| |
| |||||||
Log-Analyse und Auswertung: McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.12.2015, 17:19
| #1 |
 |  McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Hallo zusammen, ich habe das Problem, dass der Echtzeitscann von meinem MCAFEE von selbst deaktiviert wird, aktiviere ich ihn von Hand, wird er binnen Sekunden wieder deaktiviert.  Ich habe jetzt einmal einen Suchlauf mit Malwarebytes gestartet und die gefundenen Sachen in Quarantäne verschieben lassen. Das hat Malewarebytes als Log ausgespuckt: Würde mich freuen wenn mir da jemand helfen kann. Lg Marco Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 09.12.2015 Suchlaufzeit: 16:42 Protokolldatei: scannprotokoll.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.09.03 Rootkit-Datenbank: v2015.12.07.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Marco Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 358531 Abgelaufene Zeit: 20 Min., 13 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 17 PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [f710ccd76f1c1d191c39510cf30f27d9], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CltMngSvc_RASAPI32, In Quarantäne, [bf48584b107b4aecd37ebd3cb64dfb05], PUP.Optional.SearchProtect.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\CltMngSvc_RASMANCS, In Quarantäne, [17f0bbe8a4e71c1a8ac7b247df2418e8], PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\RegCleanPro_RASAPI32, In Quarantäne, [d92e3b68bfcc1125a5f05f9be0239967], PUP.Optional.RegCleanPro, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\RegCleanPro_RASMANCS, In Quarantäne, [aa5d1a89236873c3385d20da36cdb749], PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [848373303f4ca492ea80219653af06fa], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, In Quarantäne, [64a3aef5b5d67fb75afccbeb8182f50b], PUP.Optional.CrossRider, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, In Quarantäne, [11f6d8cb52391a1c604e2266d3309c64], PUP.Optional.Tuto4PC, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\TutoTag, In Quarantäne, [37d0752e2e5d0b2bf16190267a8957a9], PUP.Optional.AnyProtect, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\ANYPROTECT, In Quarantäne, [47c0742f8cff0630010c5422d03320e0], PUP.Optional.BlockAndSurf, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\APPDATALOW\SOFTWARE\BlockAndSurf, In Quarantäne, [c0479d06e5a646f079590975e41f41bf], PUP.Optional.CrossRider, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [52b5ecb7a7e412242f7fa1e7f90af30d], PUP.Optional.GlobalUpdate, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, In Quarantäne, [cd3a396a24670036f85e6131758e56aa], PUP.Optional.InetStat, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\INETSTAT, In Quarantäne, [f80f9b087516b086adbff7cff90ac43c], PUP.Optional.CrossRider, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3B5B609E-4D99-4EBB-A5D8-8FCBCE5788E9}, In Quarantäne, [8087ddc61b7045f1407efa8f659e8f71], PUP.Optional.CrossRider, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A4712EC8-F5F7-4E39-B3BF-F73180D2D965}, In Quarantäne, [02058d1696f579bd4f701772e3202bd5], PUP.Optional.SystemSpeedup, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [bd4a614259320d293831d0e779891be5], Registrierungswerte: 10 PUP.Optional.MBot, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|mbot_de_300, In Quarantäne, [e91ec2e1fd8ef343661f6e2df50e3cc4], PUP.Optional.Tuto4PC, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, 159F9CF8-9D8D-484C-8307-FC255CC12089, In Quarantäne, [64a3aef5b5d67fb75afccbeb8182f50b] PUP.Optional.AnyProtect, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\ANYPROTECT|ABTest, {"general":{"test_id":"B6","installer_pre_page":true,"scanner_pre_page":false},"1":{"email_check":true},"7":{"notification_20_mins":"3A"},"9":{"scan_page_id":2},"12":{"upclick_exit_show":false,"upclick_exit_countries":{"US":{"phone":"(855) 602-9762"},"CA":{"phone":"(855) 602-9762"},"UK":{"phone":"0800 031 4647"},"GB":{"phone":"0800 031 4647"},"AU":{"phone":"1800-762-367"}}},"14":{"upclick_scan_id_show":false,"upclick_scan_id":"000-000-000"},"15":{"upclick_bottom_offer_show":false,"upclick_bottom_offer_countries":{"US":{"phone":"(855) 602-9762"},"GB":{"phone":"0800 031 4647"},"UK":{"phone":"0800 031 4647"},"DE":{"phone":"800-182-0188"},"CA":{"phone":"(855) 602-9762"},"AU":{"phone":"1800-762-367"},"FR":{"phone":"9 75 18 72 00"}}},"18":{"movie":1}}, In Quarantäne, [47c0742f8cff0630010c5422d03320e0] PUP.Optional.GlobalUpdate, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, In Quarantäne, [cd3a396a24670036f85e6131758e56aa] PUP.Optional.InetStat, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\INETSTAT|status, In Quarantäne, [f80f9b087516b086adbff7cff90ac43c], PUP.Optional.CrossRider, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3B5B609E-4D99-4EBB-A5D8-8FCBCE5788E9}|AppName, 007b6571-eb9c-4689-b446-6be75c1574c0-2.exe-buttonutil.exe, In Quarantäne, [8087ddc61b7045f1407efa8f659e8f71] PUP.Optional.CrossRider, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A4712EC8-F5F7-4E39-B3BF-F73180D2D965}|AppName, 007b6571-eb9c-4689-b446-6be75c1574c0-2.exe-codedownloader.exe, In Quarantäne, [02058d1696f579bd4f701772e3202bd5] PUP.Optional.Trovi, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3331617&octid=EB_ORIGINAL_CTID&ISID=MA7141258-9637-4C4C-B4D2-59E35300AE8C&SearchSource=58&CUI=&UM=6&UP=SP2EF13B0B-346E-4380-9315-2A437A19ABFD&q={searchTerms}&SSPV=, In Quarantäne, [1becefb49af1d660bc30c5f059aa20e0] PUP.Optional.Conduit, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantäne, [e91e3a69b7d4a78f61ee790cd72cd32d] PUP.Optional.Trovi, HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Trovi search, In Quarantäne, [f80fc9dad3b8221468847d3833d0758b] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 10 PUP.Optional.OpenCandy, C:\Users\Marco\AppData\Roaming\OpenCandy, In Quarantäne, [fe09366d6d1ea492f4d81b4e07fbbe42], PUP.Optional.OpenCandy, C:\Users\Marco\AppData\Roaming\OpenCandy\OpenCandy_0725B1596D2E471B8F16B7AC18F16E57, In Quarantäne, [fe09366d6d1ea492f4d81b4e07fbbe42], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [7493dac9d7b4a492b5cab2bff111af51], PUP.Optional.AnyProtect, C:\Users\Marco\AppData\Roaming\AnyProtectEx, In Quarantäne, [46c1069db5d6b77f940bb1c2ef1348b8], PUP.Optional.AnyProtect, C:\Users\Marco\AppData\Roaming\AnyProtectEx\installer, In Quarantäne, [46c1069db5d6b77f940bb1c2ef1348b8], PUP.Optional.AnyProtect, C:\Users\Marco\AppData\Roaming\AnyProtectEx\language, In Quarantäne, [46c1069db5d6b77f940bb1c2ef1348b8], PUP.Optional.AnyProtect, C:\Users\Marco\AppData\Roaming\AnyProtectEx\logs, In Quarantäne, [46c1069db5d6b77f940bb1c2ef1348b8], PUP.Optional.AnyProtect, C:\Users\Marco\AppData\Roaming\AnyProtectEx\scan_results, In Quarantäne, [46c1069db5d6b77f940bb1c2ef1348b8], PUP.Optional.AnyProtect, C:\Users\Marco\AppData\Roaming\AnyProtectEx\swf, In Quarantäne, [46c1069db5d6b77f940bb1c2ef1348b8], PUP.Optional.AnyProtect, C:\Program Files (x86)\AnyProtectEx, In Quarantäne, [31d6277c5f2cf640b5eb74ffd52d57a9], Dateien: 10 PUP.Optional.CinemaPlus, C:\Users\Marco\AppData\Roaming\PQMQX.exe, In Quarantäne, [d7308d168a010234af7f138374904bb5], PUP.Optional.CinemaPlus, C:\Users\Marco\AppData\Roaming\TKDN.exe, In Quarantäne, [2ddab3f096f578beea448016808454ac], PUP.Optional.AnyProtect, C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe, In Quarantäne, [ba4df4af99f2f93de5e955400202de22], PUP.Optional.InetStat, C:\Users\Marco\AppData\Roaming\InetStat\inetstat.exe, In Quarantäne, [63a4465d62295ed850940f87ef141ae6], PUP.Optional.Patsearch, C:\Windows\patsearch.bin, In Quarantäne, [f90ef2b1543738fe60a8eaba887be31d], PUP.Optional.WebInstr, C:\Windows\System32\drivers\Msft_Kernel_webinstrT_01009.Wdf, In Quarantäne, [8087c6dd167588ae6234c3f6cb38bf41], PUP.Optional.AnyProtect, C:\Users\Marco\AppData\Roaming\AnyProtectEx\installer\ab.test.json, In Quarantäne, [46c1069db5d6b77f940bb1c2ef1348b8], PUP.Optional.AnyProtect, C:\Users\Marco\AppData\Roaming\AnyProtectEx\installer\tempfile.t, In Quarantäne, [46c1069db5d6b77f940bb1c2ef1348b8], PUP.Optional.AnyProtect, C:\Users\Marco\AppData\Roaming\AnyProtectEx\swf\mov01.swf, In Quarantäne, [46c1069db5d6b77f940bb1c2ef1348b8], PUP.Optional.AnyProtect, C:\Program Files (x86)\AnyProtectEx\product.guid, In Quarantäne, [31d6277c5f2cf640b5eb74ffd52d57a9], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
09.12.2015, 18:07
| #2 |
| /// Selecta Jahrusso   | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
09.12.2015, 18:43
| #3 |
| | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Danke erstmal für die schnelle Antwort.
__________________Hier die Logs tdsskiller Teil 1: Code:
ATTFilter 18:28:41.0185 0x1b7c TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
18:28:58.0280 0x1b7c ============================================================
18:28:58.0280 0x1b7c Current date / time: 2015/12/09 18:28:58.0280
18:28:58.0280 0x1b7c SystemInfo:
18:28:58.0280 0x1b7c
18:28:58.0281 0x1b7c OS Version: 6.1.7601 ServicePack: 1.0
18:28:58.0281 0x1b7c Product type: Workstation
18:28:58.0281 0x1b7c ComputerName: MARCO-LAPTOP
18:28:58.0281 0x1b7c UserName: Marco
18:28:58.0281 0x1b7c Windows directory: C:\Windows
18:28:58.0281 0x1b7c System windows directory: C:\Windows
18:28:58.0281 0x1b7c Running under WOW64
18:28:58.0281 0x1b7c Processor architecture: Intel x64
18:28:58.0281 0x1b7c Number of processors: 4
18:28:58.0281 0x1b7c Page size: 0x1000
18:28:58.0281 0x1b7c Boot type: Normal boot
18:28:58.0281 0x1b7c ============================================================
18:29:00.0827 0x1b7c KLMD registered as C:\Windows\system32\drivers\82601806.sys
18:29:02.0990 0x1b7c System UUID: {8AC4526A-3C97-5543-6714-0C64361BD890}
18:29:03.0816 0x1b7c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:29:03.0821 0x1b7c Drive \Device\Harddisk1\DR2 - Size: 0x747488000 ( 29.11 Gb ), SectorSize: 0x200, Cylinders: 0xED8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:29:03.0825 0x1b7c ============================================================
18:29:03.0825 0x1b7c \Device\Harddisk0\DR0:
18:29:03.0860 0x1b7c MBR partitions:
18:29:03.0861 0x1b7c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x124F8000
18:29:03.0861 0x1b7c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x124F7800
18:29:03.0861 0x1b7c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x249F0800, BlocksNum 0x4FD15800
18:29:03.0861 0x1b7c \Device\Harddisk1\DR2:
18:29:03.0862 0x1b7c MBR partitions:
18:29:03.0862 0x1b7c \Device\Harddisk1\DR2\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x3A3A420
18:29:03.0862 0x1b7c ============================================================
18:29:03.0896 0x1b7c C: <-> \Device\Harddisk0\DR0\Partition1
18:29:03.0943 0x1b7c E: <-> \Device\Harddisk0\DR0\Partition3
18:29:03.0984 0x1b7c D: <-> \Device\Harddisk0\DR0\Partition2
18:29:03.0984 0x1b7c ============================================================
18:29:03.0984 0x1b7c Initialize success
18:29:03.0984 0x1b7c ============================================================
18:29:47.0270 0x1730 ============================================================
18:29:47.0270 0x1730 Scan started
18:29:47.0270 0x1730 Mode: Manual; SigCheck; TDLFS;
18:29:47.0270 0x1730 ============================================================
18:29:47.0270 0x1730 KSN ping started
18:29:50.0027 0x1730 KSN ping finished: true
18:29:51.0566 0x1730 ================ Scan system memory ========================
18:29:51.0566 0x1730 System memory - ok
18:29:51.0567 0x1730 ================ Scan services =============================
18:29:51.0704 0x1730 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:29:51.0770 0x1730 1394ohci - ok
18:29:51.0807 0x1730 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:29:51.0824 0x1730 ACPI - ok
18:29:51.0856 0x1730 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:29:51.0890 0x1730 AcpiPmi - ok
18:29:51.0929 0x1730 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:29:51.0949 0x1730 adp94xx - ok
18:29:51.0986 0x1730 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:29:52.0003 0x1730 adpahci - ok
18:29:52.0023 0x1730 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:29:52.0037 0x1730 adpu320 - ok
18:29:52.0062 0x1730 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:29:52.0090 0x1730 AeLookupSvc - ok
18:29:52.0134 0x1730 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:29:52.0168 0x1730 AFD - ok
18:29:52.0205 0x1730 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:29:52.0217 0x1730 agp440 - ok
18:29:52.0247 0x1730 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:29:52.0267 0x1730 ALG - ok
18:29:52.0298 0x1730 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:29:52.0309 0x1730 aliide - ok
18:29:52.0465 0x1730 [ EB9985E690F1FB89CF7A4A2CC591C7B1, 2F6C8CC0066D748B753229038E289C5694FC45BC7EB7C8155FE54B597D4E437C ] almservice C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
18:29:52.0519 0x1730 almservice - detected UnsignedFile.Multi.Generic ( 1 )
18:29:55.0605 0x1730 Detect skipped due to KSN trusted
18:29:55.0606 0x1730 almservice - ok
18:29:55.0714 0x1730 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:29:55.0760 0x1730 amdide - ok
18:29:55.0781 0x1730 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:29:55.0810 0x1730 AmdK8 - ok
18:29:55.0813 0x1730 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:29:55.0833 0x1730 AmdPPM - ok
18:29:55.0859 0x1730 [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:29:55.0872 0x1730 amdsata - ok
18:29:55.0902 0x1730 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:29:55.0916 0x1730 amdsbs - ok
18:29:55.0926 0x1730 [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:29:55.0937 0x1730 amdxata - ok
18:29:55.0968 0x1730 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
18:29:56.0010 0x1730 AppID - ok
18:29:56.0030 0x1730 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:29:56.0065 0x1730 AppIDSvc - ok
