| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan DropperWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.09.2016, 18:25
| #1 |
 |  Trojan Dropper Hallo zusammen gerade habe ich mir was eingefangen, obwohl ich benutzerdefiniert etwas (legal) installieren wollte. Ich habe nun ein paar Mal mit Malwarebytes gescannt und auch die Funde gelöscht, dennoch tauchen sie jeweils nach dem Neustart und dem erneuten Scannen wieder auf. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 16.09.2016 Suchlaufzeit: 19:03 Protokolldatei: Malwarebytes.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.09.16.07 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8 CPU: x64 Dateisystem: NTFS Benutzer: Sabine Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 375357 Abgelaufene Zeit: 10 Min., 20 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 1 Trojan.Dropper, C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe, 5100, Löschen bei Neustart, [c1163240009a3ff7e434e80311f3768a] Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 1 Trojan.Dropper, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\rtop, In Quarantäne, [c1163240009a3ff7e434e80311f3768a], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 1 Trojan.Dropper, C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe, Löschen bei Neustart, [c1163240009a3ff7e434e80311f3768a], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Über Hilfe wäre ich sehr froh. |
|
16.09.2016, 21:14
| #2 |
| /// TB-Ausbilder   | Trojan Dropper Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! FRST trotz der Meldung ausführen. Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
16.09.2016, 21:48
| #3 |
| | Trojan Dropper Hallo Matthias
__________________vielen Dank, dass du mir hilfst. Hier kommen die Logs, ich hoffe, ich habe alles richtig gemacht. TDSS Killer: Code:
ATTFilter 22:33:37.0154 0x1368 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
22:33:37.0154 0x1368 UEFI system
22:33:45.0577 0x1368 ============================================================
22:33:45.0577 0x1368 Current date / time: 2016/09/16 22:33:45.0577
22:33:45.0577 0x1368 SystemInfo:
22:33:45.0577 0x1368
22:33:45.0577 0x1368 OS Version: 6.2.9200 ServicePack: 0.0
22:33:45.0577 0x1368 Product type: Workstation
22:33:45.0577 0x1368 ComputerName: SABINEB
22:33:45.0577 0x1368 UserName: Sabine
22:33:45.0577 0x1368 Windows directory: C:\Windows
22:33:45.0577 0x1368 System windows directory: C:\Windows
22:33:45.0577 0x1368 Running under WOW64
22:33:45.0577 0x1368 Processor architecture: Intel x64
22:33:45.0577 0x1368 Number of processors: 8
22:33:45.0577 0x1368 Page size: 0x1000
22:33:45.0577 0x1368 Boot type: Normal boot
22:33:45.0577 0x1368 CodeIntegrityOptions = 0x00000001
22:33:45.0577 0x1368 ============================================================
22:33:46.0061 0x1368 KLMD registered as C:\Windows\system32\drivers\86316651.sys
22:33:46.0061 0x1368 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9200.17581, osProperties = 0x19
22:33:46.0140 0x1368 System UUID: {3D4AA5A4-1E1D-C0BB-FFC4-95621A140D80}
22:33:46.0421 0x1368 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:33:48.0343 0x1368 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:33:48.0358 0x1368 ============================================================
22:33:48.0358 0x1368 \Device\Harddisk0\DR0:
22:33:48.0358 0x1368 GPT partitions:
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6BE83ED8-2A29-4714-BC8D-62F32C22A4CE}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6D454AC6-9353-453B-98DD-E21D255F3B21}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x32000
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7C4ED796-6660-4198-8146-3DED2F5E2D31}, Name: Microsoft reserved partition, StartLBA 0xFA800, BlocksNum 0x40000
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7651263D-21E4-4E3F-9AC0-37774934EF29}, Name: Basic data partition, StartLBA 0x13A800, BlocksNum 0xED41800
22:33:48.0358 0x1368 MBR partitions:
22:33:48.0358 0x1368 \Device\Harddisk1\DR1:
22:33:48.0358 0x1368 GPT partitions:
22:33:48.0358 0x1368 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D683FD90-65BE-4B25-8E4E-FE3B53B561ED}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x71905800
22:33:48.0358 0x1368 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {100C8D8A-E78B-4FC8-AF6B-8EF6F3ABD811}, Name: Basic data partition, StartLBA 0x71906000, BlocksNum 0x2E00800
22:33:48.0358 0x1368 MBR partitions:
22:33:48.0358 0x1368 ============================================================
22:33:48.0358 0x1368 C: <-> \Device\Harddisk0\DR0\Partition4
22:33:48.0405 0x1368 D: <-> \Device\Harddisk1\DR1\Partition1
22:33:48.0405 0x1368 ============================================================
22:33:48.0405 0x1368 Initialize success
22:33:48.0405 0x1368 ============================================================
22:35:56.0183 0x0598 ============================================================
22:35:56.0183 0x0598 Scan started
22:35:56.0183 0x0598 Mode: Manual; SigCheck; TDLFS;
22:35:56.0183 0x0598 ============================================================
22:35:56.0183 0x0598 KSN ping started
22:35:58.0543 0x0598 KSN ping finished: true
22:36:01.0434 0x0598 ================ Scan system memory ========================
22:36:01.0434 0x0598 System memory - ok
22:36:01.0434 0x0598 ================ Scan services =============================
22:36:01.0465 0x0598 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
22:36:01.0496 0x0598 1394ohci - ok
22:36:01.0496 0x0598 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\Windows\system32\drivers\3ware.sys
22:36:01.0512 0x0598 3ware - ok
22:36:01.0527 0x0598 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
22:36:01.0527 0x0598 acedrv11 - ok
22:36:01.0543 0x0598 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:36:01.0559 0x0598 ACPI - ok
22:36:01.0574 0x0598 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\Windows\system32\Drivers\acpiex.sys
22:36:01.0574 0x0598 acpiex - ok
22:36:01.0590 0x0598 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
22:36:01.0590 0x0598 acpipagr - ok
22:36:01.0590 0x0598 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
22:36:01.0606 0x0598 AcpiPmi - ok
22:36:01.0606 0x0598 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\Windows\System32\drivers\acpitime.sys
22:36:01.0621 0x0598 acpitime - ok
22:36:01.0621 0x0598 [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:36:01.0621 0x0598 AdobeARMservice - ok
22:36:01.0652 0x0598 [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:36:01.0668 0x0598 AdobeFlashPlayerUpdateSvc - ok
22:36:01.0668 0x0598 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:36:01.0699 0x0598 adp94xx - ok
22:36:01.0699 0x0598 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:36:01.0715 0x0598 adpahci - ok
22:36:01.0731 0x0598 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:36:01.0731 0x0598 adpu320 - ok
22:36:01.0746 0x0598 [ 480C020D9B58E881A5349F5F1189A418, 8AE8ED9CD8F239DF47853FBCE45DB34652CE94E3FD296FDF3897AC6DD5F9B143 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:36:01.0746 0x0598 AeLookupSvc - ok
22:36:01.0762 0x0598 [ 8252EE6D7F87846EA409D0DA602FB1D9, 2A89C654B2C92B8E2445A35A1B6ACA4926AFDC2C875142E0A21D339B8FC8D474 ] AFD C:\Windows\system32\drivers\afd.sys
22:36:01.0793 0x0598 AFD - ok
22:36:01.0793 0x0598 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:36:01.0809 0x0598 agp440 - ok
22:36:01.0809 0x0598 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\Windows\System32\alg.exe
22:36:01.0824 0x0598 ALG - ok
22:36:01.0824 0x0598 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
22:36:01.0840 0x0598 AllUserInstallAgent - ok
22:36:01.0840 0x0598 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
22:36:01.0856 0x0598 AmdK8 - ok
22:36:01.0856 0x0598 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
22:36:01.0856 0x0598 AmdPPM - ok
22:36:01.0871 0x0598 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:36:01.0871 0x0598 amdsata - ok
22:36:01.0887 0x0598 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:36:01.0887 0x0598 amdsbs - ok
22:36:01.0902 0x0598 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:36:01.0902 0x0598 amdxata - ok
22:36:01.0934 0x0598 [ 70EE2EA42E9F20B794C4804454F1A37A, 49B615BF138E2C5AFF04EFDF7928D49117DF41DCD48922683E4D3D3FD0DF9A04 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
22:36:01.0949 0x0598 AntiVirMailService - ok
22:36:01.0965 0x0598 [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:36:01.0981 0x0598 AntiVirSchedulerService - ok
22:36:01.0981 0x0598 [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:36:01.0996 0x0598 AntiVirService - ok
22:36:02.0027 0x0598 [ 96812A05A4C39CC55CF0CD286C3D6B8F, 18F38ACB3E87EFFD9B3A1126B0C4FF6CE3A6F327E01A6FC8AB2DCFFE9BF58953 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:36:02.0059 0x0598 AntiVirWebService - ok
22:36:02.0059 0x0598 [ 968A4A0FD5BF07717F4E869875A4B149, 1AC58AD408E7FC8345E5CA7785321AE4B7FDE6776EA69280D0B05056517052F8 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
22:36:02.0074 0x0598 ApfiltrService - ok
22:36:02.0090 0x0598 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\Windows\system32\drivers\appid.sys
22:36:02.0090 0x0598 AppID - ok
22:36:02.0090 0x0598 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:36:02.0106 0x0598 AppIDSvc - ok
22:36:02.0106 0x0598 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\Windows\System32\appinfo.dll
22:36:02.0121 0x0598 Appinfo - ok
22:36:02.0121 0x0598 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\Windows\system32\drivers\arc.sys
22:36:02.0137 0x0598 arc - ok
22:36:02.0137 0x0598 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:36:02.0152 0x0598 arcsas - ok
22:36:02.0152 0x0598 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:36:02.0168 0x0598 AsyncMac - ok
22:36:02.0168 0x0598 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\Windows\system32\drivers\atapi.sys
22:36:02.0168 0x0598 atapi - ok
22:36:02.0184 0x0598 [ 51C6777AD7649F6C3ED389151CFD9DE6, B010089D83A9D96DC5D1C525B8EA913CF2F80FA0254684A16DD29CCA9BE84620 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
22:36:02.0184 0x0598 AthBTPort - ok
22:36:02.0199 0x0598 [ 688D17F196290EB2FCE0D6A62227853A, 1A959A248237CE858130C2726321E6168F2FB7511F9FA8AB017880846D59910A ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
22:36:02.0199 0x0598 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
22:36:04.0637 0x0598 Detect skipped due to KSN trusted
22:36:04.0637 0x0598 AtherosSvc - ok
22:36:04.0700 0x0598 [ 1DA32C4ED8D3928B0DAC570557B8A09B, F828CD4FCA70D6F231D2C8DB0DBD428AA690ACC698B6F4631C8E12E72241F625 ] athr C:\Windows\system32\DRIVERS\athw8x.sys
22:36:04.0762 0x0598 athr - ok
22:36:04.0778 0x0598 [ 54494B93BB5AD74C807100144EC30D64, 34332E0DDCA5229DA8A0661F74D7FD2F6757CDD37081FE13B3358A7AB59F0AE0 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:36:04.0793 0x0598 atksgt - ok
22:36:04.0793 0x0598 [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
22:36:04.0809 0x0598 AudioEndpointBuilder - ok
22:36:04.0825 0x0598 [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:36:04.0840 0x0598 Audiosrv - ok
22:36:04.0856 0x0598 [ AA0F13E719C3C527287AD87E9205F4D9, 818AB6B2B9AF0ABA28954A142527CE71C25CC24DDC64581EF7117CA88C6CF302 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:36:04.0856 0x0598 avgntflt - ok
22:36:04.0856 0x0598 [ 9039B209BA877AF088288DB83C18D3D8, 11EC0E195A735A7599C74DD25A00F86BD44AEBAE6C20D9A995DCEB252887679E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:36:04.0872 0x0598 avipbb - ok
22:36:04.0887 0x0598 [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
22:36:04.0887 0x0598 Avira.ServiceHost - ok
22:36:04.0903 0x0598 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:36:04.0903 0x0598 avkmgr - ok
22:36:04.0903 0x0598 [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
22:36:04.0918 0x0598 avnetflt - ok
22:36:04.0918 0x0598 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:36:04.0934 0x0598 AxInstSV - ok
22:36:04.0934 0x0598 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:36:04.0965 0x0598 b06bdrv - ok
22:36:04.0965 0x0598 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
22:36:04.0965 0x0598 BasicDisplay - ok
22:36:04.0981 0x0598 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
22:36:04.0981 0x0598 BasicRender - ok
22:36:04.0997 0x0598 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\Windows\System32\bdesvc.dll
22:36:04.0997 0x0598 BDESVC - ok
22:36:04.0997 0x0598 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\Windows\system32\drivers\Beep.sys
22:36:05.0012 0x0598 Beep - ok
22:36:05.0028 0x0598 [ 431320C07A4073BD77AF7E32DB241FA8, 9285D8CE161291751A037C19ABA744A74B41EA6F9805F5A1101198C6E519F444 ] BFE C:\Windows\System32\bfe.dll
22:36:05.0043 0x0598 BFE - ok
22:36:05.0059 0x0598 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\Windows\System32\qmgr.dll
22:36:05.0090 0x0598 BITS - ok
22:36:05.0090 0x0598 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:36:05.0106 0x0598 bowser - ok
22:36:05.0106 0x0598 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
22:36:05.0122 0x0598 BrokerInfrastructure - ok
22:36:05.0122 0x0598 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\Windows\System32\browser.dll
22:36:05.0137 0x0598 Browser - ok
22:36:05.0153 0x0598 [ B600D86961C6DF87EEB637D4C4ABB663, 1847B661373AFC14607682C51A786D5E450E10A10ADCEE4A3951055552531301 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
22:36:05.0153 0x0598 BTATH_A2DP - ok
22:36:05.0153 0x0598 [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
22:36:05.0168 0x0598 btath_avdt - ok
22:36:05.0168 0x0598 [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS C:\Windows\System32\drivers\btath_bus.sys
22:36:05.0168 0x0598 BTATH_BUS - ok
22:36:05.0184 0x0598 [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP C:\Windows\System32\drivers\btath_hcrp.sys
22:36:05.0184 0x0598 BTATH_HCRP - ok
22:36:05.0200 0x0598 [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
22:36:05.0200 0x0598 BTATH_LWFLT - ok
22:36:05.0200 0x0598 [ 057DA8351AD21AE485A11A8237DC9263, 151C0A591A26E26C7700F00EC8E95C6D8A5406869109A0CA01A3C38D1C5FBA2A ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys
22:36:05.0215 0x0598 BTATH_RCP - ok
22:36:05.0231 0x0598 [ F0B7281CE5B52BF847ADCA5846DE3CC8, 0F3DCB4C03BED812050D7B2EF54537A7EC77C3EFD70B1D0621A44C54903D881D ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
22:36:05.0247 0x0598 BtFilter - ok
22:36:05.0247 0x0598 [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
22:36:05.0247 0x0598 BthAvrcpTg - ok
22:36:05.0262 0x0598 [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
22:36:05.0262 0x0598 BthEnum - ok
22:36:05.0262 0x0598 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
22:36:05.0293 0x0598 BthHFEnum - ok
22:36:05.0293 0x0598 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
22:36:05.0309 0x0598 bthhfhid - ok
22:36:05.0309 0x0598 [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
22:36:05.0325 0x0598 BthLEEnum - ok
22:36:05.0325 0x0598 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
22:36:05.0356 0x0598 BTHMODEM - ok
22:36:05.0356 0x0598 [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:36:05.0356 0x0598 BthPan - ok
22:36:05.0387 0x0598 [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:36:05.0418 0x0598 BTHPORT - ok
22:36:05.0418 0x0598 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\Windows\system32\bthserv.dll
22:36:05.0434 0x0598 bthserv - ok
22:36:05.0434 0x0598 [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:36:05.0450 0x0598 BTHUSB - ok
22:36:05.0450 0x0598 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:36:05.0465 0x0598 cdfs - ok
22:36:05.0465 0x0598 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\Windows\System32\drivers\cdrom.sys
22:36:05.0481 0x0598 cdrom - ok
22:36:05.0481 0x0598 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\Windows\System32\certprop.dll
22:36:05.0497 0x0598 CertPropSvc - ok
22:36:05.0497 0x0598 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\Windows\System32\drivers\circlass.sys
22:36:05.0512 0x0598 circlass - ok
22:36:05.0528 0x0598 [ 94250D5AE3E7269DB29BCF96E07F21A6, 538C6CDCD193AABDE40CC25220528F8F80AEF828C46D8660234CB0E592B607CB ] CLFS C:\Windows\system32\drivers\CLFS.sys
22:36:05.0544 0x0598 CLFS - ok
22:36:05.0544 0x0598 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
22:36:05.0559 0x0598 CmBatt - ok
22:36:05.0575 0x0598 [ 1824F120E8390BC47B1C3013C9E84D84, CEC0D3F32410A33FD2CAE3533F0361615037FC20A4229262CB2ED555732EDBFC ] CNG C:\Windows\system32\Drivers\cng.sys
22:36:05.0590 0x0598 CNG - ok
22:36:05.0606 0x0598 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
22:36:05.0622 0x0598 CompositeBus - ok
22:36:05.0622 0x0598 COMSysApp - ok
22:36:05.0622 0x0598 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\Windows\system32\drivers\condrv.sys
22:36:05.0637 0x0598 condrv - ok
22:36:05.0653 0x0598 [ 78AF1C499BF02F9814DF959A04A4F9C9, 9D569A57551C7ACE032C3ECC7BEB8C7606D6BAF58AC1660B4E9FBE907F47E274 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:36:05.0669 0x0598 cphs - ok
22:36:05.0669 0x0598 cpuz137 - ok
22:36:05.0684 0x0598 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:36:05.0684 0x0598 CryptSvc - ok
22:36:05.0700 0x0598 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\Windows\system32\drivers\dam.sys
22:36:05.0700 0x0598 dam - ok
22:36:05.0715 0x0598 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:36:05.0747 0x0598 DcomLaunch - ok
22:36:05.0747 0x0598 [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc C:\Windows\System32\defragsvc.dll
22:36:05.0762 0x0598 defragsvc - ok
22:36:05.0778 0x0598 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
22:36:05.0794 0x0598 DeviceAssociationService - ok
22:36:05.0809 0x0598 [ D06DB4200F9444B2386E6C0E68CD574A, 7266A22D6AF86813CF8AB13BE40384D20C24CE72EF75B0C467C5F88F5B058B1E ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
22:36:05.0809 0x0598 DeviceFastLaneService - ok
22:36:05.0825 0x0598 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
22:36:05.0840 0x0598 DeviceInstall - ok
22:36:05.0840 0x0598 [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
22:36:05.0840 0x0598 Dfsc - ok
22:36:05.0856 0x0598 [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
22:36:05.0856 0x0598 dg_ssudbus - ok
22:36:05.0887 0x0598 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:36:05.0887 0x0598 Dhcp - ok
22:36:05.0903 0x0598 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\Windows\system32\drivers\discache.sys
22:36:05.0903 0x0598 discache - ok
22:36:05.0919 0x0598 [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\Windows\system32\drivers\disk.sys
22:36:05.0919 0x0598 disk - ok
22:36:05.0934 0x0598 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
22:36:05.0934 0x0598 dmvsc - ok
22:36:05.0950 0x0598 [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:36:05.0950 0x0598 Dnscache - ok
22:36:05.0965 0x0598 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\Windows\System32\dot3svc.dll
22:36:05.0981 0x0598 dot3svc - ok
22:36:05.0981 0x0598 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\Windows\system32\dps.dll
22:36:05.0997 0x0598 DPS - ok
22:36:05.0997 0x0598 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:36:06.0012 0x0598 drmkaud - ok
