| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges BildWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
28.08.2016, 16:55
| #1 |
| |  Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild Guten Abend, ich bin neu hier und habe ein großes Problem. Seit heute Mittag wurde mir im Firefox ständig die obige Fehlermeldung mit dem Programm Flashplayer angezeigt. Daraufhin wollte ich Antivir durchlaufen lassen und habe festgestellt, dass Antivir nicht aktiv war, auch Updates funktionierten nicht (Fehlermeldung keine Internetverbindung). Daraufhin habe ich Antivir deinstalliert und versucht neu zu installieren. Leider kann ich Antivir nicht installieren, da obige Fehlermeldung im Zusammenhang mit der Installationsdatei auftaucht. Da der Computer im Moment ungeschützt ist und nicht mehr richtig funktioniert, bitte ich hier um Hilfe. Vielen Dank im Voraus! |
|
29.08.2016, 07:13
| #2 |
| /// TB-Senior    | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld 
__________________ |
|
29.08.2016, 09:06
| #3 |
| /// TB-Senior | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges BildMein Name ist Ruth und ich werde dir bei der Bereinigung deines Systems helfen. 
Mach bitte zunächst folgendes, fall sich die FRST.exe starten lässt: Schritt 1: Scan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
29.08.2016, 16:03
| #4 |
| | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges BildCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2016
durchgeführt von Frank (Administrator) auf MIKE (29-08-2016 16:46:43)
Gestartet von G:\
Geladene Profile: Frank (Verfügbare Profile: Frank)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
() C:\Windows\SysWOW64\AsHookDevice.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [WrtMon.exe] => C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] ()
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [OpwareSE4] => C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe [79400 2007-02-04] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67864 2016-08-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoStrCmpLogical] 0
HKU\S-1-5-21-2207309833-101134355-271174262-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-05-12]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{BB7B3181-CC20-40D9-AE31-2492A17CB806}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2207309833-101134355-271174262-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://startpage.com/deu/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2207309833-101134355-271174262-1002 -> DefaultScope {9687D5B9-8751-4FD0-A571-C4F4B7A4B08F} URL = hxxps://swisscows.ch/?query={searchTerms}
SearchScopes: HKU\S-1-5-21-2207309833-101134355-271174262-1002 -> {9687D5B9-8751-4FD0-A571-C4F4B7A4B08F} URL = hxxps://swisscows.ch/?query={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-07-12] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-05] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\52vzo67q.default-1472392903596
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [320672 2016-08-04] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-05] (Microsoft Corporation)
R2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
S3 RasMan; C:\Windows\System32\rasmans.dll [542208 2014-10-29] (Microsoft Corporation) [Datei ist nicht signiert]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [226816 2014-10-29] (Microsoft Corporation) [Datei ist nicht signiert]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [142848 2014-10-29] () [Datei ist nicht signiert]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 WlanSvc; C:\Windows\System32\wlansvc.dll [1547264 2014-10-29] () [Datei ist nicht signiert]
S2 HPSLPSVC; C:\Users\Frank\AppData\Local\Temp\7zS14CF\hpslpsvc64.dll [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 MSPCLOCK; C:\Windows\system32\drivers\MSPCLOCK.sys [7040 2013-08-22] () [Datei ist nicht signiert]
S3 NdisImPlatform; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2014-10-29] (Microsoft Corporation) [Datei ist nicht signiert]
S3 RasSstp; C:\Windows\system32\DRIVERS\rassstp.sys [93696 2014-10-29] (Microsoft Corporation) [Datei ist nicht signiert]
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-29 16:46 - 2016-08-29 16:46 - 00000000 ____D C:\FRST
2016-08-28 16:51 - 2016-08-28 16:51 - 04831216 _____ (Avira Operations GmbH & Co. KG) C:\Users\Frank\Downloads\avira_de_av_57c2fa3b8db4a__ws.exe
2016-08-27 14:56 - 2016-08-27 14:56 - 00281048 _____ C:\Windows\Minidump\082716-21906-01.dmp
2016-08-27 14:56 - 2016-08-27 14:56 - 00000000 ____D C:\Windows\Minidump
2016-08-27 14:55 - 2016-08-27 14:55 - 453073174 _____ C:\Windows\MEMORY.DMP
2016-08-25 16:51 - 2016-08-25 16:52 - 00095963 _____ C:\Users\Frank\Desktop\August_2016_Aufsichten_4.pdf
2016-08-13 22:15 - 2016-08-20 22:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-13 15:09 - 2016-08-13 15:09 - 00000204 _____ C:\Users\Frank\Desktop\wetter.com.URL
2016-08-13 15:05 - 2016-08-13 15:05 - 00000212 _____ C:\Users\Frank\Desktop\Parts Diagrams.URL
2016-08-10 11:31 - 2016-06-10 20:11 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2016-08-10 11:31 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-08-10 11:31 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-08-10 11:31 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 11:30 - 2016-06-18 22:06 - 00590688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-08-10 11:30 - 2016-06-18 22:06 - 00072408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpfve.sys
2016-08-10 11:30 - 2016-06-11 21:52 - 00379232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-08-10 11:30 - 2016-06-11 21:52 - 00057184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2016-08-10 11:30 - 2016-06-11 20:05 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\gpresult.exe
2016-08-10 11:30 - 2016-06-11 19:14 - 00192512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpresult.exe
2016-08-10 11:30 - 2016-06-11 18:50 - 00987136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-10 11:30 - 2016-06-11 18:46 - 00482304 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2016-08-10 11:30 - 2016-06-11 18:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-08-10 11:30 - 2016-06-11 18:37 - 00796672 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-08-10 11:30 - 2016-06-11 18:24 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-10 11:30 - 2016-06-11 18:20 - 00413184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-08-10 11:30 - 2016-06-11 18:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-08-10 11:30 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-08-10 11:30 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-08-10 11:30 - 2016-06-10 22:07 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-08-10 11:30 - 2016-06-10 22:03 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-10 11:30 - 2016-06-10 21:04 - 03547136 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-08-10 11:30 - 2016-06-10 20:11 - 01487992 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2016-08-10 11:30 - 2016-06-10 20:11 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2016-08-10 11:30 - 2016-06-10 20:11 - 00125024 _____ (Microsoft Corporation) C:\Windows\system32\cryptxml.dll
2016-08-10 11:30 - 2016-06-10 20:10 - 00099136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptxml.dll
2016-08-10 11:30 - 2016-06-10 20:07 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-08-10 11:30 - 2016-06-10 20:04 - 00357376 _____ C:\Windows\SysWOW64\schannel.dll
2016-08-10 11:30 - 2016-06-09 21:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-08-10 11:30 - 2016-06-09 20:18 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-08-10 11:30 - 2016-06-07 20:10 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2016-08-10 11:30 - 2016-06-07 19:13 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hbaapi.dll
2016-08-10 11:30 - 2016-06-04 02:38 - 01613528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-08-10 11:30 - 2016-06-04 02:37 - 01970968 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-08-10 11:30 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-08-10 11:30 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-08-10 11:30 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2016-08-10 11:30 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2016-08-10 11:30 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2016-08-10 11:30 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2016-08-10 11:30 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2016-08-10 11:30 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CertEnroll.dll
2016-08-10 11:30 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-08-10 11:30 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-08-10 11:30 - 2016-05-14 01:08 - 00111616 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-08-10 11:30 - 2016-05-14 01:08 - 00032768 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2016-08-10 11:30 - 2016-05-14 01:08 - 00032512 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2016-08-10 11:30 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-08-10 11:30 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-08-10 11:30 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-08-10 11:30 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-08-10 11:30 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-08-10 11:30 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-08-10 11:30 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-08-10 11:30 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-08-10 11:30 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-08-10 11:30 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-08-10 11:30 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-08-10 11:30 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-08-10 11:30 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountBroker.exe
2016-08-10 11:30 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UserAccountBroker.exe
2016-08-10 11:30 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2016-08-10 11:30 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-08-10 11:30 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-08-10 11:30 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-08-10 11:30 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-08-10 11:30 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-08-10 11:30 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-08-10 11:30 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-08-10 11:30 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-08-10 11:30 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-08-10 11:30 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-08-10 11:30 - 2016-04-10 07:35 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-08-10 11:30 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2016-08-10 11:30 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Geolocation.dll
2016-08-10 11:30 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-08-10 11:30 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2016-08-10 11:30 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2016-08-10 11:30 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Geolocation.dll
2016-08-10 11:30 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2016-08-10 11:30 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2016-08-10 11:30 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-08-10 11:30 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2016-08-10 11:30 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-08-10 11:30 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2016-08-10 11:30 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2016-08-10 11:30 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2016-08-10 11:30 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfgLib.dll
2016-08-10 11:30 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2016-08-10 11:30 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2016-08-10 11:30 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-08-10 11:30 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-08-10 11:30 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-08-10 11:30 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-08-10 11:27 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-10 11:27 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-10 11:27 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-10 11:27 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-10 11:27 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-10 11:27 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-10 11:27 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-10 11:27 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-10 11:27 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-10 11:27 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-10 11:27 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-08-10 11:27 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-10 11:27 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-10 11:27 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-10 11:27 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-10 11:27 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-10 11:27 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-10 11:27 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-10 11:27 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-10 11:27 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-10 11:27 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-08-10 11:27 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-10 11:27 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-10 11:27 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-10 11:27 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-10 11:27 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-10 11:27 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-10 11:27 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-10 11:27 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-10 11:27 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-10 11:27 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-10 11:27 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-08-10 11:27 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-08-10 11:27 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-08-10 11:27 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 11:26 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2016-08-10 11:26 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-10 11:26 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-10 11:26 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2016-08-10 11:26 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2016-08-10 11:26 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-10 11:26 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2016-08-10 11:26 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2016-08-10 11:26 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-10 11:26 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-10 11:26 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-10 11:26 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-08-10 11:26 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-08-10 11:26 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-10 11:26 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-08-04 13:36 - 2016-08-04 13:36 - 00000187 _____ C:\Users\Frank\Desktop\WDR 4.url
2016-08-04 13:34 - 2016-08-04 13:34 - 00022612 _____ C:\Users\Frank\Downloads\wdr4Webradio.htm
2016-08-04 13:34 - 2016-08-04 13:34 - 00000000 ____D C:\Users\Frank\Downloads\wdr4Webradio-Dateien
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-29 16:45 - 2014-03-17 21:54 - 00000000 ____D C:\Users\Frank\AppData\Roaming\ClassicShell
2016-08-29 14:21 - 2015-12-24 13:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-29 14:16 - 2014-03-17 21:16 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{655BC549-3393-4ABE-9EE5-FCBB8BA74467}
2016-08-28 17:23 - 2014-03-17 21:19 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2207309833-101134355-271174262-1002
2016-08-28 17:12 - 2015-11-15 18:21 - 00000000 ____D C:\Program Files (x86)\Avira
2016-08-28 17:12 - 2013-12-09 11:24 - 00000025 ___SH C:\Windows\SysWOW64\ReadTag.ini
2016-08-28 17:12 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-28 17:11 - 2015-11-15 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-08-28 17:11 - 2014-04-12 12:29 - 00000000 ____D C:\ProgramData\Avira
2016-08-28 15:59 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2016-08-26 11:34 - 2014-01-03 16:21 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-25 23:43 - 2014-04-01 20:00 - 00020992 _____ C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-20 22:25 - 2014-03-17 22:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-17 12:45 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-16 19:55 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-16 19:54 - 2014-03-23 21:36 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-15 20:28 - 2014-03-17 23:16 - 00000000 ___RD C:\Users\Frank\Desktop\Eigene
2016-08-15 12:54 - 2014-03-22 18:30 - 00000000 ___RD C:\Users\Frank\Desktop\mike
2016-08-11 21:20 - 2016-07-28 16:27 - 00000000 ____D C:\Users\Frank\Desktop\KLX
2016-08-11 09:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-08-10 13:40 - 2014-03-17 21:16 - 00000000 ___RD C:\Users\Frank\SkyDrive
2016-08-10 13:39 - 2013-08-22 16:44 - 00451104 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-10 13:39 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-08-10 13:37 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-08-10 13:36 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-08-10 12:33 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-10 12:33 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-08-10 12:32 - 2014-03-17 23:07 - 00000000 ____D C:\Windows\system32\MRT
2016-08-10 12:28 - 2014-03-17 23:07 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-10 12:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2016-08-04 11:13 - 2014-03-17 21:10 - 00000000 ____D C:\Users\Frank
2016-08-02 21:16 - 2015-11-10 18:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-04-01 20:00 - 2016-08-25 23:43 - 0020992 _____ () C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-18 20:53 - 2015-04-18 20:53 - 0001473 _____ () C:\Users\Frank\AppData\Local\recently-used.xbel
2013-12-09 11:10 - 2013-12-09 11:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-03-18 21:24 - 2014-05-12 19:29 - 0001058 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
C:\Users\Frank\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-24 08:57
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-08-2016
durchgeführt von Frank (29-08-2016 16:47:30)
Gestartet von G:\
Windows 8.1 (Update) (X64) (2014-03-17 19:12:29)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2207309833-101134355-271174262-500 - Administrator - Disabled)
Frank (S-1-5-21-2207309833-101134355-271174262-1002 - Administrator - Enabled) => C:\Users\Frank
Gast (S-1-5-21-2207309833-101134355-271174262-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{07CCA4AC-FCC6-4A0A-B87A-26F6F50A7E31}) (Version: 20.2.44.03548 - Alcor Micro Corp.)