18:29:56.0108 0x1730 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:29:56.0132 0x1730 Appinfo - ok
18:29:56.0199 0x1730 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:29:56.0247 0x1730 Apple Mobile Device Service - ok
18:29:56.0301 0x1730 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
18:29:56.0341 0x1730 AppMgmt - ok
18:29:56.0354 0x1730 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:29:56.0366 0x1730 arc - ok
18:29:56.0397 0x1730 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:29:56.0409 0x1730 arcsas - ok
18:29:56.0505 0x1730 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:29:56.0547 0x1730 aspnet_state - ok
18:29:56.0576 0x1730 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:29:56.0601 0x1730 AsyncMac - ok
18:29:56.0628 0x1730 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:29:56.0639 0x1730 atapi - ok
18:29:56.0683 0x1730 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:29:56.0714 0x1730 AudioEndpointBuilder - ok
18:29:56.0738 0x1730 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:29:56.0761 0x1730 AudioSrv - ok
18:29:56.0796 0x1730 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:29:56.0863 0x1730 AxInstSV - ok
18:29:56.0903 0x1730 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:29:56.0951 0x1730 b06bdrv - ok
18:29:56.0987 0x1730 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:29:57.0016 0x1730 b57nd60a - ok
18:29:57.0050 0x1730 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:29:57.0083 0x1730 BDESVC - ok
18:29:57.0117 0x1730 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:29:57.0142 0x1730 Beep - ok
18:29:57.0201 0x1730 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:29:57.0243 0x1730 BFE - ok
18:29:57.0272 0x1730 [ 0A421CDAD329790639EBB81B4D5FB6EF, FEFEE655F1AE5E80A1D01818703AE6DA55624CA7D4CD4098BF7136C431752478 ] BfLwf C:\Windows\system32\DRIVERS\bflwfx64.sys
18:29:57.0286 0x1730 BfLwf - ok
18:29:57.0328 0x1730 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:29:57.0397 0x1730 BITS - ok
18:29:57.0431 0x1730 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:29:57.0454 0x1730 blbdrive - ok
18:29:57.0592 0x1730 [ A8E05BE650637FC1B9CA5A4AD5893D61, A13F902F64BC906473E6576745D9024D157E87F5FDE9B28B5DCAA248BDB3E7CA ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:29:57.0624 0x1730 Bluetooth Device Monitor - ok
18:29:57.0682 0x1730 [ B4885945A6DFE30896524A2F0520035A, EF274CC67BE01F817DF84F0338C6766681EEA731333F193EA7ABCBCB0E9DE97E ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
18:29:57.0725 0x1730 Bluetooth Media Service - ok
18:29:57.0775 0x1730 [ 889AED9D7E57139956C5B03D93386A10, A7988A977C9B6AEFB83B9D3BD60CF49D757A5436D782F840C073C4E5B89D370A ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:29:57.0802 0x1730 Bluetooth OBEX Service - ok
18:29:57.0864 0x1730 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:29:57.0882 0x1730 Bonjour Service - ok
18:29:57.0923 0x1730 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:29:57.0946 0x1730 bowser - ok
18:29:57.0970 0x1730 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:29:57.0991 0x1730 BrFiltLo - ok
18:29:58.0005 0x1730 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:29:58.0019 0x1730 BrFiltUp - ok
18:29:58.0048 0x1730 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:29:58.0086 0x1730 Browser - ok
18:29:58.0106 0x1730 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:29:58.0162 0x1730 Brserid - ok
18:29:58.0181 0x1730 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:29:58.0209 0x1730 BrSerWdm - ok
18:29:58.0225 0x1730 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:29:58.0248 0x1730 BrUsbMdm - ok
18:29:58.0273 0x1730 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:29:58.0285 0x1730 BrUsbSer - ok
18:29:58.0315 0x1730 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:29:58.0358 0x1730 BthEnum - ok
18:29:58.0367 0x1730 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:29:58.0396 0x1730 BTHMODEM - ok
18:29:58.0437 0x1730 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:29:58.0461 0x1730 BthPan - ok
18:29:58.0502 0x1730 [ 64C198198501F7560EE41D8D1EFA7952, 53CE5FDD1866FC8A0B91C7A620F7555D197488C4C8F3DEFD4398D8E3ED2AEBD0 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:29:58.0545 0x1730 BTHPORT - ok
18:29:58.0574 0x1730 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:29:58.0601 0x1730 bthserv - ok
18:29:58.0634 0x1730 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:29:58.0646 0x1730 BTHUSB - ok
18:29:58.0680 0x1730 [ E55812A296C23169DEDB8841A0684958, D170365CEFBEE39A0784ECDCDEA158A0CDCFEE12DF1FB638CEECD4798C1E759C ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
18:29:58.0693 0x1730 btmaux - ok
18:29:58.0739 0x1730 [ EAAE1737D2209701E203BA017F57E579, B0CA6FDE97DEBAF2FC6FDEA0BB1A0C4234A75133E64C7739B2392F85C1E69E22 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
18:29:58.0787 0x1730 btmhsf - ok
18:29:58.0834 0x1730 [ 6DD9550A2C5A94306275E0360903F7E2, 1F0C8AB0B76FE52EE461EBA6AE8B47A15AE9D3F7E119078F44292D00B9200B1C ] busenum C:\Windows\system32\DRIVERS\SteelBus64.sys
18:29:58.0869 0x1730 busenum - ok
18:29:58.0878 0x1730 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:29:58.0907 0x1730 cdfs - ok
18:29:58.0954 0x1730 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:29:58.0968 0x1730 cdrom - ok
18:29:59.0010 0x1730 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:29:59.0048 0x1730 CertPropSvc - ok
18:29:59.0070 0x1730 [ D7BB4B5C3339D23901BD6265171918D5, 77F8BD68ED0DC6F5B248A98B424D2F22CDA7EDF515F3B1F6BA02B4FC8BE84DF6 ] cfwids C:\Windows\system32\drivers\cfwids.sys
18:29:59.0084 0x1730 cfwids - ok
18:29:59.0116 0x1730 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:29:59.0144 0x1730 circlass - ok
18:29:59.0169 0x1730 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:29:59.0192 0x1730 CLFS - ok
18:29:59.0238 0x1730 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:29:59.0251 0x1730 clr_optimization_v2.0.50727_32 - ok
18:29:59.0265 0x1730 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:29:59.0284 0x1730 clr_optimization_v2.0.50727_64 - ok
18:29:59.0338 0x1730 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:29:59.0380 0x1730 clr_optimization_v4.0.30319_32 - ok
18:29:59.0398 0x1730 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:29:59.0411 0x1730 clr_optimization_v4.0.30319_64 - ok
18:29:59.0436 0x1730 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:29:59.0460 0x1730 CmBatt - ok
18:29:59.0471 0x1730 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:29:59.0482 0x1730 cmdide - ok
18:29:59.0514 0x1730 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
18:29:59.0535 0x1730 CNG - ok
18:29:59.0568 0x1730 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:29:59.0578 0x1730 Compbatt - ok
18:29:59.0603 0x1730 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:29:59.0626 0x1730 CompositeBus - ok
18:29:59.0639 0x1730 COMSysApp - ok
18:29:59.0706 0x1730 [ 61BE76F05BDC068B30FEE5B0F19212F0, 3EABFBF31E8498C8AFEA384E9A86C7063DC4E1255874A8E049D1CC99E51B2AD8 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:29:59.0723 0x1730 cphs - ok
18:29:59.0751 0x1730 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:29:59.0768 0x1730 crcdisk - ok
18:29:59.0814 0x1730 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:29:59.0839 0x1730 CryptSvc - ok
18:29:59.0869 0x1730 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
18:29:59.0915 0x1730 CSC - ok
18:29:59.0956 0x1730 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
18:29:59.0987 0x1730 CscService - ok
18:30:00.0039 0x1730 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:30:00.0088 0x1730 DcomLaunch - ok
18:30:00.0118 0x1730 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:30:00.0161 0x1730 defragsvc - ok
18:30:00.0192 0x1730 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:30:00.0223 0x1730 DfsC - ok
18:30:00.0262 0x1730 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:30:00.0307 0x1730 Dhcp - ok
18:30:00.0329 0x1730 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:30:00.0369 0x1730 discache - ok
18:30:00.0403 0x1730 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
18:30:00.0414 0x1730 Disk - ok
18:30:00.0436 0x1730 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
18:30:00.0470 0x1730 dmvsc - ok
18:30:00.0496 0x1730 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:30:00.0530 0x1730 Dnscache - ok
18:30:00.0562 0x1730 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:30:00.0608 0x1730 dot3svc - ok
18:30:00.0654 0x1730 [ 84E9BE1A67C14EDF514E379FD610D210, 259B7C87E5177F5C15ACA24D977F3AB7F67FA54302FE5FA2C5799034DEA97F7C ] dpmconv C:\Windows\system32\DRIVERS\dpmconv.sys
18:30:00.0680 0x1730 dpmconv - ok
18:30:00.0710 0x1730 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:30:00.0747 0x1730 DPS - ok
18:30:00.0782 0x1730 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:30:00.0804 0x1730 drmkaud - ok
18:30:00.0836 0x1730 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:30:00.0861 0x1730 dtsoftbus01 - ok
18:30:00.0908 0x1730 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:30:00.0956 0x1730 DXGKrnl - ok
18:30:00.0996 0x1730 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:30:01.0034 0x1730 EapHost - ok
18:30:01.0115 0x1730 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:30:01.0229 0x1730 ebdrv - ok
18:30:01.0250 0x1730 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
18:30:01.0283 0x1730 EFS - ok
18:30:01.0342 0x1730 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:30:01.0389 0x1730 ehRecvr - ok
18:30:01.0404 0x1730 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:30:01.0427 0x1730 ehSched - ok
18:30:01.0476 0x1730 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:30:01.0506 0x1730 elxstor - ok
18:30:01.0523 0x1730 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:30:01.0549 0x1730 ErrDev - ok
18:30:01.0586 0x1730 [ 5DC4A580FB90E083CFF96BFB03EA17EB, A3E273C3A5B4190D9872F64F77455A4E7A3279CAE7E1A191F4F7FFFE9C0E6D9E ] ETD C:\Windows\system32\DRIVERS\ETD.sys
18:30:01.0608 0x1730 ETD - ok
18:30:01.0651 0x1730 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:30:01.0689 0x1730 EventSystem - ok
18:30:01.0812 0x1730 [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:30:01.0852 0x1730 EvtEng - ok
18:30:01.0864 0x1730 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:30:01.0893 0x1730 exfat - ok
18:30:01.0932 0x1730 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:30:01.0982 0x1730 fastfat - ok
18:30:02.0028 0x1730 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:30:02.0095 0x1730 Fax - ok
18:30:02.0111 0x1730 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:30:02.0134 0x1730 fdc - ok
18:30:02.0174 0x1730 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:30:02.0201 0x1730 fdPHost - ok
18:30:02.0207 0x1730 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:30:02.0244 0x1730 FDResPub - ok
18:30:02.0267 0x1730 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:30:02.0278 0x1730 FileInfo - ok
18:30:02.0293 0x1730 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:30:02.0319 0x1730 Filetrace - ok
18:30:02.0335 0x1730 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:30:02.0347 0x1730 flpydisk - ok
18:30:02.0366 0x1730 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:30:02.0387 0x1730 FltMgr - ok
18:30:02.0444 0x1730 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
18:30:02.0496 0x1730 FontCache - ok
18:30:02.0552 0x1730 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:30:02.0562 0x1730 FontCache3.0.0.0 - ok
18:30:02.0591 0x1730 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:30:02.0602 0x1730 FsDepends - ok
18:30:02.0629 0x1730 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:30:02.0641 0x1730 Fs_Rec - ok
18:30:02.0668 0x1730 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:30:02.0686 0x1730 fvevol - ok
18:30:02.0724 0x1730 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:30:02.0736 0x1730 gagp30kx - ok
18:30:02.0769 0x1730 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:30:02.0779 0x1730 GEARAspiWDM - ok
18:30:02.0873 0x1730 [ 4DF4ABCA09AF1530D712FA589CE3BE9F, 573C04358BBAEAEDFDC4F265627E8029295C31BB17C13B428D5694119AECEDAD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:30:02.0929 0x1730 GfExperienceService - ok
18:30:02.0962 0x1730 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:30:03.0011 0x1730 gpsvc - ok
18:30:03.0105 0x1730 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:30:03.0116 0x1730 gupdate - ok
18:30:03.0120 0x1730 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:30:03.0131 0x1730 gupdatem - ok
18:30:03.0149 0x1730 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:30:03.0180 0x1730 hcw85cir - ok
18:30:03.0222 0x1730 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:30:03.0265 0x1730 HdAudAddService - ok
18:30:03.0287 0x1730 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:30:03.0326 0x1730 HDAudBus - ok
18:30:03.0356 0x1730 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:30:03.0369 0x1730 HidBatt - ok
18:30:03.0387 0x1730 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:30:03.0414 0x1730 HidBth - ok
18:30:03.0427 0x1730 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:30:03.0442 0x1730 HidIr - ok
18:30:03.0458 0x1730 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:30:03.0498 0x1730 hidserv - ok
18:30:03.0527 0x1730 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:30:03.0540 0x1730 HidUsb - ok
18:30:03.0579 0x1730 [ E7AF59F1E0352F5EBEC4ECD32103D405, 0E02E031799F407A1BCE926D46471E7EFB8820359CBDE73759219B86C1882EB8 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
18:30:03.0595 0x1730 HipShieldK - ok
18:30:03.0615 0x1730 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:30:03.0655 0x1730 hkmsvc - ok
18:30:03.0681 0x1730 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:30:03.0718 0x1730 HomeGroupListener - ok
