscService - ok
18:56:01.0978 0x1ab4 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
18:56:01.0986 0x1ab4 dam - ok
18:56:02.0003 0x1ab4 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:56:02.0033 0x1ab4 DcomLaunch - ok
18:56:02.0044 0x1ab4 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
18:56:02.0066 0x1ab4 defragsvc - ok
18:56:02.0075 0x1ab4 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
18:56:02.0092 0x1ab4 DeviceAssociationService - ok
18:56:02.0097 0x1ab4 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
18:56:02.0112 0x1ab4 DeviceInstall - ok
18:56:02.0118 0x1ab4 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
18:56:02.0134 0x1ab4 Dfsc - ok
18:56:02.0143 0x1ab4 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
18:56:02.0164 0x1ab4 Dhcp - ok
18:56:02.0190 0x1ab4 [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack C:\Windows\system32\diagtrack.dll
18:56:02.0228 0x1ab4 DiagTrack - ok
18:56:02.0235 0x1ab4 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
18:56:02.0245 0x1ab4 disk - ok
18:56:02.0250 0x1ab4 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
18:56:02.0262 0x1ab4 dmvsc - ok
18:56:02.0269 0x1ab4 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:56:02.0283 0x1ab4 Dnscache - ok
18:56:02.0289 0x1ab4 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
18:56:02.0307 0x1ab4 dot3svc - ok
18:56:02.0313 0x1ab4 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
18:56:02.0326 0x1ab4 DPS - ok
18:56:02.0329 0x1ab4 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:56:02.0337 0x1ab4 drmkaud - ok
18:56:02.0343 0x1ab4 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
18:56:02.0356 0x1ab4 DsmSvc - ok
18:56:02.0363 0x1ab4 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\System32\drivers\dtsoftbus01.sys
18:56:02.0374 0x1ab4 dtsoftbus01 - ok
18:56:02.0403 0x1ab4 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:56:02.0442 0x1ab4 DXGKrnl - ok
18:56:02.0448 0x1ab4 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
18:56:02.0463 0x1ab4 Eaphost - ok
18:56:02.0494 0x1ab4 [ E8A3102296B412EBE14801733474816B, 5B88E0A8DE37D09E6A8E86347E7F69BACF9C87B2C053A92518DE60852728BDEC ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
18:56:02.0523 0x1ab4 Easy Launcher - ok
18:56:02.0583 0x1ab4 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:56:02.0659 0x1ab4 ebdrv - ok
18:56:02.0665 0x1ab4 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
18:56:02.0674 0x1ab4 EFS - ok
18:56:02.0678 0x1ab4 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
18:56:02.0687 0x1ab4 EhStorClass - ok
18:56:02.0692 0x1ab4 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
18:56:02.0702 0x1ab4 EhStorTcgDrv - ok
18:56:02.0706 0x1ab4 [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
18:56:02.0712 0x1ab4 ElbyCDIO - ok
18:56:02.0716 0x1ab4 [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
18:56:02.0721 0x1ab4 EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
18:56:06.0482 0x1ab4 Detect skipped due to KSN trusted
18:56:06.0483 0x1ab4 EpsonBidirectionalService - ok
18:56:06.0490 0x1ab4 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
18:56:06.0512 0x1ab4 ErrDev - ok
18:56:06.0535 0x1ab4 [ BF53C392826A19FC471BE29CDFEEFAEA, A6328100C0EBC52FFB400CCECA771043BF0973E01561B5B279FE465E172C66AA ] ETD C:\Windows\system32\DRIVERS\ETD.sys
18:56:06.0566 0x1ab4 ETD - ok
18:56:06.0581 0x1ab4 [ 97CB4A0C007947349F65B81F160E59A9, 440CC90AB8B1A164A1C81B18F522AFF719AAEE35A545D6A3C475E1D07CB63C87 ] ETDService C:\Program Files\Elantech\ETDService.exe
18:56:06.0597 0x1ab4 ETDService - ok
18:56:06.0606 0x1ab4 [ 6E03B9ADE6BEE61072D353D132FEBC37, 2CB30499D2D3AEC53E218397A99613C653724F2714DF82DF3B93CF648781EBFE ] ETDSMBus C:\Windows\system32\DRIVERS\ETDSMBus.sys
18:56:06.0620 0x1ab4 ETDSMBus - ok
18:56:06.0649 0x1ab4 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
18:56:06.0700 0x1ab4 EventSystem - ok
18:56:06.0733 0x1ab4 [ 905B24D42EA6C7E6988838186DBC8C4C, B2E262D666CF266F32A03505D29AC078E7C5F062AEF0A5D91584877CC9FFB47D ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:56:06.0772 0x1ab4 EvtEng - ok
18:56:06.0788 0x1ab4 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
18:56:06.0846 0x1ab4 exfat - ok
18:56:06.0861 0x1ab4 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:56:06.0890 0x1ab4 fastfat - ok
18:56:06.0922 0x1ab4 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
18:56:06.0979 0x1ab4 Fax - ok
18:56:06.0989 0x1ab4 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
18:56:07.0011 0x1ab4 fdc - ok
18:56:07.0018 0x1ab4 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
18:56:07.0047 0x1ab4 fdPHost - ok
18:56:07.0058 0x1ab4 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
18:56:07.0081 0x1ab4 FDResPub - ok
18:56:07.0091 0x1ab4 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
18:56:07.0131 0x1ab4 fhsvc - ok
18:56:07.0140 0x1ab4 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:56:07.0161 0x1ab4 FileInfo - ok
18:56:07.0168 0x1ab4 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:56:07.0198 0x1ab4 Filetrace - ok
18:56:07.0205 0x1ab4 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
18:56:07.0225 0x1ab4 flpydisk - ok
18:56:07.0245 0x1ab4 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:56:07.0278 0x1ab4 FltMgr - ok
18:56:07.0293 0x1ab4 [ F0CC1A9106F9FB0F704F6ED95622B43E, DE09E37619B91AD4F43B473A41E6563F4FCFB891A7F9665E8631131A49FA96A1 ] fltsrv C:\Windows\system32\DRIVERS\fltsrv.sys
18:56:07.0311 0x1ab4 fltsrv - ok
18:56:07.0364 0x1ab4 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\Windows\system32\FntCache.dll
18:56:07.0449 0x1ab4 FontCache - ok
18:56:07.0460 0x1ab4 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:56:07.0477 0x1ab4 FontCache3.0.0.0 - ok
18:56:07.0493 0x1ab4 [ D1A8631ADA1E71178D3DBF5AA2BC1E85, 1BD14BA0AD48722BE8B4513F9AE09D4394E0D576138B0D9A0877D36F47F2B714 ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
18:56:07.0515 0x1ab4 FoxitCloudUpdateService - ok
18:56:07.0524 0x1ab4 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:56:07.0543 0x1ab4 FsDepends - ok
18:56:07.0550 0x1ab4 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:56:07.0567 0x1ab4 Fs_Rec - ok
18:56:07.0598 0x1ab4 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:56:07.0643 0x1ab4 fvevol - ok
18:56:07.0652 0x1ab4 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
18:56:07.0674 0x1ab4 FxPPM - ok
18:56:07.0682 0x1ab4 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:56:07.0702 0x1ab4 gagp30kx - ok
18:56:07.0709 0x1ab4 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
18:56:07.0729 0x1ab4 gencounter - ok
18:56:07.0740 0x1ab4 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
18:56:07.0764 0x1ab4 GPIOClx0101 - ok
18:56:07.0819 0x1ab4 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
18:56:07.0897 0x1ab4 gpsvc - ok
18:56:07.0927 0x1ab4 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:56:07.0968 0x1ab4 HdAudAddService - ok
18:56:07.0981 0x1ab4 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
18:56:08.0012 0x1ab4 HDAudBus - ok
18:56:08.0021 0x1ab4 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
18:56:08.0042 0x1ab4 HidBatt - ok
18:56:08.0053 0x1ab4 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
18:56:08.0079 0x1ab4 HidBth - ok
18:56:08.0087 0x1ab4 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
18:56:08.0110 0x1ab4 hidi2c - ok
18:56:08.0118 0x1ab4 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
18:56:08.0140 0x1ab4 HidIr - ok
18:56:08.0149 0x1ab4 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