Alcor Micro USB Card Reader Driver (x32 Version: 20.2.44.03548 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{BCF4DA9E-A219-2BFF-8A17-81BB135E9BCA}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ArcSoft PhotoStudio 5.5 (HKLM-x32\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version: - ArcSoft)
ASUS Launcher (HKLM-x32\...\{40376CD0-67E0-4190-86CA-8BD8CBAC331C}) (Version: 2.00.11 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.00.03 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
ASUS Manager - Recovery (HKLM-x32\...\{CF4A14CB-C4CB-4241-B659-7C58517515CF}) (Version: 2.00.08 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.01.03 - ASUSTeK Computer Inc.)
ASUS Manager - USB Lock (HKLM-x32\...\{1931C916-6CB8-4E4D-8561-EA20C426AE19}) (Version: 2.00.10 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.05.04 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.310 - ASUSTEK)
Avira Launcher (HKLM-x32\...\{6052a753-acc6-4c02-b5a8-70962ff8e0a4}) (Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.69.16114 - Avira Operations GmbH & Co. KG) Hidden
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CanoScan LiDE 90 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2412) (Version: - )
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
Content Transfer (HKLM-x32\...\{CFADE4AF-C0CF-4A04-A776-741318F1658F}) (Version: 1.3.0.23190 - Sony Corporation)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D2500 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_SF_03_D2500_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria de Fotografias (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet D2500 Printer Driver Software 14.0 Rel. 6 (HKLM\...\{57B173A8-FF08-4A6A-9152-182232956633}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4849.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-2207309833-101134355-271174262-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 de)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.0.6051 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4849.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4849.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4849.1003 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Presto! PageManager 7.15.16 (HKLM-x32\...\{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}) (Version: 7.15.16 - NewSoft Technology Corporation)
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7035 - Realtek Semiconductor Corp.)
ScanSoft OmniPage SE 4 (HKLM-x32\...\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}) (Version: 15.2.0020 - Nuance Communications, Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.353 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {044C587B-65BD-458B-A20E-0AF67AECD1D0} - System32\Tasks\ScanSoft Background Update => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25] (Nuance Communications, Inc.)
Task: {07C63CCB-AED8-426D-9C57-B78A3A5C4047} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {094B44AD-D4EB-41A3-A954-1A439DE7214A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-07-05] (Microsoft Corporation)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {26ACC83B-DD6B-4E39-84A5-9EC627C70965} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-09-19] (ASUSTeK Computer Inc.)
Task: {29180AB0-69AF-4E27-969C-1825BEE7E168} - System32\Tasks\{A2F6BCD9-0AF7-43FF-9793-A10A65DAF509} => pcalua.exe -a "C:\Users\Frank\AppData\Roaming\1H1Q\Open Office Packages\uninstaller.exe" -c /Uninstall /NM="Open Office Packages" /AN="1H1Q" /MBN="Open Office Packages"
Task: {3B7E0C28-29D1-48F4-8410-EA24524FA880} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-05] (Microsoft Corporation)
Task: {3C462763-3D64-4A02-8BC1-8BC73A67C4F4} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2015-06-25] (TuneUp Software)
Task: {5E8C689C-67CA-4000-9C80-DC5BED2F43B7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-05] (Microsoft Corporation)
Task: {724DD25B-9FB4-4ACC-9C8F-652B331B4344} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {7A83CC9B-C308-44B5-B07A-C9A40F54DE05} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-08-09] ()
Task: {7ACC7FE9-2EAB-4E59-9B18-F439B14BFC9E} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2013-09-07] (ASUSTeK)
Task: {AC7F08D2-9A4F-4AB7-92B3-AB613A9AD610} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {B070B020-C243-408A-8B6A-21FAB30B0A80} - System32\Tasks\{B2CCD8C1-FBCF-4382-A15B-3674DBCA6919} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsMain
Task: {B8B5001E-FC3D-499A-814F-485FAE8A50E5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {C0327632-70FB-4564-B4B8-1EF7E585E466} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-24] ()
Task: {E4073BC3-CD94-472A-879F-E807699EEFDE} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-07-10] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-03-24 08:19 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-09 11:23 - 2013-08-08 20:00 - 00207160 _____ () C:\Windows\SysWOW64\AsHookDevice.exe
2013-12-09 11:41 - 2012-04-24 12:43 - 00390632 ____R () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-06-25 07:53 - 2015-06-25 07:53 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-12-09 11:22 - 2013-08-28 17:24 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-12-09 11:22 - 2013-08-09 03:33 - 01114768 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
2014-03-18 21:43 - 2006-09-20 09:35 - 00020480 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
2014-03-18 21:43 - 2006-10-30 17:59 - 00024576 _____ () C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
2013-12-09 11:22 - 2016-08-28 17:15 - 00026112 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-12-09 11:22 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2207309833-101134355-271174262-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Frank\Desktop\GP-Sprint 23.-24.5, 2015\0062-0523AG2-016_62.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "OpwareSE4"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SSBkgdUpdate"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ContentTransferWMDetector.exe"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{496D83B9-2A06-405D-944F-49120BC00D3D}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{DDE0F89E-7002-4BB0-93D6-C7FB7EA9F47A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{827139C5-8CBC-40A3-9F42-2C083EFF20C6}] => (Allow) LPort=2869
FirewallRules: [{326384A2-AB0A-4282-8CF5-7A2AE196E8A9}] => (Allow) LPort=1900
FirewallRules: [{E59DAEB8-C75C-4CD6-8D9E-BA77109C69F6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{5DF10C99-B2BC-4B69-88A6-1F5559DEE5B8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{6F1791C8-E166-4C5F-81E6-13C7848EB580}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{09A284E4-F01C-4CAC-83F5-07B6757F3F23}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{1C28CAA1-657D-4B5F-A9D4-A5E55BAD4106}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B3AD4324-17B4-4099-ACF6-22236DB6C347}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{AF47937F-4E24-4DCE-AAAC-0F9877D0CCFD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{0B778B52-28DB-4AB1-8785-33D58EB78869}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{6CE54BFE-FDF6-413F-B2B9-66A6BB5030DD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{DF49C32D-86E2-4859-9451-0B144F7B4E16}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{DCD162FF-3BFD-4CE7-8476-AEE4FBA0363D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{5263FD32-4C0E-4BB1-881F-6AEA774F59B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{472D46DC-C435-41BA-B1F8-CA67E665BE69}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{05B65A97-B8DF-4358-8375-BD636DAE7D8D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1C7CA5CD-C7B1-411E-9663-C02CA4862700}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/29/2016 07:51:52 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (08/28/2016 05:31:52 PM) (Source: MsiInstaller) (EventID: 10005) (User: Mike)
Description: Product: Avira Launcher -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2330. The arguments are: 1392, C:\Windows\Installer\$PatchCache$\Managed\3D34435B4474C9C4599AB7D37F72AD6E,
Error: (08/28/2016 05:16:10 PM) (Source: MsiInstaller) (EventID: 10005) (User: Mike)
Description: Product: Avira Launcher -- The installer has encountered an unexpected error installing this package. This may indicate a problem with this package. The error code is 2330. The arguments are: 1392, C:\Windows\Installer\$PatchCache$\Managed\3D34435B4474C9C4599AB7D37F72AD6E,
Error: (08/28/2016 05:13:20 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Während der Installation ist ein Fehler aufgetreten. Starten Sie die Reparatur.
Error: (08/28/2016 09:47:00 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (08/28/2016 12:22:19 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy8\,0x80000000,0x00000003,...)". hr = 0x80070013, Das Medium ist schreibgeschützt.
.
Vorgang:
PreFinalCommitSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/27/2016 08:50:33 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy5\,0x80000000,0x00000003,...)". hr = 0x80070013, Das Medium ist schreibgeschützt.
.
Vorgang:
PreFinalCommitSnapshots wird verarbeitet
Kontext:
Ausführungskontext: System Provider
Error: (08/27/2016 02:56:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4ebb
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000925fa
ID des fehlerhaften Prozesses: 0x760
Startzeit der fehlerhaften Anwendung: 0x01d20062686df737
Pfad der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: b5b10714-6c55-11e6-857c-bcee7bdc08b2
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/27/2016 02:56:35 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Während der Installation ist ein Fehler aufgetreten. Starten Sie die Reparatur.
Error: (08/27/2016 07:51:48 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Systemfehler:
=============
Error: (08/29/2016 04:47:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (08/29/2016 04:47:53 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{10DA4F3C-CC99-4190-BE4D-58330754E882}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/29/2016 04:45:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (08/29/2016 02:49:20 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{10DA4F3C-CC99-4190-BE4D-58330754E882}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/29/2016 02:47:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (08/29/2016 02:12:14 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{10DA4F3C-CC99-4190-BE4D-58330754E882}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/29/2016 02:10:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (08/29/2016 02:10:14 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{10DA4F3C-CC99-4190-BE4D-58330754E882}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (08/29/2016 02:08:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (08/29/2016 10:12:24 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "SSTP-Dienst" wurde mit folgendem Fehler beendet:
SSTP-Dienst ist keine zulässige Win32-Anwendung.
CodeIntegrity:
===================================
Date: 2014-04-12 12:29:08.238
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-04-12 12:29:08.206
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD A10-6700 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 7368.3 MB
Verfügbarer physikalischer RAM: 6166.18 MB
Summe virtueller Speicher: 14792.3 MB
Verfügbarer virtueller Speicher: 13223.36 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:150 GB) (Free:94 GB) NTFS
Drive d: (Data) (Fixed) (Total:764.65 GB) (Free:760.31 GB) NTFS
Drive g: () (Removable) (Total:3.69 GB) (Free:1.4 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 22F5793F)
Partition: GPT.