22:36:06.0012 0x0598 [ D2BCDD6BBFCD068090C109854FCEE079, 6DC8C67713566ABD2CC7860359AC7ABDBA8B6949D8F7ED001730BB0D53010693 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:36:06.0028 0x0598 DsiWMIService - ok
22:36:06.0044 0x0598 [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
22:36:06.0044 0x0598 DsmSvc - ok
22:36:06.0075 0x0598 [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:36:06.0106 0x0598 DXGKrnl - ok
22:36:06.0122 0x0598 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\Windows\System32\eapsvc.dll
22:36:06.0122 0x0598 Eaphost - ok
22:36:06.0184 0x0598 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:36:06.0262 0x0598 ebdrv - ok
22:36:06.0262 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS C:\Windows\System32\lsass.exe
22:36:06.0278 0x0598 EFS - ok
22:36:06.0278 0x0598 [ AD23FC5DB336CA89A6FC2DA1F70E421C, 8C543A0057873B71F19D4D94249D6690F27708FB4D6F4056EC87DF33D7D120EF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
22:36:06.0294 0x0598 EgisTec Ticket Service - ok
22:36:06.0294 0x0598 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
22:36:06.0309 0x0598 EhStorClass - ok
22:36:06.0309 0x0598 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
22:36:06.0309 0x0598 EhStorTcgDrv - ok
22:36:06.0325 0x0598 [ 5C5552BF36C443746A9808EB632B3947, 08969E5A04DECBF374C52A0A0A8DDB2188DFCDAE879D40943FE307971F03E027 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
22:36:06.0340 0x0598 ePowerSvc - ok
22:36:06.0340 0x0598 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\Windows\System32\drivers\errdev.sys
22:36:06.0356 0x0598 ErrDev - ok
22:36:06.0372 0x0598 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\Windows\system32\es.dll
22:36:06.0387 0x0598 EventSystem - ok
22:36:06.0387 0x0598 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\Windows\system32\drivers\exfat.sys
22:36:06.0403 0x0598 exfat - ok
22:36:06.0419 0x0598 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:36:06.0419 0x0598 fastfat - ok
22:36:06.0434 0x0598 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\Windows\system32\fxssvc.exe
22:36:06.0465 0x0598 Fax - ok
22:36:06.0465 0x0598 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\Windows\System32\drivers\fdc.sys
22:36:06.0465 0x0598 fdc - ok
22:36:06.0481 0x0598 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\Windows\system32\fdPHost.dll
22:36:06.0481 0x0598 fdPHost - ok
22:36:06.0497 0x0598 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\Windows\system32\fdrespub.dll
22:36:06.0497 0x0598 FDResPub - ok
22:36:06.0512 0x0598 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\Windows\system32\fhsvc.dll
22:36:06.0512 0x0598 fhsvc - ok
22:36:06.0528 0x0598 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:36:06.0528 0x0598 FileInfo - ok
22:36:06.0528 0x0598 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:36:06.0544 0x0598 Filetrace - ok
22:36:06.0559 0x0598 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:36:06.0575 0x0598 FLEXnet Licensing Service - ok
22:36:06.0575 0x0598 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
22:36:06.0590 0x0598 flpydisk - ok
22:36:06.0590 0x0598 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:36:06.0606 0x0598 FltMgr - ok
22:36:06.0637 0x0598 [ B4814D041FBC1AABD19178052A466D0A, 887823E37EC4891F2CC6462F156E5F1A100E35D7AD2EB2F2E7D6AA7C160615E2 ] FontCache C:\Windows\system32\FntCache.dll
22:36:06.0669 0x0598 FontCache - ok
22:36:06.0669 0x0598 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:36:06.0684 0x0598 FontCache3.0.0.0 - ok
22:36:06.0684 0x0598 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:36:06.0684 0x0598 FsDepends - ok
22:36:06.0700 0x0598 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:36:06.0700 0x0598 Fs_Rec - ok
22:36:06.0715 0x0598 [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:36:06.0731 0x0598 fvevol - ok
22:36:06.0731 0x0598 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
22:36:06.0731 0x0598 FxPPM - ok
22:36:06.0747 0x0598 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:36:06.0747 0x0598 gagp30kx - ok
22:36:06.0747 0x0598 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
22:36:06.0762 0x0598 gencounter - ok
22:36:06.0762 0x0598 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
22:36:06.0778 0x0598 GPIOClx0101 - ok
22:36:06.0794 0x0598 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\Windows\System32\gpsvc.dll
22:36:06.0840 0x0598 gpsvc - ok
22:36:06.0840 0x0598 [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:36:06.0856 0x0598 HdAudAddService - ok
22:36:06.0856 0x0598 [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
22:36:06.0872 0x0598 HDAudBus - ok
22:36:06.0872 0x0598 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
22:36:06.0887 0x0598 HidBatt - ok
22:36:06.0887 0x0598 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\Windows\System32\drivers\hidbth.sys
22:36:06.0903 0x0598 HidBth - ok
22:36:06.0903 0x0598 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
22:36:06.0903 0x0598 hidi2c - ok
22:36:06.0919 0x0598 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\Windows\System32\drivers\hidir.sys
22:36:06.0934 0x0598 HidIr - ok
22:36:06.0934 0x0598 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\Windows\system32\hidserv.dll
22:36:06.0934 0x0598 hidserv - ok
22:36:06.0950 0x0598 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\Windows\System32\drivers\hidusb.sys
22:36:06.0950 0x0598 HidUsb - ok
22:36:06.0950 0x0598 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:36:06.0965 0x0598 hkmsvc - ok
22:36:06.0981 0x0598 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:36:06.0981 0x0598 HomeGroupListener - ok
22:36:06.0997 0x0598 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:36:07.0012 0x0598 HomeGroupProvider - ok
22:36:07.0012 0x0598 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:36:07.0028 0x0598 HpSAMD - ok
22:36:07.0044 0x0598 [ 258A9103842E36CD27D07D5A1F6D2A23, 883E797263DB0A971C5FDDB588AAE041DD1021F079A891E8AA4525799C795B04 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:36:07.0059 0x0598 HTTP - ok
22:36:07.0090 0x0598 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
22:36:07.0090 0x0598 HWiNFO32 - ok
22:36:07.0090 0x0598 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:36:07.0106 0x0598 hwpolicy - ok
22:36:07.0106 0x0598 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
22:36:07.0106 0x0598 hyperkbd - ok
22:36:07.0122 0x0598 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
22:36:07.0122 0x0598 HyperVideo - ok
22:36:07.0122 0x0598 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
22:36:07.0137 0x0598 i8042prt - ok
22:36:07.0153 0x0598 [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
22:36:07.0169 0x0598 iaStorA - ok
22:36:07.0184 0x0598 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:36:07.0200 0x0598 iaStorV - ok
22:36:07.0247 0x0598 [ 5AD5A7781BE907D6E2D75CA1DADAA97B, 355234ED6E49A1080CFFC9C18D185DA653A00C6B79B204368A971EACE5A416A9 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
22:36:07.0278 0x0598 IconMan_R - ok
22:36:07.0372 0x0598 [ A1CF07D24EDCDC6870535471654D957C, FA0CD2ABA2C15E9FC4A1DEE58F365EC10D9597D521556DC2648B50CE0537926D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:36:07.0481 0x0598 igfx - ok
22:36:07.0481 0x0598 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:36:07.0497 0x0598 iirsp - ok
22:36:07.0497 0x0598 [ EDCCC8C13B1EB882F77BA0ABB84566E7, DB299C1D2CFC197CF2FE69358F5EEDE94DCC4C919AF5D2CDFFF0DE476612C988 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
22:36:07.0497 0x0598 IJPLMSVC - ok
22:36:07.0528 0x0598 [ 6F3037196ED82BA5ABA3135C49A1BAB4, 3862C6A27E78A279E974A5B97A1648CFD4FEF824CBEF6493F52812ECEA688D93 ] IKEEXT C:\Windows\System32\ikeext.dll
22:36:07.0559 0x0598 IKEEXT - ok
22:36:07.0622 0x0598 [ DDC860724AEF8F8E42AC61E6585769C6, 62AD5772E8097B03E161E6F14582E2A4BBA0DFA1A1E7F664D881D464E136DBD2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:36:07.0700 0x0598 IntcAzAudAddService - ok
22:36:07.0715 0x0598 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:36:07.0715 0x0598 IntcDAud - ok
22:36:07.0731 0x0598 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:36:07.0747 0x0598 Intel(R) Capability Licensing Service Interface - ok
22:36:07.0762 0x0598 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\Windows\system32\drivers\intelide.sys
22:36:07.0762 0x0598 intelide - ok
22:36:07.0762 0x0598 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\Windows\System32\drivers\intelppm.sys
22:36:07.0778 0x0598 intelppm - ok
22:36:07.0778 0x0598 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:36:07.0794 0x0598 IpFilterDriver - ok
22:36:07.0809 0x0598 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:36:07.0825 0x0598 iphlpsvc - ok
22:36:07.0841 0x0598 [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
22:36:07.0841 0x0598 IPMIDRV - ok
22:36:07.0856 0x0598 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:36:07.0856 0x0598 IPNAT - ok
22:36:07.0872 0x0598 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:36:07.0872 0x0598 IRENUM - ok
22:36:07.0872 0x0598 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:36:07.0887 0x0598 isapnp - ok
22:36:07.0887 0x0598 [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
22:36:07.0903 0x0598 iScsiPrt - ok
22:36:07.0919 0x0598 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:36:07.0919 0x0598 jhi_service - ok
22:36:07.0919 0x0598 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
22:36:07.0934 0x0598 kbdclass - ok
22:36:07.0934 0x0598 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
22:36:07.0950 0x0598 kbdhid - ok
22:36:07.0950 0x0598 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
22:36:07.0950 0x0598 kdnic - ok
22:36:07.0950 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso C:\Windows\system32\lsass.exe
22:36:07.0966 0x0598 KeyIso - ok
22:36:07.0966 0x0598 [ 559A933F5647A7A2783C8A0C6CB0514C, B4CF12D409F14E21DE081A5D7FC935719582FADA1505D03301B444B6B027F1EB ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:36:07.0981 0x0598 KSecDD - ok
22:36:07.0981 0x0598 [ 526F8A5EF20BC3633E8C4769BCBF60D0, EC736E1495018B7FD41273F05BA701370E86C24B95FBECC1402AA1EC2C1EAF68 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:36:07.0997 0x0598 KSecPkg - ok
22:36:07.0997 0x0598 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:36:08.0012 0x0598 ksthunk - ok
22:36:08.0012 0x0598 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:36:08.0028 0x0598 KtmRm - ok
22:36:08.0044 0x0598 [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\Windows\system32\DRIVERS\L1C63x64.sys
22:36:08.0044 0x0598 L1C - ok
22:36:08.0059 0x0598 [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:36:08.0059 0x0598 LanmanServer - ok
22:36:08.0075 0x0598 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:36:08.0091 0x0598 LanmanWorkstation - ok
22:36:08.0091 0x0598 [ 8E4CA9AFD55EF6B509C80A8715ABF8C6, 45698605D17285D346D2052607AEF492EBD89E9625367C31584C7C84757EEFE0 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:36:08.0091 0x0598 lirsgt - ok
22:36:08.0137 0x0598 [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
22:36:08.0200 0x0598 LiveUpdateSvc - ok
22:36:08.0200 0x0598 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:36:08.0216 0x0598 lltdio - ok
22:36:08.0216 0x0598 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:36:08.0231 0x0598 lltdsvc - ok
22:36:08.0231 0x0598 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:36:08.0247 0x0598 lmhosts - ok
22:36:08.0247 0x0598 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:36:08.0262 0x0598 LMS - ok
22:36:08.0262 0x0598 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:36:08.0278 0x0598 LSI_SAS - ok
22:36:08.0278 0x0598 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:36:08.0294 0x0598 LSI_SAS2 - ok
22:36:08.0294 0x0598 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:36:08.0309 0x0598 LSI_SCSI - ok
22:36:08.0309 0x0598 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
22:36:08.0309 0x0598 LSI_SSS - ok
22:36:08.0325 0x0598 [ 483B06BDD893D88A64887441910D9E51, 222CD4099DDF34E8AC05FC1099DF1C9E7E3905162B51D6820601BE097991F397 ] LSM C:\Windows\System32\lsm.dll
22:36:08.0341 0x0598 LSM - ok
22:36:08.0341 0x0598 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\Windows\system32\drivers\luafv.sys
22:36:08.0356 0x0598 luafv - ok
22:36:08.0372 0x0598 McAfee SiteAdvisor Service - ok
22:36:08.0372 0x0598 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\Windows\system32\drivers\megasas.sys
22:36:08.0372 0x0598 megasas - ok
22:36:08.0387 0x0598 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:36:08.0403 0x0598 MegaSR - ok
22:36:08.0403 0x0598 [ 48F64A35BA9F2E4AC0587DDA555FF951, 77FE2BE86ADCE103F4220A641139C42B1407CF8EFFEB66F841ABF9CFC3621558 ] MEIx64 C:\Windows\System32\drivers\TeeDriverW8x64.sys
22:36:08.0419 0x0598 MEIx64 - ok
22:36:08.0419 0x0598 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\Windows\system32\mmcss.dll
22:36:08.0434 0x0598 MMCSS - ok
22:36:08.0434 0x0598 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\Windows\system32\drivers\modem.sys
22:36:08.0450 0x0598 Modem - ok
22:36:08.0450 0x0598 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\Windows\System32\drivers\monitor.sys
22:36:08.0450 0x0598 monitor - ok
22:36:08.0466 0x0598 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\Windows\System32\drivers\mouclass.sys
22:36:08.0481 0x0598 mouclass - ok
22:36:08.0481 0x0598 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\Windows\System32\drivers\mouhid.sys
22:36:08.0481 0x0598 mouhid - ok
22:36:08.0497 0x0598 [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:36:08.0497 0x0598 mountmgr - ok
22:36:08.0512 0x0598 [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:36:08.0512 0x0598 MozillaMaintenance - ok
22:36:08.0512 0x0598 [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:36:08.0528 0x0598 mpsdrv - ok
22:36:08.0544 0x0598 [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:36:08.0575 0x0598 MpsSvc - ok
22:36:08.0575 0x0598 [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:36:08.0591 0x0598 MRxDAV - ok
22:36:08.0591 0x0598 [ 6BA2A5D1C74E7CB3AFAF301A7E5D9E44, 92CACD154D3D7E738C6D2492186270762B1888E89F505EE00C3CAE58F71650ED ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:36:08.0606 0x0598 mrxsmb - ok
22:36:08.0622 0x0598 [ 7E86B45D5F84E0F96AE18BEAC7A51EE4, 2B4DC0B017FD90D7D2F6A35342F5A17B20E79D077D3DFC4AD2455C0D814B7B5E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:36:08.0637 0x0598 mrxsmb10 - ok
22:36:08.0637 0x0598 [ 1BB4582396718EDEFF8A4493AEF67D66, 62AA83190CA041131E43B2031175D9F0F8ACD9A0EB0EC8B8F66C2951F15420E4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:36:08.0653 0x0598 mrxsmb20 - ok
22:36:08.0653 0x0598 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
22:36:08.0669 0x0598 MsBridge - ok
22:36:08.0669 0x0598 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\Windows\System32\msdtc.exe
22:36:08.0684 0x0598 MSDTC - ok
22:36:08.0684 0x0598 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:36:08.0700 0x0598 Msfs - ok
22:36:08.0700 0x0598 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
22:36:08.0716 0x0598 msgpiowin32 - ok
22:36:08.0716 0x0598 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:36:08.0716 0x0598 mshidkmdf - ok
22:36:08.0716 0x0598 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
22:36:08.0731 0x0598 mshidumdf - ok
22:36:08.0731 0x0598 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:36:08.0747 0x0598 msisadrv - ok
22:36:08.0747 0x0598 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:36:08.0762 0x0598 MSiSCSI - ok
22:36:08.0762 0x0598 msiserver - ok
22:36:08.0762 0x0598 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:36:08.0778 0x0598 MSKSSRV - ok
22:36:08.0778 0x0598 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
22:36:08.0778 0x0598 MsLldp - ok
22:36:08.0794 0x0598 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:36:08.0794 0x0598 MSPCLOCK - ok
22:36:08.0794 0x0598 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:36:08.0809 0x0598 MSPQM - ok
22:36:08.0809 0x0598 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:36:08.0825 0x0598 MsRPC - ok
22:36:08.0841 0x0598 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
22:36:08.0841 0x0598 mssmbios - ok
22:36:08.0841 0x0598 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:36:08.0856 0x0598 MSTEE - ok
22:36:08.0856 0x0598 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
22:36:08.0856 0x0598 MTConfig - ok
22:36:08.0872 0x0598 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\Windows\system32\Drivers\mup.sys
22:36:08.0872 0x0598 Mup - ok
22:36:08.0887 0x0598 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\Windows\system32\drivers\mvumis.sys
22:36:08.0887 0x0598 mvumis - ok
22:36:08.0887 0x0598 [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
22:36:08.0903 0x0598 mwlPSDFilter - ok
22:36:08.0903 0x0598 [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
22:36:08.0903 0x0598 mwlPSDNServ - ok
22:36:08.0903 0x0598 [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
22:36:08.0919 0x0598 mwlPSDVDisk - ok
22:36:08.0919 0x0598 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\Windows\system32\qagentRT.dll
22:36:08.0934 0x0598 napagent - ok
22:36:08.0950 0x0598 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:36:08.0966 0x0598 NativeWifiP - ok
22:36:08.0981 0x0598 [ 4DF6F43F761A600208F90A55D05F9B7E, AC93B4497FB428F7EC42DCF5956A2A61B951394E555BF6C89E55943E0B681586 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
22:36:08.0997 0x0598 NAUpdate - ok
22:36:09.0012 0x0598 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\Windows\System32\ncasvc.dll
22:36:09.0012 0x0598 NcaSvc - ok
22:36:09.0028 0x0598 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
22:36:09.0028 0x0598 NcdAutoSetup - ok
22:36:09.0044 0x0598 [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\Windows\system32\drivers\ndis.sys
22:36:09.0075 0x0598 NDIS - ok
22:36:09.0075 0x0598 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:36:09.0091 0x0598 NdisCap - ok
22:36:09.0091 0x0598 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
22:36:09.0106 0x0598 NdisImPlatform - ok
22:36:09.0106 0x0598 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:36:09.0122 0x0598 NdisTapi - ok
22:36:09.0122 0x0598 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:36:09.0137 0x0598 Ndisuio - ok
22:36:09.0137 0x0598 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:36:09.0153 0x0598 NdisWan - ok
22:36:09.0153 0x0598 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
22:36:09.0169 0x0598 NDISWANLEGACY - ok
22:36:09.0169 0x0598 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:36:09.0184 0x0598 NDProxy - ok
22:36:09.0184 0x0598 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\Windows\system32\drivers\Ndu.sys
22:36:09.0200 0x0598 Ndu - ok
22:36:09.0200 0x0598 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:36:09.0216 0x0598 NetBIOS - ok
22:36:09.0216 0x0598 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:36:09.0231 0x0598 NetBT - ok
22:36:09.0231 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon C:\Windows\system32\lsass.exe
22:36:09.0247 0x0598 Netlogon - ok
22:36:09.0247 0x0598 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\Windows\System32\netman.dll
22:36:09.0262 0x0598 Netman - ok
22:36:09.0278 0x0598 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\Windows\System32\netprofmsvc.dll
22:36:09.0294 0x0598 netprofm - ok