18:56:08.0178 0x1ab4 hidserv - ok
18:56:08.0186 0x1ab4 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
18:56:08.0215 0x1ab4 HidUsb - ok
18:56:08.0225 0x1ab4 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
18:56:08.0258 0x1ab4 hkmsvc - ok
18:56:08.0277 0x1ab4 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:56:08.0315 0x1ab4 HomeGroupListener - ok
18:56:08.0337 0x1ab4 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:56:08.0377 0x1ab4 HomeGroupProvider - ok
18:56:08.0386 0x1ab4 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:56:08.0406 0x1ab4 HpSAMD - ok
18:56:08.0448 0x1ab4 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:56:08.0512 0x1ab4 HTTP - ok
18:56:08.0524 0x1ab4 [ 61C660874632D2D298B4AF3051A97C82, BE4389E82170A2FE4B82A067B0DB2210BE88CED10C30F8D0089F2BE107DCB4C7 ] hvservice C:\Windows\system32\drivers\hvservice.sys
18:56:08.0544 0x1ab4 hvservice - ok
18:56:08.0551 0x1ab4 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:56:08.0568 0x1ab4 hwpolicy - ok
18:56:08.0577 0x1ab4 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
18:56:08.0597 0x1ab4 hyperkbd - ok
18:56:08.0605 0x1ab4 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
18:56:08.0626 0x1ab4 HyperVideo - ok
18:56:08.0637 0x1ab4 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
18:56:08.0671 0x1ab4 i8042prt - ok
18:56:08.0681 0x1ab4 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
18:56:08.0694 0x1ab4 iaLPSSi_GPIO - ok
18:56:08.0705 0x1ab4 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
18:56:08.0723 0x1ab4 iaLPSSi_I2C - ok
18:56:08.0753 0x1ab4 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
18:56:08.0790 0x1ab4 iaStorA - ok
18:56:08.0819 0x1ab4 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
18:56:08.0859 0x1ab4 iaStorAV - ok
18:56:08.0928 0x1ab4 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:56:08.0964 0x1ab4 iaStorV - ok
18:56:08.0974 0x1ab4 [ 23E22B130EFE5A225E279467BE146317, 2302C119FE9C57F3A71DFE504489423B6F7140E2DFF5D501883AD971CB671CB4 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
18:56:08.0990 0x1ab4 ibtfltcoex - ok
18:56:09.0001 0x1ab4 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
18:56:09.0019 0x1ab4 ICCS - ok
18:56:09.0025 0x1ab4 IEEtwCollectorService - ok
18:56:09.0177 0x1ab4 [ A874EC416801B152BD64916E1B5C107E, 6D41CAB617E06F3D9534DB44DFEB9C86F2AD55AFBF3E1B1B41BA2576C0C19407 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:56:09.0301 0x1ab4 igfx - ok
18:56:09.0316 0x1ab4 [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
18:56:09.0331 0x1ab4 igfxCUIService1.0.0.0 - ok
18:56:09.0359 0x1ab4 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\Windows\System32\ikeext.dll
18:56:09.0398 0x1ab4 IKEEXT - ok
18:56:09.0406 0x1ab4 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
18:56:09.0416 0x1ab4 intaud_WaveExtensible - ok
18:56:09.0506 0x1ab4 [ 7D32DE811EF107074A711FF416363AD1, FFCCBDD954BE5260CC51C43F8E665B762B98E6E440DCB1D9BDA653C03C4C9237 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:56:09.0611 0x1ab4 IntcAzAudAddService - ok
18:56:09.0629 0x1ab4 [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:56:09.0650 0x1ab4 IntcDAud - ok
18:56:09.0670 0x1ab4 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:56:09.0695 0x1ab4 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
18:56:12.0050 0x1ab4 Detect skipped due to KSN trusted
18:56:12.0051 0x1ab4 Intel(R) Capability Licensing Service Interface - ok
18:56:12.0090 0x1ab4 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:56:12.0140 0x1ab4 Intel(R) Capability Licensing Service TCP IP Interface - ok
18:56:12.0153 0x1ab4 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
18:56:12.0171 0x1ab4 Intel(R) ME Service - ok
18:56:12.0184 0x1ab4 [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
18:56:12.0203 0x1ab4 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok
18:56:12.0211 0x1ab4 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
18:56:12.0230 0x1ab4 intelide - ok
18:56:12.0239 0x1ab4 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
18:56:12.0259 0x1ab4 intelpep - ok
18:56:12.0273 0x1ab4 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
18:56:12.0299 0x1ab4 intelppm - ok
18:56:12.0308 0x1ab4 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:56:12.0348 0x1ab4 IpFilterDriver - ok
18:56:12.0388 0x1ab4 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:56:12.0448 0x1ab4 iphlpsvc - ok
18:56:12.0459 0x1ab4 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
18:56:12.0491 0x1ab4 IPMIDRV - ok
18:56:12.0502 0x1ab4 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:56:12.0536 0x1ab4 IPNAT - ok
18:56:12.0544 0x1ab4 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:56:12.0569 0x1ab4 IRENUM - ok
18:56:12.0580 0x1ab4 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:56:12.0598 0x1ab4 isapnp - ok
18:56:12.0619 0x1ab4 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
18:56:12.0653 0x1ab4 iScsiPrt - ok
18:56:12.0666 0x1ab4 [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
18:56:12.0686 0x1ab4 iumsvc - ok
18:56:12.0694 0x1ab4 [ 2C04ACF9070282AC9AA837C52CA3C128, 2C68FE2E876E5089F27021038E868E21288F694F3ED0390AED5B4712CC7567EC ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
18:56:12.0707 0x1ab4 iwdbus - ok
18:56:12.0718 0x1ab4 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:56:12.0736 0x1ab4 jhi_service - ok
18:56:12.0746 0x1ab4 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
18:56:12.0766 0x1ab4 kbdclass - ok
18:56:12.0774 0x1ab4 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
18:56:12.0796 0x1ab4 kbdhid - ok
18:56:12.0803 0x1ab4 [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\Windows\system32\drivers\kbldfltr.sys
18:56:12.0821 0x1ab4 kbldfltr - ok
18:56:12.0829 0x1ab4 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
18:56:12.0857 0x1ab4 kdnic - ok
18:56:12.0864 0x1ab4 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
18:56:12.0885 0x1ab4 KeyIso - ok
18:56:13.0123 0x1ab4 [ 1C6256096A341051509D36AD724830BE, 025F7E1E979DC8C4794FC7D3581D6BCF6E0F6DC327C6FCB925B6A8EDBE999A68 ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
18:56:13.0305 0x1ab4 KL1 - ok
18:56:13.0314 0x1ab4 [ F2EB9202FCCC81E0902D3C5A70037A44, 9554851BB68228500E69536B0C484B32FC92B85A76A7F1F268549212D0D5CFCA ] klelam C:\Windows\system32\DRIVERS\klelam.sys
18:56:13.0323 0x1ab4 klelam - ok
18:56:13.0335 0x1ab4 [ 8DDFA5FFD0661A65C9BC02C15B8F157F, 15C8EA0D56FA5AE9DFE4F299AC58344C1B60EBCB072D217C9C04E503FA2E9C5C ] KLIF C:\Windows\system32\DRIVERS\klif.sys
18:56:13.0349 0x1ab4 KLIF - ok
18:56:13.0354 0x1ab4 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:56:13.0363 0x1ab4 KSecDD - ok
18:56:13.0369 0x1ab4 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:56:13.0379 0x1ab4 KSecPkg - ok
18:56:13.0383 0x1ab4 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:56:13.0392 0x1ab4 ksthunk - ok
18:56:13.0400 0x1ab4 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
18:56:13.0415 0x1ab4 KtmRm - ok
18:56:13.0423 0x1ab4 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
18:56:13.0441 0x1ab4 LanmanServer - ok
18:56:13.0450 0x1ab4 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:56:13.0465 0x1ab4 LanmanWorkstation - ok
18:56:13.0477 0x1ab4 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
18:56:13.0498 0x1ab4 lfsvc - ok
18:56:13.0502 0x1ab4 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:56:13.0513 0x1ab4 lltdio - ok
18:56:13.0520 0x1ab4 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:56:13.0535 0x1ab4 lltdsvc - ok