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
29.08.2016, 21:25
| #5 | |
| /// TB-Senior | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild Hallo, Zitat:
Code:
ATTFilter Gestartet von G:\
Schritt 1: Suche nach Rootkits mit TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
30.08.2016, 16:13
| #6 |
| | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges BildCode:
ATTFilter 17:09:44.0567 0x101c TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
17:09:44.0567 0x101c UEFI system
17:09:48.0708 0x101c ============================================================
17:09:48.0708 0x101c Current date / time: 2016/08/30 17:09:48.0708
17:09:48.0708 0x101c SystemInfo:
17:09:48.0708 0x101c
17:09:48.0708 0x101c OS Version: 6.3.9600 ServicePack: 0.0
17:09:48.0708 0x101c Product type: Workstation
17:09:48.0708 0x101c ComputerName: MIKE
17:09:48.0708 0x101c UserName: Frank
17:09:48.0708 0x101c Windows directory: C:\Windows
17:09:48.0708 0x101c System windows directory: C:\Windows
17:09:48.0708 0x101c Running under WOW64
17:09:48.0708 0x101c Processor architecture: Intel x64
17:09:48.0708 0x101c Number of processors: 4
17:09:48.0708 0x101c Page size: 0x1000
17:09:48.0708 0x101c Boot type: Normal boot
17:09:48.0708 0x101c CodeIntegrityOptions = 0x00000001
17:09:48.0708 0x101c ============================================================
17:09:49.0145 0x101c KLMD registered as C:\Windows\system32\drivers\85828777.sys
17:09:49.0145 0x101c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18378, osProperties = 0x19
17:09:49.0927 0x101c System UUID: {94B715F1-5BEB-32DA-AFAF-C7D64418429E}
17:09:50.0817 0x101c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:09:50.0864 0x101c Drive \Device\Harddisk1\DR4 - Size: 0xEC580000 ( 3.69 Gb ), SectorSize: 0x200, Cylinders: 0x1E2, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:09:50.0864 0x101c ============================================================
17:09:50.0864 0x101c \Device\Harddisk0\DR0:
17:09:50.0864 0x101c GPT partitions:
17:09:50.0864 0x101c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5CE782CE-4C4A-4136-97FB-D5F4C282B59B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x190000
17:09:50.0864 0x101c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E1E5E9BC-CC59-4EF6-95F4-69AC4B391ABD}, Name: EFI system partition, StartLBA 0x190800, BlocksNum 0x82000
17:09:50.0864 0x101c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {27AD2E0E-63EA-40C6-BC27-04B6115E1C64}, Name: Microsoft reserved partition, StartLBA 0x212800, BlocksNum 0x40000
17:09:50.0864 0x101c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3852142D-CA35-494D-9C26-231CEA41FACD}, Name: Basic data partition, StartLBA 0x252800, BlocksNum 0x12C00000
17:09:50.0864 0x101c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1F7D7DBE-3103-4569-BA96-004B314AF01E}, Name: Basic data partition, StartLBA 0x12E52800, BlocksNum 0x5F94D800
17:09:50.0864 0x101c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {49883FDF-19C9-4298-B8EF-3A9B19F61C0E}, Name: Basic data partition, StartLBA 0x727A0000, BlocksNum 0x1F66800
17:09:50.0864 0x101c MBR partitions:
17:09:50.0864 0x101c \Device\Harddisk1\DR4:
17:09:50.0864 0x101c MBR partitions:
17:09:50.0864 0x101c \Device\Harddisk1\DR4\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760C00
17:09:50.0864 0x101c ============================================================
17:09:50.0880 0x101c C: <-> \Device\Harddisk0\DR0\Partition4
17:09:50.0927 0x101c D: <-> \Device\Harddisk0\DR0\Partition5
17:09:50.0927 0x101c ============================================================
17:09:50.0927 0x101c Initialize success
17:09:50.0927 0x101c ============================================================
17:09:59.0583 0x0954 ============================================================
17:09:59.0583 0x0954 Scan started
17:09:59.0583 0x0954 Mode: Manual; SigCheck; TDLFS;
17:09:59.0583 0x0954 ============================================================
17:09:59.0583 0x0954 KSN ping started
17:09:59.0692 0x0954 KSN ping finished: true
17:10:00.0505 0x0954 ================ Scan system memory ========================
17:10:00.0505 0x0954 System memory - ok
17:10:00.0505 0x0954 ================ Scan services =============================
17:10:00.0599 0x0954 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
17:10:00.0770 0x0954 1394ohci - ok
17:10:00.0817 0x0954 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
17:10:00.0817 0x0954 3ware - ok
17:10:00.0864 0x0954 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:10:00.0880 0x0954 ACPI - ok
17:10:00.0895 0x0954 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
17:10:00.0911 0x0954 acpiex - ok
17:10:00.0927 0x0954 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
17:10:00.0958 0x0954 acpipagr - ok
17:10:00.0974 0x0954 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
17:10:01.0020 0x0954 AcpiPmi - ok
17:10:01.0020 0x0954 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
17:10:01.0052 0x0954 acpitime - ok
17:10:01.0114 0x0954 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:10:01.0130 0x0954 AdobeARMservice - ok
17:10:01.0208 0x0954 [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:10:01.0224 0x0954 AdobeFlashPlayerUpdateSvc - ok
17:10:01.0255 0x0954 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
17:10:01.0286 0x0954 ADP80XX - ok
17:10:01.0317 0x0954 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:10:01.0349 0x0954 AeLookupSvc - ok
17:10:01.0395 0x0954 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys
17:10:01.0458 0x0954 AFD - ok
17:10:01.0474 0x0954 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:10:01.0489 0x0954 agp440 - ok
17:10:01.0520 0x0954 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
17:10:01.0567 0x0954 ahcache - ok
17:10:01.0599 0x0954 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
17:10:01.0645 0x0954 ALG - ok
17:10:01.0677 0x0954 [ 497D44465C4FD98FD8F2C5C951595AC7, 7A2382C8C3C9D917961AD56880C47F2DD46B9A40FF30E5FA37EA9B245D7031BF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:10:01.0739 0x0954 AMD External Events Utility - ok
17:10:01.0770 0x0954 AMD FUEL Service - ok
17:10:01.0786 0x0954 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
17:10:01.0833 0x0954 AmdK8 - ok
17:10:02.0099 0x0954 [ 7045BFC51C38EBCD1FC91E7447552689, 70D0BB983CAD762F1CBEACAA0E22A2129C1A587BCFB8BAE97F2CB65E7426D964 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:10:02.0395 0x0954 amdkmdag - ok
17:10:02.0442 0x0954 [ 6A41403A294608E4B047BD2774EFF5D4, C82DA9F39F299AB8EC11CFF5B3CD4FEE628B98BAB1A88F3D6D099C22A52AA576 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:10:02.0474 0x0954 amdkmdap - ok
17:10:02.0505 0x0954 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
17:10:02.0552 0x0954 AmdPPM - ok
17:10:02.0567 0x0954 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:10:02.0583 0x0954 amdsata - ok
17:10:02.0599 0x0954 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:10:02.0614 0x0954 amdsbs - ok
17:10:02.0630 0x0954 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:10:02.0645 0x0954 amdxata - ok
17:10:02.0677 0x0954 [ 9F10670B87E493CB7E91FC28A3CBFB39, 80AB4212AA655240E9B699467BB1A40C57E4016E3B898128B773782824E0A26E ] amd_sata C:\Windows\system32\drivers\amd_sata.sys
17:10:02.0677 0x0954 amd_sata - ok
17:10:02.0677 0x0954 [ CB456201A3893830162F9894A5868952, 569510E46B188B24C16D7132B0ECCAA4CE60A5DAE733ECBB3D8A1595A5962AA3 ] amd_xata C:\Windows\system32\drivers\amd_xata.sys
17:10:02.0692 0x0954 amd_xata - ok
17:10:02.0708 0x0954 [ 4126D30992B26303E47E8981313FD6D6, 4C8DB2DDDB88FBEA87CDBFB93D9855B40043778878AF4A5571C174434F9C0D4C ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
17:10:02.0739 0x0954 AmUStor - ok
17:10:02.0739 0x0954 [ F2154A205F4B784B61A72AEBC72BDC5F, A1D962BCF952FAD8016D9210327E7C1044BF4D3D035C7443F8671DDA16E0A390 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:10:02.0739 0x0954 AODDriver4.2 - ok
17:10:02.0770 0x0954 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
17:10:02.0833 0x0954 AppID - ok
17:10:02.0864 0x0954 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:10:02.0880 0x0954 AppIDSvc - ok
17:10:02.0911 0x0954 [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\Windows\System32\appinfo.dll
17:10:02.0942 0x0954 Appinfo - ok
17:10:02.0989 0x0954 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
17:10:03.0052 0x0954 AppReadiness - ok
17:10:03.0099 0x0954 [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
17:10:03.0177 0x0954 AppXSvc - ok
17:10:03.0208 0x0954 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:10:03.0208 0x0954 arcsas - ok
17:10:03.0286 0x0954 [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
17:10:03.0317 0x0954 asComSvc - ok
17:10:03.0364 0x0954 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
17:10:03.0364 0x0954 AsIO - ok
17:10:03.0395 0x0954 [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
17:10:03.0395 0x0954 AsUpIO - ok
17:10:03.0411 0x0954 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:10:03.0458 0x0954 AsyncMac - ok
17:10:03.0474 0x0954 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
17:10:03.0474 0x0954 atapi - ok
17:10:03.0505 0x0954 [ AEB8BC801F11E436EBD8D347F866F7A1, 5C1DBFDD1D705E8CD8680DA3AC933EE47676FFB5FB0800CD0FCDAB5C379356B3 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWB6.sys
17:10:03.0583 0x0954 AtiHDAudioService - ok
17:10:03.0599 0x0954 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
17:10:03.0630 0x0954 AudioEndpointBuilder - ok
17:10:03.0661 0x0954 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:10:03.0692 0x0954 Audiosrv - ok
17:10:03.0755 0x0954 [ A94156BEA24D01996D9E026C51B9BFF2, 2FABAFED50DA5074CBCAD483D67E8F01EC6DB6A9F3D531CCF6120D291BA6DD92 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:10:03.0770 0x0954 Avira.ServiceHost - ok
17:10:03.0802 0x0954 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:10:03.0817 0x0954 AxInstSV - ok
17:10:03.0849 0x0954 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:10:03.0880 0x0954 b06bdrv - ok
17:10:03.0895 0x0954 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
17:10:03.0958 0x0954 BasicDisplay - ok
17:10:03.0989 0x0954 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
17:10:04.0036 0x0954 BasicRender - ok
17:10:04.0052 0x0954 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
17:10:04.0052 0x0954 bcmfn2 - ok
17:10:04.0083 0x0954 [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\Windows\System32\bdesvc.dll
17:10:04.0130 0x0954 BDESVC - ok
17:10:04.0145 0x0954 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
17:10:04.0192 0x0954 Beep - ok
17:10:04.0224 0x0954 [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\Windows\System32\bfe.dll
17:10:04.0270 0x0954 BFE - ok
17:10:04.0333 0x0954 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
17:10:04.0395 0x0954 BITS - ok
17:10:04.0411 0x0954 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:10:04.0458 0x0954 bowser - ok
17:10:04.0489 0x0954 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
17:10:04.0520 0x0954 BrokerInfrastructure - ok
17:10:04.0552 0x0954 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
17:10:04.0599 0x0954 Browser - ok
17:10:04.0630 0x0954 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
17:10:04.0708 0x0954 BthAvrcpTg - ok
17:10:04.0739 0x0954 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
17:10:04.0817 0x0954 BthEnum - ok
17:10:04.0849 0x0954 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
17:10:04.0911 0x0954 BthHFEnum - ok
17:10:04.0958 0x0954 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
17:10:04.0974 0x0954 bthhfhid - ok
17:10:05.0005 0x0954 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
17:10:05.0114 0x0954 BthHFSrv - ok
17:10:05.0145 0x0954 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\System32\drivers\BthLEEnum.sys
17:10:05.0192 0x0954 BthLEEnum - ok
17:10:05.0208 0x0954 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
17:10:05.0239 0x0954 BTHMODEM - ok
17:10:05.0270 0x0954 [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys
17:10:05.0317 0x0954 BthPan - ok
17:10:05.0364 0x0954 [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:10:05.0442 0x0954 BTHPORT - ok
17:10:05.0474 0x0954 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
17:10:05.0520 0x0954 bthserv - ok
17:10:05.0552 0x0954 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:10:05.0599 0x0954 BTHUSB - ok
17:10:05.0614 0x0954 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:10:05.0661 0x0954 cdfs - ok
17:10:05.0677 0x0954 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
17:10:05.0708 0x0954 cdrom - ok
17:10:05.0739 0x0954 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
17:10:05.0770 0x0954 CertPropSvc - ok
17:10:05.0770 0x0954 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
17:10:05.0833 0x0954 circlass - ok
17:10:05.0864 0x0954 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
17:10:05.0880 0x0954 CLFS - ok
17:10:06.0020 0x0954 [ 5A2EF42528D1D2D3C8732FC1A7CDD16D, B961D2F4B7DA5FF68AFCD10FDAC545442FEC8CF05D7D6BB4A00E2F5A2F2950F0 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
17:10:06.0099 0x0954 ClickToRunSvc - ok
17:10:06.0145 0x0954 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
17:10:06.0177 0x0954 CmBatt - ok