18:30:03.0749 0x1730 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:30:03.0772 0x1730 HomeGroupProvider - ok
18:30:03.0875 0x1730 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:30:03.0895 0x1730 HomeNetSvc - ok
18:30:03.0929 0x1730 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:30:03.0946 0x1730 HpSAMD - ok
18:30:03.0981 0x1730 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:30:04.0031 0x1730 HTTP - ok
18:30:04.0044 0x1730 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:30:04.0056 0x1730 hwpolicy - ok
18:30:04.0076 0x1730 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:30:04.0089 0x1730 i8042prt - ok
18:30:04.0121 0x1730 [ 71341219FBB4BAB7F2462C4267DAB594, 0C6B684781D27F423D20186A40D7513DD6ABC38AD286D013791B37CBF5477A55 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
18:30:04.0140 0x1730 iaStorA - ok
18:30:04.0188 0x1730 [ B64E1D5BABD095C13A382838F9DCC77F, D8FF4E1BBA7EF5EE136CC5892C72E0774D0AAE40CD9EB3368A698DA6C078BBAA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:30:04.0199 0x1730 IAStorDataMgrSvc - ok
18:30:04.0216 0x1730 [ B9D5AE799CB622C144AE5399C55EF29B, 5C2858590436EEDDE029C5448AEC3ACBB1C0FCED23F305302BAF831C6EC1654A ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
18:30:04.0227 0x1730 iaStorF - ok
18:30:04.0282 0x1730 [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:30:04.0309 0x1730 iaStorV - ok
18:30:04.0351 0x1730 [ 096ECE4BFF595A5D4B97031C739C695D, CAF6A75C8E7D08B13651A71C442D1CA0357169C8A71D5DA9F0D77A17A335B69F ] ibtusb C:\Windows\system32\DRIVERS\ibtusb.sys
18:30:04.0369 0x1730 ibtusb - ok
18:30:04.0419 0x1730 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:30:04.0462 0x1730 idsvc - ok
18:30:04.0480 0x1730 IEEtwCollectorService - ok
18:30:04.0588 0x1730 [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:30:04.0774 0x1730 igfx - ok
18:30:04.0799 0x1730 [ 9CD9723D813232FFFFFBC82BC8EDA77E, EE465ADE4BB4594305AC4D9B0856AE9C0FCA981F80EAD400354F50F555446B4D ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
18:30:04.0819 0x1730 igfxCUIService1.0.0.0 - ok
18:30:04.0839 0x1730 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:30:04.0850 0x1730 iirsp - ok
18:30:04.0890 0x1730 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:30:04.0936 0x1730 IKEEXT - ok
18:30:05.0058 0x1730 [ 4AFF0FD59CB2D3026802BD43AF6C5028, 509CC48D16914104DB2BC2A6BBE4A77919138310BBC6DFDC14E2CA3C403F1298 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:30:05.0167 0x1730 IntcAzAudAddService - ok
18:30:05.0222 0x1730 [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:30:05.0239 0x1730 IntcDAud - ok
18:30:05.0314 0x1730 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:30:05.0345 0x1730 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
18:30:08.0035 0x1730 Detect skipped due to KSN trusted
18:30:08.0035 0x1730 Intel(R) Capability Licensing Service Interface - ok
18:30:08.0110 0x1730 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:30:08.0171 0x1730 Intel(R) Capability Licensing Service TCP IP Interface - ok
18:30:08.0199 0x1730 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:30:08.0210 0x1730 intelide - ok
18:30:08.0228 0x1730 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:30:08.0240 0x1730 intelppm - ok
18:30:08.0266 0x1730 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:30:08.0315 0x1730 IPBusEnum - ok
18:30:08.0334 0x1730 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:30:08.0366 0x1730 IpFilterDriver - ok
18:30:08.0389 0x1730 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:30:08.0427 0x1730 iphlpsvc - ok
18:30:08.0444 0x1730 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:30:08.0457 0x1730 IPMIDRV - ok
18:30:08.0462 0x1730 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:30:08.0499 0x1730 IPNAT - ok
18:30:08.0553 0x1730 [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:30:08.0587 0x1730 iPod Service - ok
18:30:08.0618 0x1730 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:30:08.0645 0x1730 IRENUM - ok
18:30:08.0655 0x1730 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:30:08.0667 0x1730 isapnp - ok
18:30:08.0681 0x1730 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:30:08.0696 0x1730 iScsiPrt - ok
18:30:08.0740 0x1730 [ 7D8155BB1ADA65406B83385F3D828610, FE97FFDC96AD94F0932933E45C314FC7AE6A6D2E92510161453F59D2E9C8A3AF ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:30:08.0752 0x1730 iusb3hcs - ok
18:30:08.0771 0x1730 [ B347865F3111539C7B3F077EE7C22DBF, 304321780DD360DB2AB28A1A05101187DA0E187CE6521F59C6FB558AC482EF03 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
18:30:08.0786 0x1730 iusb3hub - ok
18:30:08.0811 0x1730 [ 8B7014DBD81836817293E07A6BBAF847, 706F62F04DDF4F02DF1DE21E5E480B3C9C06E89FCC6918F9DFA2BFE87A35C088 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:30:08.0844 0x1730 iusb3xhc - ok
18:30:08.0907 0x1730 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:30:08.0922 0x1730 jhi_service - ok
18:30:08.0955 0x1730 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:30:08.0966 0x1730 kbdclass - ok
18:30:08.0986 0x1730 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:30:09.0010 0x1730 kbdhid - ok
18:30:09.0042 0x1730 [ 819433A6CFC8771F0A2B0BB8EF6125B1, 37BE3545E3782CFA56F1A890B389CDF37C48F177CEE3EF23F4FDDF3D2A094DD3 ] Ke2200 C:\Windows\system32\DRIVERS\e22w7x64.sys
18:30:09.0054 0x1730 Ke2200 - ok
18:30:09.0062 0x1730 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
18:30:09.0080 0x1730 KeyIso - ok
18:30:09.0111 0x1730 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:30:09.0123 0x1730 KSecDD - ok
18:30:09.0138 0x1730 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:30:09.0157 0x1730 KSecPkg - ok
18:30:09.0182 0x1730 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:30:09.0215 0x1730 ksthunk - ok
18:30:09.0235 0x1730 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:30:09.0286 0x1730 KtmRm - ok
18:30:09.0333 0x1730 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:30:09.0379 0x1730 LanmanServer - ok
18:30:09.0395 0x1730 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:30:09.0434 0x1730 LanmanWorkstation - ok
18:30:09.0464 0x1730 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:30:09.0494 0x1730 lltdio - ok
18:30:09.0526 0x1730 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:30:09.0573 0x1730 lltdsvc - ok
18:30:09.0588 0x1730 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:30:09.0623 0x1730 lmhosts - ok
18:30:09.0672 0x1730 [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:30:09.0689 0x1730 LMS - ok
18:30:09.0720 0x1730 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:30:09.0733 0x1730 LSI_FC - ok
18:30:09.0750 0x1730 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:30:09.0762 0x1730 LSI_SAS - ok
18:30:09.0778 0x1730 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:30:09.0796 0x1730 LSI_SAS2 - ok
18:30:09.0811 0x1730 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:30:09.0825 0x1730 LSI_SCSI - ok
18:30:09.0855 0x1730 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:30:09.0886 0x1730 luafv - ok
18:30:09.0941 0x1730 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:30:09.0951 0x1730 MBAMProtector - ok
18:30:10.0000 0x1730 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:30:10.0045 0x1730 MBAMService - ok
18:30:10.0076 0x1730 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:30:10.0095 0x1730 MBAMWebAccessControl - ok
18:30:10.0119 0x1730 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
18:30:10.0128 0x1730 MBfilt - ok
18:30:10.0187 0x1730 [ 5096855DA1FB50A028ACA15B5CC358D9, 15A84A1FD6856CFFF6D9C5D0F5F29A71781033A5E388B3E310306600600D1221 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
18:30:10.0213 0x1730 McAfee SiteAdvisor Service - ok
18:30:10.0331 0x1730 [ 62C2E5AB62EABACCB7CA53A7C24D2638, 99CA9D139C471F445B59D40EE9213A2BE81CE0E317D1EFCCC514EDE1EA768343 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
18:30:10.0376 0x1730 McAPExe - ok
18:30:10.0442 0x1730 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] mcbootdelaystartsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:30:10.0457 0x1730 mcbootdelaystartsvc - ok
18:30:10.0689 0x1730 [ D02EF4F75F84FF46011AA7C1DC08D1A2, F8568188B45A2C1CF2C4B83373F46AEAF590F576297D3DFBE21127D3AA21A988 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe
18:30:10.0731 0x1730 mccspsvc - ok
18:30:10.0786 0x1730 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:30:10.0804 0x1730 McMPFSvc - ok
18:30:10.0815 0x1730 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:30:10.0834 0x1730 McNaiAnn - ok
18:30:10.0898 0x1730 [ 1E911C91938467BC94389711BE4CDFF6, 2FD6679D0AB2982B19A4498ACF1F628FBD7638249D03ADB141308955A86FB288 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
18:30:10.0931 0x1730 McODS - ok
18:30:10.0954 0x1730 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:30:10.0972 0x1730 mcpltsvc - ok
18:30:10.0994 0x1730 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:30:11.0017 0x1730 McProxy - ok
18:30:11.0057 0x1730 [ 62FA082C0B22A65D8ABFFE5A8FA4A0E5, 42CF12F83A4F50DBB6B4EA98BE96918A9829F91FD9C0E8A0F88325A4DBA0DF2C ] McPvDrv C:\Windows\system32\drivers\McPvDrv.sys
18:30:11.0070 0x1730 McPvDrv - ok
18:30:11.0099 0x1730 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:30:11.0116 0x1730 Mcx2Svc - ok
18:30:11.0132 0x1730 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:30:11.0143 0x1730 megasas - ok
18:30:11.0164 0x1730 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:30:11.0180 0x1730 MegaSR - ok
18:30:11.0199 0x1730 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
18:30:11.0210 0x1730 MEIx64 - ok
18:30:11.0260 0x1730 [ 67CD258ECEA02ADA4D57592AE720F452, D4A1A4CC2749BF2FA798D7A2661D367F45124BE08A31ABBBA58B48BCE83EE62C ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
18:30:11.0279 0x1730 mfeaack - ok
18:30:11.0339 0x1730 [ E3084E1F0A542DF32312B7D2FE52D6E1, D0988DAB235A8D1F51C2DCB33BCECB047C3F3CED309267691D750BC41F578B36 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
18:30:11.0386 0x1730 mfeavfk - ok
18:30:11.0429 0x1730 [ 0A8120FB835F5FC47609F7C7744343C2, 2748C15997BCF0C47F784C2F037730370B0FCF79FE03CC2ACA8A98B2956D5DC8 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:30:11.0445 0x1730 mfefire - ok
18:30:11.0474 0x1730 [ 5203A63B8FDB8E072BDFA036D63589C3, F81601F50DE177D10B804D69321225DCCCD9C61394A43A6EC647F71FCFE4921F ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
18:30:11.0498 0x1730 mfefirek - ok
18:30:11.0550 0x1730 [ 578AE1184B6342A06E7020BE866472D5, 53CB9E37EBDFA1137F56860ABE6EE0F82532733254D654A4982087E0D3FE765E ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
18:30:11.0585 0x1730 mfehidk - ok
18:30:11.0623 0x1730 [ 29CAAED140D5A9E837E1188FA2EF0FD0, 51E806B927B1F0C0E0FB3DEA9F8ED99350F74285276660FF68F4460D2D8D3E1A ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
18:30:11.0639 0x1730 mfemms - ok
18:30:11.0680 0x1730 [ 9DC97E684A0F4AAF726D54B6B252315C, 1420F084ABC20619F9A8D1D5A30ADEA0A21432D0327634C97A58FA62452DC781 ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
18:30:11.0710 0x1730 mfencbdc - ok
18:30:11.0734 0x1730 [ 984C0003040946578022D3A5405652D9, E52E5EB4F2A50573854BB8BC37326B75138278E6F96E32937AFB01AB359307A9 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
18:30:11.0748 0x1730 mfencrk - ok
18:30:11.0814 0x1730 [ FB4F8875C0927BB29EC052D09950AE96, 78B8ECD9A16F94FE1C1FD23B17250A2089789AC9E33B162F0ECAB9893B6B1142 ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
18:30:11.0824 0x1730 mfesapsn - ok
18:30:11.0866 0x1730 [ C76DEBD4675A90C6A9CECA4E12F9295C, 91AACFC1C1B345D212354C33383A654C6D51BF3F676455C7068B7DD96E8F2476 ] mfevtp C:\Windows\system32\mfevtps.exe
18:30:11.0880 0x1730 mfevtp - ok
18:30:11.0890 0x1730 [ F0E1B2EF49D967B17256F2334E93005A, 05A34ED584CD4D4E8722638D76F6E24B3EDAC605ABBBAB7812958AFA0CAA3B88 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
18:30:11.0906 0x1730 mfewfpk - ok
18:30:11.0959 0x1730 Microsoft SharePoint Workspace Audit Service - ok
18:30:11.0990 0x1730 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:30:12.0075 0x1730 MMCSS - ok
18:30:12.0101 0x1730 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:30:12.0140 0x1730 Modem - ok
18:30:12.0172 0x1730 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:30:12.0191 0x1730 monitor - ok
18:30:12.0217 0x1730 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:30:12.0233 0x1730 mouclass - ok
18:30:12.0267 0x1730 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:30:12.0287 0x1730 mouhid - ok
18:30:12.0303 0x1730 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:30:12.0316 0x1730 mountmgr - ok
18:30:12.0337 0x1730 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:30:12.0357 0x1730 mpio - ok
18:30:12.0366 0x1730 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:30:12.0394 0x1730 mpsdrv - ok
18:30:12.0454 0x1730 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:30:12.0503 0x1730 MpsSvc - ok
18:30:12.0528 0x1730 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:30:12.0560 0x1730 MRxDAV - ok
18:30:12.0597 0x1730 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:30:12.0627 0x1730 mrxsmb - ok
|
|
09.12.2015, 18:44
| #4 |
| | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. tdsskiller teil 2: Code:
ATTFilter 18:30:12.0653 0x1730 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:30:12.0684 0x1730 mrxsmb10 - ok
18:30:12.0712 0x1730 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:30:12.0733 0x1730 mrxsmb20 - ok
18:30:12.0757 0x1730 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:30:12.0769 0x1730 msahci - ok
18:30:12.0783 0x1730 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:30:12.0796 0x1730 msdsm - ok
18:30:12.0812 0x1730 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:30:12.0833 0x1730 MSDTC - ok
18:30:12.0852 0x1730 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:30:12.0893 0x1730 Msfs - ok