18:56:13.0537 0x1ab4 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:56:13.0551 0x1ab4 lmhosts - ok
18:56:13.0560 0x1ab4 [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:56:13.0571 0x1ab4 LMS - ok
18:56:13.0577 0x1ab4 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:56:13.0587 0x1ab4 LSI_SAS - ok
18:56:13.0591 0x1ab4 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:56:13.0600 0x1ab4 LSI_SAS2 - ok
18:56:13.0604 0x1ab4 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
18:56:13.0613 0x1ab4 LSI_SAS3 - ok
18:56:13.0617 0x1ab4 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
18:56:13.0626 0x1ab4 LSI_SSS - ok
18:56:13.0641 0x1ab4 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
18:56:13.0667 0x1ab4 LSM - ok
18:56:13.0672 0x1ab4 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
18:56:13.0687 0x1ab4 luafv - ok
18:56:13.0691 0x1ab4 [ 11B7E5BD6EFBB7DB35F7933C3795F050, 28C62C8CE9B13119EDE031E881A4218F89DBFEF9B59975BE6108FBEF7A21E79F ] lunparser C:\Windows\system32\drivers\lunparser.sys
18:56:13.0704 0x1ab4 lunparser - ok
18:56:13.0707 0x1ab4 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
18:56:13.0715 0x1ab4 megasas - ok
18:56:13.0728 0x1ab4 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
18:56:13.0747 0x1ab4 megasr - ok
18:56:13.0752 0x1ab4 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
18:56:13.0759 0x1ab4 MEIx64 - ok
18:56:13.0764 0x1ab4 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
18:56:13.0778 0x1ab4 MMCSS - ok
18:56:13.0781 0x1ab4 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
18:56:13.0792 0x1ab4 Modem - ok
18:56:13.0795 0x1ab4 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
18:56:13.0807 0x1ab4 monitor - ok
18:56:13.0811 0x1ab4 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\Windows\System32\drivers\mouclass.sys
18:56:13.0819 0x1ab4 mouclass - ok
18:56:13.0822 0x1ab4 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\Windows\System32\drivers\mouhid.sys
18:56:13.0834 0x1ab4 mouhid - ok
18:56:13.0838 0x1ab4 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:56:13.0848 0x1ab4 mountmgr - ok
18:56:13.0907 0x1ab4 [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:56:13.0916 0x1ab4 MozillaMaintenance - ok
18:56:13.0920 0x1ab4 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:56:13.0933 0x1ab4 mpsdrv - ok
18:56:13.0950 0x1ab4 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
18:56:13.0974 0x1ab4 MpsSvc - ok
18:56:13.0980 0x1ab4 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:56:13.0995 0x1ab4 MRxDAV - ok
18:56:14.0004 0x1ab4 [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:56:14.0024 0x1ab4 mrxsmb - ok
18:56:14.0033 0x1ab4 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:56:14.0050 0x1ab4 mrxsmb10 - ok
18:56:14.0057 0x1ab4 [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:56:14.0069 0x1ab4 mrxsmb20 - ok
18:56:14.0075 0x1ab4 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
18:56:14.0086 0x1ab4 MsBridge - ok
18:56:14.0091 0x1ab4 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
18:56:14.0102 0x1ab4 MSDTC - ok
18:56:14.0108 0x1ab4 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:56:14.0117 0x1ab4 Msfs - ok
18:56:14.0120 0x1ab4 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
18:56:14.0129 0x1ab4 msgpiowin32 - ok
18:56:14.0132 0x1ab4 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:56:14.0140 0x1ab4 mshidkmdf - ok
18:56:14.0143 0x1ab4 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
18:56:14.0152 0x1ab4 mshidumdf - ok
18:56:14.0155 0x1ab4 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:56:14.0162 0x1ab4 msisadrv - ok
18:56:14.0168 0x1ab4 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:56:14.0179 0x1ab4 MSiSCSI - ok
18:56:14.0182 0x1ab4 msiserver - ok
18:56:14.0187 0x1ab4 [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
18:56:14.0196 0x1ab4 MsKeyboardFilter - ok
18:56:14.0200 0x1ab4 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:56:14.0208 0x1ab4 MSKSSRV - ok
18:56:14.0212 0x1ab4 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
18:56:14.0225 0x1ab4 MsLldp - ok
18:56:14.0228 0x1ab4 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:56:14.0236 0x1ab4 MSPCLOCK - ok
18:56:14.0239 0x1ab4 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:56:14.0248 0x1ab4 MSPQM - ok
18:56:14.0257 0x1ab4 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:56:14.0270 0x1ab4 MsRPC - ok
18:56:14.0275 0x1ab4 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
18:56:14.0283 0x1ab4 mssmbios - ok
18:56:14.0286 0x1ab4 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:56:14.0295 0x1ab4 MSTEE - ok
18:56:14.0298 0x1ab4 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
18:56:14.0307 0x1ab4 MTConfig - ok
18:56:14.0311 0x1ab4 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
18:56:14.0320 0x1ab4 Mup - ok
18:56:14.0325 0x1ab4 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
18:56:14.0334 0x1ab4 mvumis - ok
18:56:14.0340 0x1ab4 [ DF6C94A974148BCEDD8B4DFA814040FE, 8C2E81A747A2D79E943D67FB1CEA3D37DC467071B309474B04744EBEDCA0E6EF ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:56:14.0351 0x1ab4 MyWiFiDHCPDNS - ok
18:56:14.0362 0x1ab4 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
18:56:14.0379 0x1ab4 napagent - ok
18:56:14.0390 0x1ab4 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:56:14.0409 0x1ab4 NativeWifiP - ok
18:56:14.0425 0x1ab4 [ 988CDC4DAE2186F3A5ED6EE7D3E6B5CA, DB40F7705F0475FF774452E365152EBEDDC77D8ACE48419DABE02DD385C6B725 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
18:56:14.0443 0x1ab4 NAUpdate - ok
18:56:14.0449 0x1ab4 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
18:56:14.0464 0x1ab4 NcaSvc - ok
18:56:14.0470 0x1ab4 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
18:56:14.0484 0x1ab4 NcbService - ok
18:56:14.0488 0x1ab4 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
18:56:14.0500 0x1ab4 NcdAutoSetup - ok
18:56:14.0521 0x1ab4 [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:56:14.0551 0x1ab4 NDIS - ok
18:56:14.0556 0x1ab4 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:56:14.0565 0x1ab4 NdisCap - ok
18:56:14.0569 0x1ab4 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
18:56:14.0583 0x1ab4 NdisImPlatform - ok
18:56:14.0587 0x1ab4 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:56:14.0598 0x1ab4 NdisTapi - ok
18:56:14.0602 0x1ab4 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:56:14.0614 0x1ab4 Ndisuio - ok
18:56:14.0617 0x1ab4 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
18:56:14.0629 0x1ab4 NdisVirtualBus - ok
18:56:14.0634 0x1ab4 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:56:14.0648 0x1ab4 NdisWan - ok
18:56:14.0655 0x1ab4 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
18:56:14.0667 0x1ab4 NdisWanLegacy - ok
18:56:14.0671 0x1ab4 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:56:14.0680 0x1ab4 NDProxy - ok
18:56:14.0685 0x1ab4 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
18:56:14.0700 0x1ab4 Ndu - ok
18:56:14.0704 0x1ab4 [ 00BF813976F87A012DF7C44E0B91F750, 05FE8218894460471E61AD62E18624497156CCAC6DBCAF693B563310468B09A6 ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
18:56:14.0709 0x1ab4 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:56:17.0170 0x1ab4 Detect skipped due to KSN trusted
18:56:17.0170 0x1ab4 Net Driver HPZ12 - ok
18:56:17.0179 0x1ab4 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:56:17.0202 0x1ab4 NetBIOS - ok
18:56:17.0219 0x1ab4 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:56:17.0261 0x1ab4 NetBT - ok