17:10:06.0224 0x0954 [ 5CBF8B3E27D824D2AA2A34AFB406F1D0, 955AF1307C02D2B4DEEB150F37F77B8631C0F3C450037C233E9E27D6571B0265 ] CNG C:\Windows\system32\Drivers\cng.sys
17:10:06.0239 0x0954 CNG - ok
17:10:06.0270 0x0954 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
17:10:06.0302 0x0954 CompositeBus - ok
17:10:06.0302 0x0954 COMSysApp - ok
17:10:06.0317 0x0954 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
17:10:06.0349 0x0954 condrv - ok
17:10:06.0380 0x0954 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:10:06.0411 0x0954 CryptSvc - ok
17:10:06.0442 0x0954 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\Windows\system32\drivers\dam.sys
17:10:06.0442 0x0954 dam - ok
17:10:06.0489 0x0954 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:10:06.0567 0x0954 DcomLaunch - ok
17:10:06.0599 0x0954 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
17:10:06.0645 0x0954 defragsvc - ok
17:10:06.0692 0x0954 [ B40056F9D352DBB6ABAE6DA70EE1D6E1, F8FB4A265996FC4F589F277C7B0A1770C9F0ADF644FC68C6CCE0E3B42E6E37AC ] Device Handle Service C:\Windows\SysWOW64\AsHookDevice.exe
17:10:06.0708 0x0954 Device Handle Service - ok
17:10:06.0739 0x0954 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
17:10:06.0770 0x0954 DeviceAssociationService - ok
17:10:06.0802 0x0954 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
17:10:06.0833 0x0954 DeviceInstall - ok
17:10:06.0864 0x0954 [ 5408A71E47FF21E357192FD4126B3002, D9EDDE26EFB7B3EBD8F21F5730A49D594D916A95E0D09ABBA7B6E7C59052A712 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
17:10:06.0895 0x0954 Dfsc - ok
17:10:06.0927 0x0954 [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:10:06.0927 0x0954 dg_ssudbus - ok
17:10:06.0958 0x0954 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
17:10:07.0005 0x0954 Dhcp - ok
17:10:07.0067 0x0954 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\Windows\system32\diagtrack.dll
17:10:07.0161 0x0954 DiagTrack - ok
17:10:07.0192 0x0954 [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\Windows\system32\drivers\disk.sys
17:10:07.0208 0x0954 disk - ok
17:10:07.0239 0x0954 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
17:10:07.0286 0x0954 dmvsc - ok
17:10:07.0302 0x0954 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:10:07.0333 0x0954 Dnscache - ok
17:10:07.0364 0x0954 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
17:10:07.0396 0x0954 dot3svc - ok
17:10:07.0427 0x0954 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
17:10:07.0442 0x0954 dot4 - ok
17:10:07.0442 0x0954 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\Windows\System32\drivers\Dot4Prt.sys
17:10:07.0458 0x0954 Dot4Print - ok
17:10:07.0474 0x0954 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
17:10:07.0474 0x0954 dot4usb - ok
17:10:07.0505 0x0954 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
17:10:07.0536 0x0954 DPS - ok
17:10:07.0552 0x0954 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:10:07.0567 0x0954 drmkaud - ok
17:10:07.0583 0x0954 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
17:10:07.0614 0x0954 DsmSvc - ok
17:10:07.0661 0x0954 [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:10:07.0708 0x0954 DXGKrnl - ok
17:10:07.0724 0x0954 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
17:10:07.0755 0x0954 Eaphost - ok
17:10:07.0864 0x0954 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:10:07.0942 0x0954 ebdrv - ok
17:10:07.0974 0x0954 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
17:10:07.0989 0x0954 EFS - ok
17:10:07.0989 0x0954 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
17:10:08.0005 0x0954 EhStorClass - ok
17:10:08.0020 0x0954 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
17:10:08.0036 0x0954 EhStorTcgDrv - ok
17:10:08.0036 0x0954 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
17:10:08.0099 0x0954 ErrDev - ok
17:10:08.0145 0x0954 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
17:10:08.0208 0x0954 EventSystem - ok
17:10:08.0239 0x0954 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
17:10:08.0302 0x0954 exfat - ok
17:10:08.0349 0x0954 Fabs - ok
17:10:08.0364 0x0954 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:10:08.0380 0x0954 fastfat - ok
17:10:08.0427 0x0954 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
17:10:08.0474 0x0954 Fax - ok
17:10:08.0474 0x0954 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
17:10:08.0520 0x0954 fdc - ok
17:10:08.0552 0x0954 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
17:10:08.0583 0x0954 fdPHost - ok
17:10:08.0599 0x0954 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
17:10:08.0614 0x0954 FDResPub - ok
17:10:08.0645 0x0954 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
17:10:08.0677 0x0954 fhsvc - ok
17:10:08.0708 0x0954 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:10:08.0708 0x0954 FileInfo - ok
17:10:08.0739 0x0954 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:10:08.0770 0x0954 Filetrace - ok
17:10:08.0849 0x0954 [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
17:10:08.0974 0x0954 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
17:10:09.0067 0x0954 Detect skipped due to KSN trusted
17:10:09.0067 0x0954 FirebirdServerMAGIXInstance - ok
17:10:09.0083 0x0954 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
17:10:09.0114 0x0954 flpydisk - ok
17:10:09.0145 0x0954 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:10:09.0161 0x0954 FltMgr - ok
17:10:09.0224 0x0954 [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\Windows\system32\FntCache.dll
17:10:09.0302 0x0954 FontCache - ok
17:10:09.0364 0x0954 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:10:09.0380 0x0954 FontCache3.0.0.0 - ok
17:10:09.0411 0x0954 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:10:09.0411 0x0954 FsDepends - ok
17:10:09.0427 0x0954 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:10:09.0458 0x0954 Fs_Rec - ok
17:10:09.0489 0x0954 [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:10:09.0520 0x0954 fvevol - ok
17:10:09.0536 0x0954 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
17:10:09.0583 0x0954 FxPPM - ok
17:10:09.0599 0x0954 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:10:09.0599 0x0954 gagp30kx - ok
17:10:09.0630 0x0954 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
17:10:09.0677 0x0954 gencounter - ok
17:10:09.0708 0x0954 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
17:10:09.0708 0x0954 GPIOClx0101 - ok
17:10:09.0770 0x0954 [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\Windows\System32\gpsvc.dll
17:10:09.0817 0x0954 gpsvc - ok
17:10:09.0849 0x0954 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:10:09.0896 0x0954 HdAudAddService - ok
17:10:09.0911 0x0954 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
17:10:09.0958 0x0954 HDAudBus - ok
17:10:09.0974 0x0954 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
17:10:10.0020 0x0954 HidBatt - ok
17:10:10.0036 0x0954 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
17:10:10.0083 0x0954 HidBth - ok
17:10:10.0099 0x0954 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
17:10:10.0130 0x0954 hidi2c - ok
17:10:10.0145 0x0954 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
17:10:10.0161 0x0954 HidIr - ok
17:10:10.0192 0x0954 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
17:10:10.0224 0x0954 hidserv - ok
17:10:10.0239 0x0954 [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\Windows\System32\drivers\hidusb.sys
17:10:10.0302 0x0954 HidUsb - ok
17:10:10.0317 0x0954 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
17:10:10.0333 0x0954 HipShieldK - ok
17:10:10.0364 0x0954 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
17:10:10.0380 0x0954 hkmsvc - ok
17:10:10.0411 0x0954 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:10:10.0458 0x0954 HomeGroupListener - ok
17:10:10.0489 0x0954 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:10:10.0521 0x0954 HomeGroupProvider - ok
17:10:10.0552 0x0954 [ 930370725FA0FE272346583A7A7D6BDB, 98195638D548A6E5E574E062FDCF4E5833DDE834399787EC51C340699B6E5E64 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
17:10:10.0567 0x0954 hpqcxs08 - ok
17:10:10.0583 0x0954 [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
17:10:10.0583 0x0954 hpqddsvc - ok
17:10:10.0614 0x0954 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:10:10.0630 0x0954 HpSAMD - ok
17:10:10.0692 0x0954 HPSLPSVC - ok
17:10:10.0786 0x0954 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:10:10.0817 0x0954 HTTP - ok
17:10:10.0849 0x0954 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:10:10.0849 0x0954 hwpolicy - ok
17:10:10.0864 0x0954 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
17:10:10.0880 0x0954 hyperkbd - ok
17:10:10.0880 0x0954 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
17:10:10.0911 0x0954 HyperVideo - ok
17:10:10.0942 0x0954 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
17:10:10.0989 0x0954 i8042prt - ok
17:10:11.0005 0x0954 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
17:10:11.0005 0x0954 iaLPSSi_GPIO - ok
17:10:11.0036 0x0954 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
17:10:11.0052 0x0954 iaLPSSi_I2C - ok
17:10:11.0067 0x0954 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
17:10:11.0099 0x0954 iaStorAV - ok
17:10:11.0114 0x0954 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:10:11.0130 0x0954 iaStorV - ok
17:10:11.0145 0x0954 IEEtwCollectorService - ok
17:10:11.0192 0x0954 [ BD5F83AE5106A131E7C6E7A4CB15B6BE, 57CABC1FFC4F09D2C536112BB21494FA83AF7949532463FC458F12BC552D3ED2 ] IKEEXT C:\Windows\System32\ikeext.dll
17:10:11.0239 0x0954 IKEEXT - ok
17:10:11.0333 0x0954 [ 32E41A65AAA964000D0D908B906BB2DC, 10EB45C419FB3851353FF99CB64077EAE454A0729D8265E0136D3A714B49C1C4 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:10:11.0411 0x0954 IntcAzAudAddService - ok
17:10:11.0442 0x0954 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
17:10:11.0442 0x0954 intelide - ok
17:10:11.0474 0x0954 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\Windows\system32\drivers\intelpep.sys
17:10:11.0489 0x0954 intelpep - ok
17:10:11.0505 0x0954 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
17:10:11.0552 0x0954 intelppm - ok
17:10:11.0552 0x0954 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:10:11.0599 0x0954 IpFilterDriver - ok
17:10:11.0677 0x0954 [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:10:11.0739 0x0954 iphlpsvc - ok
17:10:11.0771 0x0954 [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
17:10:11.0802 0x0954 IPMIDRV - ok
17:10:11.0817 0x0954 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:10:11.0880 0x0954 IPNAT - ok
17:10:11.0896 0x0954 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:10:11.0927 0x0954 IRENUM - ok
17:10:11.0942 0x0954 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:10:11.0942 0x0954 isapnp - ok
17:10:11.0974 0x0954 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
17:10:11.0989 0x0954 iScsiPrt - ok
17:10:12.0021 0x0954 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
17:10:12.0021 0x0954 kbdclass - ok
17:10:12.0036 0x0954 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
17:10:12.0052 0x0954 kbdhid - ok
17:10:12.0083 0x0954 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
17:10:12.0145 0x0954 kdnic - ok
17:10:12.0161 0x0954 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
17:10:12.0177 0x0954 KeyIso - ok
17:10:12.0208 0x0954 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:10:12.0208 0x0954 KSecDD - ok
17:10:12.0239 0x0954 [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:10:12.0255 0x0954 KSecPkg - ok
17:10:12.0255 0x0954 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:10:12.0302 0x0954 ksthunk - ok
17:10:12.0317 0x0954 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:10:12.0333 0x0954 KtmRm - ok
17:10:12.0380 0x0954 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
17:10:12.0411 0x0954 LanmanServer - ok
17:10:12.0442 0x0954 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:10:12.0458 0x0954 LanmanWorkstation - ok
17:10:12.0489 0x0954 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
17:10:12.0536 0x0954 lfsvc - ok
17:10:12.0567 0x0954 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:10:12.0583 0x0954 lltdio - ok
17:10:12.0614 0x0954 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:10:12.0630 0x0954 lltdsvc - ok
17:10:12.0661 0x0954 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:10:12.0692 0x0954 lmhosts - ok
17:10:12.0724 0x0954 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:10:12.0724 0x0954 LSI_SAS - ok
17:10:12.0755 0x0954 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:10:12.0755 0x0954 LSI_SAS2 - ok
17:10:12.0771 0x0954 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
17:10:12.0771 0x0954 LSI_SAS3 - ok
17:10:12.0786 0x0954 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
17:10:12.0802 0x0954 LSI_SSS - ok
17:10:12.0833 0x0954 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
17:10:12.0895 0x0954 LSM - ok
17:10:12.0911 0x0954 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
17:10:12.0958 0x0954 luafv - ok
17:10:12.0958 0x0954 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
17:10:12.0974 0x0954 megasas - ok
17:10:12.0989 0x0954 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