22:36:09.0294 0x0598 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:36:09.0309 0x0598 NetTcpPortSharing - ok
22:36:09.0309 0x0598 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:36:09.0325 0x0598 nfrd960 - ok
22:36:09.0325 0x0598 [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:36:09.0341 0x0598 NlaSvc - ok
22:36:09.0356 0x0598 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:36:09.0356 0x0598 Npfs - ok
22:36:09.0356 0x0598 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
22:36:09.0372 0x0598 npsvctrig - ok
22:36:09.0372 0x0598 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\Windows\system32\nsisvc.dll
22:36:09.0388 0x0598 nsi - ok
22:36:09.0388 0x0598 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:36:09.0403 0x0598 nsiproxy - ok
22:36:09.0434 0x0598 [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:36:09.0481 0x0598 Ntfs - ok
22:36:09.0481 0x0598 [ A9AE582FE2240E7FB0E9C11E1CC762A0, 60297CBEE5638E4E5EEF1098B2391A72DE75DC72B1DD812277758BEF770D6C71 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
22:36:09.0497 0x0598 NTI IScheduleSvc - ok
22:36:09.0497 0x0598 [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
22:36:09.0497 0x0598 NTIDrvr - ok
22:36:09.0513 0x0598 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\Windows\system32\drivers\Null.sys
22:36:09.0513 0x0598 Null - ok
22:36:09.0731 0x0598 [ 076C32433B06AAAD72742774E56FB854, 198D522AABA406EB0C36BEF25FD48A1BD914D877A7E8534605957F4FF3A3135B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:36:09.0950 0x0598 nvlddmkm - ok
22:36:09.0966 0x0598 [ 0AFB4857ADD1D11012E6B38C9F4B625B, 08FFD7DF327462CC2BFCBC251A075603B46E338156396C6A3AFD5896E9A9B8A1 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
22:36:09.0966 0x0598 nvpciflt - ok
22:36:09.0981 0x0598 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:36:09.0981 0x0598 nvraid - ok
22:36:09.0997 0x0598 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:36:09.0997 0x0598 nvstor - ok
22:36:10.0013 0x0598 [ A9495A3AAAB5E470F2460F85849A5F66, C84675F39BD07E2A7B0FB491709A2D83476208D235CD78F4ECB947BED82CE01C ] nvsvc C:\Windows\system32\nvvsvc.exe
22:36:10.0044 0x0598 nvsvc - ok
22:36:10.0059 0x0598 [ FAA2048284D763409F7BB84F61601C80, 9ED505AC0D0E124D2EBD2AC7EF463FC4640F67B54533FA560DF47A6CBB86E623 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:36:10.0091 0x0598 nvUpdatusService - ok
22:36:10.0091 0x0598 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:36:10.0106 0x0598 nv_agp - ok
22:36:10.0106 0x0598 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:36:10.0122 0x0598 p2pimsvc - ok
22:36:10.0138 0x0598 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\Windows\system32\p2psvc.dll
22:36:10.0153 0x0598 p2psvc - ok
22:36:10.0153 0x0598 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\Windows\System32\drivers\parport.sys
22:36:10.0169 0x0598 Parport - ok
22:36:10.0169 0x0598 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:36:10.0184 0x0598 partmgr - ok
22:36:10.0184 0x0598 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:36:10.0200 0x0598 PcaSvc - ok
22:36:10.0216 0x0598 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\Windows\system32\drivers\pci.sys
22:36:10.0216 0x0598 pci - ok
22:36:10.0231 0x0598 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\Windows\system32\drivers\pciide.sys
22:36:10.0231 0x0598 pciide - ok
22:36:10.0247 0x0598 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:36:10.0247 0x0598 pcmcia - ok
22:36:10.0263 0x0598 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\Windows\system32\drivers\pcw.sys
22:36:10.0263 0x0598 pcw - ok
22:36:10.0263 0x0598 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\Windows\system32\drivers\pdc.sys
22:36:10.0278 0x0598 pdc - ok
22:36:10.0294 0x0598 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:36:10.0309 0x0598 PEAUTH - ok
22:36:10.0325 0x0598 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:36:10.0341 0x0598 PerfHost - ok
22:36:10.0372 0x0598 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\Windows\system32\pla.dll
22:36:10.0403 0x0598 pla - ok
22:36:10.0419 0x0598 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:36:10.0419 0x0598 PlugPlay - ok
22:36:10.0434 0x0598 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:36:10.0434 0x0598 PNRPAutoReg - ok
22:36:10.0450 0x0598 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:36:10.0450 0x0598 PNRPsvc - ok
22:36:10.0466 0x0598 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:36:10.0481 0x0598 PolicyAgent - ok
22:36:10.0497 0x0598 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\Windows\system32\umpo.dll
22:36:10.0497 0x0598 Power - ok
22:36:10.0513 0x0598 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:36:10.0513 0x0598 PptpMiniport - ok
22:36:10.0575 0x0598 [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
22:36:10.0638 0x0598 PrintNotify - ok
22:36:10.0638 0x0598 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\Windows\System32\drivers\processr.sys
22:36:10.0653 0x0598 Processor - ok
22:36:10.0653 0x0598 [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:36:10.0669 0x0598 ProfSvc - ok
22:36:10.0684 0x0598 [ F115AF58ABE5605D7D709CBFBD83F418, 4855FCD6E455D6E374CE92E5B37D61E7E6D8A861BA76521E7CC2542621853471 ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
22:36:10.0700 0x0598 ProtexisLicensing - ok
22:36:10.0700 0x0598 [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid C:\Windows\System32\drivers\aPs2Kb2Hid.sys
22:36:10.0700 0x0598 Ps2Kb2Hid - ok
22:36:10.0716 0x0598 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:36:10.0716 0x0598 Psched - ok
22:36:10.0731 0x0598 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\Windows\system32\qwave.dll
22:36:10.0747 0x0598 QWAVE - ok
22:36:10.0747 0x0598 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:36:10.0763 0x0598 QWAVEdrv - ok
22:36:10.0763 0x0598 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:36:10.0763 0x0598 RasAcd - ok
22:36:10.0778 0x0598 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:36:10.0778 0x0598 RasAgileVpn - ok
22:36:10.0794 0x0598 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\Windows\System32\rasauto.dll
22:36:10.0794 0x0598 RasAuto - ok
22:36:10.0809 0x0598 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:36:10.0825 0x0598 Rasl2tp - ok
22:36:10.0825 0x0598 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\Windows\System32\rasmans.dll
22:36:10.0841 0x0598 RasMan - ok
22:36:10.0841 0x0598 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:36:10.0856 0x0598 RasPppoe - ok
22:36:10.0856 0x0598 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:36:10.0872 0x0598 RasSstp - ok
22:36:10.0888 0x0598 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:36:10.0903 0x0598 rdbss - ok
22:36:10.0903 0x0598 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
22:36:10.0919 0x0598 rdpbus - ok
22:36:10.0919 0x0598 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:36:10.0934 0x0598 RDPDR - ok
22:36:10.0934 0x0598 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:36:10.0934 0x0598 RdpVideoMiniport - ok
22:36:10.0950 0x0598 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:36:10.0950 0x0598 RDPWD - ok
22:36:10.0966 0x0598 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:36:10.0981 0x0598 rdyboost - ok
22:36:10.0981 0x0598 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:36:10.0997 0x0598 RemoteAccess - ok
22:36:10.0997 0x0598 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:36:11.0013 0x0598 RemoteRegistry - ok
22:36:11.0013 0x0598 [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
22:36:11.0028 0x0598 RfButtonDriverService - ok
22:36:11.0028 0x0598 [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
22:36:11.0044 0x0598 RFCOMM - ok
22:36:11.0044 0x0598 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:36:11.0059 0x0598 RpcEptMapper - ok
22:36:11.0059 0x0598 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\Windows\system32\locator.exe
22:36:11.0059 0x0598 RpcLocator - ok
22:36:11.0075 0x0598 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\Windows\system32\rpcss.dll
22:36:11.0106 0x0598 RpcSs - ok
22:36:11.0106 0x0598 [ B868B9C46B11067A809987415E8A08A0, 8139EF76613DD7F2A002E48A593B2B01C5AD38630B9E9E454EB271F8754D511B ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
22:36:11.0122 0x0598 RSPCIESTOR - ok
22:36:11.0122 0x0598 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:36:11.0138 0x0598 rspndr - ok
22:36:11.0153 0x0598 [ 1E3B00B7645272F9033DDA2E26A0285B, 36E8BA7F2356227650E00AE85857BC06DB15E2A93132A4A5FCBC60E1E8EC33C4 ] rtop C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
22:36:11.0153 0x0598 rtop - ok
22:36:11.0153 0x0598 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
22:36:11.0169 0x0598 s3cap - ok
22:36:11.0169 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs C:\Windows\system32\lsass.exe
22:36:11.0184 0x0598 SamSs - ok
22:36:11.0184 0x0598 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:36:11.0200 0x0598 sbp2port - ok
22:36:11.0200 0x0598 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:36:11.0216 0x0598 SCardSvr - ok
22:36:11.0216 0x0598 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:36:11.0231 0x0598 scfilter - ok
22:36:11.0263 0x0598 [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule C:\Windows\system32\schedsvc.dll
22:36:11.0294 0x0598 Schedule - ok
22:36:11.0294 0x0598 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:36:11.0310 0x0598 SCPolicySvc - ok
22:36:11.0325 0x0598 [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\Windows\System32\drivers\sdbus.sys
22:36:11.0325 0x0598 sdbus - ok
22:36:11.0341 0x0598 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:36:11.0356 0x0598 SDRSVC - ok
22:36:11.0356 0x0598 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\Windows\System32\drivers\sdstor.sys
22:36:11.0356 0x0598 sdstor - ok
22:36:11.0372 0x0598 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:36:11.0372 0x0598 secdrv - ok
22:36:11.0372 0x0598 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\Windows\system32\seclogon.dll
22:36:11.0388 0x0598 seclogon - ok
22:36:11.0388 0x0598 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\Windows\System32\sens.dll
22:36:11.0403 0x0598 SENS - ok
22:36:11.0419 0x0598 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:36:11.0435 0x0598 SensrSvc - ok
22:36:11.0435 0x0598 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\Windows\system32\drivers\SerCx.sys
22:36:11.0435 0x0598 SerCx - ok
22:36:11.0450 0x0598 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\Windows\System32\drivers\serenum.sys
22:36:11.0450 0x0598 Serenum - ok
22:36:11.0466 0x0598 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\Windows\System32\drivers\serial.sys
22:36:11.0466 0x0598 Serial - ok
22:36:11.0466 0x0598 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\Windows\System32\drivers\sermouse.sys
22:36:11.0481 0x0598 sermouse - ok
22:36:11.0497 0x0598 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\Windows\system32\sessenv.dll
22:36:11.0513 0x0598 SessionEnv - ok
22:36:11.0513 0x0598 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
22:36:11.0528 0x0598 sfloppy - ok
22:36:11.0528 0x0598 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:36:11.0544 0x0598 SharedAccess - ok
22:36:11.0560 0x0598 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:36:11.0591 0x0598 ShellHWDetection - ok
22:36:11.0591 0x0598 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:36:11.0606 0x0598 SiSRaid2 - ok
22:36:11.0606 0x0598 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:36:11.0622 0x0598 SiSRaid4 - ok
22:36:11.0622 0x0598 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:36:11.0638 0x0598 SkypeUpdate - ok
22:36:11.0653 0x0598 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:36:11.0653 0x0598 SNMPTRAP - ok
22:36:11.0669 0x0598 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\Windows\system32\drivers\spaceport.sys
22:36:11.0685 0x0598 spaceport - ok
22:36:11.0685 0x0598 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
22:36:11.0685 0x0598 SpbCx - ok
22:36:11.0700 0x0598 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\Windows\System32\spoolsv.exe
22:36:11.0731 0x0598 Spooler - ok
22:36:11.0810 0x0598 [ 010FD9B14E98E49ABC4D14F6F9B2B76F, F11FA52B1B6A4FD1BF923BD75E3E0A52E472165E867DADF7A105E84016546BB5 ] sppsvc C:\Windows\system32\sppsvc.exe
22:36:11.0919 0x0598 sppsvc - ok
22:36:11.0919 0x0598 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\Windows\system32\DRIVERS\srv.sys
22:36:11.0935 0x0598 srv - ok
22:36:11.0950 0x0598 [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:36:11.0966 0x0598 srv2 - ok
22:36:11.0981 0x0598 [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:36:11.0997 0x0598 srvnet - ok
22:36:11.0997 0x0598 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:36:12.0013 0x0598 SSDPSRV - ok
22:36:12.0013 0x0598 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:36:12.0028 0x0598 SstpSvc - ok
22:36:12.0044 0x0598 [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
22:36:12.0044 0x0598 ssudmdm - ok
22:36:12.0075 0x0598 [ 4674D48019BB457B402A756BE8F437A3, 94EF17E9E0F3BFC1C163231596899FBBE67BA36D33427E80032E700E07814E60 ] StartMenuService C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
22:36:12.0091 0x0598 StartMenuService - ok
22:36:12.0091 0x0598 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:36:12.0106 0x0598 stexstor - ok
22:36:12.0106 0x0598 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\Windows\System32\wiaservc.dll
22:36:12.0138 0x0598 stisvc - ok
22:36:12.0138 0x0598 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\Windows\system32\drivers\storahci.sys
22:36:12.0138 0x0598 storahci - ok
22:36:12.0153 0x0598 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
22:36:12.0153 0x0598 storflt - ok
22:36:12.0153 0x0598 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\Windows\system32\storsvc.dll
22:36:12.0169 0x0598 StorSvc - ok
22:36:12.0169 0x0598 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:36:12.0185 0x0598 storvsc - ok
22:36:12.0185 0x0598 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\Windows\system32\svsvc.dll
22:36:12.0200 0x0598 svsvc - ok
22:36:12.0200 0x0598 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\Windows\System32\drivers\swenum.sys
22:36:12.0200 0x0598 swenum - ok
22:36:12.0216 0x0598 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:36:12.0231 0x0598 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
22:36:14.0607 0x0598 Detect skipped due to KSN trusted
22:36:14.0607 0x0598 SwitchBoard - ok
22:36:14.0622 0x0598 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\Windows\System32\swprv.dll
22:36:14.0638 0x0598 swprv - ok
22:36:14.0653 0x0598 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\Windows\system32\sysmain.dll
22:36:14.0685 0x0598 SysMain - ok
22:36:14.0700 0x0598 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
22:36:14.0716 0x0598 SystemEventsBroker - ok
22:36:14.0716 0x0598 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
22:36:14.0732 0x0598 TabletInputService - ok
22:36:14.0732 0x0598 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:36:14.0747 0x0598 TapiSrv - ok
22:36:14.0794 0x0598 [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:36:14.0841 0x0598 Tcpip - ok
22:36:14.0888 0x0598 [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:36:14.0935 0x0598 TCPIP6 - ok
22:36:14.0935 0x0598 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:36:14.0950 0x0598 tcpipreg - ok
22:36:14.0950 0x0598 [ 217AEE5DAE1BEF81A1E9A184C4C0BF6A, E554EBE85EE27186C1BD3005E757F356D76574EAFD3E5E03A490C9B8DF19F21A ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:36:14.0966 0x0598 tdx - ok
22:36:14.0966 0x0598 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\Windows\System32\drivers\terminpt.sys
22:36:14.0982 0x0598 terminpt - ok
22:36:14.0997 0x0598 [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService C:\Windows\System32\termsrv.dll
22:36:15.0013 0x0598 TermService - ok
22:36:15.0013 0x0598 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\Windows\system32\themeservice.dll
22:36:15.0028 0x0598 Themes - ok
22:36:15.0028 0x0598 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\Windows\system32\mmcss.dll
22:36:15.0044 0x0598 THREADORDER - ok
22:36:15.0044 0x0598 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
22:36:15.0060 0x0598 TimeBroker - ok
22:36:15.0060 0x0598 [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\Windows\system32\drivers\tpm.sys
22:36:15.0075 0x0598 TPM - ok
22:36:15.0075 0x0598 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\Windows\System32\trkwks.dll
22:36:15.0091 0x0598 TrkWks - ok
22:36:15.0091 0x0598 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:36:15.0107 0x0598 TrustedInstaller - ok
22:36:15.0107 0x0598 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:36:15.0122 0x0598 TsUsbFlt - ok
22:36:15.0122 0x0598 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
22:36:15.0122 0x0598 TsUsbGD - ok
22:36:15.0138 0x0598 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:36:15.0153 0x0598 tunnel - ok
22:36:15.0153 0x0598 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:36:15.0153 0x0598 uagp35 - ok
22:36:15.0169 0x0598 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
22:36:15.0169 0x0598 UASPStor - ok
22:36:15.0169 0x0598 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
22:36:15.0185 0x0598 UBHelper - ok
22:36:15.0185 0x0598 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
22:36:15.0200 0x0598 UCX01000 - ok
22:36:15.0200 0x0598 [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:36:15.0216 0x0598 udfs - ok
22:36:15.0232 0x0598 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:36:15.0232 0x0598 UI0Detect - ok
22:36:15.0247 0x0598 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:36:15.0247 0x0598 uliagpkx - ok
22:36:15.0247 0x0598 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\Windows\System32\drivers\umbus.sys
22:36:15.0263 0x0598 umbus - ok
22:36:15.0263 0x0598 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\Windows\System32\drivers\umpass.sys
22:36:15.0263 0x0598 UmPass - ok
22:36:15.0278 0x0598 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\Windows\System32\umrdp.dll
22:36:15.0294 0x0598 UmRdpService - ok
22:36:15.0294 0x0598 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:36:15.0310 0x0598 UNS - ok
22:36:15.0325 0x0598 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\Windows\System32\upnphost.dll
22:36:15.0341 0x0598 upnphost - ok
22:36:15.0341 0x0598 [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:36:15.0357 0x0598 usbaudio - ok
22:36:15.0357 0x0598 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
22:36:15.0372 0x0598 usbccgp - ok
22:36:15.0372 0x0598 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\Windows\System32\drivers\usbcir.sys
22:36:15.0388 0x0598 usbcir - ok
22:36:15.0388 0x0598 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\Windows\System32\drivers\usbehci.sys
22:36:15.0403 0x0598 usbehci - ok
22:36:15.0403 0x0598 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\Windows\System32\drivers\usbhub.sys
22:36:15.0435 0x0598 usbhub - ok
22:36:15.0435 0x0598 [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
22:36:15.0450 0x0598 USBHUB3 - ok
22:36:15.0466 0x0598 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\Windows\System32\drivers\usbohci.sys
22:36:15.0466 0x0598 usbohci - ok