18:56:17.0269 0x1ab4 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
18:56:17.0291 0x1ab4 Netlogon - ok
18:56:17.0307 0x1ab4 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
18:56:17.0342 0x1ab4 Netman - ok
18:56:17.0369 0x1ab4 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
18:56:17.0414 0x1ab4 netprofm - ok
18:56:17.0430 0x1ab4 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:56:17.0454 0x1ab4 NetTcpPortSharing - ok
18:56:17.0463 0x1ab4 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
18:56:17.0493 0x1ab4 netvsc - ok
|
|
10.07.2015, 18:03
| #6 |
| | Skype hat eigenständig Nachrichten mit Links versendet TDSS Killer 2 Code:
ATTFilter 18:56:17.0613 0x1ab4 [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64 C:\Windows\system32\DRIVERS\NETwew00.sys
18:56:17.0759 0x1ab4 NETwNe64 - ok
18:56:17.0782 0x1ab4 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
18:56:17.0809 0x1ab4 NlaSvc - ok
18:56:17.0815 0x1ab4 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:56:17.0829 0x1ab4 Npfs - ok
18:56:17.0833 0x1ab4 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
18:56:17.0851 0x1ab4 npsvctrig - ok
18:56:17.0856 0x1ab4 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
18:56:17.0874 0x1ab4 nsi - ok
18:56:17.0879 0x1ab4 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:56:17.0892 0x1ab4 nsiproxy - ok
18:56:17.0941 0x1ab4 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:56:18.0004 0x1ab4 Ntfs - ok
18:56:18.0011 0x1ab4 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
18:56:18.0023 0x1ab4 Null - ok
18:56:18.0031 0x1ab4 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:56:18.0045 0x1ab4 nvraid - ok
18:56:18.0052 0x1ab4 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:56:18.0067 0x1ab4 nvstor - ok
18:56:18.0073 0x1ab4 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:56:18.0087 0x1ab4 nv_agp - ok
18:56:18.0135 0x1ab4 [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:56:18.0188 0x1ab4 Origin Client Service - ok
18:56:18.0197 0x1ab4 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:56:18.0210 0x1ab4 ose - ok
18:56:18.0222 0x1ab4 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:56:18.0248 0x1ab4 p2pimsvc - ok
18:56:18.0262 0x1ab4 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
18:56:18.0289 0x1ab4 p2psvc - ok
18:56:18.0297 0x1ab4 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
18:56:18.0312 0x1ab4 Parport - ok
18:56:18.0317 0x1ab4 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:56:18.0330 0x1ab4 partmgr - ok
18:56:18.0334 0x1ab4 [ 0D7DA812D815F395BAA113817EC9C094, 5C342BC15B4811B304FC9003553FE52CEA24C31C735B04FD6231AD0950C1DFAC ] passthruparser C:\Windows\system32\drivers\passthruparser.sys
18:56:18.0346 0x1ab4 passthruparser - ok
18:56:18.0360 0x1ab4 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:56:18.0385 0x1ab4 PcaSvc - ok
18:56:18.0397 0x1ab4 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
18:56:18.0417 0x1ab4 pci - ok
18:56:18.0422 0x1ab4 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
18:56:18.0433 0x1ab4 pciide - ok
18:56:18.0440 0x1ab4 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:56:18.0454 0x1ab4 pcmcia - ok
18:56:18.0459 0x1ab4 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
18:56:18.0470 0x1ab4 pcw - ok
18:56:18.0476 0x1ab4 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
18:56:18.0489 0x1ab4 pdc - ok
18:56:18.0507 0x1ab4 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:56:18.0540 0x1ab4 PEAUTH - ok
18:56:18.0591 0x1ab4 [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:56:18.0663 0x1ab4 PeerDistSvc - ok
18:56:18.0693 0x1ab4 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:56:18.0710 0x1ab4 PerfHost - ok
18:56:18.0753 0x1ab4 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
18:56:18.0804 0x1ab4 pla - ok
18:56:18.0813 0x1ab4 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:56:18.0827 0x1ab4 PlugPlay - ok
18:56:18.0832 0x1ab4 [ 0272AE40FE4C117E43F2F24820F93AA5, EECE10CA064D4A6C4ACB6F8AE98C886B19485B15D5EC5104F2A3FC3561C361BF ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
18:56:18.0839 0x1ab4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:56:21.0275 0x1ab4 Detect skipped due to KSN trusted
18:56:21.0275 0x1ab4 Pml Driver HPZ12 - ok
18:56:21.0283 0x1ab4 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:56:21.0307 0x1ab4 PNRPAutoReg - ok
18:56:21.0328 0x1ab4 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:56:21.0365 0x1ab4 PNRPsvc - ok
18:56:21.0387 0x1ab4 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:56:21.0427 0x1ab4 PolicyAgent - ok
18:56:21.0440 0x1ab4 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
18:56:21.0476 0x1ab4 Power - ok
18:56:21.0597 0x1ab4 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
18:56:21.0751 0x1ab4 PrintNotify - ok
18:56:21.0768 0x1ab4 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
18:56:21.0793 0x1ab4 Processor - ok
18:56:21.0809 0x1ab4 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\Windows\system32\profsvc.dll
18:56:21.0850 0x1ab4 ProfSvc - ok
18:56:21.0864 0x1ab4 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:56:21.0891 0x1ab4 Psched - ok
18:56:21.0899 0x1ab4 [ 523915C4E06522B7AF8B8B3FE3C3F6D0, F68BBD1542D5DE84AE5DED9296258248BDBBA6B97F61716D10B637D3A736A322 ] pvhdparser C:\Windows\system32\drivers\pvhdparser.sys
18:56:21.0926 0x1ab4 pvhdparser - ok
18:56:21.0943 0x1ab4 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
18:56:21.0983 0x1ab4 QWAVE - ok
18:56:21.0991 0x1ab4 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:56:22.0012 0x1ab4 QWAVEdrv - ok
18:56:22.0019 0x1ab4 [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini C:\Windows\System32\drivers\RadioHIDMini.sys
18:56:22.0049 0x1ab4 RadioHIDMini - ok
18:56:22.0058 0x1ab4 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:56:22.0078 0x1ab4 RasAcd - ok
18:56:22.0088 0x1ab4 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
18:56:22.0115 0x1ab4 RasAuto - ok
18:56:22.0140 0x1ab4 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
18:56:22.0183 0x1ab4 RasMan - ok
18:56:22.0196 0x1ab4 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:56:22.0223 0x1ab4 RasPppoe - ok
18:56:22.0244 0x1ab4 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:56:22.0290 0x1ab4 rdbss - ok
18:56:22.0302 0x1ab4 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
18:56:22.0329 0x1ab4 rdpbus - ok
18:56:22.0343 0x1ab4 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:56:22.0376 0x1ab4 RDPDR - ok
18:56:22.0391 0x1ab4 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:56:22.0409 0x1ab4 RdpVideoMiniport - ok
18:56:22.0427 0x1ab4 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:56:22.0455 0x1ab4 rdyboost - ok
18:56:22.0494 0x1ab4 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
18:56:22.0552 0x1ab4 ReFS - ok
18:56:22.0568 0x1ab4 [ 76181AD8E1B520B9C466C52B7E6149AB, 16BF9D0C7DB70327A977171F3078E32025C60FE7660DD84DFA631A407A570EA1 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:56:22.0584 0x1ab4 RegSrvc - ok
18:56:22.0593 0x1ab4 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:56:22.0612 0x1ab4 RemoteAccess - ok
18:56:22.0620 0x1ab4 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:56:22.0641 0x1ab4 RemoteRegistry - ok
18:56:22.0651 0x1ab4 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
18:56:22.0668 0x1ab4 RFCOMM - ok
18:56:22.0673 0x1ab4 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:56:22.0689 0x1ab4 RpcEptMapper - ok