17:10:13.0021 0x0954 megasr - ok
17:10:13.0052 0x0954 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
17:10:13.0083 0x0954 MMCSS - ok
17:10:13.0099 0x0954 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
17:10:13.0130 0x0954 Modem - ok
17:10:13.0130 0x0954 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
17:10:13.0177 0x0954 monitor - ok
17:10:13.0192 0x0954 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
17:10:13.0192 0x0954 mouclass - ok
17:10:13.0239 0x0954 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
17:10:13.0270 0x0954 mouhid - ok
17:10:13.0286 0x0954 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:10:13.0302 0x0954 mountmgr - ok
17:10:13.0333 0x0954 [ C01441BA6F99890B7FF6CD0260B7750A, E02FFB1E8A3E423C9392ADAA9DF5FECF800DFAB3E09B74A029106DC337995539 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:10:13.0349 0x0954 MozillaMaintenance - ok
17:10:13.0364 0x0954 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:10:13.0396 0x0954 mpsdrv - ok
17:10:13.0427 0x0954 [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:10:13.0489 0x0954 MpsSvc - ok
17:10:13.0521 0x0954 [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:10:13.0567 0x0954 MRxDAV - ok
17:10:13.0583 0x0954 [ 5DCD41F62F71519D2A46D41F60C69B0C, A9C2F8B8F82BDBF48F34D5837ED27CE251C75232A07AF26F7B796D2A106795A0 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:10:13.0645 0x0954 mrxsmb - ok
17:10:13.0677 0x0954 [ D7C9BC4D37BF08C7DD436A0A5F321668, 30A5AF211BEC89E26134CDAE3E60D0D9F0AE2748F56E9D09B07431206AD381C6 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:10:13.0724 0x0954 mrxsmb10 - ok
17:10:13.0755 0x0954 [ 4065615E836BF8C61AF6278EB2A9D1D6, B9A0E40DEC36D1A228EC4EF48CCD9BE6C726E53D17F38280AA74C068E7887621 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:10:13.0771 0x0954 mrxsmb20 - ok
17:10:13.0802 0x0954 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
17:10:13.0849 0x0954 MsBridge - ok
17:10:13.0864 0x0954 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
17:10:13.0880 0x0954 MSDTC - ok
17:10:13.0895 0x0954 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:10:13.0927 0x0954 Msfs - ok
17:10:13.0942 0x0954 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
17:10:13.0958 0x0954 msgpiowin32 - ok
17:10:13.0958 0x0954 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:10:13.0989 0x0954 mshidkmdf - ok
17:10:14.0005 0x0954 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
17:10:14.0036 0x0954 mshidumdf - ok
17:10:14.0052 0x0954 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:10:14.0052 0x0954 msisadrv - ok
17:10:14.0067 0x0954 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:10:14.0083 0x0954 MSiSCSI - ok
17:10:14.0083 0x0954 msiserver - ok
17:10:14.0099 0x0954 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:10:14.0114 0x0954 MSKSSRV - ok
17:10:14.0146 0x0954 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
17:10:14.0192 0x0954 MsLldp - ok
17:10:14.0208 0x0954 [ 50DFB1EC312B2E074AED8E4C4CD1DF1B, 1CE52E8D9E3ABCBFFEC131A772829BC7B458676C013E435311F457D509DBD1B1 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:10:14.0302 0x0954 MSPCLOCK - detected UnsignedFile.Multi.Generic ( 1 )
17:10:14.0458 0x0954 Object is SCO, delete is not allowed
17:10:14.0458 0x0954 MSPCLOCK ( UnsignedFile.Multi.Generic ) - warning
17:10:14.0583 0x0954 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:10:14.0614 0x0954 MSPQM - ok
17:10:14.0645 0x0954 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:10:14.0661 0x0954 MsRPC - ok
17:10:14.0677 0x0954 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
17:10:14.0677 0x0954 mssmbios - ok
17:10:14.0692 0x0954 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:10:14.0739 0x0954 MSTEE - ok
17:10:14.0755 0x0954 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
17:10:14.0786 0x0954 MTConfig - ok
17:10:14.0817 0x0954 [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\Windows\system32\Drivers\mup.sys
17:10:14.0833 0x0954 Mup - ok
17:10:14.0849 0x0954 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
17:10:14.0849 0x0954 mvumis - ok
17:10:14.0896 0x0954 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
17:10:14.0927 0x0954 napagent - ok
17:10:14.0958 0x0954 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:10:15.0005 0x0954 NativeWifiP - ok
17:10:15.0036 0x0954 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
17:10:15.0052 0x0954 NcaSvc - ok
17:10:15.0083 0x0954 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
17:10:15.0130 0x0954 NcbService - ok
17:10:15.0146 0x0954 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
17:10:15.0192 0x0954 NcdAutoSetup - ok
17:10:15.0239 0x0954 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:10:15.0270 0x0954 NDIS - ok
17:10:15.0302 0x0954 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:10:15.0333 0x0954 NdisCap - ok
17:10:15.0364 0x0954 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
17:10:15.0396 0x0954 NdisImPlatform - detected UnsignedFile.Multi.Generic ( 1 )
17:10:15.0489 0x0954 Detect skipped due to KSN trusted
17:10:15.0489 0x0954 NdisImPlatform - ok
17:10:15.0505 0x0954 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:10:15.0536 0x0954 NdisTapi - ok
17:10:15.0552 0x0954 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:10:15.0583 0x0954 Ndisuio - ok
17:10:15.0599 0x0954 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
17:10:15.0630 0x0954 NdisVirtualBus - ok
17:10:15.0646 0x0954 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:10:15.0708 0x0954 NdisWan - ok
17:10:15.0708 0x0954 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
17:10:15.0724 0x0954 NdisWanLegacy - ok
17:10:15.0739 0x0954 [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:10:15.0786 0x0954 NDProxy - ok
17:10:15.0802 0x0954 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
17:10:15.0849 0x0954 Ndu - ok
17:10:15.0880 0x0954 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
17:10:15.0895 0x0954 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:10:15.0989 0x0954 Detect skipped due to KSN trusted
17:10:15.0989 0x0954 Net Driver HPZ12 - ok
17:10:16.0020 0x0954 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:10:16.0036 0x0954 NetBIOS - ok
17:10:16.0067 0x0954 [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:10:16.0161 0x0954 NetBT - ok
17:10:16.0177 0x0954 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
17:10:16.0192 0x0954 Netlogon - ok
17:10:16.0224 0x0954 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
17:10:16.0239 0x0954 Netman - ok
17:10:16.0270 0x0954 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
17:10:16.0302 0x0954 netprofm - ok
17:10:16.0364 0x0954 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:10:16.0396 0x0954 NetTcpPortSharing - ok
17:10:16.0411 0x0954 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
17:10:16.0458 0x0954 netvsc - ok
17:10:16.0489 0x0954 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
17:10:16.0521 0x0954 NlaSvc - ok
17:10:16.0536 0x0954 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:10:16.0567 0x0954 Npfs - ok
17:10:16.0567 0x0954 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
17:10:16.0599 0x0954 npsvctrig - ok
17:10:16.0630 0x0954 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
17:10:16.0661 0x0954 nsi - ok
17:10:16.0677 0x0954 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:10:16.0708 0x0954 nsiproxy - ok
17:10:16.0770 0x0954 [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:10:16.0833 0x0954 Ntfs - ok
17:10:16.0849 0x0954 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
17:10:16.0880 0x0954 Null - ok
17:10:16.0895 0x0954 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:10:16.0895 0x0954 nvraid - ok
17:10:16.0911 0x0954 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:10:16.0927 0x0954 nvstor - ok
17:10:16.0942 0x0954 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:10:16.0942 0x0954 nv_agp - ok
17:10:16.0989 0x0954 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:10:17.0005 0x0954 ose - ok
17:10:17.0036 0x0954 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:10:17.0083 0x0954 p2pimsvc - ok
17:10:17.0114 0x0954 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
17:10:17.0146 0x0954 p2psvc - ok
17:10:17.0177 0x0954 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
17:10:17.0192 0x0954 Parport - ok
17:10:17.0224 0x0954 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:10:17.0224 0x0954 partmgr - ok
17:10:17.0270 0x0954 [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:10:17.0317 0x0954 PcaSvc - ok
17:10:17.0333 0x0954 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
17:10:17.0349 0x0954 pci - ok
17:10:17.0364 0x0954 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
17:10:17.0364 0x0954 pciide - ok
17:10:17.0396 0x0954 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:10:17.0396 0x0954 pcmcia - ok
17:10:17.0411 0x0954 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
17:10:17.0427 0x0954 pcw - ok
17:10:17.0442 0x0954 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\Windows\system32\drivers\pdc.sys
17:10:17.0458 0x0954 pdc - ok
17:10:17.0505 0x0954 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:10:17.0552 0x0954 PEAUTH - ok
17:10:17.0614 0x0954 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:10:17.0661 0x0954 PerfHost - ok
17:10:17.0724 0x0954 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
17:10:17.0755 0x0954 pla - ok
17:10:17.0786 0x0954 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:10:17.0802 0x0954 PlugPlay - ok
17:10:17.0817 0x0954 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
17:10:17.0864 0x0954 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:10:17.0942 0x0954 Detect skipped due to KSN trusted
17:10:17.0942 0x0954 Pml Driver HPZ12 - ok
17:10:17.0958 0x0954 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:10:17.0974 0x0954 PNRPAutoReg - ok
17:10:17.0989 0x0954 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:10:18.0005 0x0954 PNRPsvc - ok
17:10:18.0036 0x0954 [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:10:18.0067 0x0954 PolicyAgent - ok
17:10:18.0083 0x0954 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
17:10:18.0130 0x0954 Power - ok
17:10:18.0146 0x0954 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:10:18.0192 0x0954 PptpMiniport - ok
17:10:18.0302 0x0954 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
17:10:18.0442 0x0954 PrintNotify - ok
17:10:18.0458 0x0954 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
17:10:18.0505 0x0954 Processor - ok
17:10:18.0614 0x0954 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
17:10:18.0661 0x0954 ProfSvc - ok
17:10:18.0692 0x0954 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:10:18.0739 0x0954 Psched - ok
17:10:18.0786 0x0954 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
17:10:18.0833 0x0954 QWAVE - ok
17:10:18.0864 0x0954 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:10:18.0896 0x0954 QWAVEdrv - ok
17:10:18.0911 0x0954 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:10:18.0927 0x0954 RasAcd - ok
17:10:18.0958 0x0954 [ 3EE5097945A7F680E320953271EB2D4F, 0B9F2B458177A654F65C5E862B7C55B35E20271B76D5E20A20F30D3223A1216F ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:10:19.0036 0x0954 RasAgileVpn - ok
17:10:19.0067 0x0954 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
17:10:19.0083 0x0954 RasAuto - ok
17:10:19.0099 0x0954 [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:10:19.0161 0x0954 Rasl2tp - ok
17:10:19.0208 0x0954 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
17:10:19.0255 0x0954 RasMan - detected UnsignedFile.Multi.Generic ( 1 )
17:10:19.0349 0x0954 Detect skipped due to KSN trusted
17:10:19.0349 0x0954 RasMan - ok
17:10:19.0380 0x0954 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:10:19.0411 0x0954 RasPppoe - ok
17:10:19.0427 0x0954 [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:10:19.0458 0x0954 RasSstp - detected UnsignedFile.Multi.Generic ( 1 )
17:10:19.0552 0x0954 Detect skipped due to KSN trusted
17:10:19.0552 0x0954 RasSstp - ok
17:10:19.0583 0x0954 [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:10:19.0599 0x0954 rdbss - ok
17:10:19.0614 0x0954 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
17:10:19.0661 0x0954 rdpbus - ok
17:10:19.0677 0x0954 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:10:19.0708 0x0954 RDPDR - ok
17:10:19.0739 0x0954 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:10:19.0755 0x0954 RdpVideoMiniport - ok
17:10:19.0771 0x0954 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:10:19.0786 0x0954 rdyboost - ok
17:10:19.0833 0x0954 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
17:10:19.0864 0x0954 ReFS - ok
17:10:19.0880 0x0954 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:10:19.0895 0x0954 RemoteAccess - detected UnsignedFile.Multi.Generic ( 1 )
17:10:19.0989 0x0954 Detect skipped due to KSN trusted
17:10:19.0989 0x0954 RemoteAccess - ok
17:10:20.0005 0x0954 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:10:20.0036 0x0954 RemoteRegistry - ok
17:10:20.0067 0x0954 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
17:10:20.0083 0x0954 RFCOMM - ok
17:10:20.0145 0x0954 [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