22:36:15.0466 0x0598 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\Windows\System32\drivers\usbprint.sys
22:36:15.0482 0x0598 usbprint - ok
22:36:15.0482 0x0598 [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
22:36:15.0497 0x0598 USBSTOR - ok
22:36:15.0497 0x0598 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
22:36:15.0497 0x0598 usbuhci - ok
22:36:15.0513 0x0598 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:36:15.0513 0x0598 usbvideo - ok
22:36:15.0528 0x0598 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
22:36:15.0544 0x0598 USBXHCI - ok
22:36:15.0544 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc C:\Windows\system32\lsass.exe
22:36:15.0560 0x0598 VaultSvc - ok
22:36:15.0560 0x0598 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:36:15.0560 0x0598 vdrvroot - ok
22:36:15.0575 0x0598 [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\Windows\System32\vds.exe
22:36:15.0607 0x0598 vds - ok
22:36:15.0607 0x0598 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
22:36:15.0607 0x0598 VerifierExt - ok
22:36:15.0622 0x0598 [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
22:36:15.0638 0x0598 vhdmp - ok
22:36:15.0638 0x0598 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\Windows\system32\drivers\viaide.sys
22:36:15.0653 0x0598 viaide - ok
22:36:15.0653 0x0598 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:36:15.0669 0x0598 vmbus - ok
22:36:15.0669 0x0598 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
22:36:15.0669 0x0598 VMBusHID - ok
22:36:15.0685 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\Windows\System32\ICSvc.dll
22:36:15.0700 0x0598 vmicheartbeat - ok
22:36:15.0700 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
22:36:15.0716 0x0598 vmickvpexchange - ok
22:36:15.0732 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\Windows\System32\ICSvc.dll
22:36:15.0747 0x0598 vmicrdv - ok
22:36:15.0747 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\Windows\System32\ICSvc.dll
22:36:15.0763 0x0598 vmicshutdown - ok
22:36:15.0763 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\Windows\System32\ICSvc.dll
22:36:15.0778 0x0598 vmictimesync - ok
22:36:15.0794 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\Windows\System32\ICSvc.dll
22:36:15.0810 0x0598 vmicvss - ok
22:36:15.0810 0x0598 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:36:15.0825 0x0598 volmgr - ok
22:36:15.0825 0x0598 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:36:15.0841 0x0598 volmgrx - ok
22:36:15.0857 0x0598 [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:36:15.0857 0x0598 volsnap - ok
22:36:15.0872 0x0598 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\Windows\System32\drivers\vpci.sys
22:36:15.0872 0x0598 vpci - ok
22:36:15.0888 0x0598 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:36:15.0888 0x0598 vsmraid - ok
22:36:15.0919 0x0598 [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS C:\Windows\system32\vssvc.exe
22:36:15.0950 0x0598 VSS - ok
22:36:15.0966 0x0598 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
22:36:15.0982 0x0598 VSTXRAID - ok
22:36:15.0982 0x0598 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:36:15.0982 0x0598 vwifibus - ok
22:36:15.0997 0x0598 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:36:15.0997 0x0598 vwififlt - ok
22:36:16.0013 0x0598 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:36:16.0013 0x0598 vwifimp - ok
22:36:16.0029 0x0598 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\Windows\system32\w32time.dll
22:36:16.0044 0x0598 W32Time - ok
22:36:16.0044 0x0598 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\Windows\System32\drivers\wacompen.sys
22:36:16.0060 0x0598 WacomPen - ok
22:36:16.0060 0x0598 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:36:16.0060 0x0598 Wanarp - ok
22:36:16.0075 0x0598 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:36:16.0075 0x0598 Wanarpv6 - ok
22:36:16.0107 0x0598 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\Windows\system32\wbengine.exe
22:36:16.0138 0x0598 wbengine - ok
22:36:16.0154 0x0598 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:36:16.0169 0x0598 WbioSrvc - ok
22:36:16.0169 0x0598 [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc C:\Windows\System32\wcmsvc.dll
22:36:16.0185 0x0598 Wcmsvc - ok
22:36:16.0200 0x0598 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:36:16.0216 0x0598 wcncsvc - ok
22:36:16.0216 0x0598 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:36:16.0232 0x0598 WcsPlugInService - ok
22:36:16.0232 0x0598 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\Windows\system32\drivers\wd.sys
22:36:16.0247 0x0598 Wd - ok
22:36:16.0247 0x0598 [ 5A416C253D2C50327928ABC4A1D8A0F2, A3A41F3E6229D86F85F68062BBEA38290FB78B3D3F0D8DF3B6C01FF5B93A9F16 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
22:36:16.0247 0x0598 WdBoot - ok
22:36:16.0247 0x0598 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\System32\drivers\wdcsam64.sys
22:36:16.0263 0x0598 WDC_SAM - ok
22:36:16.0279 0x0598 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:36:16.0294 0x0598 Wdf01000 - ok
22:36:16.0310 0x0598 [ 6FBA6CD2348DEC440D0C6D511C55F3FE, 0CB50B57D9C6E56B20FA8777540E2C8C5702753758075DA4C310A7B2B2F8A352 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
22:36:16.0310 0x0598 WdFilter - ok
22:36:16.0325 0x0598 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:36:16.0341 0x0598 WdiServiceHost - ok
22:36:16.0341 0x0598 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:36:16.0357 0x0598 WdiSystemHost - ok
22:36:16.0357 0x0598 [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\Windows\System32\webclnt.dll
22:36:16.0372 0x0598 WebClient - ok
22:36:16.0388 0x0598 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:36:16.0388 0x0598 Wecsvc - ok
22:36:16.0404 0x0598 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:36:16.0419 0x0598 wercplsupport - ok
22:36:16.0419 0x0598 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\Windows\System32\WerSvc.dll
22:36:16.0435 0x0598 WerSvc - ok
22:36:16.0435 0x0598 [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
22:36:16.0450 0x0598 WFPLWFS - ok
22:36:16.0450 0x0598 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\Windows\System32\wiarpc.dll
22:36:16.0466 0x0598 WiaRpc - ok
22:36:16.0466 0x0598 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:36:16.0482 0x0598 WIMMount - ok
22:36:16.0482 0x0598 WinDefend - ok
22:36:16.0497 0x0598 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
22:36:16.0513 0x0598 WinHttpAutoProxySvc - ok
22:36:16.0529 0x0598 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:36:16.0544 0x0598 Winmgmt - ok
22:36:16.0591 0x0598 [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM C:\Windows\system32\WsmSvc.dll
22:36:16.0638 0x0598 WinRM - ok
22:36:16.0654 0x0598 [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\Windows\System32\drivers\WinUsb.sys
22:36:16.0669 0x0598 WinUsb - ok
22:36:16.0685 0x0598 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\Windows\System32\wlansvc.dll
22:36:16.0716 0x0598 WlanSvc - ok
22:36:16.0763 0x0598 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\Windows\system32\wlidsvc.dll
22:36:16.0794 0x0598 wlidsvc - ok
22:36:16.0794 0x0598 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
22:36:16.0810 0x0598 WmiAcpi - ok
22:36:16.0810 0x0598 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:36:16.0825 0x0598 wmiApSrv - ok
22:36:16.0825 0x0598 WMPNetworkSvc - ok
22:36:16.0841 0x0598 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
22:36:16.0841 0x0598 wpcfltr - ok
22:36:16.0841 0x0598 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:36:16.0857 0x0598 WPCSvc - ok
22:36:16.0857 0x0598 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:36:16.0872 0x0598 WPDBusEnum - ok
22:36:16.0872 0x0598 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
22:36:16.0888 0x0598 WpdUpFltr - ok
22:36:16.0888 0x0598 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:36:16.0888 0x0598 ws2ifsl - ok
22:36:16.0904 0x0598 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\Windows\System32\wscsvc.dll
22:36:16.0904 0x0598 wscsvc - ok
22:36:16.0919 0x0598 [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
22:36:16.0919 0x0598 WSDPrintDevice - ok
22:36:16.0919 0x0598 [ FA07DF46070F0826139709EF4D31FB71, 8F46A55D5C4336536E7974C9CEAFED55E7E9E9BF133D2AD0F6A55174F70B2F03 ] WSDScan C:\Windows\System32\drivers\WSDScan.sys
22:36:16.0935 0x0598 WSDScan - ok
22:36:16.0935 0x0598 WSearch - ok
22:36:16.0982 0x0598 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\Windows\System32\WSService.dll
22:36:17.0029 0x0598 WSService - ok
22:36:17.0091 0x0598 [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv C:\Windows\system32\wuaueng.dll
22:36:17.0154 0x0598 wuauserv - ok
22:36:17.0154 0x0598 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:36:17.0169 0x0598 WudfPf - ok
22:36:17.0169 0x0598 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
22:36:17.0185 0x0598 WUDFRd - ok
22:36:17.0185 0x0598 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:36:17.0200 0x0598 wudfsvc - ok
22:36:17.0200 0x0598 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
22:36:17.0216 0x0598 WUDFWpdFs - ok
22:36:17.0216 0x0598 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys
22:36:17.0232 0x0598 WUDFWpdMtp - ok
22:36:17.0247 0x0598 [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:36:17.0263 0x0598 WwanSvc - ok
22:36:17.0263 0x0598 [ BB1842E3AA602B401F7692718B0D0F9A, 6DE508F6CC917D046E61730706C70EF2965B12A7A31F180C22DF8BFA30C0CF67 ] ZAtheros Wlan Agent C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
22:36:17.0263 0x0598 ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic ( 1 )
22:36:19.0623 0x0598 Detect skipped due to KSN trusted
22:36:19.0623 0x0598 ZAtheros Wlan Agent - ok
22:36:19.0638 0x0598 ================ Scan global ===============================
22:36:19.0638 0x0598 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
22:36:19.0654 0x0598 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
22:36:19.0654 0x0598 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
22:36:19.0669 0x0598 [ 590A2B4198DD35AA42893BA04F66FD3F, BDD9609F43275E895AE3A685DF921B19F11E4D8617F7BD3D4BA21A230EB9A060 ] C:\Windows\system32\services.exe
22:36:19.0669 0x0598 [ Global ] - ok
22:36:19.0669 0x0598 ================ Scan MBR ==================================
22:36:19.0669 0x0598 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:36:19.0716 0x0598 \Device\Harddisk0\DR0 - ok
22:36:19.0716 0x0598 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:36:20.0107 0x0598 \Device\Harddisk1\DR1 - ok
22:36:20.0107 0x0598 ================ Scan VBR ==================================
22:36:20.0107 0x0598 [ 1DD312DB413D82C7ED49B9FB05334035 ] \Device\Harddisk0\DR0\Partition1
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition1 - ok
22:36:20.0107 0x0598 [ 2793071A1EAF908686C8E6AEC714A6DB ] \Device\Harddisk0\DR0\Partition2
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition2 - ok
22:36:20.0107 0x0598 [ AAA70266135E901B74ECC71C6C64D272 ] \Device\Harddisk0\DR0\Partition3
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition3 - ok
22:36:20.0107 0x0598 [ 8A066CB216B952E01C7F58CC3AA2B40E ] \Device\Harddisk0\DR0\Partition4
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition4 - ok
22:36:20.0123 0x0598 [ 28E78E203442BC541DBDA0F493D9CA58 ] \Device\Harddisk1\DR1\Partition1
22:36:20.0123 0x0598 \Device\Harddisk1\DR1\Partition1 - ok
22:36:20.0138 0x0598 [ C7140EE0D8BD199563515902BFD1CE6E ] \Device\Harddisk1\DR1\Partition2
22:36:20.0138 0x0598 \Device\Harddisk1\DR1\Partition2 - ok
22:36:20.0138 0x0598 ================ Scan generic autorun ======================
22:36:20.0154 0x0598 [ 50D1476C84446135A990F4939DC2DC1D, D062F92863E32EC075BD672F3C185CE8C9329F8B679D5508C396131B1DB30EF7 ] C:\Dolby PCEE4\pcee4.exe
22:36:20.0169 0x0598 Dolby Home Theater v4 - ok
22:36:20.0185 0x0598 [ 66598E7BC1960E5E57A646B69671182F, A6B5008742A3E5C506C870CBA27711AF6F25B840E7B869FB33E9C080A4917C76 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
22:36:20.0201 0x0598 avgnt - ok
22:36:20.0216 0x0598 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:36:20.0232 0x0598 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
22:36:20.0232 0x0598 Detect skipped due to KSN trusted
22:36:20.0232 0x0598 SwitchBoard - ok
22:36:20.0248 0x0598 [ E1636F57581CAB5D995FD54D2991EF57, BB6B3D005054D386D596A4BA4D9D2F1284D7C845C1CD5EE63775B4569559E0EB ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
22:36:20.0279 0x0598 AdobeCS5.5ServiceManager - ok
22:36:20.0279 0x0598 [ CAA71374014DA23AF7E10F15EA975BDF, 8768D29F9494AEF1ED1817C685CDEF12CAB309310E9BB6929CA9340166E91AA2 ] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe
22:36:20.0294 0x0598 Ulead AutoDetector v2 - detected UnsignedFile.Multi.Generic ( 1 )
22:36:22.0686 0x0598 Detect skipped due to KSN trusted
22:36:22.0686 0x0598 Ulead AutoDetector v2 - ok
22:36:22.0686 0x0598 [ B793DDE01D181ED91F333BF10FE2FC50, F9BA0FD8EC0C0E9D7E5969BC9ED0D0322EDFC8E65B11F642A7118B41F5BF197F ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
22:36:22.0701 0x0598 IJNetworkScannerSelectorEX - ok
22:36:22.0701 0x0598 [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
22:36:22.0717 0x0598 Avira SystrayStartTrigger - ok
22:36:22.0717 0x0598 IsMyWinLockerReboot - ok
22:36:22.0717 0x0598 IsMyWinLockerReboot - ok
22:36:22.0717 0x0598 Skype - ok
22:36:22.0748 0x0598 [ 562A46474509A0F52C5035727207FD40, 47769A2738B11C2A6D459663249BD9CD79ACF4E1178768F1DF5ADEA11B3079E0 ] c:\users\sabine\appdata\local\chromium\application\chrome.exe
22:36:22.0764 0x0598 Chromium - detected UnsignedFile.Multi.Generic ( 1 )
22:36:25.0405 0x0598 Chromium ( UnsignedFile.Multi.Generic ) - warning
22:36:27.0811 0x0598 Waiting for KSN requests completion. In queue: 5
22:36:28.0827 0x0598 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.20.55 ), 0x41000 ( enabled : updated )
22:36:28.0827 0x0598 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
22:36:28.0842 0x0598 Win FW state via NFP2: enabled ( trusted )
22:36:31.0249 0x0598 ============================================================
22:36:31.0249 0x0598 Scan finished
22:36:31.0249 0x0598 ============================================================
22:36:31.0249 0x013c Detected object count: 1
22:36:31.0249 0x013c Actual detected object count: 1
22:37:00.0612 0x013c Chromium ( UnsignedFile.Multi.Generic ) - skipped by user
22:37:00.0612 0x013c Chromium ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
16.09.2016, 21:53
| #4 |
| | Trojan Dropper FRST: Code:
ATTFilter 22:33:37.0154 0x1368 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
22:33:37.0154 0x1368 UEFI system
22:33:45.0577 0x1368 ============================================================
22:33:45.0577 0x1368 Current date / time: 2016/09/16 22:33:45.0577
22:33:45.0577 0x1368 SystemInfo:
22:33:45.0577 0x1368
22:33:45.0577 0x1368 OS Version: 6.2.9200 ServicePack: 0.0
22:33:45.0577 0x1368 Product type: Workstation
22:33:45.0577 0x1368 ComputerName: SABINEB
22:33:45.0577 0x1368 UserName: Sabine
22:33:45.0577 0x1368 Windows directory: C:\Windows
22:33:45.0577 0x1368 System windows directory: C:\Windows
22:33:45.0577 0x1368 Running under WOW64
22:33:45.0577 0x1368 Processor architecture: Intel x64
22:33:45.0577 0x1368 Number of processors: 8
22:33:45.0577 0x1368 Page size: 0x1000
22:33:45.0577 0x1368 Boot type: Normal boot
22:33:45.0577 0x1368 CodeIntegrityOptions = 0x00000001
22:33:45.0577 0x1368 ============================================================
22:33:46.0061 0x1368 KLMD registered as C:\Windows\system32\drivers\86316651.sys
22:33:46.0061 0x1368 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9200.17581, osProperties = 0x19
22:33:46.0140 0x1368 System UUID: {3D4AA5A4-1E1D-C0BB-FFC4-95621A140D80}
22:33:46.0421 0x1368 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:33:48.0343 0x1368 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:33:48.0358 0x1368 ============================================================
22:33:48.0358 0x1368 \Device\Harddisk0\DR0:
22:33:48.0358 0x1368 GPT partitions:
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6BE83ED8-2A29-4714-BC8D-62F32C22A4CE}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6D454AC6-9353-453B-98DD-E21D255F3B21}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x32000
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7C4ED796-6660-4198-8146-3DED2F5E2D31}, Name: Microsoft reserved partition, StartLBA 0xFA800, BlocksNum 0x40000
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7651263D-21E4-4E3F-9AC0-37774934EF29}, Name: Basic data partition, StartLBA 0x13A800, BlocksNum 0xED41800
22:33:48.0358 0x1368 MBR partitions:
22:33:48.0358 0x1368 \Device\Harddisk1\DR1:
22:33:48.0358 0x1368 GPT partitions:
22:33:48.0358 0x1368 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D683FD90-65BE-4B25-8E4E-FE3B53B561ED}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x71905800
22:33:48.0358 0x1368 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {100C8D8A-E78B-4FC8-AF6B-8EF6F3ABD811}, Name: Basic data partition, StartLBA 0x71906000, BlocksNum 0x2E00800
22:33:48.0358 0x1368 MBR partitions:
22:33:48.0358 0x1368 ============================================================
22:33:48.0358 0x1368 C: <-> \Device\Harddisk0\DR0\Partition4
22:33:48.0405 0x1368 D: <-> \Device\Harddisk1\DR1\Partition1
22:33:48.0405 0x1368 ============================================================
22:33:48.0405 0x1368 Initialize success
22:33:48.0405 0x1368 ============================================================
22:35:56.0183 0x0598 ============================================================
22:35:56.0183 0x0598 Scan started
22:35:56.0183 0x0598 Mode: Manual; SigCheck; TDLFS;
22:35:56.0183 0x0598 ============================================================
22:35:56.0183 0x0598 KSN ping started
22:35:58.0543 0x0598 KSN ping finished: true
22:36:01.0434 0x0598 ================ Scan system memory ========================
22:36:01.0434 0x0598 System memory - ok
22:36:01.0434 0x0598 ================ Scan services =============================
22:36:01.0465 0x0598 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
22:36:01.0496 0x0598 1394ohci - ok
22:36:01.0496 0x0598 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\Windows\system32\drivers\3ware.sys
22:36:01.0512 0x0598 3ware - ok
22:36:01.0527 0x0598 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
22:36:01.0527 0x0598 acedrv11 - ok
22:36:01.0543 0x0598 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:36:01.0559 0x0598 ACPI - ok
22:36:01.0574 0x0598 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\Windows\system32\Drivers\acpiex.sys
22:36:01.0574 0x0598 acpiex - ok
22:36:01.0590 0x0598 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
22:36:01.0590 0x0598 acpipagr - ok
22:36:01.0590 0x0598 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
22:36:01.0606 0x0598 AcpiPmi - ok
22:36:01.0606 0x0598 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\Windows\System32\drivers\acpitime.sys
22:36:01.0621 0x0598 acpitime - ok
22:36:01.0621 0x0598 [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:36:01.0621 0x0598 AdobeARMservice - ok
22:36:01.0652 0x0598 [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:36:01.0668 0x0598 AdobeFlashPlayerUpdateSvc - ok