18:56:22.0693 0x1ab4 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
18:56:22.0710 0x1ab4 RpcLocator - ok
18:56:22.0733 0x1ab4 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
18:56:22.0765 0x1ab4 RpcSs - ok
18:56:22.0771 0x1ab4 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:56:22.0788 0x1ab4 rspndr - ok
18:56:22.0800 0x1ab4 [ 4EC89C0725CE4B98994B88F19B30C288, 4FA73C24A2E18D04CE27EEF17C9AE847D0251B711F60D116139F6166F90CD08F ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
18:56:22.0816 0x1ab4 RSUSBVSTOR - ok
18:56:22.0841 0x1ab4 [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
18:56:22.0869 0x1ab4 RTL8168 - ok
18:56:22.0874 0x1ab4 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
18:56:22.0886 0x1ab4 s3cap - ok
18:56:22.0891 0x1ab4 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
18:56:22.0903 0x1ab4 SamSs - ok
18:56:22.0913 0x1ab4 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:56:22.0927 0x1ab4 sbp2port - ok
18:56:22.0936 0x1ab4 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:56:22.0955 0x1ab4 SCardSvr - ok
18:56:22.0962 0x1ab4 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
18:56:22.0980 0x1ab4 ScDeviceEnum - ok
18:56:22.0986 0x1ab4 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:56:23.0000 0x1ab4 scfilter - ok
18:56:23.0033 0x1ab4 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\Windows\system32\schedsvc.dll
18:56:23.0081 0x1ab4 Schedule - ok
18:56:23.0089 0x1ab4 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:56:23.0105 0x1ab4 SCPolicySvc - ok
18:56:23.0117 0x1ab4 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
18:56:23.0136 0x1ab4 sdbus - ok
18:56:23.0143 0x1ab4 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
18:56:23.0156 0x1ab4 sdstor - ok
18:56:23.0161 0x1ab4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:56:23.0174 0x1ab4 secdrv - ok
18:56:23.0179 0x1ab4 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
18:56:23.0194 0x1ab4 seclogon - ok
18:56:23.0199 0x1ab4 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
18:56:23.0216 0x1ab4 SENS - ok
18:56:23.0226 0x1ab4 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsAlsDriver C:\Windows\System32\drivers\WUDFRd.sys
18:56:23.0248 0x1ab4 SensorsAlsDriver - ok
18:56:23.0258 0x1ab4 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:56:23.0277 0x1ab4 SensrSvc - ok
18:56:23.0282 0x1ab4 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
18:56:23.0295 0x1ab4 SerCx - ok
18:56:23.0303 0x1ab4 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
18:56:23.0319 0x1ab4 SerCx2 - ok
18:56:23.0323 0x1ab4 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
18:56:23.0336 0x1ab4 Serenum - ok
18:56:23.0343 0x1ab4 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
18:56:23.0359 0x1ab4 Serial - ok
18:56:23.0365 0x1ab4 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\Windows\System32\drivers\sermouse.sys
18:56:23.0378 0x1ab4 sermouse - ok
18:56:23.0394 0x1ab4 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
18:56:23.0422 0x1ab4 SessionEnv - ok
18:56:23.0427 0x1ab4 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
18:56:23.0440 0x1ab4 sfloppy - ok
18:56:23.0454 0x1ab4 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:56:23.0479 0x1ab4 SharedAccess - ok
18:56:23.0501 0x1ab4 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:56:23.0537 0x1ab4 ShellHWDetection - ok
18:56:23.0542 0x1ab4 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:56:23.0554 0x1ab4 SiSRaid2 - ok
18:56:23.0560 0x1ab4 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:56:23.0572 0x1ab4 SiSRaid4 - ok
18:56:23.0585 0x1ab4 [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:56:23.0604 0x1ab4 SkypeUpdate - ok
18:56:23.0609 0x1ab4 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
18:56:23.0622 0x1ab4 smphost - ok
18:56:23.0637 0x1ab4 [ FDB6E127DF739D4911319F0C8D339CAF, 8A61851C07F686838BD0816683620B5856D3F698E5F1AEC5ECD75F69817287B1 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
18:56:23.0653 0x1ab4 snapman - ok
18:56:23.0658 0x1ab4 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:56:23.0672 0x1ab4 SNMPTRAP - ok
18:56:23.0689 0x1ab4 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
18:56:23.0715 0x1ab4 spaceport - ok
18:56:23.0721 0x1ab4 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
18:56:23.0734 0x1ab4 SpbCx - ok
18:56:23.0755 0x1ab4 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
18:56:23.0794 0x1ab4 Spooler - ok
18:56:23.0938 0x1ab4 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
18:56:24.0127 0x1ab4 sppsvc - ok
18:56:24.0143 0x1ab4 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:56:24.0165 0x1ab4 srv - ok
18:56:24.0179 0x1ab4 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:56:24.0199 0x1ab4 srv2 - ok
18:56:24.0206 0x1ab4 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:56:24.0223 0x1ab4 srvnet - ok
18:56:24.0230 0x1ab4 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:56:24.0243 0x1ab4 SSDPSRV - ok
18:56:24.0248 0x1ab4 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:56:24.0259 0x1ab4 SstpSvc - ok
18:56:24.0276 0x1ab4 [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:56:24.0295 0x1ab4 Steam Client Service - ok
18:56:24.0299 0x1ab4 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:56:24.0308 0x1ab4 stexstor - ok
18:56:24.0322 0x1ab4 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
18:56:24.0346 0x1ab4 stisvc - ok
18:56:24.0351 0x1ab4 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
18:56:24.0361 0x1ab4 storahci - ok
18:56:24.0364 0x1ab4 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:56:24.0373 0x1ab4 storflt - ok
18:56:24.0377 0x1ab4 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
18:56:24.0385 0x1ab4 stornvme - ok
18:56:24.0390 0x1ab4 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
18:56:24.0403 0x1ab4 StorSvc - ok
18:56:24.0408 0x1ab4 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:56:24.0415 0x1ab4 storvsc - ok
18:56:24.0419 0x1ab4 [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\Windows\System32\drivers\storvsp.sys
18:56:24.0432 0x1ab4 storvsp - ok
18:56:24.0435 0x1ab4 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
18:56:24.0448 0x1ab4 svsvc - ok
18:56:24.0451 0x1ab4 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
18:56:24.0461 0x1ab4 swenum - ok
18:56:24.0533 0x1ab4 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
18:56:24.0556 0x1ab4 swprv - ok
18:56:24.0560 0x1ab4 SWUpdateService - ok
18:56:24.0671 0x1ab4 [ A214C8AA6A6C06C9DBAB1310E38DAB4A, 67261D6FDF830C993C81C12402C12C6F23D7524D883EBB68FD3BAF3209394E59 ] syncagentsrv C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
18:56:24.0783 0x1ab4 syncagentsrv - ok
18:56:24.0811 0x1ab4 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\Windows\system32\sysmain.dll
18:56:24.0846 0x1ab4 SysMain - ok
18:56:24.0854 0x1ab4 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
18:56:24.0872 0x1ab4 SystemEventsBroker - ok
18:56:24.0877 0x1ab4 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:56:24.0893 0x1ab4 TabletInputService - ok
18:56:24.0901 0x1ab4 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
18:56:24.0920 0x1ab4 TapiSrv - ok
18:56:24.0961 0x1ab4 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:56:25.0018 0x1ab4 Tcpip - ok
18:56:25.0064 0x1ab4 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:56:25.0117 0x1ab4 TCPIP6 - ok
18:56:25.0124 0x1ab4 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:56:25.0137 0x1ab4 tcpipreg - ok