18:30:12.0914 0x1730 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:30:12.0958 0x1730 mshidkmdf - ok
18:30:12.0973 0x1730 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:30:12.0987 0x1730 msisadrv - ok
18:30:13.0027 0x1730 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:30:13.0068 0x1730 MSiSCSI - ok
18:30:13.0071 0x1730 msiserver - ok
18:30:13.0110 0x1730 [ 47F727600D00D12E15748FCCAF29E6FA, 404D41E2EC61C7D14DAF866C7D86385E73C07F2B17AC90A8768009840292E3AD ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:30:13.0127 0x1730 MSK80Service - ok
18:30:13.0151 0x1730 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:30:13.0208 0x1730 MSKSSRV - ok
18:30:13.0238 0x1730 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:30:13.0279 0x1730 MSPCLOCK - ok
18:30:13.0287 0x1730 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:30:13.0318 0x1730 MSPQM - ok
18:30:13.0338 0x1730 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:30:13.0354 0x1730 MsRPC - ok
18:30:13.0369 0x1730 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:30:13.0386 0x1730 mssmbios - ok
18:30:13.0421 0x1730 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:30:13.0461 0x1730 MSTEE - ok
18:30:13.0477 0x1730 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:30:13.0497 0x1730 MTConfig - ok
18:30:13.0509 0x1730 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:30:13.0527 0x1730 Mup - ok
18:30:13.0548 0x1730 [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:30:13.0564 0x1730 MyWiFiDHCPDNS - ok
18:30:13.0601 0x1730 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:30:13.0648 0x1730 napagent - ok
18:30:13.0682 0x1730 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:30:13.0707 0x1730 NativeWifiP - ok
18:30:13.0743 0x1730 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:30:13.0768 0x1730 NDIS - ok
18:30:13.0786 0x1730 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:30:13.0814 0x1730 NdisCap - ok
18:30:13.0836 0x1730 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:30:13.0868 0x1730 NdisTapi - ok
18:30:13.0884 0x1730 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:30:13.0939 0x1730 Ndisuio - ok
18:30:13.0973 0x1730 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:30:14.0003 0x1730 NdisWan - ok
18:30:14.0014 0x1730 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:30:14.0040 0x1730 NDProxy - ok
18:30:14.0061 0x1730 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:30:14.0103 0x1730 NetBIOS - ok
18:30:14.0116 0x1730 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:30:14.0150 0x1730 NetBT - ok
18:30:14.0163 0x1730 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
18:30:14.0174 0x1730 Netlogon - ok
18:30:14.0202 0x1730 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:30:14.0247 0x1730 Netman - ok
18:30:14.0282 0x1730 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:14.0295 0x1730 NetMsmqActivator - ok
18:30:14.0299 0x1730 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:14.0311 0x1730 NetPipeActivator - ok
18:30:14.0335 0x1730 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:30:14.0387 0x1730 netprofm - ok
18:30:14.0392 0x1730 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:14.0405 0x1730 NetTcpActivator - ok
18:30:14.0410 0x1730 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:30:14.0422 0x1730 NetTcpPortSharing - ok
18:30:14.0516 0x1730 [ C9D91D5E057D7A2C483DC838A7639C08, 405593E8195B61A05E83EDE85457D9BEFBBE332CC63C902B8548044429ED96D1 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw02.sys
18:30:14.0641 0x1730 NETwNs64 - ok
18:30:14.0679 0x1730 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:30:14.0695 0x1730 nfrd960 - ok
18:30:14.0719 0x1730 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:30:14.0764 0x1730 NlaSvc - ok
18:30:14.0793 0x1730 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:30:14.0818 0x1730 Npfs - ok
18:30:14.0840 0x1730 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:30:14.0865 0x1730 nsi - ok
18:30:14.0871 0x1730 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:30:14.0910 0x1730 nsiproxy - ok
18:30:14.0969 0x1730 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:30:15.0027 0x1730 Ntfs - ok
18:30:15.0053 0x1730 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:30:15.0093 0x1730 Null - ok
18:30:15.0364 0x1730 [ 7F58A8A5F208557F1FF8D7F45D5811DB, D9999DAD9BBBC907C8633AD08D90E40D861E9941A74CCF3C6183C9E220FEA0E9 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:30:15.0666 0x1730 nvlddmkm - ok
18:30:15.0842 0x1730 [ EC4F787905DC5753C46A4C05CEBADF45, 334E7E277A6FDABD91108DC4FE0D861DE6C00616CCFDC5E2D390CDDED62AF5D5 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:30:15.0885 0x1730 NvNetworkService - ok
18:30:15.0927 0x1730 [ BA17213DA758C56F3834FDF01BF22B4C, E162888B50FEDF96A02DF84E0BAF3F23EA4E4F2BD231DB3ACF4C4B40A5F566A8 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
18:30:15.0943 0x1730 nvpciflt - ok
18:30:15.0984 0x1730 [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:30:15.0997 0x1730 nvraid - ok
18:30:16.0006 0x1730 [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:30:16.0018 0x1730 nvstor - ok
18:30:16.0073 0x1730 [ D92F4ED189C8207D0274B8B6BB494892, 8F7656662D3F26BE51AED9B7368278B18915F98A627E70021F914016BF3E22DB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:30:16.0082 0x1730 NvStreamKms - ok
18:30:16.0091 0x1730 NvStreamSvc - ok
18:30:16.0134 0x1730 [ 806069C408AE736E2182D2FF6C2FA8EE, 9C2D2309C4F4135772C53C10C7442BCA362657B062177B20C2F00DC2137E8362 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:30:16.0158 0x1730 nvsvc - ok
18:30:16.0174 0x1730 [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:30:16.0184 0x1730 nvvad_WaveExtensible - ok
18:30:16.0212 0x1730 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:30:16.0226 0x1730 nv_agp - ok
18:30:16.0247 0x1730 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:30:16.0276 0x1730 ohci1394 - ok
18:30:16.0374 0x1730 [ FCE83ABDE761C87D17EA65960455F0E5, E59C13E26845FE0537AEBF0E4A9DC0AF3E6DF55C7A54247FC8078AC5DE666AD4 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:30:16.0436 0x1730 Origin Client Service - ok
18:30:16.0522 0x1730 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:30:16.0561 0x1730 ose - ok
18:30:16.0756 0x1730 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:30:16.0923 0x1730 osppsvc - ok
18:30:16.0989 0x1730 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:30:17.0015 0x1730 p2pimsvc - ok
18:30:17.0041 0x1730 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:30:17.0063 0x1730 p2psvc - ok
18:30:17.0087 0x1730 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
18:30:17.0102 0x1730 Parport - ok
18:30:17.0118 0x1730 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:30:17.0130 0x1730 partmgr - ok
18:30:17.0150 0x1730 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
18:30:17.0184 0x1730 PcaSvc - ok
18:30:17.0205 0x1730 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:30:17.0219 0x1730 pci - ok
18:30:17.0231 0x1730 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:30:17.0242 0x1730 pciide - ok
18:30:17.0265 0x1730 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:30:17.0286 0x1730 pcmcia - ok
18:30:17.0299 0x1730 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:30:17.0317 0x1730 pcw - ok
18:30:17.0417 0x1730 [ 8F98C4BC605261B4B6E568FE791EB67A, 7B0D99D972A60423F7378BEE886061695FDA79B59AFF939744A130721E0174A1 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
18:30:17.0492 0x1730 PDF Architect 2 - ok
18:30:17.0559 0x1730 [ B2309F132A31AF03C0A249AEDE8CF289, BBAE32AA55E495ACB9A8089C090ADD78BE1DC16233CAA61BBED1456CA718D430 ] PDF Architect 2 Creator C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
18:30:17.0585 0x1730 PDF Architect 2 Creator - ok
18:30:17.0616 0x1730 [ 9077A3059AB47834633AEAAED465F3D9, 9CA662E9CBA30795E4E5DAB3E309D2062FFDC2053C261054E24EF7EE5300F69F ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
18:30:17.0649 0x1730 pdfforge CrashHandler - ok
18:30:17.0681 0x1730 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:30:17.0745 0x1730 PEAUTH - ok
18:30:17.0800 0x1730 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:30:17.0876 0x1730 PeerDistSvc - ok
18:30:17.0937 0x1730 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:30:17.0956 0x1730 PerfHost - ok
18:30:18.0009 0x1730 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:30:18.0083 0x1730 pla - ok
18:30:18.0125 0x1730 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:30:18.0170 0x1730 PlugPlay - ok
18:30:18.0193 0x1730 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:30:18.0212 0x1730 PNRPAutoReg - ok
18:30:18.0233 0x1730 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:30:18.0257 0x1730 PNRPsvc - ok
18:30:18.0297 0x1730 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:30:18.0345 0x1730 PolicyAgent - ok
18:30:18.0362 0x1730 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:30:18.0403 0x1730 Power - ok
18:30:18.0432 0x1730 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:30:18.0468 0x1730 PptpMiniport - ok
18:30:18.0479 0x1730 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:30:18.0507 0x1730 Processor - ok
18:30:18.0535 0x1730 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:30:18.0557 0x1730 ProfSvc - ok
18:30:18.0574 0x1730 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:30:18.0586 0x1730 ProtectedStorage - ok
18:30:18.0602 0x1730 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:30:18.0638 0x1730 Psched - ok
18:30:18.0686 0x1730 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:30:18.0739 0x1730 ql2300 - ok
18:30:18.0758 0x1730 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:30:18.0770 0x1730 ql40xx - ok
18:30:18.0841 0x1730 [ AC64125A02ACC62B064EAD6EE4920D54, 04623CD0C6DF28892C499B54964B88765BD6A1F48CFC453DA1011A169D4B82D1 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
18:30:18.0873 0x1730 Qualcomm Atheros Killer Service V2 - detected UnsignedFile.Multi.Generic ( 1 )
18:30:21.0656 0x1730 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - warning
18:30:24.0403 0x1730 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:30:24.0445 0x1730 QWAVE - ok
18:30:24.0468 0x1730 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:30:24.0483 0x1730 QWAVEdrv - ok
18:30:24.0496 0x1730 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:30:24.0531 0x1730 RasAcd - ok
18:30:24.0566 0x1a20 Object required for P2P: [ 5096855DA1FB50A028ACA15B5CC358D9 ] McAfee SiteAdvisor Service
18:30:24.0568 0x1730 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:30:24.0601 0x1730 RasAgileVpn - ok
18:30:24.0626 0x1730 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:30:24.0663 0x1730 RasAuto - ok
18:30:24.0673 0x1730 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:30:24.0708 0x1730 Rasl2tp - ok
18:30:24.0736 0x1730 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:30:24.0776 0x1730 RasMan - ok
18:30:24.0795 0x1730 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:30:24.0834 0x1730 RasPppoe - ok
18:30:24.0851 0x1730 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:30:24.0891 0x1730 RasSstp - ok
18:30:24.0909 0x1730 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:30:24.0944 0x1730 rdbss - ok
18:30:24.0964 0x1730 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:30:24.0984 0x1730 rdpbus - ok
18:30:24.0986 0x1730 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:30:25.0011 0x1730 RDPCDD - ok
18:30:25.0038 0x1730 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:30:25.0060 0x1730 RDPDR - ok
18:30:25.0075 0x1730 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:30:25.0112 0x1730 RDPENCDD - ok
18:30:25.0137 0x1730 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:30:25.0169 0x1730 RDPREFMP - ok
18:30:25.0191 0x1730 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:30:25.0238 0x1730 RDPWD - ok
18:30:25.0272 0x1730 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:30:25.0314 0x1730 rdyboost - ok
18:30:25.0369 0x1730 [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:30:25.0381 0x1730 RegSrvc - ok
18:30:25.0399 0x1730 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:30:25.0437 0x1730 RemoteAccess - ok
18:30:25.0467 0x1730 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:30:25.0507 0x1730 RemoteRegistry - ok
18:30:25.0539 0x1730 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:30:25.0565 0x1730 RFCOMM - ok
18:30:25.0592 0x1730 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:30:25.0618 0x1730 RpcEptMapper - ok
18:30:25.0646 0x1730 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:30:25.0673 0x1730 RpcLocator - ok
18:30:25.0707 0x1730 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:30:25.0744 0x1730 RpcSs - ok
18:30:25.0778 0x1730 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:30:25.0813 0x1730 rspndr - ok
18:30:25.0851 0x1730 [ D82269634BA995825E5D9166B35F8184, D81B6BE3BA0C1CCB1B89974BE24E02536DF63091871D55F5EF34C689EBEB7D7E ] RTSPER C:\Windows\system32\DRIVERS\RtsPer.sys
18:30:25.0869 0x1730 RTSPER - ok
18:30:25.0891 0x1730 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:30:25.0912 0x1730 s3cap - ok
18:30:26.0014 0x1730 [ C041DE0EB4C3DA55C5BD2E370A5BB999, 6B65B6FEFC31B4BACF57D4307CD1A0946CD3713ED7FF4C0B739EA767537BF7F3 ] s7hspsvx C:\Program Files (x86)\Siemens\Step7\s7bin\s7hspsvx.exe
18:30:26.0022 0x1730 s7hspsvx - detected UnsignedFile.Multi.Generic ( 1 )
18:30:27.0359 0x1a20 Object send P2P result: true
18:30:27.0360 0x1a20 Object required for P2P: [ D02EF4F75F84FF46011AA7C1DC08D1A2 ] mccspsvc
18:30:28.0730 0x1730 s7hspsvx ( UnsignedFile.Multi.Generic ) - warning
18:30:30.0170 0x1a20 Object send P2P result: true
18:30:30.0171 0x1a20 Object required for P2P: [ 62FA082C0B22A65D8ABFFE5A8FA4A0E5 ] McPvDrv
18:30:31.0494 0x1730 [ 67B07DB7190C4A120112B9915AB1B7C8, E2D939D911B2363FB68C8F9F79DB1DDCA617A0F5E7DCB339EC438C513497C08B ] s7odpx2x64 C:\Windows\system32\DRIVERS\s7odpx2x64.sys