22:36:01.0668 0x0598 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:36:01.0699 0x0598 adp94xx - ok
22:36:01.0699 0x0598 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:36:01.0715 0x0598 adpahci - ok
22:36:01.0731 0x0598 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:36:01.0731 0x0598 adpu320 - ok
22:36:01.0746 0x0598 [ 480C020D9B58E881A5349F5F1189A418, 8AE8ED9CD8F239DF47853FBCE45DB34652CE94E3FD296FDF3897AC6DD5F9B143 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:36:01.0746 0x0598 AeLookupSvc - ok
22:36:01.0762 0x0598 [ 8252EE6D7F87846EA409D0DA602FB1D9, 2A89C654B2C92B8E2445A35A1B6ACA4926AFDC2C875142E0A21D339B8FC8D474 ] AFD C:\Windows\system32\drivers\afd.sys
22:36:01.0793 0x0598 AFD - ok
22:36:01.0793 0x0598 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:36:01.0809 0x0598 agp440 - ok
22:36:01.0809 0x0598 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\Windows\System32\alg.exe
22:36:01.0824 0x0598 ALG - ok
22:36:01.0824 0x0598 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
22:36:01.0840 0x0598 AllUserInstallAgent - ok
22:36:01.0840 0x0598 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
22:36:01.0856 0x0598 AmdK8 - ok
22:36:01.0856 0x0598 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
22:36:01.0856 0x0598 AmdPPM - ok
22:36:01.0871 0x0598 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:36:01.0871 0x0598 amdsata - ok
22:36:01.0887 0x0598 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:36:01.0887 0x0598 amdsbs - ok
22:36:01.0902 0x0598 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:36:01.0902 0x0598 amdxata - ok
22:36:01.0934 0x0598 [ 70EE2EA42E9F20B794C4804454F1A37A, 49B615BF138E2C5AFF04EFDF7928D49117DF41DCD48922683E4D3D3FD0DF9A04 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
22:36:01.0949 0x0598 AntiVirMailService - ok
22:36:01.0965 0x0598 [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:36:01.0981 0x0598 AntiVirSchedulerService - ok
22:36:01.0981 0x0598 [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:36:01.0996 0x0598 AntiVirService - ok
22:36:02.0027 0x0598 [ 96812A05A4C39CC55CF0CD286C3D6B8F, 18F38ACB3E87EFFD9B3A1126B0C4FF6CE3A6F327E01A6FC8AB2DCFFE9BF58953 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:36:02.0059 0x0598 AntiVirWebService - ok
22:36:02.0059 0x0598 [ 968A4A0FD5BF07717F4E869875A4B149, 1AC58AD408E7FC8345E5CA7785321AE4B7FDE6776EA69280D0B05056517052F8 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
22:36:02.0074 0x0598 ApfiltrService - ok
22:36:02.0090 0x0598 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\Windows\system32\drivers\appid.sys
22:36:02.0090 0x0598 AppID - ok
22:36:02.0090 0x0598 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:36:02.0106 0x0598 AppIDSvc - ok
22:36:02.0106 0x0598 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\Windows\System32\appinfo.dll
22:36:02.0121 0x0598 Appinfo - ok
22:36:02.0121 0x0598 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\Windows\system32\drivers\arc.sys
22:36:02.0137 0x0598 arc - ok
22:36:02.0137 0x0598 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:36:02.0152 0x0598 arcsas - ok
22:36:02.0152 0x0598 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:36:02.0168 0x0598 AsyncMac - ok
22:36:02.0168 0x0598 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\Windows\system32\drivers\atapi.sys
22:36:02.0168 0x0598 atapi - ok
22:36:02.0184 0x0598 [ 51C6777AD7649F6C3ED389151CFD9DE6, B010089D83A9D96DC5D1C525B8EA913CF2F80FA0254684A16DD29CCA9BE84620 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
22:36:02.0184 0x0598 AthBTPort - ok
22:36:02.0199 0x0598 [ 688D17F196290EB2FCE0D6A62227853A, 1A959A248237CE858130C2726321E6168F2FB7511F9FA8AB017880846D59910A ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
22:36:02.0199 0x0598 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
22:36:04.0637 0x0598 Detect skipped due to KSN trusted
22:36:04.0637 0x0598 AtherosSvc - ok
22:36:04.0700 0x0598 [ 1DA32C4ED8D3928B0DAC570557B8A09B, F828CD4FCA70D6F231D2C8DB0DBD428AA690ACC698B6F4631C8E12E72241F625 ] athr C:\Windows\system32\DRIVERS\athw8x.sys
22:36:04.0762 0x0598 athr - ok
22:36:04.0778 0x0598 [ 54494B93BB5AD74C807100144EC30D64, 34332E0DDCA5229DA8A0661F74D7FD2F6757CDD37081FE13B3358A7AB59F0AE0 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:36:04.0793 0x0598 atksgt - ok
22:36:04.0793 0x0598 [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
22:36:04.0809 0x0598 AudioEndpointBuilder - ok
22:36:04.0825 0x0598 [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:36:04.0840 0x0598 Audiosrv - ok
22:36:04.0856 0x0598 [ AA0F13E719C3C527287AD87E9205F4D9, 818AB6B2B9AF0ABA28954A142527CE71C25CC24DDC64581EF7117CA88C6CF302 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:36:04.0856 0x0598 avgntflt - ok
22:36:04.0856 0x0598 [ 9039B209BA877AF088288DB83C18D3D8, 11EC0E195A735A7599C74DD25A00F86BD44AEBAE6C20D9A995DCEB252887679E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:36:04.0872 0x0598 avipbb - ok
22:36:04.0887 0x0598 [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
22:36:04.0887 0x0598 Avira.ServiceHost - ok
22:36:04.0903 0x0598 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:36:04.0903 0x0598 avkmgr - ok
22:36:04.0903 0x0598 [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
22:36:04.0918 0x0598 avnetflt - ok
22:36:04.0918 0x0598 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:36:04.0934 0x0598 AxInstSV - ok
22:36:04.0934 0x0598 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:36:04.0965 0x0598 b06bdrv - ok
22:36:04.0965 0x0598 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
22:36:04.0965 0x0598 BasicDisplay - ok
22:36:04.0981 0x0598 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
22:36:04.0981 0x0598 BasicRender - ok
22:36:04.0997 0x0598 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\Windows\System32\bdesvc.dll
22:36:04.0997 0x0598 BDESVC - ok
22:36:04.0997 0x0598 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\Windows\system32\drivers\Beep.sys
22:36:05.0012 0x0598 Beep - ok
22:36:05.0028 0x0598 [ 431320C07A4073BD77AF7E32DB241FA8, 9285D8CE161291751A037C19ABA744A74B41EA6F9805F5A1101198C6E519F444 ] BFE C:\Windows\System32\bfe.dll
22:36:05.0043 0x0598 BFE - ok
22:36:05.0059 0x0598 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\Windows\System32\qmgr.dll
22:36:05.0090 0x0598 BITS - ok
22:36:05.0090 0x0598 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:36:05.0106 0x0598 bowser - ok
22:36:05.0106 0x0598 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
22:36:05.0122 0x0598 BrokerInfrastructure - ok
22:36:05.0122 0x0598 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\Windows\System32\browser.dll
22:36:05.0137 0x0598 Browser - ok
22:36:05.0153 0x0598 [ B600D86961C6DF87EEB637D4C4ABB663, 1847B661373AFC14607682C51A786D5E450E10A10ADCEE4A3951055552531301 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
22:36:05.0153 0x0598 BTATH_A2DP - ok
22:36:05.0153 0x0598 [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
22:36:05.0168 0x0598 btath_avdt - ok
22:36:05.0168 0x0598 [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS C:\Windows\System32\drivers\btath_bus.sys
22:36:05.0168 0x0598 BTATH_BUS - ok
22:36:05.0184 0x0598 [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP C:\Windows\System32\drivers\btath_hcrp.sys
22:36:05.0184 0x0598 BTATH_HCRP - ok
22:36:05.0200 0x0598 [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
22:36:05.0200 0x0598 BTATH_LWFLT - ok
22:36:05.0200 0x0598 [ 057DA8351AD21AE485A11A8237DC9263, 151C0A591A26E26C7700F00EC8E95C6D8A5406869109A0CA01A3C38D1C5FBA2A ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys
22:36:05.0215 0x0598 BTATH_RCP - ok
22:36:05.0231 0x0598 [ F0B7281CE5B52BF847ADCA5846DE3CC8, 0F3DCB4C03BED812050D7B2EF54537A7EC77C3EFD70B1D0621A44C54903D881D ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
22:36:05.0247 0x0598 BtFilter - ok
22:36:05.0247 0x0598 [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
22:36:05.0247 0x0598 BthAvrcpTg - ok
22:36:05.0262 0x0598 [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
22:36:05.0262 0x0598 BthEnum - ok
22:36:05.0262 0x0598 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
22:36:05.0293 0x0598 BthHFEnum - ok
22:36:05.0293 0x0598 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
22:36:05.0309 0x0598 bthhfhid - ok
22:36:05.0309 0x0598 [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
22:36:05.0325 0x0598 BthLEEnum - ok
22:36:05.0325 0x0598 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
22:36:05.0356 0x0598 BTHMODEM - ok
22:36:05.0356 0x0598 [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:36:05.0356 0x0598 BthPan - ok
22:36:05.0387 0x0598 [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:36:05.0418 0x0598 BTHPORT - ok
22:36:05.0418 0x0598 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\Windows\system32\bthserv.dll
22:36:05.0434 0x0598 bthserv - ok
22:36:05.0434 0x0598 [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:36:05.0450 0x0598 BTHUSB - ok
22:36:05.0450 0x0598 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:36:05.0465 0x0598 cdfs - ok
22:36:05.0465 0x0598 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\Windows\System32\drivers\cdrom.sys
22:36:05.0481 0x0598 cdrom - ok
22:36:05.0481 0x0598 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\Windows\System32\certprop.dll
22:36:05.0497 0x0598 CertPropSvc - ok
22:36:05.0497 0x0598 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\Windows\System32\drivers\circlass.sys
22:36:05.0512 0x0598 circlass - ok
22:36:05.0528 0x0598 [ 94250D5AE3E7269DB29BCF96E07F21A6, 538C6CDCD193AABDE40CC25220528F8F80AEF828C46D8660234CB0E592B607CB ] CLFS C:\Windows\system32\drivers\CLFS.sys
22:36:05.0544 0x0598 CLFS - ok
22:36:05.0544 0x0598 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
22:36:05.0559 0x0598 CmBatt - ok
22:36:05.0575 0x0598 [ 1824F120E8390BC47B1C3013C9E84D84, CEC0D3F32410A33FD2CAE3533F0361615037FC20A4229262CB2ED555732EDBFC ] CNG C:\Windows\system32\Drivers\cng.sys
22:36:05.0590 0x0598 CNG - ok
22:36:05.0606 0x0598 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
22:36:05.0622 0x0598 CompositeBus - ok
22:36:05.0622 0x0598 COMSysApp - ok
22:36:05.0622 0x0598 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\Windows\system32\drivers\condrv.sys
22:36:05.0637 0x0598 condrv - ok
22:36:05.0653 0x0598 [ 78AF1C499BF02F9814DF959A04A4F9C9, 9D569A57551C7ACE032C3ECC7BEB8C7606D6BAF58AC1660B4E9FBE907F47E274 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:36:05.0669 0x0598 cphs - ok
22:36:05.0669 0x0598 cpuz137 - ok
22:36:05.0684 0x0598 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:36:05.0684 0x0598 CryptSvc - ok
22:36:05.0700 0x0598 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\Windows\system32\drivers\dam.sys
22:36:05.0700 0x0598 dam - ok
22:36:05.0715 0x0598 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:36:05.0747 0x0598 DcomLaunch - ok
22:36:05.0747 0x0598 [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc C:\Windows\System32\defragsvc.dll
22:36:05.0762 0x0598 defragsvc - ok
22:36:05.0778 0x0598 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
22:36:05.0794 0x0598 DeviceAssociationService - ok
22:36:05.0809 0x0598 [ D06DB4200F9444B2386E6C0E68CD574A, 7266A22D6AF86813CF8AB13BE40384D20C24CE72EF75B0C467C5F88F5B058B1E ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
22:36:05.0809 0x0598 DeviceFastLaneService - ok
22:36:05.0825 0x0598 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
22:36:05.0840 0x0598 DeviceInstall - ok
22:36:05.0840 0x0598 [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
22:36:05.0840 0x0598 Dfsc - ok
22:36:05.0856 0x0598 [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
22:36:05.0856 0x0598 dg_ssudbus - ok
22:36:05.0887 0x0598 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:36:05.0887 0x0598 Dhcp - ok
22:36:05.0903 0x0598 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\Windows\system32\drivers\discache.sys
22:36:05.0903 0x0598 discache - ok
22:36:05.0919 0x0598 [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\Windows\system32\drivers\disk.sys
22:36:05.0919 0x0598 disk - ok
22:36:05.0934 0x0598 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
22:36:05.0934 0x0598 dmvsc - ok
22:36:05.0950 0x0598 [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:36:05.0950 0x0598 Dnscache - ok
22:36:05.0965 0x0598 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\Windows\System32\dot3svc.dll
22:36:05.0981 0x0598 dot3svc - ok
22:36:05.0981 0x0598 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\Windows\system32\dps.dll
22:36:05.0997 0x0598 DPS - ok
22:36:05.0997 0x0598 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:36:06.0012 0x0598 drmkaud - ok
22:36:06.0012 0x0598 [ D2BCDD6BBFCD068090C109854FCEE079, 6DC8C67713566ABD2CC7860359AC7ABDBA8B6949D8F7ED001730BB0D53010693 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:36:06.0028 0x0598 DsiWMIService - ok
22:36:06.0044 0x0598 [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
22:36:06.0044 0x0598 DsmSvc - ok
22:36:06.0075 0x0598 [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:36:06.0106 0x0598 DXGKrnl - ok
22:36:06.0122 0x0598 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\Windows\System32\eapsvc.dll
22:36:06.0122 0x0598 Eaphost - ok
22:36:06.0184 0x0598 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:36:06.0262 0x0598 ebdrv - ok
22:36:06.0262 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS C:\Windows\System32\lsass.exe
22:36:06.0278 0x0598 EFS - ok
22:36:06.0278 0x0598 [ AD23FC5DB336CA89A6FC2DA1F70E421C, 8C543A0057873B71F19D4D94249D6690F27708FB4D6F4056EC87DF33D7D120EF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
22:36:06.0294 0x0598 EgisTec Ticket Service - ok
22:36:06.0294 0x0598 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
22:36:06.0309 0x0598 EhStorClass - ok
22:36:06.0309 0x0598 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
22:36:06.0309 0x0598 EhStorTcgDrv - ok
22:36:06.0325 0x0598 [ 5C5552BF36C443746A9808EB632B3947, 08969E5A04DECBF374C52A0A0A8DDB2188DFCDAE879D40943FE307971F03E027 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
22:36:06.0340 0x0598 ePowerSvc - ok
22:36:06.0340 0x0598 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\Windows\System32\drivers\errdev.sys
22:36:06.0356 0x0598 ErrDev - ok
22:36:06.0372 0x0598 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\Windows\system32\es.dll
22:36:06.0387 0x0598 EventSystem - ok
22:36:06.0387 0x0598 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\Windows\system32\drivers\exfat.sys
22:36:06.0403 0x0598 exfat - ok
22:36:06.0419 0x0598 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:36:06.0419 0x0598 fastfat - ok
22:36:06.0434 0x0598 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\Windows\system32\fxssvc.exe
22:36:06.0465 0x0598 Fax - ok
22:36:06.0465 0x0598 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\Windows\System32\drivers\fdc.sys
22:36:06.0465 0x0598 fdc - ok
22:36:06.0481 0x0598 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\Windows\system32\fdPHost.dll
22:36:06.0481 0x0598 fdPHost - ok
22:36:06.0497 0x0598 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\Windows\system32\fdrespub.dll
22:36:06.0497 0x0598 FDResPub - ok
22:36:06.0512 0x0598 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\Windows\system32\fhsvc.dll
22:36:06.0512 0x0598 fhsvc - ok
22:36:06.0528 0x0598 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:36:06.0528 0x0598 FileInfo - ok
22:36:06.0528 0x0598 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:36:06.0544 0x0598 Filetrace - ok
22:36:06.0559 0x0598 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:36:06.0575 0x0598 FLEXnet Licensing Service - ok
22:36:06.0575 0x0598 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
22:36:06.0590 0x0598 flpydisk - ok
22:36:06.0590 0x0598 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:36:06.0606 0x0598 FltMgr - ok
22:36:06.0637 0x0598 [ B4814D041FBC1AABD19178052A466D0A, 887823E37EC4891F2CC6462F156E5F1A100E35D7AD2EB2F2E7D6AA7C160615E2 ] FontCache C:\Windows\system32\FntCache.dll
22:36:06.0669 0x0598 FontCache - ok
22:36:06.0669 0x0598 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:36:06.0684 0x0598 FontCache3.0.0.0 - ok
22:36:06.0684 0x0598 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:36:06.0684 0x0598 FsDepends - ok
22:36:06.0700 0x0598 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:36:06.0700 0x0598 Fs_Rec - ok
22:36:06.0715 0x0598 [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:36:06.0731 0x0598 fvevol - ok
22:36:06.0731 0x0598 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
22:36:06.0731 0x0598 FxPPM - ok
22:36:06.0747 0x0598 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:36:06.0747 0x0598 gagp30kx - ok
22:36:06.0747 0x0598 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
22:36:06.0762 0x0598 gencounter - ok
22:36:06.0762 0x0598 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
22:36:06.0778 0x0598 GPIOClx0101 - ok
22:36:06.0794 0x0598 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\Windows\System32\gpsvc.dll
22:36:06.0840 0x0598 gpsvc - ok
22:36:06.0840 0x0598 [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:36:06.0856 0x0598 HdAudAddService - ok
22:36:06.0856 0x0598 [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
22:36:06.0872 0x0598 HDAudBus - ok
22:36:06.0872 0x0598 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
22:36:06.0887 0x0598 HidBatt - ok
22:36:06.0887 0x0598 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\Windows\System32\drivers\hidbth.sys
22:36:06.0903 0x0598 HidBth - ok
22:36:06.0903 0x0598 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
22:36:06.0903 0x0598 hidi2c - ok
22:36:06.0919 0x0598 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\Windows\System32\drivers\hidir.sys
22:36:06.0934 0x0598 HidIr - ok
22:36:06.0934 0x0598 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\Windows\system32\hidserv.dll
22:36:06.0934 0x0598 hidserv - ok
22:36:06.0950 0x0598 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\Windows\System32\drivers\hidusb.sys
22:36:06.0950 0x0598 HidUsb - ok
22:36:06.0950 0x0598 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:36:06.0965 0x0598 hkmsvc - ok
22:36:06.0981 0x0598 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:36:06.0981 0x0598 HomeGroupListener - ok
22:36:06.0997 0x0598 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:36:07.0012 0x0598 HomeGroupProvider - ok
22:36:07.0012 0x0598 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:36:07.0028 0x0598 HpSAMD - ok
22:36:07.0044 0x0598 [ 258A9103842E36CD27D07D5A1F6D2A23, 883E797263DB0A971C5FDDB588AAE041DD1021F079A891E8AA4525799C795B04 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:36:07.0059 0x0598 HTTP - ok
22:36:07.0090 0x0598 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
22:36:07.0090 0x0598 HWiNFO32 - ok
22:36:07.0090 0x0598 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:36:07.0106 0x0598 hwpolicy - ok
22:36:07.0106 0x0598 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
22:36:07.0106 0x0598 hyperkbd - ok
22:36:07.0122 0x0598 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
22:36:07.0122 0x0598 HyperVideo - ok
22:36:07.0122 0x0598 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
22:36:07.0137 0x0598 i8042prt - ok
22:36:07.0153 0x0598 [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
22:36:07.0169 0x0598 iaStorA - ok