17:10:20.0161 0x0954 RichVideo64 - ok
17:10:20.0192 0x0954 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:10:20.0208 0x0954 RpcEptMapper - ok
17:10:20.0224 0x0954 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
17:10:20.0255 0x0954 RpcLocator - ok
17:10:20.0302 0x0954 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\Windows\system32\rpcss.dll
17:10:20.0333 0x0954 RpcSs - ok
17:10:20.0349 0x0954 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:10:20.0411 0x0954 rspndr - ok
17:10:20.0442 0x0954 [ 948D5E71CF9DB59961353A355EA45139, A23D012B07A92CC217C67C904CDFBA2BCCDCC2BD49B24FB694BD230D000F2B7B ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
17:10:20.0458 0x0954 RTL8168 - ok
17:10:20.0489 0x0954 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
17:10:20.0521 0x0954 s3cap - ok
17:10:20.0536 0x0954 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
17:10:20.0552 0x0954 SamSs - ok
17:10:20.0567 0x0954 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:10:20.0567 0x0954 sbp2port - ok
17:10:20.0599 0x0954 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:10:20.0614 0x0954 SCardSvr - ok
17:10:20.0661 0x0954 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
17:10:20.0677 0x0954 ScDeviceEnum - ok
17:10:20.0692 0x0954 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:10:20.0724 0x0954 scfilter - ok
17:10:20.0770 0x0954 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
17:10:20.0817 0x0954 Schedule - ok
17:10:20.0833 0x0954 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:10:20.0849 0x0954 SCPolicySvc - ok
17:10:20.0891 0x0954 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
17:10:20.0891 0x0954 sdbus - ok
17:10:20.0922 0x0954 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
17:10:20.0938 0x0954 sdstor - ok
17:10:20.0938 0x0954 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:10:21.0000 0x0954 secdrv - ok
17:10:21.0032 0x0954 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\Windows\system32\seclogon.dll
17:10:21.0063 0x0954 seclogon - ok
17:10:21.0078 0x0954 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
17:10:21.0094 0x0954 SENS - ok
17:10:21.0141 0x0954 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:10:21.0188 0x0954 SensrSvc - ok
17:10:21.0203 0x0954 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
17:10:21.0203 0x0954 SerCx - ok
17:10:21.0235 0x0954 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
17:10:21.0235 0x0954 SerCx2 - ok
17:10:21.0250 0x0954 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
17:10:21.0282 0x0954 Serenum - ok
17:10:21.0297 0x0954 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
17:10:21.0344 0x0954 Serial - ok
17:10:21.0360 0x0954 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
17:10:21.0391 0x0954 sermouse - ok
17:10:21.0422 0x0954 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
17:10:21.0453 0x0954 SessionEnv - ok
17:10:21.0469 0x0954 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
17:10:21.0500 0x0954 sfloppy - ok
17:10:21.0516 0x0954 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:10:21.0531 0x0954 SharedAccess - ok
17:10:21.0563 0x0954 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:10:21.0610 0x0954 ShellHWDetection - ok
17:10:21.0641 0x0954 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:10:21.0641 0x0954 SiSRaid2 - ok
17:10:21.0656 0x0954 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:10:21.0672 0x0954 SiSRaid4 - ok
17:10:21.0688 0x0954 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
17:10:21.0735 0x0954 smphost - ok
17:10:21.0750 0x0954 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:10:21.0766 0x0954 SNMPTRAP - ok
17:10:21.0797 0x0954 [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport C:\Windows\system32\drivers\spaceport.sys
17:10:21.0813 0x0954 spaceport - ok
17:10:21.0828 0x0954 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
17:10:21.0844 0x0954 SpbCx - ok
17:10:21.0891 0x0954 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\Windows\System32\spoolsv.exe
17:10:21.0922 0x0954 Spooler - ok
17:10:22.0078 0x0954 [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\Windows\system32\sppsvc.exe
17:10:22.0266 0x0954 sppsvc - ok
17:10:22.0313 0x0954 [ 69DC128CF54009A686E0F0C57E2BA0DC, 961B1F1F4CD07D85660E63DEC0AACDE1BF0DA30C0E39C497AE31BD37C5591B72 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:10:22.0344 0x0954 srv - ok
17:10:22.0375 0x0954 [ CED8576CD925E83ABEB14F65EA205C29, 37803AB047B5717EDBB7009F504C87B8DE110FBC5D67DFE6A9C8F04B30DD9629 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:10:22.0422 0x0954 srv2 - ok
17:10:22.0438 0x0954 [ 4396587119D8F4B72561ED24666E7567, 11754EA2668B2088363EFD2BCE4FDABC8836A6C9D78873F2A4F3517A48932ABF ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:10:22.0453 0x0954 srvnet - ok
17:10:22.0500 0x0954 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:10:22.0516 0x0954 SSDPSRV - ok
17:10:22.0547 0x0954 [ 8C9FB857470387FD25BE0252BC3D5174, FB24517EA95ED23883C552427345A79C66F40DAFA5BE65D4373C8236A60E2F27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:10:22.0547 0x0954 SstpSvc - detected UnsignedFile.Multi.Generic ( 1 )
17:10:22.0641 0x0954 Object is SCO, delete is not allowed
17:10:22.0641 0x0954 SstpSvc ( UnsignedFile.Multi.Generic ) - warning
17:10:22.0641 0x0954 Force sending object to P2P due to detect: SstpSvc
17:10:22.0813 0x0954 Object send P2P result: true
17:10:22.0922 0x0954 [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:10:22.0938 0x0954 ssudmdm - ok
17:10:22.0953 0x0954 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:10:22.0969 0x0954 stexstor - ok
17:10:23.0000 0x0954 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
17:10:23.0031 0x0954 stisvc - ok
17:10:23.0047 0x0954 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
17:10:23.0063 0x0954 storahci - ok
17:10:23.0078 0x0954 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:10:23.0078 0x0954 storflt - ok
17:10:23.0110 0x0954 [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme C:\Windows\system32\drivers\stornvme.sys
17:10:23.0125 0x0954 stornvme - ok
17:10:23.0156 0x0954 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
17:10:23.0188 0x0954 StorSvc - ok
17:10:23.0203 0x0954 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:10:23.0203 0x0954 storvsc - ok
17:10:23.0235 0x0954 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
17:10:23.0250 0x0954 svsvc - ok
17:10:23.0282 0x0954 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
17:10:23.0282 0x0954 swenum - ok
17:10:23.0344 0x0954 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
17:10:23.0360 0x0954 swprv - ok
17:10:23.0422 0x0954 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
17:10:23.0485 0x0954 SysMain - ok
17:10:23.0531 0x0954 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
17:10:23.0563 0x0954 SystemEventsBroker - ok
17:10:23.0610 0x0954 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:10:23.0625 0x0954 TabletInputService - ok
17:10:23.0672 0x0954 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
17:10:23.0703 0x0954 TapiSrv - ok
17:10:23.0781 0x0954 [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:10:23.0860 0x0954 Tcpip - ok
17:10:23.0906 0x0954 [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:10:23.0969 0x0954 TCPIP6 - ok
17:10:23.0985 0x0954 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:10:24.0047 0x0954 tcpipreg - ok
17:10:24.0078 0x0954 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:10:24.0094 0x0954 tdx - ok
17:10:24.0125 0x0954 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
17:10:24.0141 0x0954 terminpt - ok
17:10:24.0188 0x0954 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
17:10:24.0219 0x0954 TermService - ok
17:10:24.0250 0x0954 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
17:10:24.0281 0x0954 Themes - ok
17:10:24.0313 0x0954 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
17:10:24.0313 0x0954 THREADORDER - ok
17:10:24.0344 0x0954 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
17:10:24.0391 0x0954 TimeBroker - ok
17:10:24.0422 0x0954 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
17:10:24.0438 0x0954 TPM - ok
17:10:24.0453 0x0954 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
17:10:24.0453 0x0954 TrkWks - ok
17:10:24.0485 0x0954 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:10:24.0516 0x0954 TrustedInstaller - ok
17:10:24.0547 0x0954 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:10:24.0594 0x0954 TsUsbFlt - ok
17:10:24.0610 0x0954 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
17:10:24.0641 0x0954 TsUsbGD - ok
17:10:24.0735 0x0954 [ 82B220AAC7079DBD34F014589E5A5886, F5F82C0C9BB13F041CA3750A478E2062BCF1A64AC901655413A61A719DFC34F2 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
17:10:24.0781 0x0954 TuneUp.UtilitiesSvc - ok
17:10:24.0797 0x0954 [ DB3C912A851FCA6358FED4D53DAA7E91, B35375EC9AF61D829489D9B278605E2098D6402419E79EB24C65D3B65816AEBC ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
17:10:24.0797 0x0954 TuneUpUtilitiesDrv - ok
17:10:24.0844 0x0954 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:10:24.0875 0x0954 tunnel - ok
17:10:24.0891 0x0954 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:10:24.0906 0x0954 uagp35 - ok
17:10:24.0922 0x0954 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
17:10:24.0922 0x0954 UASPStor - ok
17:10:24.0953 0x0954 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
17:10:24.0969 0x0954 UCX01000 - ok
17:10:25.0000 0x0954 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:10:25.0063 0x0954 udfs - ok
17:10:25.0094 0x0954 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
17:10:25.0094 0x0954 UEFI - ok
17:10:25.0125 0x0954 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:10:25.0157 0x0954 UI0Detect - ok
17:10:25.0172 0x0954 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:10:25.0188 0x0954 uliagpkx - ok
17:10:25.0188 0x0954 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
17:10:25.0219 0x0954 umbus - ok
17:10:25.0235 0x0954 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
17:10:25.0266 0x0954 UmPass - ok
17:10:25.0297 0x0954 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
17:10:25.0344 0x0954 UmRdpService - ok
17:10:25.0391 0x0954 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
17:10:25.0422 0x0954 upnphost - ok
17:10:25.0438 0x0954 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
17:10:25.0453 0x0954 usbccgp - ok
17:10:25.0469 0x0954 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
17:10:25.0516 0x0954 usbcir - ok
17:10:25.0532 0x0954 [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\Windows\System32\drivers\usbehci.sys
17:10:25.0547 0x0954 usbehci - ok
17:10:25.0563 0x0954 [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
17:10:25.0578 0x0954 usbfilter - ok
17:10:25.0610 0x0954 [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\Windows\System32\drivers\usbhub.sys
17:10:25.0641 0x0954 usbhub - ok
17:10:25.0656 0x0954 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
17:10:25.0672 0x0954 USBHUB3 - ok
17:10:25.0703 0x0954 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys
17:10:25.0750 0x0954 usbohci - ok
17:10:25.0766 0x0954 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
17:10:25.0813 0x0954 usbprint - ok
17:10:25.0828 0x0954 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\Windows\System32\drivers\usbscan.sys
17:10:25.0875 0x0954 usbscan - ok
17:10:25.0906 0x0954 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
17:10:25.0906 0x0954 USBSTOR - ok
17:10:25.0938 0x0954 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
17:10:25.0969 0x0954 usbuhci - ok
17:10:26.0000 0x0954 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
17:10:26.0016 0x0954 USBXHCI - ok
17:10:26.0031 0x0954 [ F64EACAD95ED83179EBC1F1B1434027C, 86D2A1A3444EBE4453CE7F27C9F0A1514D980499C7E6534BEE65A40D66C90C16 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
17:10:26.0047 0x0954 UxTuneUp - ok
17:10:26.0063 0x0954 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
17:10:26.0063 0x0954 VaultSvc - ok
17:10:26.0078 0x0954 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:10:26.0094 0x0954 vdrvroot - ok
17:10:26.0156 0x0954 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
17:10:26.0188 0x0954 vds - ok
17:10:26.0203 0x0954 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
17:10:26.0219 0x0954 VerifierExt - ok
17:10:26.0250 0x0954 [ 5DB4AFA10A488EC4DDB3DA09B0425BE5, 480AFB6A6BCC95E86C5087C3D9DCD6058D48659A5A63F524A0B9ED3A8FEF6B9B ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
17:10:26.0281 0x0954 vhdmp - ok
17:10:26.0281 0x0954 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
17:10:26.0297 0x0954 viaide - ok
17:10:26.0328 0x0954 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:10:26.0328 0x0954 vmbus - ok
17:10:26.0344 0x0954 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
17:10:26.0360 0x0954 VMBusHID - ok
17:10:26.0406 0x0954 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
17:10:26.0438 0x0954 vmicguestinterface - ok
17:10:26.0453 0x0954 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
17:10:26.0469 0x0954 vmicheartbeat - ok
17:10:26.0485 0x0954 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