18:30:31.0541 0x1730 s7odpx2x64 - ok
18:30:31.0585 0x1730 [ 2BC3AB45505095E3D02616983D625683, 1FFF2D353EF720D2F2FAC372218BF252D37D888DE57A123BCFA3C09DFF49E2AE ] s7oiehsx64 C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
18:30:31.0612 0x1730 s7oiehsx64 - ok
18:30:31.0655 0x1730 [ 56C7E819BEEF3EBEB701C5304DD5753F, F2735ED246BE77C8D8AA14BB2A9FEB69A02DE2D8B287B3CC8708DCF22C1C8638 ] s7oppinx64 C:\Windows\system32\DRIVERS\s7oppinx64.sys
18:30:31.0686 0x1730 s7oppinx64 - ok
18:30:31.0704 0x1730 [ F113DD69F3A483B3D3C1E4EC692D1B49, 643445914A17D0C9D9922D5F375805C96B7A3E4DB8F2BC2248DE15C088F9A020 ] s7oserix64 C:\Windows\system32\Drivers\s7oserix64.sys
18:30:31.0724 0x1730 s7oserix64 - ok
18:30:31.0759 0x1730 [ B35AE80AA27A93A08D6DB4F968B68226, 3D42359870CA763EBA46DE02F23D8AF4AD4F5C6846481B72E9BF5315B376296E ] s7osmcax64 C:\Windows\system32\DRIVERS\s7osmcax64.sys
18:30:31.0781 0x1730 s7osmcax64 - ok
18:30:31.0822 0x1730 [ 87C0D4FC0C7FE5AEFD2371DFEFC2203B, 6E24D45B1D09F9581FA3DF1407EE16FF3452DD09F439A5448B086B1AE5B919DE ] s7osobux64 C:\Windows\system32\DRIVERS\s7osobux64.sys
18:30:31.0867 0x1730 s7osobux64 - ok
18:30:31.0890 0x1730 [ 1FFCE3E378C40B7925ED318D6494689F, 16AE8533EEFE5CBA72BCAF7E1FA4E8159F0CBD3B26D1E8FBFB50CBA20023E295 ] s7otmcd64x C:\Windows\system32\Drivers\s7otmcd64x.sys
18:30:31.0925 0x1730 s7otmcd64x - ok
18:30:31.0963 0x1730 [ 0C4C99C91C7C46B859C084DD6FDEEBC5, A9E9E7114FFC9D287E79F78713E9C6117D4F7EFF7C5FA1DF7EF1E455E958599E ] s7otranx64 C:\Windows\system32\DRIVERS\s7otranx64.sys
18:30:31.0985 0x1730 s7otranx64 - ok
18:30:32.0028 0x1730 [ CF4BF284DA8DF45CF96DB0DB975F2C9E, 623E1F5A3AC35A8A8AC1ACFFD4870A1B35D45E4CDED1601B0FDAC311871F77BB ] s7otsadx64 C:\Windows\system32\DRIVERS\s7otsadx64.sys
18:30:32.0056 0x1730 s7otsadx64 - ok
18:30:32.0077 0x1730 [ 446DE23B25DA8E2A15F395EB5D29B496, A968E5C897F0C52AC378AEDFB5BD314231229C0F5C73A3405BABF9C75A1F4821 ] s7ousbu64x C:\Windows\system32\DRIVERS\s7ousbu64x.sys
18:30:32.0093 0x1730 s7ousbu64x - ok
18:30:32.0117 0x1730 [ BC374502CCE3572D2EF015728CC99232, CD9986BD487BA6C1626E1B3EA83D4B43FD8D620EED51808B836C80D3A1FAD534 ] s7sn2srtx C:\Windows\system32\DRIVERS\s7sn2srtx.sys
18:30:32.0127 0x1730 s7sn2srtx - ok
18:30:32.0165 0x1730 [ 41DEBFBAA26CBC481E95B0135F747F6F, C6BC1B78E7D5DC2ADFEF6DC591D703F6D11761D85F46887D8F7D1E3B61650847 ] S7TraceServiceX C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
18:30:32.0184 0x1730 S7TraceServiceX - ok
18:30:32.0238 0x1730 [ 666B8FAA62B38B31BFDCE056ADB07EF3, 3E06EC40922FE3D0F8D74AADD50BB4311BE53CA9B33C92B7DA1D3EF2FB2C80F9 ] SAlphaPS2 C:\Windows\system32\DRIVERS\SAlphaPS264.sys
18:30:32.0264 0x1730 SAlphaPS2 - ok
18:30:32.0275 0x1730 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
18:30:32.0287 0x1730 SamSs - ok
18:30:32.0305 0x1730 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:30:32.0325 0x1730 sbp2port - ok
18:30:32.0356 0x1730 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:30:32.0389 0x1730 SCardSvr - ok
18:30:32.0417 0x1730 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:30:32.0465 0x1730 scfilter - ok
18:30:32.0502 0x1730 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:30:32.0553 0x1730 Schedule - ok
18:30:32.0579 0x1730 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:30:32.0605 0x1730 SCPolicySvc - ok
18:30:32.0638 0x1730 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:30:32.0664 0x1730 SDRSVC - ok
18:30:32.0702 0x1730 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:30:32.0733 0x1730 secdrv - ok
18:30:32.0765 0x1730 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:30:32.0794 0x1730 seclogon - ok
18:30:32.0803 0x1730 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:30:32.0851 0x1730 SENS - ok
18:30:32.0864 0x1730 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:30:32.0879 0x1730 SensrSvc - ok
18:30:32.0887 0x1730 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:30:32.0905 0x1730 Serenum - ok
18:30:32.0919 0x1a20 Object send P2P result: true
18:30:32.0927 0x1730 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
18:30:32.0955 0x1730 Serial - ok
18:30:32.0967 0x1730 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:30:32.0990 0x1730 sermouse - ok
18:30:33.0026 0x1730 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:30:33.0056 0x1730 SessionEnv - ok
18:30:33.0077 0x1730 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:30:33.0091 0x1730 sffdisk - ok
18:30:33.0094 0x1730 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:30:33.0107 0x1730 sffp_mmc - ok
18:30:33.0110 0x1730 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:30:33.0129 0x1730 sffp_sd - ok
18:30:33.0144 0x1730 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:30:33.0162 0x1730 sfloppy - ok
18:30:33.0194 0x1730 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:30:33.0226 0x1730 SharedAccess - ok
18:30:33.0264 0x1730 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:30:33.0303 0x1730 ShellHWDetection - ok
18:30:33.0335 0x1730 [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
18:30:33.0357 0x1730 silabenm - ok
18:30:33.0394 0x1730 [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser C:\Windows\system32\DRIVERS\silabser.sys
18:30:33.0409 0x1730 silabser - ok
18:30:33.0451 0x1730 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:30:33.0462 0x1730 SiSRaid2 - ok
18:30:33.0470 0x1730 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:30:33.0482 0x1730 SiSRaid4 - ok
18:30:33.0511 0x1730 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:30:33.0551 0x1730 Smb - ok
18:30:33.0591 0x1730 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:30:33.0619 0x1730 SNMPTRAP - ok
18:30:33.0658 0x1730 [ 01E0EDAEA718BD5B831DB29E2D16E73B, C8A3A6300AF4F06276A562223B4F0D0A54E926F9197FAB8F8E6C2320302A60CA ] SNTIE C:\Windows\system32\DRIVERS\sntie.sys
18:30:33.0670 0x1730 SNTIE - ok
18:30:33.0673 0x1730 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:30:33.0683 0x1730 spldr - ok
18:30:33.0712 0x1730 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
18:30:33.0746 0x1730 Spooler - ok
18:30:33.0841 0x1730 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:30:34.0003 0x1730 sppsvc - ok
18:30:34.0022 0x1730 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:30:34.0055 0x1730 sppuinotify - ok
18:30:34.0087 0x1730 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:30:34.0117 0x1730 srv - ok
18:30:34.0142 0x1730 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:30:34.0180 0x1730 srv2 - ok
18:30:34.0200 0x1730 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:30:34.0214 0x1730 srvnet - ok
18:30:34.0262 0x1730 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:30:34.0295 0x1730 SSDPSRV - ok
18:30:34.0311 0x1730 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:30:34.0339 0x1730 SstpSvc - ok
18:30:34.0353 0x1730 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:30:34.0364 0x1730 stexstor - ok
18:30:34.0387 0x1730 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:30:34.0431 0x1730 stisvc - ok
18:30:34.0451 0x1730 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:30:34.0465 0x1730 storflt - ok
18:30:34.0489 0x1730 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
18:30:34.0529 0x1730 StorSvc - ok
18:30:34.0556 0x1730 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:30:34.0567 0x1730 storvsc - ok
18:30:34.0592 0x1730 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:30:34.0603 0x1730 swenum - ok
18:30:34.0714 0x1730 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:30:34.0739 0x1730 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
18:30:38.0338 0x1730 Detect skipped due to KSN trusted
18:30:38.0338 0x1730 SwitchBoard - ok
18:30:38.0409 0x1730 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:30:38.0473 0x1730 swprv - ok
18:30:38.0521 0x1730 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:30:38.0576 0x1730 SysMain - ok
18:30:38.0593 0x1730 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:30:38.0614 0x1730 TabletInputService - ok
18:30:38.0638 0x1730 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:30:38.0670 0x1730 TapiSrv - ok
18:30:38.0684 0x1730 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:30:38.0717 0x1730 TBS - ok
18:30:38.0780 0x1730 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:30:38.0841 0x1730 Tcpip - ok
18:30:38.0915 0x1730 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:30:38.0958 0x1730 TCPIP6 - ok
18:30:38.0983 0x1730 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:30:39.0018 0x1730 tcpipreg - ok
18:30:39.0029 0x1730 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:30:39.0065 0x1730 TDPIPE - ok
18:30:39.0087 0x1730 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:30:39.0100 0x1730 TDTCP - ok
18:30:39.0122 0x1730 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:30:39.0158 0x1730 tdx - ok
18:30:39.0164 0x1730 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:30:39.0176 0x1730 TermDD - ok
18:30:39.0219 0x1730 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:30:39.0284 0x1730 TermService - ok
18:30:39.0304 0x1730 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:30:39.0320 0x1730 Themes - ok
18:30:39.0346 0x1730 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:30:39.0371 0x1730 THREADORDER - ok
18:30:39.0385 0x1730 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:30:39.0422 0x1730 TrkWks - ok
18:30:39.0480 0x1730 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:30:39.0520 0x1730 TrustedInstaller - ok
18:30:39.0542 0x1730 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:30:39.0568 0x1730 tssecsrv - ok
18:30:39.0601 0x1730 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:30:39.0635 0x1730 TsUsbFlt - ok
18:30:39.0639 0x1730 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:30:39.0659 0x1730 TsUsbGD - ok
18:30:39.0690 0x1730 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:30:39.0729 0x1730 tunnel - ok
18:30:39.0739 0x1730 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:30:39.0751 0x1730 uagp35 - ok
18:30:39.0767 0x1730 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:30:39.0806 0x1730 udfs - ok
18:30:39.0838 0x1730 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:30:39.0866 0x1730 UI0Detect - ok
18:30:39.0885 0x1730 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:30:39.0896 0x1730 uliagpkx - ok
18:30:39.0939 0x1730 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:30:39.0951 0x1730 umbus - ok
18:30:39.0964 0x1730 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:30:39.0992 0x1730 UmPass - ok
18:30:40.0033 0x1730 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
18:30:40.0058 0x1730 UmRdpService - ok
18:30:40.0084 0x1730 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:30:40.0129 0x1730 upnphost - ok
18:30:40.0157 0x1730 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:30:40.0192 0x1730 USBAAPL64 - ok
18:30:40.0208 0x1730 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:30:40.0230 0x1730 usbccgp - ok
18:30:40.0245 0x1730 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:30:40.0266 0x1730 usbcir - ok
18:30:40.0296 0x1730 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:30:40.0318 0x1730 usbehci - ok
18:30:40.0337 0x1730 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:30:40.0367 0x1730 usbhub - ok
18:30:40.0389 0x1730 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:30:40.0402 0x1730 usbohci - ok
18:30:40.0413 0x1730 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:30:40.0438 0x1730 usbprint - ok
18:30:40.0450 0x1730 [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:30:40.0468 0x1730 USBSTOR - ok
18:30:40.0482 0x1730 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:30:40.0502 0x1730 usbuhci - ok
18:30:40.0551 0x1730 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:30:40.0573 0x1730 usbvideo - ok
18:30:40.0597 0x1730 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:30:40.0642 0x1730 UxSms - ok
18:30:40.0653 0x1730 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
18:30:40.0670 0x1730 VaultSvc - ok
18:30:40.0701 0x1730 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:30:40.0718 0x1730 vdrvroot - ok
18:30:40.0759 0x1730 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:30:40.0811 0x1730 vds - ok
18:30:40.0825 0x1730 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:30:40.0846 0x1730 vga - ok
18:30:40.0856 0x1730 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:30:40.0900 0x1730 VgaSave - ok
18:30:40.0922 0x1730 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:30:40.0936 0x1730 vhdmp - ok
18:30:40.0956 0x1730 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:30:40.0967 0x1730 viaide - ok
18:30:40.0999 0x1730 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:30:41.0013 0x1730 vmbus - ok
18:30:41.0026 0x1730 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:30:41.0057 0x1730 VMBusHID - ok
18:30:41.0075 0x1730 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:30:41.0087 0x1730 volmgr - ok
18:30:41.0114 0x1730 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:30:41.0139 0x1730 volmgrx - ok
18:30:41.0164 0x1730 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:30:41.0185 0x1730 volsnap - ok
18:30:41.0203 0x1730 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:30:41.0217 0x1730 vsmraid - ok
18:30:41.0260 0x1730 [ D45FED2CAF2C336058A516132B486888, 2B642E4B88F8BB7B20E614904565428DD95DB369232CDD596D9652951A050370 ] vsnl2ada C:\Windows\system32\DRIVERS\vsnl2ada.sys
18:30:41.0292 0x1730 vsnl2ada - ok
18:30:41.0356 0x1730 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:30:41.0447 0x1730 VSS - ok
18:30:41.0472 0x1730 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:30:41.0497 0x1730 vwifibus - ok
18:30:41.0513 0x1730 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:30:41.0536 0x1730 vwififlt - ok
18:30:41.0553 0x1730 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:30:41.0567 0x1730 vwifimp - ok