22:36:07.0184 0x0598 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:36:07.0200 0x0598 iaStorV - ok
22:36:07.0247 0x0598 [ 5AD5A7781BE907D6E2D75CA1DADAA97B, 355234ED6E49A1080CFFC9C18D185DA653A00C6B79B204368A971EACE5A416A9 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
22:36:07.0278 0x0598 IconMan_R - ok
22:36:07.0372 0x0598 [ A1CF07D24EDCDC6870535471654D957C, FA0CD2ABA2C15E9FC4A1DEE58F365EC10D9597D521556DC2648B50CE0537926D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:36:07.0481 0x0598 igfx - ok
22:36:07.0481 0x0598 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:36:07.0497 0x0598 iirsp - ok
22:36:07.0497 0x0598 [ EDCCC8C13B1EB882F77BA0ABB84566E7, DB299C1D2CFC197CF2FE69358F5EEDE94DCC4C919AF5D2CDFFF0DE476612C988 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
22:36:07.0497 0x0598 IJPLMSVC - ok
22:36:07.0528 0x0598 [ 6F3037196ED82BA5ABA3135C49A1BAB4, 3862C6A27E78A279E974A5B97A1648CFD4FEF824CBEF6493F52812ECEA688D93 ] IKEEXT C:\Windows\System32\ikeext.dll
22:36:07.0559 0x0598 IKEEXT - ok
22:36:07.0622 0x0598 [ DDC860724AEF8F8E42AC61E6585769C6, 62AD5772E8097B03E161E6F14582E2A4BBA0DFA1A1E7F664D881D464E136DBD2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:36:07.0700 0x0598 IntcAzAudAddService - ok
22:36:07.0715 0x0598 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:36:07.0715 0x0598 IntcDAud - ok
22:36:07.0731 0x0598 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:36:07.0747 0x0598 Intel(R) Capability Licensing Service Interface - ok
22:36:07.0762 0x0598 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\Windows\system32\drivers\intelide.sys
22:36:07.0762 0x0598 intelide - ok
22:36:07.0762 0x0598 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\Windows\System32\drivers\intelppm.sys
22:36:07.0778 0x0598 intelppm - ok
22:36:07.0778 0x0598 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:36:07.0794 0x0598 IpFilterDriver - ok
22:36:07.0809 0x0598 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:36:07.0825 0x0598 iphlpsvc - ok
22:36:07.0841 0x0598 [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
22:36:07.0841 0x0598 IPMIDRV - ok
22:36:07.0856 0x0598 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:36:07.0856 0x0598 IPNAT - ok
22:36:07.0872 0x0598 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:36:07.0872 0x0598 IRENUM - ok
22:36:07.0872 0x0598 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:36:07.0887 0x0598 isapnp - ok
22:36:07.0887 0x0598 [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
22:36:07.0903 0x0598 iScsiPrt - ok
22:36:07.0919 0x0598 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:36:07.0919 0x0598 jhi_service - ok
22:36:07.0919 0x0598 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
22:36:07.0934 0x0598 kbdclass - ok
22:36:07.0934 0x0598 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
22:36:07.0950 0x0598 kbdhid - ok
22:36:07.0950 0x0598 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
22:36:07.0950 0x0598 kdnic - ok
22:36:07.0950 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso C:\Windows\system32\lsass.exe
22:36:07.0966 0x0598 KeyIso - ok
22:36:07.0966 0x0598 [ 559A933F5647A7A2783C8A0C6CB0514C, B4CF12D409F14E21DE081A5D7FC935719582FADA1505D03301B444B6B027F1EB ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:36:07.0981 0x0598 KSecDD - ok
22:36:07.0981 0x0598 [ 526F8A5EF20BC3633E8C4769BCBF60D0, EC736E1495018B7FD41273F05BA701370E86C24B95FBECC1402AA1EC2C1EAF68 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:36:07.0997 0x0598 KSecPkg - ok
22:36:07.0997 0x0598 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:36:08.0012 0x0598 ksthunk - ok
22:36:08.0012 0x0598 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:36:08.0028 0x0598 KtmRm - ok
22:36:08.0044 0x0598 [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\Windows\system32\DRIVERS\L1C63x64.sys
22:36:08.0044 0x0598 L1C - ok
22:36:08.0059 0x0598 [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:36:08.0059 0x0598 LanmanServer - ok
22:36:08.0075 0x0598 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:36:08.0091 0x0598 LanmanWorkstation - ok
22:36:08.0091 0x0598 [ 8E4CA9AFD55EF6B509C80A8715ABF8C6, 45698605D17285D346D2052607AEF492EBD89E9625367C31584C7C84757EEFE0 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:36:08.0091 0x0598 lirsgt - ok
22:36:08.0137 0x0598 [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
22:36:08.0200 0x0598 LiveUpdateSvc - ok
22:36:08.0200 0x0598 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:36:08.0216 0x0598 lltdio - ok
22:36:08.0216 0x0598 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:36:08.0231 0x0598 lltdsvc - ok
22:36:08.0231 0x0598 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:36:08.0247 0x0598 lmhosts - ok
22:36:08.0247 0x0598 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:36:08.0262 0x0598 LMS - ok
22:36:08.0262 0x0598 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:36:08.0278 0x0598 LSI_SAS - ok
22:36:08.0278 0x0598 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:36:08.0294 0x0598 LSI_SAS2 - ok
22:36:08.0294 0x0598 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:36:08.0309 0x0598 LSI_SCSI - ok
22:36:08.0309 0x0598 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
22:36:08.0309 0x0598 LSI_SSS - ok
22:36:08.0325 0x0598 [ 483B06BDD893D88A64887441910D9E51, 222CD4099DDF34E8AC05FC1099DF1C9E7E3905162B51D6820601BE097991F397 ] LSM C:\Windows\System32\lsm.dll
22:36:08.0341 0x0598 LSM - ok
22:36:08.0341 0x0598 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\Windows\system32\drivers\luafv.sys
22:36:08.0356 0x0598 luafv - ok
22:36:08.0372 0x0598 McAfee SiteAdvisor Service - ok
22:36:08.0372 0x0598 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\Windows\system32\drivers\megasas.sys
22:36:08.0372 0x0598 megasas - ok
22:36:08.0387 0x0598 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:36:08.0403 0x0598 MegaSR - ok
22:36:08.0403 0x0598 [ 48F64A35BA9F2E4AC0587DDA555FF951, 77FE2BE86ADCE103F4220A641139C42B1407CF8EFFEB66F841ABF9CFC3621558 ] MEIx64 C:\Windows\System32\drivers\TeeDriverW8x64.sys
22:36:08.0419 0x0598 MEIx64 - ok
22:36:08.0419 0x0598 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\Windows\system32\mmcss.dll
22:36:08.0434 0x0598 MMCSS - ok
22:36:08.0434 0x0598 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\Windows\system32\drivers\modem.sys
22:36:08.0450 0x0598 Modem - ok
22:36:08.0450 0x0598 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\Windows\System32\drivers\monitor.sys
22:36:08.0450 0x0598 monitor - ok
22:36:08.0466 0x0598 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\Windows\System32\drivers\mouclass.sys
22:36:08.0481 0x0598 mouclass - ok
22:36:08.0481 0x0598 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\Windows\System32\drivers\mouhid.sys
22:36:08.0481 0x0598 mouhid - ok
22:36:08.0497 0x0598 [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:36:08.0497 0x0598 mountmgr - ok
22:36:08.0512 0x0598 [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:36:08.0512 0x0598 MozillaMaintenance - ok
22:36:08.0512 0x0598 [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:36:08.0528 0x0598 mpsdrv - ok
22:36:08.0544 0x0598 [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:36:08.0575 0x0598 MpsSvc - ok
22:36:08.0575 0x0598 [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:36:08.0591 0x0598 MRxDAV - ok
22:36:08.0591 0x0598 [ 6BA2A5D1C74E7CB3AFAF301A7E5D9E44, 92CACD154D3D7E738C6D2492186270762B1888E89F505EE00C3CAE58F71650ED ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:36:08.0606 0x0598 mrxsmb - ok
22:36:08.0622 0x0598 [ 7E86B45D5F84E0F96AE18BEAC7A51EE4, 2B4DC0B017FD90D7D2F6A35342F5A17B20E79D077D3DFC4AD2455C0D814B7B5E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:36:08.0637 0x0598 mrxsmb10 - ok
22:36:08.0637 0x0598 [ 1BB4582396718EDEFF8A4493AEF67D66, 62AA83190CA041131E43B2031175D9F0F8ACD9A0EB0EC8B8F66C2951F15420E4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:36:08.0653 0x0598 mrxsmb20 - ok
22:36:08.0653 0x0598 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
22:36:08.0669 0x0598 MsBridge - ok
22:36:08.0669 0x0598 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\Windows\System32\msdtc.exe
22:36:08.0684 0x0598 MSDTC - ok
22:36:08.0684 0x0598 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:36:08.0700 0x0598 Msfs - ok
22:36:08.0700 0x0598 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
22:36:08.0716 0x0598 msgpiowin32 - ok
22:36:08.0716 0x0598 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:36:08.0716 0x0598 mshidkmdf - ok
22:36:08.0716 0x0598 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
22:36:08.0731 0x0598 mshidumdf - ok
22:36:08.0731 0x0598 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:36:08.0747 0x0598 msisadrv - ok
22:36:08.0747 0x0598 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:36:08.0762 0x0598 MSiSCSI - ok
22:36:08.0762 0x0598 msiserver - ok
22:36:08.0762 0x0598 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:36:08.0778 0x0598 MSKSSRV - ok
22:36:08.0778 0x0598 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
22:36:08.0778 0x0598 MsLldp - ok
22:36:08.0794 0x0598 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:36:08.0794 0x0598 MSPCLOCK - ok
22:36:08.0794 0x0598 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:36:08.0809 0x0598 MSPQM - ok
22:36:08.0809 0x0598 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:36:08.0825 0x0598 MsRPC - ok
22:36:08.0841 0x0598 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
22:36:08.0841 0x0598 mssmbios - ok
22:36:08.0841 0x0598 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:36:08.0856 0x0598 MSTEE - ok
22:36:08.0856 0x0598 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
22:36:08.0856 0x0598 MTConfig - ok
22:36:08.0872 0x0598 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\Windows\system32\Drivers\mup.sys
22:36:08.0872 0x0598 Mup - ok
22:36:08.0887 0x0598 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\Windows\system32\drivers\mvumis.sys
22:36:08.0887 0x0598 mvumis - ok
22:36:08.0887 0x0598 [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
22:36:08.0903 0x0598 mwlPSDFilter - ok
22:36:08.0903 0x0598 [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
22:36:08.0903 0x0598 mwlPSDNServ - ok
22:36:08.0903 0x0598 [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
22:36:08.0919 0x0598 mwlPSDVDisk - ok
22:36:08.0919 0x0598 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\Windows\system32\qagentRT.dll
22:36:08.0934 0x0598 napagent - ok
22:36:08.0950 0x0598 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:36:08.0966 0x0598 NativeWifiP - ok
22:36:08.0981 0x0598 [ 4DF6F43F761A600208F90A55D05F9B7E, AC93B4497FB428F7EC42DCF5956A2A61B951394E555BF6C89E55943E0B681586 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
22:36:08.0997 0x0598 NAUpdate - ok
22:36:09.0012 0x0598 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\Windows\System32\ncasvc.dll
22:36:09.0012 0x0598 NcaSvc - ok
22:36:09.0028 0x0598 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
22:36:09.0028 0x0598 NcdAutoSetup - ok
22:36:09.0044 0x0598 [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\Windows\system32\drivers\ndis.sys
22:36:09.0075 0x0598 NDIS - ok
22:36:09.0075 0x0598 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:36:09.0091 0x0598 NdisCap - ok
22:36:09.0091 0x0598 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
22:36:09.0106 0x0598 NdisImPlatform - ok
22:36:09.0106 0x0598 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:36:09.0122 0x0598 NdisTapi - ok
22:36:09.0122 0x0598 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:36:09.0137 0x0598 Ndisuio - ok
22:36:09.0137 0x0598 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:36:09.0153 0x0598 NdisWan - ok
22:36:09.0153 0x0598 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
22:36:09.0169 0x0598 NDISWANLEGACY - ok
22:36:09.0169 0x0598 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:36:09.0184 0x0598 NDProxy - ok
22:36:09.0184 0x0598 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\Windows\system32\drivers\Ndu.sys
22:36:09.0200 0x0598 Ndu - ok
22:36:09.0200 0x0598 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:36:09.0216 0x0598 NetBIOS - ok
22:36:09.0216 0x0598 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:36:09.0231 0x0598 NetBT - ok
22:36:09.0231 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon C:\Windows\system32\lsass.exe
22:36:09.0247 0x0598 Netlogon - ok
22:36:09.0247 0x0598 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\Windows\System32\netman.dll
22:36:09.0262 0x0598 Netman - ok
22:36:09.0278 0x0598 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\Windows\System32\netprofmsvc.dll
22:36:09.0294 0x0598 netprofm - ok
22:36:09.0294 0x0598 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:36:09.0309 0x0598 NetTcpPortSharing - ok
22:36:09.0309 0x0598 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:36:09.0325 0x0598 nfrd960 - ok
22:36:09.0325 0x0598 [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:36:09.0341 0x0598 NlaSvc - ok
22:36:09.0356 0x0598 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:36:09.0356 0x0598 Npfs - ok
22:36:09.0356 0x0598 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
22:36:09.0372 0x0598 npsvctrig - ok
22:36:09.0372 0x0598 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\Windows\system32\nsisvc.dll
22:36:09.0388 0x0598 nsi - ok
22:36:09.0388 0x0598 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:36:09.0403 0x0598 nsiproxy - ok
22:36:09.0434 0x0598 [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:36:09.0481 0x0598 Ntfs - ok
22:36:09.0481 0x0598 [ A9AE582FE2240E7FB0E9C11E1CC762A0, 60297CBEE5638E4E5EEF1098B2391A72DE75DC72B1DD812277758BEF770D6C71 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
22:36:09.0497 0x0598 NTI IScheduleSvc - ok
22:36:09.0497 0x0598 [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
22:36:09.0497 0x0598 NTIDrvr - ok
22:36:09.0513 0x0598 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\Windows\system32\drivers\Null.sys
22:36:09.0513 0x0598 Null - ok
22:36:09.0731 0x0598 [ 076C32433B06AAAD72742774E56FB854, 198D522AABA406EB0C36BEF25FD48A1BD914D877A7E8534605957F4FF3A3135B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:36:09.0950 0x0598 nvlddmkm - ok
22:36:09.0966 0x0598 [ 0AFB4857ADD1D11012E6B38C9F4B625B, 08FFD7DF327462CC2BFCBC251A075603B46E338156396C6A3AFD5896E9A9B8A1 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
22:36:09.0966 0x0598 nvpciflt - ok
22:36:09.0981 0x0598 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:36:09.0981 0x0598 nvraid - ok
22:36:09.0997 0x0598 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:36:09.0997 0x0598 nvstor - ok
22:36:10.0013 0x0598 [ A9495A3AAAB5E470F2460F85849A5F66, C84675F39BD07E2A7B0FB491709A2D83476208D235CD78F4ECB947BED82CE01C ] nvsvc C:\Windows\system32\nvvsvc.exe
22:36:10.0044 0x0598 nvsvc - ok
22:36:10.0059 0x0598 [ FAA2048284D763409F7BB84F61601C80, 9ED505AC0D0E124D2EBD2AC7EF463FC4640F67B54533FA560DF47A6CBB86E623 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:36:10.0091 0x0598 nvUpdatusService - ok
22:36:10.0091 0x0598 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:36:10.0106 0x0598 nv_agp - ok
22:36:10.0106 0x0598 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:36:10.0122 0x0598 p2pimsvc - ok
22:36:10.0138 0x0598 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\Windows\system32\p2psvc.dll
22:36:10.0153 0x0598 p2psvc - ok
22:36:10.0153 0x0598 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\Windows\System32\drivers\parport.sys
22:36:10.0169 0x0598 Parport - ok
22:36:10.0169 0x0598 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:36:10.0184 0x0598 partmgr - ok
22:36:10.0184 0x0598 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:36:10.0200 0x0598 PcaSvc - ok
22:36:10.0216 0x0598 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\Windows\system32\drivers\pci.sys
22:36:10.0216 0x0598 pci - ok
22:36:10.0231 0x0598 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\Windows\system32\drivers\pciide.sys
22:36:10.0231 0x0598 pciide - ok
22:36:10.0247 0x0598 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:36:10.0247 0x0598 pcmcia - ok
22:36:10.0263 0x0598 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\Windows\system32\drivers\pcw.sys
22:36:10.0263 0x0598 pcw - ok
22:36:10.0263 0x0598 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\Windows\system32\drivers\pdc.sys
22:36:10.0278 0x0598 pdc - ok
22:36:10.0294 0x0598 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:36:10.0309 0x0598 PEAUTH - ok
22:36:10.0325 0x0598 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:36:10.0341 0x0598 PerfHost - ok
22:36:10.0372 0x0598 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\Windows\system32\pla.dll
22:36:10.0403 0x0598 pla - ok
22:36:10.0419 0x0598 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:36:10.0419 0x0598 PlugPlay - ok
22:36:10.0434 0x0598 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:36:10.0434 0x0598 PNRPAutoReg - ok
22:36:10.0450 0x0598 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:36:10.0450 0x0598 PNRPsvc - ok
22:36:10.0466 0x0598 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:36:10.0481 0x0598 PolicyAgent - ok
22:36:10.0497 0x0598 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\Windows\system32\umpo.dll
22:36:10.0497 0x0598 Power - ok
22:36:10.0513 0x0598 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:36:10.0513 0x0598 PptpMiniport - ok
22:36:10.0575 0x0598 [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
22:36:10.0638 0x0598 PrintNotify - ok
22:36:10.0638 0x0598 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\Windows\System32\drivers\processr.sys
22:36:10.0653 0x0598 Processor - ok
22:36:10.0653 0x0598 [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:36:10.0669 0x0598 ProfSvc - ok
22:36:10.0684 0x0598 [ F115AF58ABE5605D7D709CBFBD83F418, 4855FCD6E455D6E374CE92E5B37D61E7E6D8A861BA76521E7CC2542621853471 ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
22:36:10.0700 0x0598 ProtexisLicensing - ok
22:36:10.0700 0x0598 [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid C:\Windows\System32\drivers\aPs2Kb2Hid.sys
22:36:10.0700 0x0598 Ps2Kb2Hid - ok
22:36:10.0716 0x0598 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:36:10.0716 0x0598 Psched - ok
22:36:10.0731 0x0598 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\Windows\system32\qwave.dll
22:36:10.0747 0x0598 QWAVE - ok
22:36:10.0747 0x0598 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:36:10.0763 0x0598 QWAVEdrv - ok
22:36:10.0763 0x0598 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:36:10.0763 0x0598 RasAcd - ok
22:36:10.0778 0x0598 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:36:10.0778 0x0598 RasAgileVpn - ok
22:36:10.0794 0x0598 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\Windows\System32\rasauto.dll
22:36:10.0794 0x0598 RasAuto - ok
22:36:10.0809 0x0598 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:36:10.0825 0x0598 Rasl2tp - ok
22:36:10.0825 0x0598 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\Windows\System32\rasmans.dll
22:36:10.0841 0x0598 RasMan - ok
22:36:10.0841 0x0598 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:36:10.0856 0x0598 RasPppoe - ok
22:36:10.0856 0x0598 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:36:10.0872 0x0598 RasSstp - ok