18:56:25.0163 0x1ab4 [ 843DAFC2CD4ED5D57FA40FD2000C6296, 857749DCC061EDB423D1A5CB2DB394EE944FCBF3D729B52263F76D95F8AF3195 ] tdrpman C:\Windows\system32\DRIVERS\tdrpman.sys
18:56:25.0192 0x1ab4 tdrpman - ok
18:56:25.0197 0x1ab4 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:56:25.0208 0x1ab4 tdx - ok
18:56:25.0212 0x1ab4 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
18:56:25.0220 0x1ab4 terminpt - ok
18:56:25.0241 0x1ab4 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
18:56:25.0268 0x1ab4 TermService - ok
18:56:25.0273 0x1ab4 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
18:56:25.0284 0x1ab4 Themes - ok
18:56:25.0288 0x1ab4 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
18:56:25.0298 0x1ab4 THREADORDER - ok
18:56:25.0319 0x1ab4 [ 31C9790525705B292F3B30F6676873CD, 6D7DF2DB38DD0A32D0DB1031AFE65AA1FCA21C53FBBE292670A0E9806CE096EA ] tib_mounter C:\Windows\system32\DRIVERS\tib_mounter.sys
18:56:25.0343 0x1ab4 tib_mounter - ok
18:56:25.0351 0x1ab4 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
18:56:25.0368 0x1ab4 TimeBroker - ok
18:56:25.0375 0x1ab4 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
18:56:25.0386 0x1ab4 TPM - ok
18:56:25.0391 0x1ab4 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
18:56:25.0403 0x1ab4 TrkWks - ok
18:56:25.0408 0x1ab4 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:56:25.0422 0x1ab4 TrustedInstaller - ok
18:56:25.0427 0x1ab4 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:56:25.0440 0x1ab4 TsUsbFlt - ok
18:56:25.0445 0x1ab4 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
18:56:25.0458 0x1ab4 TsUsbGD - ok
18:56:25.0464 0x1ab4 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:56:25.0477 0x1ab4 tunnel - ok
18:56:25.0481 0x1ab4 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:56:25.0490 0x1ab4 uagp35 - ok
18:56:25.0495 0x1ab4 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
18:56:25.0504 0x1ab4 UASPStor - ok
18:56:25.0511 0x1ab4 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
18:56:25.0523 0x1ab4 UCX01000 - ok
18:56:25.0531 0x1ab4 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:56:25.0549 0x1ab4 udfs - ok
18:56:25.0553 0x1ab4 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
18:56:25.0560 0x1ab4 UEFI - ok
18:56:25.0568 0x1ab4 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:56:25.0579 0x1ab4 UI0Detect - ok
18:56:25.0583 0x1ab4 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:56:25.0591 0x1ab4 uliagpkx - ok
18:56:25.0596 0x1ab4 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
18:56:25.0606 0x1ab4 umbus - ok
18:56:25.0611 0x1ab4 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
18:56:25.0620 0x1ab4 UmPass - ok
18:56:25.0628 0x1ab4 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
18:56:25.0647 0x1ab4 UmRdpService - ok
18:56:25.0657 0x1ab4 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
18:56:25.0675 0x1ab4 upnphost - ok
18:56:25.0682 0x1ab4 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:56:25.0698 0x1ab4 usbaudio - ok
18:56:25.0705 0x1ab4 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
18:56:25.0716 0x1ab4 usbccgp - ok
18:56:25.0721 0x1ab4 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
18:56:25.0736 0x1ab4 usbcir - ok
18:56:25.0741 0x1ab4 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
18:56:25.0751 0x1ab4 usbehci - ok
18:56:25.0765 0x1ab4 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
18:56:25.0784 0x1ab4 usbhub - ok
18:56:25.0797 0x1ab4 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
18:56:25.0817 0x1ab4 USBHUB3 - ok
18:56:25.0822 0x1ab4 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
18:56:25.0838 0x1ab4 usbohci - ok
18:56:25.0842 0x1ab4 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
18:56:25.0855 0x1ab4 usbprint - ok
18:56:25.0859 0x1ab4 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:56:25.0872 0x1ab4 usbscan - ok
18:56:25.0878 0x1ab4 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
18:56:25.0889 0x1ab4 USBSTOR - ok
18:56:25.0893 0x1ab4 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
18:56:25.0906 0x1ab4 usbuhci - ok
18:56:25.0926 0x1ab4 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:56:25.0943 0x1ab4 usbvideo - ok
18:56:25.0953 0x1ab4 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
18:56:25.0968 0x1ab4 USBXHCI - ok
18:56:25.0972 0x1ab4 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
18:56:25.0980 0x1ab4 VaultSvc - ok
18:56:25.0984 0x1ab4 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:56:25.0991 0x1ab4 vdrvroot - ok
18:56:26.0015 0x1ab4 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
18:56:26.0048 0x1ab4 vds - ok
18:56:26.0056 0x1ab4 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
18:56:26.0066 0x1ab4 VerifierExt - ok
18:56:26.0081 0x1ab4 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
18:56:26.0103 0x1ab4 vhdmp - ok
18:56:26.0107 0x1ab4 [ 49EF44CB3331381547FD94C36B84FCB5, D93920C63D769F1DC117B11221AE8CAF2782B17CAC6B520E34E2803869FA689B ] vhdparser C:\Windows\system32\drivers\vhdparser.sys
18:56:26.0118 0x1ab4 vhdparser - ok
18:56:26.0122 0x1ab4 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
18:56:26.0129 0x1ab4 viaide - ok
18:56:26.0136 0x1ab4 [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\Windows\System32\drivers\Vid.sys
18:56:26.0149 0x1ab4 Vid - ok
18:56:26.0153 0x1ab4 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:56:26.0162 0x1ab4 vmbus - ok
18:56:26.0166 0x1ab4 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
18:56:26.0175 0x1ab4 VMBusHID - ok
18:56:26.0180 0x1ab4 [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\Windows\system32\DRIVERS\vmbusr.sys
18:56:26.0191 0x1ab4 vmbusr - ok
18:56:26.0203 0x1ab4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
18:56:26.0222 0x1ab4 vmicguestinterface - ok
18:56:26.0234 0x1ab4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
18:56:26.0250 0x1ab4 vmicheartbeat - ok
18:56:26.0262 0x1ab4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
18:56:26.0279 0x1ab4 vmickvpexchange - ok
18:56:26.0290 0x1ab4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
18:56:26.0307 0x1ab4 vmicrdv - ok
18:56:26.0318 0x1ab4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
18:56:26.0335 0x1ab4 vmicshutdown - ok
18:56:26.0346 0x1ab4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
18:56:26.0363 0x1ab4 vmictimesync - ok
18:56:26.0374 0x1ab4 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
18:56:26.0390 0x1ab4 vmicvss - ok
18:56:26.0609 0x1ab4 [ AE692B87C982CCECE9DB1441BE4901EF, 9DD93632EC2BE88D957CAF4832A7078BCFC5D2495B8C6F8A22AE5E4DAB8FB47E ] vmms C:\Windows\system32\vmms.exe
18:56:26.0856 0x1ab4 vmms - ok
18:56:26.0883 0x1ab4 [ CD00073C791106205662E5898E1E03F5, 93A24C8DB723366B4DF778CE2733604E9E9A229DA214DB61B2AB7C7B1FB25527 ] VMSMP C:\Windows\system32\DRIVERS\vmswitch.sys
18:56:26.0908 0x1ab4 VMSMP - ok
18:56:26.0922 0x1ab4 [ CD00073C791106205662E5898E1E03F5, 93A24C8DB723366B4DF778CE2733604E9E9A229DA214DB61B2AB7C7B1FB25527 ] VMSP C:\Windows\system32\DRIVERS\vmswitch.sys
18:56:26.0941 0x1ab4 VMSP - ok
18:56:26.0955 0x1ab4 [ CD00073C791106205662E5898E1E03F5, 93A24C8DB723366B4DF778CE2733604E9E9A229DA214DB61B2AB7C7B1FB25527 ] VMSVSF C:\Windows\system32\DRIVERS\vmswitch.sys
18:56:26.0974 0x1ab4 VMSVSF - ok
18:56:26.0988 0x1ab4 [ CD00073C791106205662E5898E1E03F5, 93A24C8DB723366B4DF778CE2733604E9E9A229DA214DB61B2AB7C7B1FB25527 ] VMSVSP C:\Windows\system32\DRIVERS\vmswitch.sys
18:56:27.0006 0x1ab4 VMSVSP - ok
18:56:27.0011 0x1ab4 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:56:27.0020 0x1ab4 volmgr - ok