18:30:41.0596 0x1730 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:30:41.0631 0x1730 W32Time - ok
18:30:41.0664 0x1730 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:30:41.0688 0x1730 WacomPen - ok
18:30:41.0717 0x1730 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:30:41.0749 0x1730 WANARP - ok
18:30:41.0753 0x1730 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:30:41.0784 0x1730 Wanarpv6 - ok
18:30:41.0872 0x1730 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:30:41.0955 0x1730 wbengine - ok
18:30:41.0978 0x1730 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:30:41.0997 0x1730 WbioSrvc - ok
18:30:42.0013 0x1730 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:30:42.0038 0x1730 wcncsvc - ok
18:30:42.0053 0x1730 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:30:42.0085 0x1730 WcsPlugInService - ok
18:30:42.0112 0x1730 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:30:42.0124 0x1730 Wd - ok
18:30:42.0172 0x1730 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:30:42.0209 0x1730 Wdf01000 - ok
18:30:42.0238 0x1730 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:30:42.0304 0x1730 WdiServiceHost - ok
18:30:42.0308 0x1730 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:30:42.0324 0x1730 WdiSystemHost - ok
18:30:42.0350 0x1730 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
18:30:42.0383 0x1730 WebClient - ok
18:30:42.0398 0x1730 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:30:42.0444 0x1730 Wecsvc - ok
18:30:42.0461 0x1730 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:30:42.0493 0x1730 wercplsupport - ok
18:30:42.0510 0x1730 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:30:42.0564 0x1730 WerSvc - ok
18:30:42.0601 0x1730 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:30:42.0627 0x1730 WfpLwf - ok
18:30:42.0637 0x1730 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:30:42.0649 0x1730 WIMMount - ok
18:30:42.0663 0x1730 WinDefend - ok
18:30:42.0668 0x1730 WinHttpAutoProxySvc - ok
18:30:42.0722 0x1730 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:30:42.0750 0x1730 Winmgmt - ok
18:30:42.0843 0x1730 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
18:30:42.0940 0x1730 WinRM - ok
18:30:42.0987 0x1730 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:30:43.0002 0x1730 WinUsb - ok
18:30:43.0045 0x1730 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:30:43.0082 0x1730 Wlansvc - ok
18:30:43.0115 0x1730 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:30:43.0132 0x1730 WmiAcpi - ok
18:30:43.0162 0x1730 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:30:43.0200 0x1730 wmiApSrv - ok
18:30:43.0241 0x1730 WMPNetworkSvc - ok
18:30:43.0271 0x1730 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:30:43.0303 0x1730 WPCSvc - ok
18:30:43.0322 0x1730 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:30:43.0338 0x1730 WPDBusEnum - ok
18:30:43.0364 0x1730 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:30:43.0403 0x1730 ws2ifsl - ok
18:30:43.0422 0x1730 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:30:43.0446 0x1730 wscsvc - ok
18:30:43.0449 0x1730 WSearch - ok
18:30:43.0523 0x1730 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
18:30:43.0579 0x1730 wuauserv - ok
18:30:43.0595 0x1730 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:30:43.0630 0x1730 WudfPf - ok
18:30:43.0643 0x1730 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:30:43.0687 0x1730 WUDFRd - ok
18:30:43.0709 0x1730 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:30:43.0745 0x1730 wudfsvc - ok
18:30:43.0764 0x1730 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:30:43.0801 0x1730 WwanSvc - ok
18:30:44.0097 0x1730 [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:30:44.0203 0x1730 ZeroConfigService - ok
18:30:44.0245 0x1730 ================ Scan global ===============================
18:30:44.0267 0x1730 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:30:44.0288 0x1730 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:30:44.0296 0x1730 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:30:44.0325 0x1730 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:30:44.0361 0x1730 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:30:44.0367 0x1730 [ Global ] - ok
18:30:44.0367 0x1730 ================ Scan MBR ==================================
18:30:44.0379 0x1730 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:30:44.0668 0x1730 \Device\Harddisk0\DR0 - ok
18:30:44.0673 0x1730 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR2
18:30:44.0765 0x1730 \Device\Harddisk1\DR2 - ok
18:30:44.0765 0x1730 ================ Scan VBR ==================================
18:30:44.0798 0x1730 [ 7E1603275D20BE5B2F2AEF83B7A3F756 ] \Device\Harddisk0\DR0\Partition1
18:30:44.0850 0x1730 \Device\Harddisk0\DR0\Partition1 - ok
18:30:44.0878 0x1730 [ 2EB841C6C4152FF62F65DFA4E7F39175 ] \Device\Harddisk0\DR0\Partition2
18:30:44.0925 0x1730 \Device\Harddisk0\DR0\Partition2 - ok
18:30:44.0948 0x1730 [ 3DB8454FAC81BD54CF8BB98FA303CC2D ] \Device\Harddisk0\DR0\Partition3
18:30:44.0974 0x1730 \Device\Harddisk0\DR0\Partition3 - ok
18:30:44.0979 0x1730 [ AF3D3514B6502DE59F7E8BB0C723C64E ] \Device\Harddisk1\DR2\Partition1
18:30:44.0980 0x1730 \Device\Harddisk1\DR2\Partition1 - ok
18:30:44.0981 0x1730 ================ Scan generic autorun ======================
18:30:45.0114 0x1730 [ 1F441326CD77B3F1532D487004B180FF, FD2FE6EECE1EF99F800DAF7B0C825C94FACE4C6D5806A2335B4D3C41F1E87F7F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:30:45.0191 0x1730 NvBackend - ok
18:30:45.0221 0x1730 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:30:45.0233 0x1730 ShadowPlay - ok
18:30:45.0310 0x1730 [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:30:45.0374 0x1730 AdobeAAMUpdater-1.0 - ok
18:30:45.0416 0x1730 [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
18:30:45.0430 0x1730 iTunesHelper - ok
18:30:45.0449 0x1730 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:30:45.0470 0x1730 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
18:30:45.0470 0x1730 Detect skipped due to KSN trusted
18:30:45.0470 0x1730 SwitchBoard - ok
18:30:45.0522 0x1730 [ D5B783DACE1BBDD382A63C894BAB8E1E, 20BA7479B3BE8AC7771AA91DB9C4F3B46DADDFF9C48627A5C7C460546DD20AF3 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
18:30:45.0536 0x1730 AdobeCS5ServiceManager - ok
18:30:45.0591 0x1730 [ 901AA7A38CE13F14B6BBEC38C0595698, 1E95F2048E2A1782807D52E9816ED267355718E24D01FF07ACE73D965EDE388A ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
18:30:45.0625 0x1730 BCSSync - ok
18:30:45.0706 0x1730 [ E26F0233E892A7382B5E1B6ACB9C9554, AB2E0343C977D242B7F255BBC24617C9FEE2AA1B8870F9304BCA26A2F19E4150 ] C:\Program Files (x86)\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
18:30:45.0713 0x1730 S7UB Start - detected UnsignedFile.Multi.Generic ( 1 )
18:30:48.0406 0x1730 Detect skipped due to KSN trusted
18:30:48.0406 0x1730 S7UB Start - ok
18:30:48.0482 0x1730 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:30:48.0558 0x1730 Sidebar - ok
18:30:48.0596 0x1730 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:30:48.0623 0x1730 mctadmin - ok
18:30:48.0669 0x1730 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:30:48.0706 0x1730 Sidebar - ok
18:30:48.0712 0x1730 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:30:48.0727 0x1730 mctadmin - ok
18:30:48.0917 0x1730 [ 14EF06B1EA531D681B5738F37388B99C, AB74735A3569B7995572FD7B0D026919CADA27C43A6AD0503659CE7CA3FF6B84 ] C:\Program Files\CCleaner\CCleaner64.exe
18:30:49.0043 0x1730 CCleaner Monitoring - ok
18:30:49.0183 0x1730 [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
18:30:49.0244 0x1730 DAEMON Tools Lite - ok
18:30:49.0274 0x1730 [ 8196DFA43EE314CD387C3F139A74A023, 58AA5D247AD9C684FE2336830FBEBDFDB61F655595288E00E5A8F5FB03F0FB10 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
18:30:49.0294 0x1730 OfficeSyncProcess - ok
18:30:49.0295 0x1730 Waiting for KSN requests completion. In queue: 103
18:30:50.0295 0x1730 Waiting for KSN requests completion. In queue: 103
18:30:51.0295 0x1730 Waiting for KSN requests completion. In queue: 7
18:30:52.0325 0x1730 AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x52000 ( disabled : updated )
18:30:52.0329 0x1730 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
18:30:55.0006 0x1730 ============================================================
18:30:55.0006 0x1730 Scan finished
18:30:55.0006 0x1730 ============================================================
18:30:55.0023 0x1bd0 Detected object count: 2
18:30:55.0024 0x1bd0 Actual detected object count: 2
18:31:05.0562 0x1bd0 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - skipped by user
18:31:05.0562 0x1bd0 Qualcomm Atheros Killer Service V2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:31:05.0563 0x1bd0 s7hspsvx ( UnsignedFile.Multi.Generic ) - skipped by user
18:31:05.0563 0x1bd0 s7hspsvx ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:32:18.0809 0x1dac Deinitialize success
|
|
09.12.2015, 18:45
| #5 |
| | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-12-2015
durchgeführt von Marco (Administrator) auf MARCO-LAPTOP (09-12-2015 18:34:43)
Gestartet von C:\Users\Marco\Desktop
Geladene Profile: Marco (Verfügbare Profile: Marco)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SIEMENS AG) C:\Program Files (x86)\Siemens\Step7\S7BIN\s7hspsvx.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7epasrv64x.exe
(SIEMENS AG) C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\pniomgr.exe
(SIEMENS AG) C:\Windows\SysWOW64\pniopcac.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Curse) C:\Users\Marco\AppData\Local\Apps\2.0\NA9VRROE.8KR\1ZCLCX9C.X6X\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
(SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\S7UBTOOX\S7ubTstx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SIEMENS AG) C:\Program Files (x86)\Common Files\Siemens\S7UBTOOX\S7ubtoox.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\Common Files\Siemens\SQLANY\dbsrv9.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585928 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [S7UB Start] => C:\Program Files (x86)\Common Files\Siemens\S7ubtoox\s7ubtstx.exe [102453 2010-06-03] (SIEMENS AG)
HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718720 2010-12-20] (Microsoft Corporation)
HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [811848 2015-11-07] (Google Inc.)
HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\...\MountPoints2: {7e7435c9-729b-11e4-8ff6-806e6f6e6963} - F:\CDSetup.exe
HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\...\MountPoints2: {f4696fbb-57d1-11e5-b123-448a5becd378} - G:\SETUP.EXE
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-11-22]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{29CDA0F1-A6DA-44CC-9ABB-131A7D3D77AE}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-11-29] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{2C687F34-59FF-448F-9B38-398CB46BF6B6}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{4822E669-3FA7-4809-9D17-FBE75314AAD1}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2337794598-3040613713-3430843120-1000 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-2337794598-3040613713-3430843120-1000 -> {D6E5A69A-98E4-4684-B024-0A0B6100553C} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A011DE105&p={SearchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-11] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-11] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-12-02] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-11-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-11-10] (McAfee, Inc.)
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-11-10] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-10-10] (pdfforge GmbH)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-11-23]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2015-02-05] [ist nicht signiert]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-12-09] [ist nicht signiert]
Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C211DE105D20141122&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-05]
CHR Extension: (AdBlock) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-12-03]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 almservice; C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe [1542792 2011-10-28] (SIEMENS AG) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-12-02] (McAfee, Inc.)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2015-11-10] (McAfee, Inc.)
S2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.190.0\McCSPServiceHost.exe [1694152 2015-10-27] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [679120 2015-10-20] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [233680 2015-09-21] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [378848 2015-10-21] (McAfee, Inc.)
S4 mfevtp; C:\Windows\system32\mfevtps.exe [256840 2015-09-21] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [451960 2015-11-02] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-05-29] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-19] (Electronic Arts)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 s7hspsvx; C:\Program Files (x86)\Siemens\Step7\s7bin\s7hspsvx.exe [61493 2011-10-31] (SIEMENS AG) [Datei ist nicht signiert]
R2 s7oiehsx64; C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\s7oiehsx64.exe [139864 2011-11-03] (SIEMENS AG)
R2 S7TraceServiceX; C:\Program Files\Common Files\Siemens\Automation\TraceEngine\bin\S7TraceService64x.exe [229976 2011-11-03] (SIEMENS AG)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-05-29] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [80560 2014-02-28] (Qualcomm Atheros, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [80760 2015-09-23] (McAfee, Inc.)