17:10:26.0500 0x0954 vmickvpexchange - ok
17:10:26.0516 0x0954 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
17:10:26.0532 0x0954 vmicrdv - ok
17:10:26.0547 0x0954 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
17:10:26.0563 0x0954 vmicshutdown - ok
17:10:26.0578 0x0954 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
17:10:26.0594 0x0954 vmictimesync - ok
17:10:26.0610 0x0954 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
17:10:26.0625 0x0954 vmicvss - ok
17:10:26.0657 0x0954 [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:10:26.0657 0x0954 volmgr - ok
17:10:26.0672 0x0954 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:10:26.0688 0x0954 volmgrx - ok
17:10:26.0735 0x0954 [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:10:26.0750 0x0954 volsnap - ok
17:10:26.0766 0x0954 [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\Windows\System32\drivers\vpci.sys
17:10:26.0781 0x0954 vpci - ok
17:10:26.0797 0x0954 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:10:26.0813 0x0954 vsmraid - ok
17:10:26.0875 0x0954 [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\Windows\system32\vssvc.exe
17:10:26.0938 0x0954 VSS - ok
17:10:26.0953 0x0954 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
17:10:26.0969 0x0954 VSTXRAID - ok
17:10:27.0000 0x0954 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:10:27.0063 0x0954 vwifibus - ok
17:10:27.0094 0x0954 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
17:10:27.0125 0x0954 W32Time - ok
17:10:27.0141 0x0954 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
17:10:27.0188 0x0954 WacomPen - ok
17:10:27.0219 0x0954 [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:10:27.0235 0x0954 Wanarp - ok
17:10:27.0235 0x0954 [ 23006D660C0E54BF1CE8253E15F5E995, 4FA7ED2F6B29BACBE2BB43C79FC8231C4C59F27C79AB09DB07BBFE36B35689E5 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:10:27.0250 0x0954 Wanarpv6 - ok
17:10:27.0313 0x0954 [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine C:\Windows\system32\wbengine.exe
17:10:27.0391 0x0954 wbengine - ok
17:10:27.0422 0x0954 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:10:27.0469 0x0954 WbioSrvc - ok
17:10:27.0485 0x0954 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
17:10:27.0516 0x0954 Wcmsvc - ok
17:10:27.0531 0x0954 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:10:27.0547 0x0954 wcncsvc - ok
17:10:27.0578 0x0954 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:10:27.0594 0x0954 WcsPlugInService - ok
17:10:27.0625 0x0954 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
17:10:27.0625 0x0954 WdBoot - ok
17:10:27.0657 0x0954 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:10:27.0688 0x0954 Wdf01000 - ok
17:10:27.0703 0x0954 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
17:10:27.0719 0x0954 WdFilter - ok
17:10:27.0750 0x0954 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:10:27.0766 0x0954 WdiServiceHost - ok
17:10:27.0766 0x0954 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:10:27.0781 0x0954 WdiSystemHost - ok
17:10:27.0797 0x0954 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
17:10:27.0813 0x0954 WdNisDrv - ok
17:10:27.0828 0x0954 WdNisSvc - ok
17:10:27.0860 0x0954 [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\Windows\System32\webclnt.dll
17:10:27.0906 0x0954 WebClient - ok
17:10:27.0922 0x0954 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:10:27.0953 0x0954 Wecsvc - ok
17:10:27.0969 0x0954 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
17:10:28.0000 0x0954 WEPHOSTSVC - ok
17:10:28.0016 0x0954 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:10:28.0047 0x0954 wercplsupport - ok
17:10:28.0078 0x0954 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
17:10:28.0094 0x0954 WerSvc - ok
17:10:28.0110 0x0954 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
17:10:28.0125 0x0954 WFPLWFS - ok
17:10:28.0141 0x0954 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
17:10:28.0156 0x0954 WiaRpc - ok
17:10:28.0172 0x0954 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:10:28.0188 0x0954 WIMMount - ok
17:10:28.0188 0x0954 WinDefend - ok
17:10:28.0235 0x0954 [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
17:10:28.0266 0x0954 WinHttpAutoProxySvc - ok
17:10:28.0328 0x0954 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:10:28.0360 0x0954 Winmgmt - ok
17:10:28.0438 0x0954 [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\Windows\system32\WsmSvc.dll
17:10:28.0532 0x0954 WinRM - ok
17:10:28.0563 0x0954 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\Windows\System32\drivers\WinUsb.sys
17:10:28.0594 0x0954 WinUsb - ok
17:10:28.0656 0x0954 [ 4C6E9321E08AFC6B15C8871341030208, 8079BEC141B464A59AA50803FB8A221CCD9F55702253DE5454B5C9C41873EF3F ] WlanSvc C:\Windows\System32\wlansvc.dll
17:10:28.0703 0x0954 WlanSvc - detected UnsignedFile.Multi.Generic ( 1 )
17:10:28.0797 0x0954 Object is SCO, delete is not allowed
17:10:28.0797 0x0954 WlanSvc ( UnsignedFile.Multi.Generic ) - warning
17:10:28.0922 0x0954 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
17:10:28.0969 0x0954 wlidsvc - ok
17:10:29.0000 0x0954 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
17:10:29.0032 0x0954 WmiAcpi - ok
17:10:29.0047 0x0954 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:10:29.0063 0x0954 wmiApSrv - ok
17:10:29.0078 0x0954 WMPNetworkSvc - ok
17:10:29.0094 0x0954 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
17:10:29.0110 0x0954 Wof - ok
17:10:29.0172 0x0954 [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
17:10:29.0235 0x0954 workfolderssvc - ok
17:10:29.0266 0x0954 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
17:10:29.0266 0x0954 wpcfltr - ok
17:10:29.0297 0x0954 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:10:29.0313 0x0954 WPCSvc - ok
17:10:29.0375 0x0954 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:10:29.0407 0x0954 WPDBusEnum - ok
17:10:29.0422 0x0954 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
17:10:29.0438 0x0954 WpdUpFltr - ok
17:10:29.0453 0x0954 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:10:29.0469 0x0954 ws2ifsl - ok
17:10:29.0500 0x0954 [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\Windows\System32\wscsvc.dll
17:10:29.0532 0x0954 wscsvc - ok
17:10:29.0532 0x0954 WSearch - ok
17:10:29.0641 0x0954 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
17:10:29.0735 0x0954 WSService - ok
17:10:29.0860 0x0954 [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv C:\Windows\system32\wuaueng.dll
17:10:29.0953 0x0954 wuauserv - ok
17:10:29.0985 0x0954 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:10:30.0047 0x0954 WudfPf - ok
17:10:30.0078 0x0954 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
17:10:30.0141 0x0954 WUDFRd - ok
17:10:30.0141 0x0954 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\Windows\System32\drivers\WUDFRd.sys
17:10:30.0156 0x0954 WUDFSensorLP - ok
17:10:30.0172 0x0954 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:10:30.0203 0x0954 wudfsvc - ok
17:10:30.0203 0x0954 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
17:10:30.0219 0x0954 WUDFWpdFs - ok
17:10:30.0219 0x0954 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys
17:10:30.0235 0x0954 WUDFWpdMtp - ok
17:10:30.0266 0x0954 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:10:30.0281 0x0954 WwanSvc - ok
17:10:30.0297 0x0954 ================ Scan global ===============================
17:10:30.0328 0x0954 [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
17:10:30.0344 0x0954 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
17:10:30.0375 0x0954 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
17:10:30.0407 0x0954 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
17:10:30.0422 0x0954 [ Global ] - ok
17:10:30.0422 0x0954 ================ Scan MBR ==================================
17:10:30.0422 0x0954 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:10:30.0500 0x0954 \Device\Harddisk0\DR0 - ok
17:10:30.0962 0x0954 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR4
17:10:31.0149 0x0954 \Device\Harddisk1\DR4 - ok
17:10:31.0149 0x0954 ================ Scan VBR ==================================
17:10:31.0149 0x0954 [ 72E9EE75F3BAEF0E16C84BC37D9AFA12 ] \Device\Harddisk0\DR0\Partition1
17:10:31.0149 0x0954 \Device\Harddisk0\DR0\Partition1 - ok
17:10:31.0181 0x0954 [ 8BDE1B013BABBB228C44CA754D8033E3 ] \Device\Harddisk0\DR0\Partition2
17:10:31.0181 0x0954 \Device\Harddisk0\DR0\Partition2 - ok
17:10:31.0196 0x0954 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:10:31.0196 0x0954 \Device\Harddisk0\DR0\Partition3 - ok
17:10:31.0196 0x0954 [ B65D92F404AD409F2ED93E1C4DC1732A ] \Device\Harddisk0\DR0\Partition4
17:10:31.0196 0x0954 \Device\Harddisk0\DR0\Partition4 - ok
17:10:31.0228 0x0954 [ 9F426A2A00798FCBDE527D371AF021B3 ] \Device\Harddisk0\DR0\Partition5
17:10:31.0228 0x0954 \Device\Harddisk0\DR0\Partition5 - ok
17:10:31.0259 0x0954 [ 855A8653B99D77A0A7B38C1B72ABE2EE ] \Device\Harddisk0\DR0\Partition6
17:10:31.0259 0x0954 \Device\Harddisk0\DR0\Partition6 - ok
17:10:31.0259 0x0954 [ F8DC2C88A703D8A8A4B91523BEFB8C42 ] \Device\Harddisk1\DR4\Partition1
17:10:31.0259 0x0954 \Device\Harddisk1\DR4\Partition1 - ok
17:10:31.0274 0x0954 ================ Scan generic autorun ======================
17:10:31.0493 0x0954 [ E16C98951AF108CB5178A7BD2DD13660, 9A85D0CD2339A89C06EE476CD1394A15198F167318280D80BF32AD3615D8660B ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:10:31.0649 0x0954 RTHDVCPL - ok
17:10:31.0696 0x0954 [ D8AB6AC4A2D30641C9544021373B47EB, A0553AFB3B186D8EA28CF056139FA5AA150D6BD31E36E5EB9D5DD5940A90CA55 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
17:10:31.0727 0x0954 RtHDVBg - ok
17:10:31.0790 0x0954 [ C4642DD25768D4F8088DF9D2FC4EC380, CDC1F6A66E638F63C40DBD061AFC71AE2A5FD6CC4C2FDCE3BD9E71892213AC34 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
17:10:31.0806 0x0954 Classic Start Menu - detected UnsignedFile.Multi.Generic ( 1 )
17:10:31.0899 0x0954 Detect skipped due to KSN trusted
17:10:31.0899 0x0954 Classic Start Menu - ok
17:10:31.0962 0x0954 [ FEDB6110D3E0A7EFE6996F93CD8C48E7, 719F6B648AE9841B03C8FB9FC9D0CB1233FDD3030FBD3C420C3E8CEB59A12214 ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
17:10:31.0993 0x0954 CanonSolutionMenu - ok
17:10:32.0024 0x0954 [ 32F1A63C86D009D95994B543511D6E5C, 72336A7DC97E407381262A98311601515AE39D8003EEF6E136114836B382485F ] C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe
17:10:32.0040 0x0954 WrtMon.exe - detected UnsignedFile.Multi.Generic ( 1 )
17:10:32.0134 0x0954 Detect skipped due to KSN trusted
17:10:32.0134 0x0954 WrtMon.exe - ok
17:10:32.0243 0x0954 [ 07CF5B01CD55D63E986B63D63539C32A, 88DC0B9D534E570F96D6D6938C99660B7EA19B4C2AF3E6DF261C60915DEDAC5C ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
17:10:32.0321 0x0954 ASUSPRP - detected UnsignedFile.Multi.Generic ( 1 )
17:10:34.0743 0x0954 Detect skipped due to KSN trusted
17:10:34.0743 0x0954 ASUSPRP - ok
17:10:34.0852 0x0954 [ 3F45A43BF4B0E06B42E474B9BDA63985, 0C3F80761C4149B1D417D2F6093639963A2537E020A7BA2F97B7148E3A9FAC64 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:10:34.0884 0x0954 StartCCC - ok
17:10:34.0915 0x0954 [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
17:10:34.0915 0x0954 RemoteControl10 - ok
17:10:34.0946 0x0954 [ 846965AE55A2662B1576C0F392DD1D6E, 0ADE383991FDC5A49DD15A27CB52CF75ABF518F0335E92003C0FF75DB417BBDC ] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
17:10:34.0962 0x0954 SSBkgdUpdate - ok
17:10:34.0978 0x0954 [ F8D427DAE2984A4968E2D1CB53634784, 02DDE830F40C48321C0AB384D2505F3AD1AD84FAF17AB411A2FE7DE3409DC0E5 ] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe
17:10:34.0978 0x0954 OpwareSE4 - ok
17:10:35.0040 0x0954 [ 12FD7C1EADDDA10A67B1D6F905B3CC1E, 54FA875C5C3D7AD2D5AE966C72C63558D152455AB78816F31345443F0B13D89F ] C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe
17:10:35.0056 0x0954 ContentTransferWMDetector.exe - ok
17:10:35.0103 0x0954 [ D658AB1B55127D18DCFBCAC8CAAEA522, 9FB818F3899542CB7F1B979644423A66842D98D1762B1C38AE04AEE23320DA8E ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
17:10:35.0103 0x0954 HP Software Update - ok
17:10:35.0118 0x0954 Waiting for KSN requests completion. In queue: 124
17:10:36.0165 0x0954 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
17:10:36.0181 0x0954 Win FW state via NFP2: enabled ( trusted )
17:10:36.0259 0x0954 ============================================================
17:10:36.0259 0x0954 Scan finished
17:10:36.0259 0x0954 ============================================================
17:10:36.0259 0x104c Detected object count: 3
17:10:36.0259 0x104c Actual detected object count: 3
17:10:50.0962 0x104c MSPCLOCK ( UnsignedFile.Multi.Generic ) - skipped by user
17:10:50.0962 0x104c MSPCLOCK ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:10:50.0962 0x104c SstpSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:10:50.0962 0x104c SstpSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:10:50.0962 0x104c WlanSvc ( UnsignedFile.Multi.Generic ) - skipped by user
17:10:50.0962 0x104c WlanSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:11:40.0132 0x0778 Deinitialize success
|
|
30.08.2016, 20:13
| #7 |