18:56:27.0029 0x1ab4 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:56:27.0044 0x1ab4 volmgrx - ok
18:56:27.0055 0x1ab4 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:56:27.0070 0x1ab4 volsnap - ok
18:56:27.0075 0x1ab4 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
18:56:27.0083 0x1ab4 vpci - ok
18:56:27.0087 0x1ab4 [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys
18:56:27.0097 0x1ab4 vpcivsp - ok
18:56:27.0109 0x1ab4 [ 0BD37CBF66CF79F43A68F7ADEDD6769D, 33A7DA47AA3689AE37929B0011A3DB9F55E8BDDB166C13DF2F4BE07000804264 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
18:56:27.0123 0x1ab4 vpnagent - ok
18:56:27.0127 0x1ab4 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
18:56:27.0134 0x1ab4 vpnva - ok
18:56:27.0145 0x1ab4 [ D122E5576F7CA9903F6576C7F09FA62D, 1A706C24BBAD6A322CBECF9F82231234F1D11CA0398C49EB7743B6932A25AB29 ] Vsdatant C:\Windows\system32\drivers\vsdatant.sys
18:56:27.0159 0x1ab4 Vsdatant - ok
18:56:27.0222 0x1ab4 [ ABC70D66394C27F0B50E41A19E89C2D7, EFB1354DDB5599D13D5397EB34EC865D7F23344650C64C5A04622430A6B22B77 ] vsmon C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
18:56:27.0285 0x1ab4 vsmon - ok
18:56:27.0294 0x1ab4 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:56:27.0305 0x1ab4 vsmraid - ok
18:56:27.0332 0x1ab4 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\Windows\system32\vssvc.exe
18:56:27.0367 0x1ab4 VSS - ok
18:56:27.0377 0x1ab4 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
18:56:27.0390 0x1ab4 VSTXRAID - ok
18:56:27.0394 0x1ab4 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:56:27.0409 0x1ab4 vwifibus - ok
18:56:27.0413 0x1ab4 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:56:27.0425 0x1ab4 vwififlt - ok
18:56:27.0429 0x1ab4 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:56:27.0438 0x1ab4 vwifimp - ok
18:56:27.0449 0x1ab4 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
18:56:27.0469 0x1ab4 W32Time - ok
18:56:27.0473 0x1ab4 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
18:56:27.0483 0x1ab4 WacomPen - ok
18:56:27.0511 0x1ab4 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
18:56:27.0552 0x1ab4 wbengine - ok
18:56:27.0565 0x1ab4 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:56:27.0587 0x1ab4 WbioSrvc - ok
18:56:27.0596 0x1ab4 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
18:56:27.0612 0x1ab4 Wcmsvc - ok
18:56:27.0624 0x1ab4 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:56:27.0642 0x1ab4 wcncsvc - ok
18:56:27.0646 0x1ab4 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:56:27.0660 0x1ab4 WcsPlugInService - ok
18:56:27.0664 0x1ab4 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
18:56:27.0673 0x1ab4 WdBoot - ok
18:56:27.0690 0x1ab4 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:56:27.0714 0x1ab4 Wdf01000 - ok
18:56:27.0724 0x1ab4 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
18:56:27.0736 0x1ab4 WdFilter - ok
18:56:27.0741 0x1ab4 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:56:27.0753 0x1ab4 WdiServiceHost - ok
18:56:27.0757 0x1ab4 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:56:27.0768 0x1ab4 WdiSystemHost - ok
18:56:27.0773 0x1ab4 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
18:56:27.0783 0x1ab4 WdNisDrv - ok
18:56:27.0786 0x1ab4 WdNisSvc - ok
18:56:27.0793 0x1ab4 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\Windows\System32\webclnt.dll
18:56:27.0810 0x1ab4 WebClient - ok
18:56:27.0817 0x1ab4 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:56:27.0830 0x1ab4 Wecsvc - ok
18:56:27.0835 0x1ab4 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
18:56:27.0844 0x1ab4 WEPHOSTSVC - ok
18:56:27.0849 0x1ab4 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:56:27.0866 0x1ab4 wercplsupport - ok
18:56:27.0871 0x1ab4 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
18:56:27.0884 0x1ab4 WerSvc - ok
18:56:27.0889 0x1ab4 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
18:56:27.0899 0x1ab4 WFPLWFS - ok
18:56:27.0904 0x1ab4 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
18:56:27.0914 0x1ab4 WiaRpc - ok
18:56:27.0918 0x1ab4 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:56:27.0926 0x1ab4 WIMMount - ok
18:56:27.0928 0x1ab4 WinDefend - ok
18:56:27.0948 0x1ab4 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
18:56:27.0972 0x1ab4 WinHttpAutoProxySvc - ok
18:56:27.0983 0x1ab4 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:56:27.0999 0x1ab4 Winmgmt - ok
18:56:28.0046 0x1ab4 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
18:56:28.0103 0x1ab4 WinRM - ok
18:56:28.0114 0x1ab4 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WINUSB C:\Windows\System32\drivers\WinUsb.sys
18:56:28.0125 0x1ab4 WINUSB - ok
18:56:28.0153 0x1ab4 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
18:56:28.0189 0x1ab4 WlanSvc - ok
18:56:28.0221 0x1ab4 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
18:56:28.0260 0x1ab4 wlidsvc - ok
18:56:28.0265 0x1ab4 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
18:56:28.0274 0x1ab4 WmiAcpi - ok
18:56:28.0282 0x1ab4 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:56:28.0294 0x1ab4 wmiApSrv - ok
18:56:28.0296 0x1ab4 WMPNetworkSvc - ok
18:56:28.0303 0x1ab4 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
18:56:28.0312 0x1ab4 Wof - ok
18:56:28.0345 0x1ab4 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
18:56:28.0388 0x1ab4 workfolderssvc - ok
18:56:28.0394 0x1ab4 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
18:56:28.0402 0x1ab4 wpcfltr - ok
18:56:28.0407 0x1ab4 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:56:28.0419 0x1ab4 WPCSvc - ok
18:56:28.0424 0x1ab4 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:56:28.0438 0x1ab4 WPDBusEnum - ok
18:56:28.0442 0x1ab4 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
18:56:28.0450 0x1ab4 WpdUpFltr - ok
18:56:28.0454 0x1ab4 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:56:28.0464 0x1ab4 ws2ifsl - ok
18:56:28.0470 0x1ab4 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
18:56:28.0485 0x1ab4 wscsvc - ok
18:56:28.0489 0x1ab4 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
18:56:28.0499 0x1ab4 WSDPrintDevice - ok
18:56:28.0502 0x1ab4 [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\Windows\System32\drivers\WSDScan.sys
18:56:28.0511 0x1ab4 WSDScan - ok
18:56:28.0514 0x1ab4 WSearch - ok
18:56:28.0576 0x1ab4 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
18:56:28.0658 0x1ab4 WSService - ok
18:56:28.0724 0x1ab4 [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv C:\Windows\system32\wuaueng.dll
18:56:28.0801 0x1ab4 wuauserv - ok
18:56:28.0809 0x1ab4 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:56:28.0819 0x1ab4 WudfPf - ok
18:56:28.0826 0x1ab4 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
18:56:28.0836 0x1ab4 WUDFRd - ok
18:56:28.0841 0x1ab4 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:56:28.0853 0x1ab4 wudfsvc - ok
18:56:28.0859 0x1ab4 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
18:56:28.0870 0x1ab4 WUDFWpdFs - ok
18:56:28.0876 0x1ab4 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys
18:56:28.0887 0x1ab4 WUDFWpdMtp - ok
18:56:28.0898 0x1ab4 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:56:28.0917 0x1ab4 WwanSvc - ok
18:56:28.0923 0x1ab4 [ A8A49F0427D783BFF78BC3226B4ABD0D, BE074147C825292C5A4CB859EE0238061511753F24348975BC51B313F370DD2C ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
18:56:28.0929 0x1ab4 ZAPrivacyService - ok