22:36:10.0888 0x0598 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:36:10.0903 0x0598 rdbss - ok
22:36:10.0903 0x0598 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
22:36:10.0919 0x0598 rdpbus - ok
22:36:10.0919 0x0598 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:36:10.0934 0x0598 RDPDR - ok
22:36:10.0934 0x0598 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:36:10.0934 0x0598 RdpVideoMiniport - ok
22:36:10.0950 0x0598 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:36:10.0950 0x0598 RDPWD - ok
22:36:10.0966 0x0598 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:36:10.0981 0x0598 rdyboost - ok
22:36:10.0981 0x0598 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:36:10.0997 0x0598 RemoteAccess - ok
22:36:10.0997 0x0598 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:36:11.0013 0x0598 RemoteRegistry - ok
22:36:11.0013 0x0598 [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
22:36:11.0028 0x0598 RfButtonDriverService - ok
22:36:11.0028 0x0598 [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
22:36:11.0044 0x0598 RFCOMM - ok
22:36:11.0044 0x0598 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:36:11.0059 0x0598 RpcEptMapper - ok
22:36:11.0059 0x0598 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\Windows\system32\locator.exe
22:36:11.0059 0x0598 RpcLocator - ok
22:36:11.0075 0x0598 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\Windows\system32\rpcss.dll
22:36:11.0106 0x0598 RpcSs - ok
22:36:11.0106 0x0598 [ B868B9C46B11067A809987415E8A08A0, 8139EF76613DD7F2A002E48A593B2B01C5AD38630B9E9E454EB271F8754D511B ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
22:36:11.0122 0x0598 RSPCIESTOR - ok
22:36:11.0122 0x0598 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:36:11.0138 0x0598 rspndr - ok
22:36:11.0153 0x0598 [ 1E3B00B7645272F9033DDA2E26A0285B, 36E8BA7F2356227650E00AE85857BC06DB15E2A93132A4A5FCBC60E1E8EC33C4 ] rtop C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
22:36:11.0153 0x0598 rtop - ok
22:36:11.0153 0x0598 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
22:36:11.0169 0x0598 s3cap - ok
22:36:11.0169 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs C:\Windows\system32\lsass.exe
22:36:11.0184 0x0598 SamSs - ok
22:36:11.0184 0x0598 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:36:11.0200 0x0598 sbp2port - ok
22:36:11.0200 0x0598 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:36:11.0216 0x0598 SCardSvr - ok
22:36:11.0216 0x0598 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:36:11.0231 0x0598 scfilter - ok
22:36:11.0263 0x0598 [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule C:\Windows\system32\schedsvc.dll
22:36:11.0294 0x0598 Schedule - ok
22:36:11.0294 0x0598 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:36:11.0310 0x0598 SCPolicySvc - ok
22:36:11.0325 0x0598 [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\Windows\System32\drivers\sdbus.sys
22:36:11.0325 0x0598 sdbus - ok
22:36:11.0341 0x0598 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:36:11.0356 0x0598 SDRSVC - ok
22:36:11.0356 0x0598 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\Windows\System32\drivers\sdstor.sys
22:36:11.0356 0x0598 sdstor - ok
22:36:11.0372 0x0598 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:36:11.0372 0x0598 secdrv - ok
22:36:11.0372 0x0598 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\Windows\system32\seclogon.dll
22:36:11.0388 0x0598 seclogon - ok
22:36:11.0388 0x0598 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\Windows\System32\sens.dll
22:36:11.0403 0x0598 SENS - ok
22:36:11.0419 0x0598 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:36:11.0435 0x0598 SensrSvc - ok
22:36:11.0435 0x0598 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\Windows\system32\drivers\SerCx.sys
22:36:11.0435 0x0598 SerCx - ok
22:36:11.0450 0x0598 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\Windows\System32\drivers\serenum.sys
22:36:11.0450 0x0598 Serenum - ok
22:36:11.0466 0x0598 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\Windows\System32\drivers\serial.sys
22:36:11.0466 0x0598 Serial - ok
22:36:11.0466 0x0598 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\Windows\System32\drivers\sermouse.sys
22:36:11.0481 0x0598 sermouse - ok
22:36:11.0497 0x0598 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\Windows\system32\sessenv.dll
22:36:11.0513 0x0598 SessionEnv - ok
22:36:11.0513 0x0598 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
22:36:11.0528 0x0598 sfloppy - ok
22:36:11.0528 0x0598 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:36:11.0544 0x0598 SharedAccess - ok
22:36:11.0560 0x0598 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:36:11.0591 0x0598 ShellHWDetection - ok
22:36:11.0591 0x0598 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:36:11.0606 0x0598 SiSRaid2 - ok
22:36:11.0606 0x0598 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:36:11.0622 0x0598 SiSRaid4 - ok
22:36:11.0622 0x0598 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:36:11.0638 0x0598 SkypeUpdate - ok
22:36:11.0653 0x0598 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:36:11.0653 0x0598 SNMPTRAP - ok
22:36:11.0669 0x0598 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\Windows\system32\drivers\spaceport.sys
22:36:11.0685 0x0598 spaceport - ok
22:36:11.0685 0x0598 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
22:36:11.0685 0x0598 SpbCx - ok
22:36:11.0700 0x0598 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\Windows\System32\spoolsv.exe
22:36:11.0731 0x0598 Spooler - ok
22:36:11.0810 0x0598 [ 010FD9B14E98E49ABC4D14F6F9B2B76F, F11FA52B1B6A4FD1BF923BD75E3E0A52E472165E867DADF7A105E84016546BB5 ] sppsvc C:\Windows\system32\sppsvc.exe
22:36:11.0919 0x0598 sppsvc - ok
22:36:11.0919 0x0598 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\Windows\system32\DRIVERS\srv.sys
22:36:11.0935 0x0598 srv - ok
22:36:11.0950 0x0598 [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:36:11.0966 0x0598 srv2 - ok
22:36:11.0981 0x0598 [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:36:11.0997 0x0598 srvnet - ok
22:36:11.0997 0x0598 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:36:12.0013 0x0598 SSDPSRV - ok
22:36:12.0013 0x0598 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:36:12.0028 0x0598 SstpSvc - ok
22:36:12.0044 0x0598 [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
22:36:12.0044 0x0598 ssudmdm - ok
22:36:12.0075 0x0598 [ 4674D48019BB457B402A756BE8F437A3, 94EF17E9E0F3BFC1C163231596899FBBE67BA36D33427E80032E700E07814E60 ] StartMenuService C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
22:36:12.0091 0x0598 StartMenuService - ok
22:36:12.0091 0x0598 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:36:12.0106 0x0598 stexstor - ok
22:36:12.0106 0x0598 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\Windows\System32\wiaservc.dll
22:36:12.0138 0x0598 stisvc - ok
22:36:12.0138 0x0598 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\Windows\system32\drivers\storahci.sys
22:36:12.0138 0x0598 storahci - ok
22:36:12.0153 0x0598 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
22:36:12.0153 0x0598 storflt - ok
22:36:12.0153 0x0598 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\Windows\system32\storsvc.dll
22:36:12.0169 0x0598 StorSvc - ok
22:36:12.0169 0x0598 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:36:12.0185 0x0598 storvsc - ok
22:36:12.0185 0x0598 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\Windows\system32\svsvc.dll
22:36:12.0200 0x0598 svsvc - ok
22:36:12.0200 0x0598 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\Windows\System32\drivers\swenum.sys
22:36:12.0200 0x0598 swenum - ok
22:36:12.0216 0x0598 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:36:12.0231 0x0598 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
22:36:14.0607 0x0598 Detect skipped due to KSN trusted
22:36:14.0607 0x0598 SwitchBoard - ok
22:36:14.0622 0x0598 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\Windows\System32\swprv.dll
22:36:14.0638 0x0598 swprv - ok
22:36:14.0653 0x0598 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\Windows\system32\sysmain.dll
22:36:14.0685 0x0598 SysMain - ok
22:36:14.0700 0x0598 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
22:36:14.0716 0x0598 SystemEventsBroker - ok
22:36:14.0716 0x0598 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
22:36:14.0732 0x0598 TabletInputService - ok
22:36:14.0732 0x0598 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:36:14.0747 0x0598 TapiSrv - ok
22:36:14.0794 0x0598 [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:36:14.0841 0x0598 Tcpip - ok
22:36:14.0888 0x0598 [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:36:14.0935 0x0598 TCPIP6 - ok
22:36:14.0935 0x0598 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:36:14.0950 0x0598 tcpipreg - ok
22:36:14.0950 0x0598 [ 217AEE5DAE1BEF81A1E9A184C4C0BF6A, E554EBE85EE27186C1BD3005E757F356D76574EAFD3E5E03A490C9B8DF19F21A ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:36:14.0966 0x0598 tdx - ok
22:36:14.0966 0x0598 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\Windows\System32\drivers\terminpt.sys
22:36:14.0982 0x0598 terminpt - ok
22:36:14.0997 0x0598 [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService C:\Windows\System32\termsrv.dll
22:36:15.0013 0x0598 TermService - ok
22:36:15.0013 0x0598 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\Windows\system32\themeservice.dll
22:36:15.0028 0x0598 Themes - ok
22:36:15.0028 0x0598 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\Windows\system32\mmcss.dll
22:36:15.0044 0x0598 THREADORDER - ok
22:36:15.0044 0x0598 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
22:36:15.0060 0x0598 TimeBroker - ok
22:36:15.0060 0x0598 [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\Windows\system32\drivers\tpm.sys
22:36:15.0075 0x0598 TPM - ok
22:36:15.0075 0x0598 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\Windows\System32\trkwks.dll
22:36:15.0091 0x0598 TrkWks - ok
22:36:15.0091 0x0598 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:36:15.0107 0x0598 TrustedInstaller - ok
22:36:15.0107 0x0598 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:36:15.0122 0x0598 TsUsbFlt - ok
22:36:15.0122 0x0598 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
22:36:15.0122 0x0598 TsUsbGD - ok
22:36:15.0138 0x0598 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:36:15.0153 0x0598 tunnel - ok
22:36:15.0153 0x0598 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:36:15.0153 0x0598 uagp35 - ok
22:36:15.0169 0x0598 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
22:36:15.0169 0x0598 UASPStor - ok
22:36:15.0169 0x0598 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
22:36:15.0185 0x0598 UBHelper - ok
22:36:15.0185 0x0598 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
22:36:15.0200 0x0598 UCX01000 - ok
22:36:15.0200 0x0598 [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:36:15.0216 0x0598 udfs - ok
22:36:15.0232 0x0598 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:36:15.0232 0x0598 UI0Detect - ok
22:36:15.0247 0x0598 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:36:15.0247 0x0598 uliagpkx - ok
22:36:15.0247 0x0598 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\Windows\System32\drivers\umbus.sys
22:36:15.0263 0x0598 umbus - ok
22:36:15.0263 0x0598 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\Windows\System32\drivers\umpass.sys
22:36:15.0263 0x0598 UmPass - ok
22:36:15.0278 0x0598 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\Windows\System32\umrdp.dll
22:36:15.0294 0x0598 UmRdpService - ok
22:36:15.0294 0x0598 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:36:15.0310 0x0598 UNS - ok
22:36:15.0325 0x0598 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\Windows\System32\upnphost.dll
22:36:15.0341 0x0598 upnphost - ok
22:36:15.0341 0x0598 [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:36:15.0357 0x0598 usbaudio - ok
22:36:15.0357 0x0598 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
22:36:15.0372 0x0598 usbccgp - ok
22:36:15.0372 0x0598 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\Windows\System32\drivers\usbcir.sys
22:36:15.0388 0x0598 usbcir - ok
22:36:15.0388 0x0598 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\Windows\System32\drivers\usbehci.sys
22:36:15.0403 0x0598 usbehci - ok
22:36:15.0403 0x0598 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\Windows\System32\drivers\usbhub.sys
22:36:15.0435 0x0598 usbhub - ok
22:36:15.0435 0x0598 [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
22:36:15.0450 0x0598 USBHUB3 - ok
22:36:15.0466 0x0598 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\Windows\System32\drivers\usbohci.sys
22:36:15.0466 0x0598 usbohci - ok
22:36:15.0466 0x0598 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\Windows\System32\drivers\usbprint.sys
22:36:15.0482 0x0598 usbprint - ok
22:36:15.0482 0x0598 [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
22:36:15.0497 0x0598 USBSTOR - ok
22:36:15.0497 0x0598 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
22:36:15.0497 0x0598 usbuhci - ok
22:36:15.0513 0x0598 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:36:15.0513 0x0598 usbvideo - ok
22:36:15.0528 0x0598 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
22:36:15.0544 0x0598 USBXHCI - ok
22:36:15.0544 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc C:\Windows\system32\lsass.exe
22:36:15.0560 0x0598 VaultSvc - ok
22:36:15.0560 0x0598 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:36:15.0560 0x0598 vdrvroot - ok
22:36:15.0575 0x0598 [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\Windows\System32\vds.exe
22:36:15.0607 0x0598 vds - ok
22:36:15.0607 0x0598 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
22:36:15.0607 0x0598 VerifierExt - ok
22:36:15.0622 0x0598 [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
22:36:15.0638 0x0598 vhdmp - ok
22:36:15.0638 0x0598 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\Windows\system32\drivers\viaide.sys
22:36:15.0653 0x0598 viaide - ok
22:36:15.0653 0x0598 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:36:15.0669 0x0598 vmbus - ok
22:36:15.0669 0x0598 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
22:36:15.0669 0x0598 VMBusHID - ok
22:36:15.0685 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\Windows\System32\ICSvc.dll
22:36:15.0700 0x0598 vmicheartbeat - ok
22:36:15.0700 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
22:36:15.0716 0x0598 vmickvpexchange - ok
22:36:15.0732 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\Windows\System32\ICSvc.dll
22:36:15.0747 0x0598 vmicrdv - ok
22:36:15.0747 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\Windows\System32\ICSvc.dll
22:36:15.0763 0x0598 vmicshutdown - ok
22:36:15.0763 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\Windows\System32\ICSvc.dll
22:36:15.0778 0x0598 vmictimesync - ok
22:36:15.0794 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\Windows\System32\ICSvc.dll
22:36:15.0810 0x0598 vmicvss - ok
22:36:15.0810 0x0598 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:36:15.0825 0x0598 volmgr - ok
22:36:15.0825 0x0598 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:36:15.0841 0x0598 volmgrx - ok
22:36:15.0857 0x0598 [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:36:15.0857 0x0598 volsnap - ok
22:36:15.0872 0x0598 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\Windows\System32\drivers\vpci.sys
22:36:15.0872 0x0598 vpci - ok
22:36:15.0888 0x0598 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:36:15.0888 0x0598 vsmraid - ok
22:36:15.0919 0x0598 [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS C:\Windows\system32\vssvc.exe
22:36:15.0950 0x0598 VSS - ok
22:36:15.0966 0x0598 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
22:36:15.0982 0x0598 VSTXRAID - ok
22:36:15.0982 0x0598 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:36:15.0982 0x0598 vwifibus - ok
22:36:15.0997 0x0598 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:36:15.0997 0x0598 vwififlt - ok
22:36:16.0013 0x0598 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:36:16.0013 0x0598 vwifimp - ok
22:36:16.0029 0x0598 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\Windows\system32\w32time.dll
22:36:16.0044 0x0598 W32Time - ok
22:36:16.0044 0x0598 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\Windows\System32\drivers\wacompen.sys
22:36:16.0060 0x0598 WacomPen - ok
22:36:16.0060 0x0598 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:36:16.0060 0x0598 Wanarp - ok
22:36:16.0075 0x0598 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:36:16.0075 0x0598 Wanarpv6 - ok
22:36:16.0107 0x0598 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\Windows\system32\wbengine.exe
22:36:16.0138 0x0598 wbengine - ok
22:36:16.0154 0x0598 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:36:16.0169 0x0598 WbioSrvc - ok
22:36:16.0169 0x0598 [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc C:\Windows\System32\wcmsvc.dll
22:36:16.0185 0x0598 Wcmsvc - ok
22:36:16.0200 0x0598 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:36:16.0216 0x0598 wcncsvc - ok
22:36:16.0216 0x0598 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:36:16.0232 0x0598 WcsPlugInService - ok
22:36:16.0232 0x0598 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\Windows\system32\drivers\wd.sys
22:36:16.0247 0x0598 Wd - ok
22:36:16.0247 0x0598 [ 5A416C253D2C50327928ABC4A1D8A0F2, A3A41F3E6229D86F85F68062BBEA38290FB78B3D3F0D8DF3B6C01FF5B93A9F16 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
22:36:16.0247 0x0598 WdBoot - ok
22:36:16.0247 0x0598 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\System32\drivers\wdcsam64.sys
22:36:16.0263 0x0598 WDC_SAM - ok
22:36:16.0279 0x0598 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:36:16.0294 0x0598 Wdf01000 - ok
22:36:16.0310 0x0598 [ 6FBA6CD2348DEC440D0C6D511C55F3FE, 0CB50B57D9C6E56B20FA8777540E2C8C5702753758075DA4C310A7B2B2F8A352 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
22:36:16.0310 0x0598 WdFilter - ok
22:36:16.0325 0x0598 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:36:16.0341 0x0598 WdiServiceHost - ok
22:36:16.0341 0x0598 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:36:16.0357 0x0598 WdiSystemHost - ok
22:36:16.0357 0x0598 [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\Windows\System32\webclnt.dll
22:36:16.0372 0x0598 WebClient - ok
22:36:16.0388 0x0598 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:36:16.0388 0x0598 Wecsvc - ok
22:36:16.0404 0x0598 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:36:16.0419 0x0598 wercplsupport - ok
22:36:16.0419 0x0598 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\Windows\System32\WerSvc.dll
22:36:16.0435 0x0598 WerSvc - ok
22:36:16.0435 0x0598 [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
22:36:16.0450 0x0598 WFPLWFS - ok
22:36:16.0450 0x0598 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\Windows\System32\wiarpc.dll
22:36:16.0466 0x0598 WiaRpc - ok
22:36:16.0466 0x0598 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:36:16.0482 0x0598 WIMMount - ok
22:36:16.0482 0x0598 WinDefend - ok
22:36:16.0497 0x0598 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
22:36:16.0513 0x0598 WinHttpAutoProxySvc - ok
22:36:16.0529 0x0598 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:36:16.0544 0x0598 Winmgmt - ok