| /// TB-Senior | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild Hallo, das sieht mir eher wie ein beschädigtes System als wie Malware aus. Aber zur Sicherheit machen wir noch mal Kontrollscans auf Malware, bevor wir eine Systemreparatur versuchen: Schritt 1: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 2: ESET (Achtung, der Scan kann mehrere Stunden dauern!) ESET Online Scanner
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
31.08.2016, 22:58
| #8 |
| | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges BildCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 31.08.2016 Suchlaufzeit: 15:54 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.08.31.04 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Frank Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 321866 Abgelaufene Zeit: 17 Min., 7 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 PUP.Optional.APNToolBar, C:\Users\Frank\AppData\Local\Temp\RarSFX0\offercast_avirav7_.exe, In Quarantäne, [f8a89ab78c0e0234a42224055ea3df21], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fa9376fbd164164694fdad92339fe39a
# end=init
# utc_time=2016-08-31 02:20:27
# local_time=2016-08-31 04:20:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 30599
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fa9376fbd164164694fdad92339fe39a
# end=updated
# utc_time=2016-08-31 02:46:52
# local_time=2016-08-31 04:46:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=fa9376fbd164164694fdad92339fe39a
# engine=30599
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-08-31 04:08:39
# local_time=2016-08-31 06:08:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 36449289 0 0
# scanned=337415
# found=0
# cleaned=0
# scan_time=4907
|
|
01.09.2016, 09:49
| #9 |
| /// TB-Senior | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild Hi, also was Malware betrifft, sieht dein System sauber aus. Eine kleine unerwünschte Toolbar, die noch nicht einmal läuft, kann nicht so ein Problem verursachen. Schritt 1: Windows Repair (All in one) Gehe bitte nach dieser bebilderten Anleitung vor. Das Log findest du unter C:\Tweaking.com_Windows_Repair_Logs\_Windows_Repair_Log.txt
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
01.09.2016, 23:53
| #10 |
| | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild Danke für die Hilfe. Der Fehler ist bisher leider noch nicht behoben. Code:
ATTFilter Tweaking.com - Windows Repair v3.9.10
--------------------------------------------------------------------------------
System Variables
--------------------------------------------------------------------------------
OS: Windows 8.1
OS Architecture: 64-bit
OS Version: 6.3.9600
OS Service Pack:
Computer Name: MIKE
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\Frank
Current Profile SID: S-1-5-21-2207309833-101134355-271174262-1002
Current Profile Classes: S-1-5-21-2207309833-101134355-271174262-1002_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Frank\AppData\Local
--------------------------------------------------------------------------------
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:55:29
Process Count: 26
Commit Total: 880,37 MB
Commit Limit: 14,45 GB
Commit Peak: 1,18 GB
Handle Count: 7293
Kernel Total: 364,72 MB
Kernel Paged: 276,23 MB
Kernel Non Paged: 88,49 MB
System Cache: 1,67 GB
Thread Count: 275
--------------------------------------------------------------------------------
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7,20 GB
Memory Used: 1.023,25 MB(13,8873%)
Memory Avail.: 6,20 GB
--------------------------------------------------------------------------------
Cleaning Memory Before Starting Repairs...
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7,20 GB
Memory Used: 822,48 MB(11,1624%)
Memory Avail.: 6,39 GB
--------------------------------------------------------------------------------
Starting Repairs...
Started at (01.09.2016 23:37:01)
Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 64
01 - Reset Registry Permissions
Restore Windows 7/8/10 Default Registry Permissions
Start (01.09.2016 23:37:02)
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\hku.7z
Done, 0,31 seconds.
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\hklm.7z
Done, 2,83 seconds.
Running Repair Under System Account
Done (01.09.2016 23:39:22)
Reset File Permissions: C:
C: & Sub Folders
Start (01.09.2016 23:39:22)
Running Repair Under Current User Account
Done (01.09.2016 23:59:59)
Reset File Permissions
Restore Windows 7/8/10 Default File Permissions
Start (01.09.2016 23:59:59)
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\default.7z
Done, -86399,86 seconds.
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\profile.7z
Done, 6,17 seconds.
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\program_files.7z
Done, 0,3 seconds.
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\program_files_x86.7z
Done, 0,14 seconds.
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\programdata.7z
Done, 0,14 seconds.
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\windows.7z
Done, 1,91 seconds.
Running Repair Under Current User Account
Done (02.09.2016 00:10:05)
03 - Reset Service Permissions
Start (02.09.2016 00:10:05)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:10:11)
04 - Register System Files
Start (02.09.2016 00:10:11)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:10:40)
05 - Repair WMI
Start (02.09.2016 00:10:40)
Starting Security Center So We Can Export The Security Info.
Exporting Antivirus Info...
Windows Defender Exported.
Exporting AntiSpyware Info...
Windows Defender Exported.
Exporting 3rd Party Firewall Info...
No Firewall Products Reported.
Running Repair Under Current User Account
Done (02.09.2016 00:16:04)
06 - Repair Windows Firewall
Start (02.09.2016 00:16:04)
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\services.7z
Done, 0,16 seconds.
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:16:37)
07 - Repair Internet Explorer
Start (02.09.2016 00:16:37)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:20:29)
08 - Repair MDAC/MS Jet
Start (02.09.2016 00:20:29)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:20:34)
09 - Repair Hosts File
Start (02.09.2016 00:20:34)
Running Repair Under System Account
Done (02.09.2016 00:20:35)
10 - Remove Policies Set By Infections
Start (02.09.2016 00:20:35)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:20:37)
11 - Repair Start Menu Icons Removed By Infections
Start (02.09.2016 00:20:37)
Running Repair Under System Account
Done (02.09.2016 00:20:38)
12 - Repair Icons
Start (02.09.2016 00:20:38)
Running Repair Under Current User Account
Done (02.09.2016 00:20:39)
13 - Repair Network
Start (02.09.2016 00:20:39)
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\services.7z
Done, 0,3 seconds.
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:20:51)
14 - Remove Temp Files
Start (02.09.2016 00:20:51)
Running Repair Under System Account
Done (02.09.2016 00:20:58)
15 - Repair Proxy Settings
Start (02.09.2016 00:20:58)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:21:03)
17 - Repair Windows Updates
Start (02.09.2016 00:21:03)
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\services.7z
Done, 0,17 seconds.
Running Repair Under Current User Account
Running Repair Under System Account
Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
Done (02.09.2016 00:21:20)
18 - Repair CD/DVD Missing/Not Working
Start (02.09.2016 00:21:20)
iTunes or GEARAspiWDM.sys not found, not applying UpperFilters iTunes Reg Key
Done (02.09.2016 00:21:20)
19 - Repair Volume Shadow Copy Service
Start (02.09.2016 00:21:20)
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\services.7z
Done, 0,16 seconds.
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:21:40)
20 - Repair Windows Sidebar/Gadgets
Start (02.09.2016 00:21:40)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:21:42)
21 - Repair MSI (Windows Installer)
Start (02.09.2016 00:21:42)
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\services.7z
Done, 0,16 seconds.
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:21:51)
22 - Repair Windows Snipping Tool
Start (02.09.2016 00:21:51)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:21:53)
23.01 - Repair bat Association
Start (02.09.2016 00:21:53)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:21:55)
23.02 - Repair cmd Association
Start (02.09.2016 00:21:55)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:21:57)
23.03 - Repair com Association
Start (02.09.2016 00:21:57)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:21:59)
23.04 - Repair Directory Association
Start (02.09.2016 00:21:59)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:01)
23.05 - Repair Drive Association
Start (02.09.2016 00:22:01)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:03)
23.06 - Repair exe Association
Start (02.09.2016 00:22:03)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:06)
23.07 - Repair Folder Association
Start (02.09.2016 00:22:06)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:08)
23.08 - Repair inf Association
Start (02.09.2016 00:22:08)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:10)
23.09 - Repair lnk (Shortcuts) Association
Start (02.09.2016 00:22:10)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:12)
23.10 - Repair msc Association
Start (02.09.2016 00:22:12)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:14)
23.11 - Repair reg Association
Start (02.09.2016 00:22:14)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:16)
23.12 - Repair scr Association
Start (02.09.2016 00:22:16)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:18)
24 - Repair Windows Safe Mode
Start (02.09.2016 00:22:18)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:21)
25 - Repair Print Spooler
Start (02.09.2016 00:22:21)
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\services.7z
Done, 0,17 seconds.
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:25)
26 - Restore Important Windows Services
Start (02.09.2016 00:22:25)
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\services.7z
Done, 0,16 seconds.
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:31)
27 - Set Windows Services To Default Startup
Start (02.09.2016 00:22:31)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:22:36)
28.01 - Repair Windows 8/10 App Store
Start (02.09.2016 00:22:36)
Decompressing & Updating Windows Permission File C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\files\permissions\8.1\hku.7z
Done, 0,28 seconds.
Running Repair Under Current User Account
Done (02.09.2016 00:25:37)
29 - Repair Windows 8/10 Component Store
Start (02.09.2016 00:25:37)
Running Repair Under Current User Account
Done (02.09.2016 00:29:24)
30 - Restore Windows 8/10 COM+ Unmarshalers
Start (02.09.2016 00:29:24)
Running Repair Under System Account
[X] -----Job Complete----- Items Done: 1
Done (02.09.2016 00:29:26)
31 - Repair Windows 'New' Submenu
Start (02.09.2016 00:29:26)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:29:29)
32 - Restore UAC (User Account Control) Settings
Start (02.09.2016 00:29:29)
Running Repair Under Current User Account
Running Repair Under System Account
Done (02.09.2016 00:29:31)
33 - Repair Performance Counters
Start (02.09.2016 00:29:31)
Running Repair Under Current User Account
Done (02.09.2016 00:29:33)
Cleaning up empty logs...
All Selected Repairs Done.
Done at (02.09.2016 00:29:33)
Total Repair Time: 00:52:33
...YOU MUST RESTART YOUR SYSTEM...
|
|
02.09.2016, 14:55
| #11 |
| /// TB-Senior | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild Worin besteht das Problem denn aktuell (ohne Avira) noch? Wenn es nur der Flashplayer ist, würde ich den mal deinstallieren und neu installieren.
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
02.09.2016, 22:31
| #12 |
| | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild Habe den Flashplayer deinstalliert und dann den PC neu gestartet. Leider fährt er nun nicht mehr hoch, zeigt zuerst an critical_service_failure, wechselt zu automatischer Reperatur und stoppt dann immer bei your PC did not start correctly. Außer advanced options und neustarten/herunterfahren kann ich nichts mehr auswählen.... |
|
03.09.2016, 08:31
| #13 |
| /// TB-Senior | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild Warte bitte auf weitere Anweisungen
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. Geändert von deeprybka (03.09.2016 um 09:01 Uhr) |
|
03.09.2016, 16:36
| #14 |
| /// TB-Senior | Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild Hallo, wähle bei den "Advanced Options" mal "System Restore" aus und mache eine Systemwiederherstellung. Dann ist das System auf dem Stand von vor dem Windows Repair. Und dann schildere mir noch mal exakt, welche Probleme auftreten und mit welchen Programmen.
__________________ Zum Schutz vor Trojanerinnen und Femaleware ist bei einem aktuellen Windows 10 die Windows-Defenderin ausreichend. |
|
| Themen zu Programme können nicht installiert/ geöffnet werden: Fehlermeldung: (...).exe ungültiges Bild |
| abend, aktiv, antivir, bild, computer, deinstalliert, fehlermeldung, festgestellt, firefox, flashplayer, geschützt, großes, guten, heute, installiere, interne, internetverbindung, neu, nicht mehr, programm, programme, richtig, updates, verbindung, versucht |
Linear-Darstellung