18:56:28.0992 0x1ab4 [ D852B17C3A11433D0D26D57490DFA1C8, 2B1D8F8D6A04C75A7765A8C26118AD19285EFEB57ECD178C707743B6668A3F3F ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:56:29.0054 0x1ab4 ZeroConfigService - ok
18:56:29.0069 0x1ab4 ================ Scan global ===============================
18:56:29.0074 0x1ab4 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
18:56:29.0082 0x1ab4 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
18:56:29.0089 0x1ab4 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
18:56:29.0099 0x1ab4 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
18:56:29.0106 0x1ab4 [ Global ] - ok
18:56:29.0107 0x1ab4 ================ Scan MBR ==================================
18:56:29.0109 0x1ab4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:56:29.0159 0x1ab4 \Device\Harddisk0\DR0 - ok
18:56:29.0159 0x1ab4 ================ Scan VBR ==================================
18:56:29.0161 0x1ab4 [ B6502C44304C25F361A9125CDD02BC3F ] \Device\Harddisk0\DR0\Partition1
18:56:29.0162 0x1ab4 \Device\Harddisk0\DR0\Partition1 - ok
18:56:29.0164 0x1ab4 [ E20BBC885E942D3B32F936327A6C205F ] \Device\Harddisk0\DR0\Partition2
18:56:29.0165 0x1ab4 \Device\Harddisk0\DR0\Partition2 - ok
18:56:29.0166 0x1ab4 [ 27F05B1C72FA30BEAE06585B9B6F82E9 ] \Device\Harddisk0\DR0\Partition3
18:56:29.0167 0x1ab4 \Device\Harddisk0\DR0\Partition3 - ok
18:56:29.0170 0x1ab4 [ 89D3ADD35FE1A971884755B9B02E34E8 ] \Device\Harddisk0\DR0\Partition4
18:56:29.0171 0x1ab4 \Device\Harddisk0\DR0\Partition4 - ok
18:56:29.0171 0x1ab4 ================ Scan generic autorun ======================
18:56:29.0173 0x1ab4 BTMTrayAgent - ok
18:56:29.0173 0x1ab4 ETDCtrl - ok
18:56:29.0182 0x1ab4 [ 5039FDFB4267235655C21EF52BA784C9, 3650C435D9A6A479C6A90E1A2CE00DBCAB7C63E372113BB76A4EB28AC3C06C96 ] C:\Windows\system32\igfxtray.exe
18:56:29.0195 0x1ab4 IgfxTray - ok
18:56:29.0209 0x1ab4 [ EE52962813B2E7F5D265AAFF3BDDD18D, 433F59557745F7E6CBB63B004DF5D3310F86814B537A52E2668722B086A1FE83 ] C:\Windows\system32\hkcmd.exe
18:56:29.0227 0x1ab4 HotKeysCmds - ok
18:56:29.0243 0x1ab4 [ 1A3FD0F7C15044F4C7263111AD84A965, DF6E908B30A405F7A362BF4230B7BD3991C15D9082C0BEF85689AC1F1DE4E4BC ] C:\Windows\system32\igfxpers.exe
18:56:29.0260 0x1ab4 Persistence - ok
18:56:29.0480 0x1ab4 [ 8F9343E9015DA92CDC455A92FE320AB0, 8C3E008971F4D2A815C4F302BA19B68A3C9ABBCCA4BD872C9D909CD3AE9EA11C ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:56:29.0689 0x1ab4 RtHDVCpl - ok
18:56:29.0708 0x1ab4 [ 4136AAA488720E90B520B09A38CDA554, E6BA99476706989FCF76AF08F71F5C1B5BCD751CF89E0DC97E031AD522DB9C66 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
18:56:29.0720 0x1ab4 Acronis Scheduler2 Service - ok
18:56:29.0724 0x1ab4 [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
18:56:29.0739 0x1ab4 Logitech Download Assistant - ok
18:56:29.0759 0x1ab4 [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
18:56:29.0778 0x1ab4 StartCCC - ok
18:56:29.0783 0x1ab4 [ 6ACC44D3C8B72617061A6D2B66C7D5A7, 2CCA5D68B8C9640AADAF42E0260CFB94DDF60213D7BB3FFA6DCB673C096DB86C ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
18:56:29.0790 0x1ab4 ZoneAlarm - ok
18:56:29.0796 0x1ab4 [ 16D4D2AB28EDD90AEE06826B3ADF50AB, EE8E54702B22E7F1DB8DE7296132C3473DD9D18B9E9C47414F315173E0A26E16 ] C:\Program Files (x86)\PDF24\pdf24.exe
18:56:29.0805 0x1ab4 PDFPrint - ok
18:56:29.0903 0x1ab4 [ 60560CEDC32CAB29024ED5E5B560DE4E, FB967295D4872DA675C0D0D73027A8176CF38A3AB8BDF87CFDE4A1E596AFE8DE ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
18:56:30.0008 0x1ab4 TrueImageMonitor.exe - ok
18:56:30.0032 0x1ab4 [ CCC11052D20C42AE1B206EF04B8403EB, DA302A72A4E96BAB8AA5F594DE500499E1B4E7E40D2359C0F3DCFCBA6BE143FE ] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
18:56:30.0055 0x1ab4 AcronisTibMounterMonitor - ok
18:56:30.0175 0x1ab4 [ 0567F1DEBA5A27B918E19DBD5F86E048, 7E5D11A872B77899AC38D7AFA3D51E75AA5DFE103463115B6C982EFBC7683857 ] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
18:56:30.0223 0x1ab4 BingDesktop - ok
18:56:30.0240 0x1ab4 [ 41864A56D8CCA3834788BA1E6CE9C97F, 268C90AD8800625582BFDDEB1BEA66C7ECB4749DBC90F52DA992C8CBF863950B ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
18:56:30.0256 0x1ab4 Cisco AnyConnect Secure Mobility Agent for Windows - ok
18:56:30.0290 0x1ab4 [ 78E70968C04DE6C85541CF70F8CF4E78, 247480142CD098739FF5E68499911CB43E9215AC38328B6452D74FEC9F7BA0EA ] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
18:56:30.0329 0x1ab4 HydraVisionDesktopManager - detected UnsignedFile.Multi.Generic ( 1 )
18:56:32.0679 0x1ab4 Detect skipped due to KSN trusted
18:56:32.0679 0x1ab4 HydraVisionDesktopManager - ok
18:56:32.0826 0x1ab4 [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
18:56:32.0988 0x1ab4 DAEMON Tools Lite - ok
18:56:32.0996 0x1ab4 [ BBAF86173CC44141913278FE642D9D4C, ADF30BC2E756B42BFF841159D28DC72CCC98DDC1C04FBBB3FC44110CFDAE5ABF ] C:\Windows\Speech\Common\sapisvr.exe
18:56:33.0014 0x1ab4 Speech Recognition - ok
18:56:33.0017 0x1ab4 Skype - ok
18:56:33.0034 0x1ab4 [ 6D9C544ECF1D56AFDA3C03C19E75FE8B, 8FD676300ED596EDCB33F334709245424613CAB30868A2866785A47CBF689199 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAU.EXE
18:56:33.0053 0x1ab4 Epson Stylus Office BX525WD(Netzwerk) - ok
18:56:33.0227 0x1ab4 [ 3A57F13F8395A61AAF5F07DF0416FA63, A02F260C07867BDB49C6D0F90C0803A1EC25B7BAE537F1A882D99534AFE89A8C ] C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
18:56:33.0381 0x1ab4 AnyDVD - ok
18:56:33.0438 0x1ab4 [ 8DACA62F3E15E45EBAF7AE51A609CBC1, 5FACF0EA36572E7228EB2808731ED00DD08B481937569E71C3A537D7E65022AD ] C:\Program Files (x86)\Steam\steam.exe
18:56:33.0493 0x1ab4 Steam - ok
18:56:33.0504 0x1ab4 [ 6D9C544ECF1D56AFDA3C03C19E75FE8B, 8FD676300ED596EDCB33F334709245424613CAB30868A2866785A47CBF689199 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAU.EXE
18:56:33.0513 0x1ab4 EPSON BX525WD Series - ok
18:56:33.0514 0x1ab4 Waiting for KSN requests completion. In queue: 229
18:56:34.0515 0x1ab4 Waiting for KSN requests completion. In queue: 229
18:56:35.0516 0x1ab4 Waiting for KSN requests completion. In queue: 229
18:56:36.0542 0x1ab4 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
18:56:36.0544 0x1ab4 AV detected via SS2: ZoneAlarm Antivirus, C:\Program Files (x86)\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.2.15.0 ), 0x41000 ( enabled : updated )
18:56:36.0546 0x1ab4 FW detected via SS2: ZoneAlarm Firewall, C:\Program Files (x86)\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.2.15.0 ), 0x41010 ( enabled )
18:56:38.0911 0x1ab4 ============================================================
18:56:38.0911 0x1ab4 Scan finished
18:56:38.0911 0x1ab4 ============================================================
18:56:38.0928 0x1c14 Detected object count: 0
18:56:38.0928 0x1c14 Actual detected object count: 0
|
|
11.07.2015, 14:47
| #7 |
| /// the machine /// TB-Ausbilder | Skype hat eigenständig Nachrichten mit Links versendet Ich seh so nix, also PW von allen Accounts ändern und beobachten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.07.2015, 10:57
| #8 |
| | Skype hat eigenständig Nachrichten mit Links versendet Top, vielen Dank! |
|
12.07.2015, 16:08
| #9 |
| /// the machine /// TB-Ausbilder | Skype hat eigenständig Nachrichten mit Links versendet Gern Geschehen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Skype hat eigenständig Nachrichten mit Links versendet |
| befund, beste, besten, direkt, frage, gehackt, gestern, geändert, guten, hilfe!, infiziert, keine rückmeldung, links, microsoft, morgen, nachrichten, passwort, rechner, rückmeldung, scan, skype, unsicher, virenscan, vorgehen, zonealarm, ändern |
Linear-Darstellung