R3 dpmconv; C:\Windows\System32\DRIVERS\dpmconv.sys [259072 2011-04-19] (SIEMENS AG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-09-10] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-30] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [161488 2014-03-05] (Intel Corporation)
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [76064 2015-09-29] (McAfee, Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [415976 2015-09-23] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351120 2015-09-23] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [497888 2015-09-23] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [841944 2015-09-23] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [537192 2015-10-06] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-10-06] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-12-02] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [244544 2015-09-23] (McAfee, Inc.)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3442144 2014-06-18] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [466648 2014-02-21] (Realsil Semiconductor Corporation)
R3 s7odpx2x64; C:\Windows\System32\DRIVERS\s7odpx2x64.sys [71168 2011-10-20] (SIEMENS AG)
R3 s7oppinx64; C:\Windows\System32\DRIVERS\s7oppinx64.sys [107520 2011-10-20] (SIEMENS AG)
R3 s7oserix64; C:\Windows\System32\Drivers\s7oserix64.sys [121344 2011-05-06] (SIEMENS AG)
R3 s7osmcax64; C:\Windows\System32\DRIVERS\s7osmcax64.sys [195584 2011-09-29] (SIEMENS AG)
R3 s7osobux64; C:\Windows\System32\DRIVERS\s7osobux64.sys [152576 2011-05-06] (SIEMENS AG)
R3 s7otmcd64x; C:\Windows\System32\Drivers\s7otmcd64x.sys [199680 2011-05-06] (SIEMENS AG)
R3 s7otranx64; C:\Windows\System32\DRIVERS\s7otranx64.sys [260096 2011-05-06] (SIEMENS AG)
R3 s7otsadx64; C:\Windows\System32\DRIVERS\s7otsadx64.sys [192000 2011-09-29] (SIEMENS AG)
R2 s7ousbu64x; C:\Windows\System32\DRIVERS\s7ousbu64x.sys [193024 2011-09-29] (SIEMENS AG)
R2 s7sn2srtx; C:\Windows\System32\DRIVERS\s7sn2srtx.sys [83032 2011-06-16] (SIEMENS AG)
R3 SAlphaPS2; C:\Windows\System32\DRIVERS\SAlphaPS264.sys [26496 2013-12-12] (SteelSeries Corporation)
R2 SNTIE; C:\Windows\System32\DRIVERS\sntie.sys [179288 2011-10-11] (SIEMENS AG)
R3 vsnl2ada; C:\Windows\System32\DRIVERS\vsnl2ada.sys [120832 2011-04-19] (SIEMENS AG)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-09 18:34 - 2015-12-09 18:35 - 00024634 _____ C:\Users\Marco\Desktop\FRST.txt
2015-12-09 18:34 - 2015-12-09 18:34 - 00000000 ____D C:\FRST
2015-12-09 18:32 - 2015-12-09 18:32 - 02369024 _____ (Farbar) C:\Users\Marco\Desktop\FRST64.exe
2015-12-09 18:28 - 2015-12-09 18:32 - 00240372 _____ C:\Users\Marco\Desktop\TDSSKiller.3.1.0.7_09.12.2015_18.28.41_log.txt
2015-12-09 18:28 - 2015-12-09 18:28 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Marco\Desktop\tdsskiller.exe
2015-12-09 17:07 - 2015-12-09 17:07 - 00009550 _____ C:\Users\Marco\Desktop\scannprotokoll.txt
2015-12-09 17:07 - 2015-12-09 17:07 - 00001027 _____ C:\Users\Marco\Desktop\täglisches schutzprotokoll.txt
2015-12-09 16:41 - 2015-12-09 17:09 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 16:40 - 2015-12-09 16:40 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-09 16:40 - 2015-12-09 16:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-12-09 16:40 - 2015-12-09 16:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-09 16:40 - 2015-12-09 16:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-12-09 16:40 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-09 16:40 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-09 16:40 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-09 16:30 - 2015-12-09 16:36 - 00369086 _____ C:\Windows\ntbtlog.txt
2015-12-09 11:17 - 2015-09-29 02:27 - 00076064 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\McPvDrv.sys
2015-12-09 11:12 - 2015-12-09 11:12 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2015-12-05 08:32 - 2015-12-05 08:32 - 01012470 _____ C:\Users\Marco\Desktop\Aktuelle Verkaufsstrategien - Ausarbeitung Marco Tischer.pdf
2015-12-03 18:57 - 2015-12-05 01:03 - 00086231 ____H C:\Users\Marco\Desktop\~WRL3814.tmp
2015-12-03 18:28 - 2015-12-03 18:28 - 00064643 _____ C:\Users\Marco\Desktop\trash.jpeg
2015-12-02 10:29 - 2015-12-02 10:30 - 00310816 _____ C:\Windows\Minidump\120215-25038-01.dmp
2015-11-27 16:03 - 2015-11-27 16:04 - 00308896 _____ C:\Windows\Minidump\112715-18158-01.dmp
2015-11-19 18:04 - 2015-11-19 18:04 - 00001392 _____ C:\Users\Marco\Desktop\S7Proj - Verknüpfung.lnk
2015-11-15 23:09 - 2015-11-15 23:09 - 00000000 ____D C:\Users\Marco\Desktop\Neuer Ordner
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-09 18:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-09 18:10 - 2014-11-22 01:23 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-09 18:06 - 2014-11-29 17:37 - 00000000 ____D C:\Users\Marco\AppData\Local\Deployment
2015-12-09 18:00 - 2014-11-22 19:05 - 00000000 ____D C:\Users\Marco\AppData\Local\Battle.net
2015-12-09 17:34 - 2015-03-15 12:28 - 00000000 ____D C:\Users\Marco\Documents\Outlook-Dateien
2015-12-09 17:34 - 2011-04-12 08:43 - 00697908 _____ C:\Windows\system32\perfh007.dat
2015-12-09 17:34 - 2011-04-12 08:43 - 00148670 _____ C:\Windows\system32\perfc007.dat
2015-12-09 17:34 - 2009-07-14 06:13 - 01615906 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-09 17:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-09 17:20 - 2014-11-22 19:05 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-09 17:12 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-09 17:12 - 2009-07-14 05:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-09 17:08 - 2014-11-22 20:36 - 00000000 __RSD C:\Users\Marco\Documents\McAfee-Tresore
2015-12-09 17:04 - 2015-10-22 17:18 - 00000000 ____D C:\Windows\5PUPSPPPPPfmis
2015-12-09 17:04 - 2014-11-22 01:23 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-09 17:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-09 17:03 - 2015-01-16 17:40 - 00000000 ____D C:\ProgramData\APN
2015-12-09 17:03 - 2014-11-22 22:43 - 00000000 ____D C:\Users\Marco\AppData\Roaming\InetStat
2015-12-09 11:17 - 2014-11-22 20:26 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-12-08 22:55 - 2014-11-23 19:38 - 00000000 ____D C:\Users\Marco\AppData\Roaming\TS3Client
2015-12-07 18:40 - 2014-11-22 20:25 - 00000000 ____D C:\ProgramData\McAfee
2015-12-05 18:06 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-05 07:05 - 2014-11-22 01:23 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 07:05 - 2014-11-22 01:23 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-05 06:30 - 2015-01-26 13:23 - 00000000 ____D C:\Users\Marco\AppData\Local\Microsoft Help
2015-12-02 10:29 - 2015-10-13 15:29 - 686520722 _____ C:\Windows\MEMORY.DMP
2015-12-02 10:29 - 2015-02-03 16:20 - 00000000 ____D C:\Windows\Minidump
2015-11-19 18:45 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-13 16:06 - 2014-11-22 01:23 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-18 00:01 - 2015-04-18 00:01 - 0000132 _____ () C:\Users\Marco\AppData\Roaming\Adobe BMP Format CS5 Prefs
2014-11-22 23:24 - 2014-11-22 23:24 - 0000000 _____ () C:\Users\Marco\AppData\Local\Driver_LOM_8161Present.flag
2014-11-22 23:06 - 2014-11-22 23:06 - 0613057 _____ (CMI Limited) C:\Users\Marco\AppData\Local\nse83D2.tmp
2014-11-29 16:32 - 2014-11-29 16:32 - 0007605 _____ () C:\Users\Marco\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-30 18:51
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-12-2015
durchgeführt von Marco (2015-12-09 18:35:29)
Gestartet von C:\Users\Marco\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-11-21 23:17:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2337794598-3040613713-3430843120-500 - Administrator - Disabled)
Gast (S-1-5-21-2337794598-3040613713-3430843120-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2337794598-3040613713-3430843120-1003 - Limited - Enabled)
Marco (S-1-5-21-2337794598-3040613713-3430843120-1000 - Administrator - Enabled) => C:\Users\Marco
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVRStudio4 (HKLM-x32\...\{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}) (Version: 4.13.528 - Atmel)
AVRStudio4 (x32 Version: 4.13.528 - Atmel) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Capture NX-D (HKLM\...\{794529D3-D489-4CF2-B2ED-CF241809E5EC}) (Version: 1.1.0 - Nikon)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Curse Client (HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Free YouTube to MP3 Converter version 3.12.59.616 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.616 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Total Protection (HKLM-x32\...\MSC) (Version: 14.0.6120 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.207 - McAfee, Inc.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d07b0db5-8dad-40e1-be90-88026298a46b}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.25 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.25 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.51.17865 - pdfforge GmbH)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 View Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.2 - pdfforge)
PKZIP Server for Windows 12.40.0008 (HKLM-x32\...\{134A51EB-1BBB-4249-BAF5-494C3D186A06}) (Version: 12.40.0008 - PKWARE, Inc)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{68DD86DD-8E02-4921-926B-B358D51EAF3A}) (Version: 1.1.41.1283 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7235 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
Siemens Automation License Manager (Version: 05.01.0100 - Siemens AG) Hidden
Siemens Automation License Manager V5.1 + SP1 (HKLM\...\{8D2E0408-8D61-4A53-B0DB-2AD670A38624}LicenseManager) (Version: 05.01.0100 - Siemens AG)
SIMATIC STEP 7 (x32 Version: 05.05.0200 - Siemens AG) Hidden
SIMATIC STEP 7 V5.5 + SP2 Professional 2010 SR2 (HKLM-x32\...\{7B427E8E-F76D-4C8C-B155-7F24DF46DB67}STEP7) (Version: 05.05.0200 - Siemens AG)
SIMATIC Device Drivers (Version: 01.00.0200 - Siemens AG) Hidden
SIMATIC NCM FWL 64 (Version: 05.05.0100 - Siemens AG) Hidden
SIMATIC PLCSIM 64 (Version: 01.00.0001 - Siemens AG) Hidden
SIMATIC S7-GRAPH (x32 Version: 05.03.0700 - Siemens AG) Hidden
SIMATIC S7-GRAPH V5.3 + SP7 Professional 2010 SR2 (HKLM-x32\...\{4FF24C45-A4EE-4A99-B287-E3468EC41CBD}S7GRAPH) (Version: 05.03.0700 - Siemens AG)
SIMATIC S7-PCT (x32 Version: 02.03.0000 - Siemens AG) Hidden
SIMATIC S7-PCT V2.3 Professional 2010 SR2 (HKLM-x32\...\{06AF0F82-E926-48A6-8C5F-ECB195DB2CB4}S7PCT) (Version: 02.03.0000 - Siemens AG)
SIMATIC S7-PLCSIM (x32 Version: 5.4.0502 - Siemens AG) Hidden
SIMATIC S7-PLCSIM V5.4 + SP5 + Upd2 Professional 2010 SR2 (HKLM-x32\...\{1CBF27F6-24A4-488D-940A-678F1C691C49}PLCSim) (Version: 5.4.0502 - Siemens AG)
SIMATIC S7-SCL (x32 Version: 5.3.6.0 - Siemens AG) Hidden
SIMATIC S7-SCL V5.3 + SP6 Professional 2010 SR2 (HKLM-x32\...\{5B1B0682-EEC6-4EDD-BAB0-3FEC2E55090D}SCL) (Version: 5.3.6.0 - Siemens AG)
SketchUp 2015 (HKLM\...\{A83795B9-570F-40FF-ACB4-710B568EBA22}) (Version: 15.3.331 - Trimble Navigation Limited)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.419.40251 - SteelSeries)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VSDC Free Video Editor Version 3.1.1.361 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 3.1.1.361 - Flash-Integro LLC)
WinAVR 20070525 (remove only) (HKLM-x32\...\WinAVR) (Version: 20070525 - )
WinAVR 20070525 (remove only) (HKLM-x32\...\WinAVR-20070525) (Version: 20070525 - )
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports (03/19/2014 6.7.0.0) (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 6.7.0.0 - Silicon Laboratories)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2337794598-3040613713-3430843120-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
05-11-2015 21:19:07 Geplanter Prüfpunkt
02-12-2015 11:43:28 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {26A91CC4-CC61-4F7C-BEDC-C378FFEBC916} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {766D94BF-1CC3-4707-B61E-55C6BCE0CE01} - System32\Tasks\{01CE4150-3278-435E-838F-538F07FFC650} => pcalua.exe -a C:\Users\Marco\Downloads\setup.exe -d C:\Users\Marco\Downloads
Task: {85F7B1A6-6D2A-47AD-8F6A-2E7B2CE3BC4D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {8731B4C3-FED8-4A4B-AA7C-66C80AE59237} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A395C5E5-932C-4ADD-BF40-92F6F3256873} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CF15D4B4-FBAD-43D6-B746-2BB8D9F78E67} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {D6F2E002-E97C-4DFD-8CCC-1FB60CD4B783} - System32\Tasks\AdobeAAMUpdater-1.0-Marco-Laptop-Marco => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {D81D86D0-E1BF-4675-9E5D-872A10285BBF} - System32\Tasks\{4302CD0A-9B2D-40D2-801D-3AFBB8C60C67} => pcalua.exe -a F:\Autorun.exe -d F:\
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-11-22 00:38 - 2015-01-10 00:29 - 00117392 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-22 00:33 - 2015-01-10 09:07 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-03-10 00:43 - 2011-03-10 00:43 - 00774144 _____ () C:\Program Files\Common Files\Siemens\SWS\PlugIns\SCP\Scpwin64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-06-14 17:24 - 2011-06-14 17:24 - 00824320 _____ () C:\Program Files\Common Files\Siemens\Automation\Simatic OAM\bin\sn_regbase.dll
2014-03-04 13:16 - 2014-03-04 13:16 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2015-06-16 20:05 - 2015-06-16 20:05 - 00016384 ____N () C:\Users\Marco\AppData\Local\Apps\2.0\NA9VRROE.8KR\1ZCLCX9C.X6X\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.WowDb.dll
2014-11-29 17:38 - 2014-11-29 17:37 - 00035840 _____ () C:\Users\Marco\AppData\Local\Apps\2.0\NA9VRROE.8KR\1ZCLCX9C.X6X\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.Advertising.dll
2015-06-16 20:05 - 2015-06-16 20:05 - 00099840 ____N () C:\Users\Marco\AppData\Local\Apps\2.0\NA9VRROE.8KR\1ZCLCX9C.X6X\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.CMOD2.dll
2015-01-21 03:06 - 2015-01-21 03:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2011-06-14 17:24 - 2011-06-14 17:24 - 00749568 _____ () C:\Windows\SysWOW64\sn_regbase.dll
2014-11-22 00:33 - 2015-01-10 09:07 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-11-22 00:28 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-11-13 16:06 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-13 16:06 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2337794598-3040613713-3430843120-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: BLEServicesCtrl => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SteelSeries Engine => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{E3F3758D-427D-495E-9CEE-420C4EB975EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B6CD8D1E-6696-4720-930A-6C2C9FC80E3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8F8B5306-2CFF-4556-B528-0B1E760C9709}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{33F1BE38-9FBB-4D5E-BDD9-C7E8A1123686}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DB443067-EC57-4BB3-A38A-4A0B73FB0B3D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7B3ECCA9-73B2-4F8A-B761-434CF6B499D3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1E150DCE-C9E7-4CEA-9FA5-5E4100DBFD69}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B0F2D350-630B-4F38-9552-FE17041A5DAD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A5F94588-38E9-437C-B93C-5AEC85A31F34}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{303D576A-01A9-47AF-AE1F-D1A1A77162C7}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{E353F035-3CB5-4EAB-AB29-3028CD89E9BB}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{E5344E30-A965-4653-8125-0403DFE31B1C}] => (Allow) E:\marco\Diablo III\Diablo III.exe
FirewallRules: [{659C5665-5902-4168-AFD6-E05C842DA9F9}] => (Allow) E:\marco\Diablo III\Diablo III.exe
FirewallRules: [{1CA29324-EC58-47FB-BA2C-2308F82C2311}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{FE0C7BF7-5D00-4F87-BF51-278C7D3F7A40}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{FBE3F565-77B7-4B49-B797-6A4C5550A8E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{2AAB5065-923A-4990-B541-8EDFE095A805}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{49CDCCC4-F5A1-43D6-80D6-D47C9724D529}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BC18E54F-DEDC-4D22-B914-77F104919599}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D6B5F5B7-9616-4F96-8BD1-1841F68F6A0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6C3A8D66-185E-4E04-A01C-338D79047527}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3BFA1950-17A4-43B1-BA7D-44229DD0721D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{8E79DFF6-3442-4032-A3C7-7F960D017255}] => (Allow) E:\Programme\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{7623FBC1-4B51-42C5-B758-01726A390104}] => (Allow) E:\Programme\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{D085D114-60CF-4EF9-8F76-C0EF867EB042}] => (Allow) E:\Programme\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{4BBBC335-7486-4579-B18C-42A48CC998BF}] => (Allow) E:\Programme\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{2D492DA7-F184-4603-9369-786A213846CE}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\Dbsrv9.exe
FirewallRules: [{44C2ACCE-69FD-45A1-A276-B84728E944DB}] => (Allow) C:\Program Files (x86)\Common Files\Siemens\SQLANY\Dbeng9.exe
FirewallRules: [{542F215A-7ED1-401B-AEDC-A4854FF8F942}] => (Allow) C:\Windows\system32\S7otbxsx.exe
FirewallRules: [{2FA069CC-D5E1-4484-BF07-B39D1C4FD429}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7INF\S7usiapx.exe
FirewallRules: [{2C2D7FD7-30EA-4CF1-90F4-EAF4D44C530E}] => (Allow) C:\Program Files (x86)\Siemens\Step7\S7BIN\S7tgtopx.exe
FirewallRules: [{9A38DFF3-3AB3-4B0B-A4DE-246383C799EC}] => (Allow) C:\Program Files\Common Files\Siemens\sws\almsrv\almsrv64x.exe
FirewallRules: [{9F797BE1-1399-4F34-9917-E840D34A9CDE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Intel(R) Wireless Bluetooth(R) 4.0 Adapter
Description: Intel(R) Wireless Bluetooth(R) 4.0 Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Intel Corporation
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/09/2015 05:30:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm encryptstickliteupgrade.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: d14
Startzeit: 01d1329ed8cd2616
Endzeit: 2
Anwendungspfad: C:\Users\Marco\AppData\Local\Temp\liteUpdater\encryptstickliteupgrade.exe
Berichts-ID: 1d871f7f-9e92-11e5-bc4d-448a5becd378
Error: (12/09/2015 05:05:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2015 04:37:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2015 04:32:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2015 04:21:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 17.0.5.0, Zeitstempel: 0x5387ee07
Name des fehlerhaften Moduls: MurocApi.dll, Version: 17.0.5.0, Zeitstempel: 0x5387ed02
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002bd48
ID des fehlerhaften Prozesses: 0x880
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Error: (12/09/2015 04:20:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2015 10:13:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/08/2015 08:23:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/08/2015 11:48:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/08/2015 12:19:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: KillerService.exe, Version: 1.1.41.1283, Zeitstempel: 0x53162692
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000052f86
ID des fehlerhaften Prozesses: 0xbd8
Startzeit der fehlerhaften Anwendung: 0xKillerService.exe0
Pfad der fehlerhaften Anwendung: KillerService.exe1
Pfad des fehlerhaften Moduls: KillerService.exe2
Berichtskennung: KillerService.exe3
Systemfehler:
=============
Error: (12/09/2015 06:20:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (12/09/2015 06:20:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (12/09/2015 05:58:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (12/09/2015 05:57:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (12/09/2015 05:57:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (12/09/2015 05:56:39 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (12/09/2015 05:55:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (12/09/2015 05:55:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (12/09/2015 05:54:59 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (12/09/2015 05:54:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee VirusScan Announcer" ist vom Dienst "McAfee Validation Trust Protection Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4210H CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8112.14 MB
Verfügbarer physikalischer RAM: 5336.87 MB
Summe virtueller Speicher: 16222.46 MB
Verfügbarer virtueller Speicher: 12913.94 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:146.48 GB) (Free:86.25 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Volume) (Fixed) (Total:146.48 GB) (Free:139.77 GB) NTFS
Drive e: () (Fixed) (Total:638.54 GB) (Free:240.7 GB) NTFS
Drive g: (STEP7_Prof_1002) (CDROM) (Total:1.14 GB) (Free:0 GB) CDFS
Drive h: () (Removable) (Total:29.1 GB) (Free:26.9 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00CBD97D)
Partition 1: (Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=638.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 29.1 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
09.12.2015, 19:10
| #6 |
| /// Selecta Jahrusso | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Ich sehe da jetzt nichts großartiges  drücke bitte mal die Windows Taste und tippe einfach CMD ein. Starte die Eingabeaufforderung mit Rechtsklick "Als Admin starten" Tippe nun folgendes aus der Codebox ein Code:
ATTFilter sc config MFEVTP start= system
Sollte eine Fehlermeldung kommen, teile mir diese bitte mit. Wenn nicht, versuche mal McAfee zu starten ( Just my opinion: Wenn du nicht dafür bezahlt hast würde ich auf ein anderes Produkt umsteigen )
__________________ --> McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. |
|
09.12.2015, 19:34
| #7 |
| | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Hmm komisch... Irgendwas sollte ja sein, hat ja sonst auch immer funktioniert.^^ Sogar der normale Virenscan geht nicht mehr. Wenn ich in der CMD deine Befehl eingebe wirft er mir folgendes aus: Code:
ATTFilter [SC] ChangeServiceConfig FEHLER 87:
Falscher Parameter.
|
|
09.12.2015, 19:43
| #8 |
| /// Selecta Jahrusso | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Hast du vl statt Code:
ATTFilter start= system
Code:
ATTFilter start=system
Das leerzeichen zwischen dem Gleichheitszeichen und system muss sein
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
09.12.2015, 19:48
| #9 |
| | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Also eigentlich nicht.  Hier ein Bild |
|
09.12.2015, 19:56
| #10 |
| /// Selecta Jahrusso | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Okay, dann lässt sich das nicht auf Systemlevel konfigurieren. Versuch mal statt system auto einzugegeben. Weil du gefragt hast. Ich setze mehr ein Konzept aus Freeware Tools ( und Premiumversionen, welche ich durch meine Arbeit bekomme ) zusammen. Wenn du gewillt bist, was zu bezahlen leg ich dir folgendes ans Herz http://www.trojaner-board.de/166031-...-produkte.html
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
09.12.2015, 20:05
| #11 | |
| | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll.Zitat:
 .  dafür .Kann man sagen woran sowas jetzt gelegen hat? Werde ich mir mal durch den Kopf gehen lassen mit den Emisoft Produkten. Wie gesagt, Mcafee läuft eh nicht mehr allzulang. Lg |
|
09.12.2015, 20:08
| #12 |
| /// Selecta Jahrusso | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Starte bitte mal den Rechner neu auf und sieh ob da alles glatt läuft. Was das jetzt genau verursacht hat, kann ich dir nicht so aus dem Stehgreif sagen. Die Logfiles zeigten nichts auffälliges und dies ist das, was für mich zählt. Ich möchte dennoch gerne paar Routinescans laufen lassen. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
ESET Online Scanner
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
10.12.2015, 11:54
| #13 |
| | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Hier schonmal die ersten beiden Protokolle. Der Eset scanner läuft grad noch. Code:
ATTFilter # AdwCleaner v5.024 - Bericht erstellt am 09/12/2015 um 21:26:49
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-07.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Marco - MARCO-LAPTOP
# Gestartet von : C:\Users\Marco\Desktop\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
[-] Ordner Gelöscht : C:\Program Files (x86)\predm
[-] Ordner Gelöscht : C:\ProgramData\apn
[-] Ordner Gelöscht : C:\Users\Marco\AppData\Local\globalUpdate
[-] Ordner Gelöscht : C:\Users\Marco\AppData\Roaming\InetStat
[-] Ordner Gelöscht : C:\Users\Marco\AppData\Roaming\Systweak
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Windows\SysNative\roboot64.exe
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Reg\Clean
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Reg\Clean
[-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1724 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Professional x64
Ran by Marco (Administrator) on 09.12.2015 at 21:34:43.99
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.12.2015 at 21:36:53.19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6964d4aa79481e4f8510f6b99a1dba91
# end=init
# utc_time=2015-12-09 08:39:18
# local_time=2015-12-09 09:39:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27122
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6964d4aa79481e4f8510f6b99a1dba91
# end=updated
# utc_time=2015-12-09 08:41:15
# local_time=2015-12-09 09:41:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6964d4aa79481e4f8510f6b99a1dba91
# engine=27122
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-09 09:22:54
# local_time=2015-12-09 10:22:54 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5132 16777214 100 100 21773 39896244 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 32678068 201326024 0 0
# scanned=130576
# found=1
# cleaned=0
# scan_time=2498
sh=A5AFD43F80036873D9CF6AEBD2F6A2EABBA072D6 ft=1 fh=9f46438dbe9f0851 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysNative\roboot64.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6964d4aa79481e4f8510f6b99a1dba91
# end=init
# utc_time=2015-12-10 09:14:17
# local_time=2015-12-10 10:14:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27131
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=6964d4aa79481e4f8510f6b99a1dba91
# end=updated
# utc_time=2015-12-10 09:14:56
# local_time=2015-12-10 10:14:56 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=6964d4aa79481e4f8510f6b99a1dba91
# engine=27131
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-10 10:28:10
# local_time=2015-12-10 11:28:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5132 16777214 100 100 72489 39943360 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 32725184 201373140 0 0
# scanned=259353
# found=3
# cleaned=0
# scan_time=4393
sh=A5AFD43F80036873D9CF6AEBD2F6A2EABBA072D6 ft=1 fh=9f46438dbe9f0851 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysNative\roboot64.exe.vir"
sh=0FED30D65F754F98630891F733023ED232ED1EE4 ft=1 fh=44322b8e75020322 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\SketchUp Make 2015 - CHIP-Installer (1).exe"
sh=369FF5CB6D4EF6CC655D01F0199D4D6308CAAF65 ft=1 fh=bd5eaf85663244ac vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\SketchUp Make 2015 - CHIP-Installer.exe"
|
|
10.12.2015, 16:47
| #14 | |
| /// Selecta Jahrusso | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Das sieht ja schon mal ganz gut aus. Zitat:
Noch irgendwelche Probleme ?
__________________ mfg, Daniel ASAP & UNITE Member Alliance of Security Analysis Professionals Unified Network of Instructors and Trusted Eliminators Lerne, zurück zu schlagen und unterstütze uns! TB Akademie |
|
10.12.2015, 17:12
| #15 |
| | McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. Habe die exe mal runtergeschmissen und den SketchUp Make deinstalliert.Reicht das oder sollte ich sonst noch was beachten? Mein System läuft ansonsten einwandfrei . |
|
| Themen zu McAfee Echtzeitscann deaktiviert sich von alleine. Malewarebytes protokoll. |
| internet, pup.optional.anyprotect, pup.optional.apntoolbar.gen, pup.optional.blockandsurf, pup.optional.cinemaplus, pup.optional.conduit, pup.optional.crossrider, pup.optional.globalupdate, pup.optional.inetstat, pup.optional.mbot, pup.optional.opencandy, pup.optional.patsearch, pup.optional.regcleanpro, pup.optional.searchprotect.appflsh, pup.optional.systemspeedup, pup.optional.trovi, pup.optional.tuto4pc, pup.optional.webinstr, quarantäne, roaming, sekunden |
Linear-Darstellung