22:36:16.0591 0x0598 [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM C:\Windows\system32\WsmSvc.dll
22:36:16.0638 0x0598 WinRM - ok
22:36:16.0654 0x0598 [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\Windows\System32\drivers\WinUsb.sys
22:36:16.0669 0x0598 WinUsb - ok
22:36:16.0685 0x0598 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\Windows\System32\wlansvc.dll
22:36:16.0716 0x0598 WlanSvc - ok
22:36:16.0763 0x0598 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\Windows\system32\wlidsvc.dll
22:36:16.0794 0x0598 wlidsvc - ok
22:36:16.0794 0x0598 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
22:36:16.0810 0x0598 WmiAcpi - ok
22:36:16.0810 0x0598 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:36:16.0825 0x0598 wmiApSrv - ok
22:36:16.0825 0x0598 WMPNetworkSvc - ok
22:36:16.0841 0x0598 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
22:36:16.0841 0x0598 wpcfltr - ok
22:36:16.0841 0x0598 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:36:16.0857 0x0598 WPCSvc - ok
22:36:16.0857 0x0598 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:36:16.0872 0x0598 WPDBusEnum - ok
22:36:16.0872 0x0598 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
22:36:16.0888 0x0598 WpdUpFltr - ok
22:36:16.0888 0x0598 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:36:16.0888 0x0598 ws2ifsl - ok
22:36:16.0904 0x0598 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\Windows\System32\wscsvc.dll
22:36:16.0904 0x0598 wscsvc - ok
22:36:16.0919 0x0598 [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
22:36:16.0919 0x0598 WSDPrintDevice - ok
22:36:16.0919 0x0598 [ FA07DF46070F0826139709EF4D31FB71, 8F46A55D5C4336536E7974C9CEAFED55E7E9E9BF133D2AD0F6A55174F70B2F03 ] WSDScan C:\Windows\System32\drivers\WSDScan.sys
22:36:16.0935 0x0598 WSDScan - ok
22:36:16.0935 0x0598 WSearch - ok
22:36:16.0982 0x0598 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\Windows\System32\WSService.dll
22:36:17.0029 0x0598 WSService - ok
22:36:17.0091 0x0598 [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv C:\Windows\system32\wuaueng.dll
22:36:17.0154 0x0598 wuauserv - ok
22:36:17.0154 0x0598 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:36:17.0169 0x0598 WudfPf - ok
22:36:17.0169 0x0598 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
22:36:17.0185 0x0598 WUDFRd - ok
22:36:17.0185 0x0598 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:36:17.0200 0x0598 wudfsvc - ok
22:36:17.0200 0x0598 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
22:36:17.0216 0x0598 WUDFWpdFs - ok
22:36:17.0216 0x0598 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys
22:36:17.0232 0x0598 WUDFWpdMtp - ok
22:36:17.0247 0x0598 [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:36:17.0263 0x0598 WwanSvc - ok
22:36:17.0263 0x0598 [ BB1842E3AA602B401F7692718B0D0F9A, 6DE508F6CC917D046E61730706C70EF2965B12A7A31F180C22DF8BFA30C0CF67 ] ZAtheros Wlan Agent C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
22:36:17.0263 0x0598 ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic ( 1 )
22:36:19.0623 0x0598 Detect skipped due to KSN trusted
22:36:19.0623 0x0598 ZAtheros Wlan Agent - ok
22:36:19.0638 0x0598 ================ Scan global ===============================
22:36:19.0638 0x0598 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
22:36:19.0654 0x0598 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
22:36:19.0654 0x0598 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
22:36:19.0669 0x0598 [ 590A2B4198DD35AA42893BA04F66FD3F, BDD9609F43275E895AE3A685DF921B19F11E4D8617F7BD3D4BA21A230EB9A060 ] C:\Windows\system32\services.exe
22:36:19.0669 0x0598 [ Global ] - ok
22:36:19.0669 0x0598 ================ Scan MBR ==================================
22:36:19.0669 0x0598 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:36:19.0716 0x0598 \Device\Harddisk0\DR0 - ok
22:36:19.0716 0x0598 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:36:20.0107 0x0598 \Device\Harddisk1\DR1 - ok
22:36:20.0107 0x0598 ================ Scan VBR ==================================
22:36:20.0107 0x0598 [ 1DD312DB413D82C7ED49B9FB05334035 ] \Device\Harddisk0\DR0\Partition1
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition1 - ok
22:36:20.0107 0x0598 [ 2793071A1EAF908686C8E6AEC714A6DB ] \Device\Harddisk0\DR0\Partition2
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition2 - ok
22:36:20.0107 0x0598 [ AAA70266135E901B74ECC71C6C64D272 ] \Device\Harddisk0\DR0\Partition3
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition3 - ok
22:36:20.0107 0x0598 [ 8A066CB216B952E01C7F58CC3AA2B40E ] \Device\Harddisk0\DR0\Partition4
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition4 - ok
22:36:20.0123 0x0598 [ 28E78E203442BC541DBDA0F493D9CA58 ] \Device\Harddisk1\DR1\Partition1
22:36:20.0123 0x0598 \Device\Harddisk1\DR1\Partition1 - ok
22:36:20.0138 0x0598 [ C7140EE0D8BD199563515902BFD1CE6E ] \Device\Harddisk1\DR1\Partition2
22:36:20.0138 0x0598 \Device\Harddisk1\DR1\Partition2 - ok
22:36:20.0138 0x0598 ================ Scan generic autorun ======================
22:36:20.0154 0x0598 [ 50D1476C84446135A990F4939DC2DC1D, D062F92863E32EC075BD672F3C185CE8C9329F8B679D5508C396131B1DB30EF7 ] C:\Dolby PCEE4\pcee4.exe
22:36:20.0169 0x0598 Dolby Home Theater v4 - ok
22:36:20.0185 0x0598 [ 66598E7BC1960E5E57A646B69671182F, A6B5008742A3E5C506C870CBA27711AF6F25B840E7B869FB33E9C080A4917C76 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
22:36:20.0201 0x0598 avgnt - ok
22:36:20.0216 0x0598 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:36:20.0232 0x0598 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
22:36:20.0232 0x0598 Detect skipped due to KSN trusted
22:36:20.0232 0x0598 SwitchBoard - ok
22:36:20.0248 0x0598 [ E1636F57581CAB5D995FD54D2991EF57, BB6B3D005054D386D596A4BA4D9D2F1284D7C845C1CD5EE63775B4569559E0EB ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
22:36:20.0279 0x0598 AdobeCS5.5ServiceManager - ok
22:36:20.0279 0x0598 [ CAA71374014DA23AF7E10F15EA975BDF, 8768D29F9494AEF1ED1817C685CDEF12CAB309310E9BB6929CA9340166E91AA2 ] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe
22:36:20.0294 0x0598 Ulead AutoDetector v2 - detected UnsignedFile.Multi.Generic ( 1 )
22:36:22.0686 0x0598 Detect skipped due to KSN trusted
22:36:22.0686 0x0598 Ulead AutoDetector v2 - ok
22:36:22.0686 0x0598 [ B793DDE01D181ED91F333BF10FE2FC50, F9BA0FD8EC0C0E9D7E5969BC9ED0D0322EDFC8E65B11F642A7118B41F5BF197F ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
22:36:22.0701 0x0598 IJNetworkScannerSelectorEX - ok
22:36:22.0701 0x0598 [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
22:36:22.0717 0x0598 Avira SystrayStartTrigger - ok
22:36:22.0717 0x0598 IsMyWinLockerReboot - ok
22:36:22.0717 0x0598 IsMyWinLockerReboot - ok
22:36:22.0717 0x0598 Skype - ok
22:36:22.0748 0x0598 [ 562A46474509A0F52C5035727207FD40, 47769A2738B11C2A6D459663249BD9CD79ACF4E1178768F1DF5ADEA11B3079E0 ] c:\users\sabine\appdata\local\chromium\application\chrome.exe
22:36:22.0764 0x0598 Chromium - detected UnsignedFile.Multi.Generic ( 1 )
22:36:25.0405 0x0598 Chromium ( UnsignedFile.Multi.Generic ) - warning
22:36:27.0811 0x0598 Waiting for KSN requests completion. In queue: 5
22:36:28.0827 0x0598 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.20.55 ), 0x41000 ( enabled : updated )
22:36:28.0827 0x0598 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
22:36:28.0842 0x0598 Win FW state via NFP2: enabled ( trusted )
22:36:31.0249 0x0598 ============================================================
22:36:31.0249 0x0598 Scan finished
22:36:31.0249 0x0598 ============================================================
22:36:31.0249 0x013c Detected object count: 1
22:36:31.0249 0x013c Actual detected object count: 1
22:37:00.0612 0x013c Chromium ( UnsignedFile.Multi.Generic ) - skipped by user
22:37:00.0612 0x013c Chromium ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
16.09.2016, 21:54
| #5 |
| | Trojan Dropper Addition: Code:
ATTFilter 22:33:37.0154 0x1368 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
22:33:37.0154 0x1368 UEFI system
22:33:45.0577 0x1368 ============================================================
22:33:45.0577 0x1368 Current date / time: 2016/09/16 22:33:45.0577
22:33:45.0577 0x1368 SystemInfo:
22:33:45.0577 0x1368
22:33:45.0577 0x1368 OS Version: 6.2.9200 ServicePack: 0.0
22:33:45.0577 0x1368 Product type: Workstation
22:33:45.0577 0x1368 ComputerName: SABINEB
22:33:45.0577 0x1368 UserName: Sabine
22:33:45.0577 0x1368 Windows directory: C:\Windows
22:33:45.0577 0x1368 System windows directory: C:\Windows
22:33:45.0577 0x1368 Running under WOW64
22:33:45.0577 0x1368 Processor architecture: Intel x64
22:33:45.0577 0x1368 Number of processors: 8
22:33:45.0577 0x1368 Page size: 0x1000
22:33:45.0577 0x1368 Boot type: Normal boot
22:33:45.0577 0x1368 CodeIntegrityOptions = 0x00000001
22:33:45.0577 0x1368 ============================================================
22:33:46.0061 0x1368 KLMD registered as C:\Windows\system32\drivers\86316651.sys
22:33:46.0061 0x1368 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9200.17581, osProperties = 0x19
22:33:46.0140 0x1368 System UUID: {3D4AA5A4-1E1D-C0BB-FFC4-95621A140D80}
22:33:46.0421 0x1368 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:33:48.0343 0x1368 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:33:48.0358 0x1368 ============================================================
22:33:48.0358 0x1368 \Device\Harddisk0\DR0:
22:33:48.0358 0x1368 GPT partitions:
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6BE83ED8-2A29-4714-BC8D-62F32C22A4CE}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {6D454AC6-9353-453B-98DD-E21D255F3B21}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x32000
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7C4ED796-6660-4198-8146-3DED2F5E2D31}, Name: Microsoft reserved partition, StartLBA 0xFA800, BlocksNum 0x40000
22:33:48.0358 0x1368 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7651263D-21E4-4E3F-9AC0-37774934EF29}, Name: Basic data partition, StartLBA 0x13A800, BlocksNum 0xED41800
22:33:48.0358 0x1368 MBR partitions:
22:33:48.0358 0x1368 \Device\Harddisk1\DR1:
22:33:48.0358 0x1368 GPT partitions:
22:33:48.0358 0x1368 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D683FD90-65BE-4B25-8E4E-FE3B53B561ED}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x71905800
22:33:48.0358 0x1368 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {100C8D8A-E78B-4FC8-AF6B-8EF6F3ABD811}, Name: Basic data partition, StartLBA 0x71906000, BlocksNum 0x2E00800
22:33:48.0358 0x1368 MBR partitions:
22:33:48.0358 0x1368 ============================================================
22:33:48.0358 0x1368 C: <-> \Device\Harddisk0\DR0\Partition4
22:33:48.0405 0x1368 D: <-> \Device\Harddisk1\DR1\Partition1
22:33:48.0405 0x1368 ============================================================
22:33:48.0405 0x1368 Initialize success
22:33:48.0405 0x1368 ============================================================
22:35:56.0183 0x0598 ============================================================
22:35:56.0183 0x0598 Scan started
22:35:56.0183 0x0598 Mode: Manual; SigCheck; TDLFS;
22:35:56.0183 0x0598 ============================================================
22:35:56.0183 0x0598 KSN ping started
22:35:58.0543 0x0598 KSN ping finished: true
22:36:01.0434 0x0598 ================ Scan system memory ========================
22:36:01.0434 0x0598 System memory - ok
22:36:01.0434 0x0598 ================ Scan services =============================
22:36:01.0465 0x0598 [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
22:36:01.0496 0x0598 1394ohci - ok
22:36:01.0496 0x0598 [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware C:\Windows\system32\drivers\3ware.sys
22:36:01.0512 0x0598 3ware - ok
22:36:01.0527 0x0598 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
22:36:01.0527 0x0598 acedrv11 - ok
22:36:01.0543 0x0598 [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:36:01.0559 0x0598 ACPI - ok
22:36:01.0574 0x0598 [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex C:\Windows\system32\Drivers\acpiex.sys
22:36:01.0574 0x0598 acpiex - ok
22:36:01.0590 0x0598 [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
22:36:01.0590 0x0598 acpipagr - ok
22:36:01.0590 0x0598 [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
22:36:01.0606 0x0598 AcpiPmi - ok
22:36:01.0606 0x0598 [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime C:\Windows\System32\drivers\acpitime.sys
22:36:01.0621 0x0598 acpitime - ok
22:36:01.0621 0x0598 [ A0CAC4F3F998173A8DC1E67E7E0345EF, D0C2F504A5059691EDBBA917D0C6260450A554A365C12E7747E48EE1668C51A5 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:36:01.0621 0x0598 AdobeARMservice - ok
22:36:01.0652 0x0598 [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:36:01.0668 0x0598 AdobeFlashPlayerUpdateSvc - ok
22:36:01.0668 0x0598 [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
22:36:01.0699 0x0598 adp94xx - ok
22:36:01.0699 0x0598 [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci C:\Windows\system32\drivers\adpahci.sys
22:36:01.0715 0x0598 adpahci - ok
22:36:01.0731 0x0598 [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
22:36:01.0731 0x0598 adpu320 - ok
22:36:01.0746 0x0598 [ 480C020D9B58E881A5349F5F1189A418, 8AE8ED9CD8F239DF47853FBCE45DB34652CE94E3FD296FDF3897AC6DD5F9B143 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:36:01.0746 0x0598 AeLookupSvc - ok
22:36:01.0762 0x0598 [ 8252EE6D7F87846EA409D0DA602FB1D9, 2A89C654B2C92B8E2445A35A1B6ACA4926AFDC2C875142E0A21D339B8FC8D474 ] AFD C:\Windows\system32\drivers\afd.sys
22:36:01.0793 0x0598 AFD - ok
22:36:01.0793 0x0598 [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:36:01.0809 0x0598 agp440 - ok
22:36:01.0809 0x0598 [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG C:\Windows\System32\alg.exe
22:36:01.0824 0x0598 ALG - ok
22:36:01.0824 0x0598 [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
22:36:01.0840 0x0598 AllUserInstallAgent - ok
22:36:01.0840 0x0598 [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
22:36:01.0856 0x0598 AmdK8 - ok
22:36:01.0856 0x0598 [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
22:36:01.0856 0x0598 AmdPPM - ok
22:36:01.0871 0x0598 [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:36:01.0871 0x0598 amdsata - ok
22:36:01.0887 0x0598 [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:36:01.0887 0x0598 amdsbs - ok
22:36:01.0902 0x0598 [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:36:01.0902 0x0598 amdxata - ok
22:36:01.0934 0x0598 [ 70EE2EA42E9F20B794C4804454F1A37A, 49B615BF138E2C5AFF04EFDF7928D49117DF41DCD48922683E4D3D3FD0DF9A04 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
22:36:01.0949 0x0598 AntiVirMailService - ok
22:36:01.0965 0x0598 [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:36:01.0981 0x0598 AntiVirSchedulerService - ok
22:36:01.0981 0x0598 [ 9E6642340CC7C685E07981F0B43B661A, A6CC970817B616CB4BBF37089DC687567EABC2DC326CBACBF1E370AC98E5D65A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:36:01.0996 0x0598 AntiVirService - ok
22:36:02.0027 0x0598 [ 96812A05A4C39CC55CF0CD286C3D6B8F, 18F38ACB3E87EFFD9B3A1126B0C4FF6CE3A6F327E01A6FC8AB2DCFFE9BF58953 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:36:02.0059 0x0598 AntiVirWebService - ok
22:36:02.0059 0x0598 [ 968A4A0FD5BF07717F4E869875A4B149, 1AC58AD408E7FC8345E5CA7785321AE4B7FDE6776EA69280D0B05056517052F8 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
22:36:02.0074 0x0598 ApfiltrService - ok
22:36:02.0090 0x0598 [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID C:\Windows\system32\drivers\appid.sys
22:36:02.0090 0x0598 AppID - ok
22:36:02.0090 0x0598 [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:36:02.0106 0x0598 AppIDSvc - ok
22:36:02.0106 0x0598 [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo C:\Windows\System32\appinfo.dll
22:36:02.0121 0x0598 Appinfo - ok
22:36:02.0121 0x0598 [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc C:\Windows\system32\drivers\arc.sys
22:36:02.0137 0x0598 arc - ok
22:36:02.0137 0x0598 [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:36:02.0152 0x0598 arcsas - ok
22:36:02.0152 0x0598 [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:36:02.0168 0x0598 AsyncMac - ok
22:36:02.0168 0x0598 [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi C:\Windows\system32\drivers\atapi.sys
22:36:02.0168 0x0598 atapi - ok
22:36:02.0184 0x0598 [ 51C6777AD7649F6C3ED389151CFD9DE6, B010089D83A9D96DC5D1C525B8EA913CF2F80FA0254684A16DD29CCA9BE84620 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
22:36:02.0184 0x0598 AthBTPort - ok
22:36:02.0199 0x0598 [ 688D17F196290EB2FCE0D6A62227853A, 1A959A248237CE858130C2726321E6168F2FB7511F9FA8AB017880846D59910A ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
22:36:02.0199 0x0598 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
22:36:04.0637 0x0598 Detect skipped due to KSN trusted
22:36:04.0637 0x0598 AtherosSvc - ok
22:36:04.0700 0x0598 [ 1DA32C4ED8D3928B0DAC570557B8A09B, F828CD4FCA70D6F231D2C8DB0DBD428AA690ACC698B6F4631C8E12E72241F625 ] athr C:\Windows\system32\DRIVERS\athw8x.sys
22:36:04.0762 0x0598 athr - ok
22:36:04.0778 0x0598 [ 54494B93BB5AD74C807100144EC30D64, 34332E0DDCA5229DA8A0661F74D7FD2F6757CDD37081FE13B3358A7AB59F0AE0 ] atksgt C:\Windows\system32\DRIVERS\atksgt.sys
22:36:04.0793 0x0598 atksgt - ok
22:36:04.0793 0x0598 [ 8FB10919E1283FD108334FDBFB173574, EAD11C6FA884AAC9E8534C267E9B1D2EAB1F2A396EACC900525465A2AEAB84D3 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
22:36:04.0809 0x0598 AudioEndpointBuilder - ok
22:36:04.0825 0x0598 [ 463E7457227E970CB249031AEAE7902C, 2F627BC558E5764592B08269F3EE4C6ECD544904963312A60F5B0C0B9C8C5D32 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:36:04.0840 0x0598 Audiosrv - ok
22:36:04.0856 0x0598 [ AA0F13E719C3C527287AD87E9205F4D9, 818AB6B2B9AF0ABA28954A142527CE71C25CC24DDC64581EF7117CA88C6CF302 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:36:04.0856 0x0598 avgntflt - ok
22:36:04.0856 0x0598 [ 9039B209BA877AF088288DB83C18D3D8, 11EC0E195A735A7599C74DD25A00F86BD44AEBAE6C20D9A995DCEB252887679E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:36:04.0872 0x0598 avipbb - ok
22:36:04.0887 0x0598 [ A177265C1777ABE56B22D921F91DDC38, D4E9C5BFC65063EDA015723058805B03C51F5B7456B404A4548CEC8DF6A3F7B7 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
22:36:04.0887 0x0598 Avira.ServiceHost - ok
22:36:04.0903 0x0598 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:36:04.0903 0x0598 avkmgr - ok
22:36:04.0903 0x0598 [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
22:36:04.0918 0x0598 avnetflt - ok
22:36:04.0918 0x0598 [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:36:04.0934 0x0598 AxInstSV - ok
22:36:04.0934 0x0598 [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:36:04.0965 0x0598 b06bdrv - ok
22:36:04.0965 0x0598 [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
22:36:04.0965 0x0598 BasicDisplay - ok
22:36:04.0981 0x0598 [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
22:36:04.0981 0x0598 BasicRender - ok
22:36:04.0997 0x0598 [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC C:\Windows\System32\bdesvc.dll
22:36:04.0997 0x0598 BDESVC - ok
22:36:04.0997 0x0598 [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep C:\Windows\system32\drivers\Beep.sys
22:36:05.0012 0x0598 Beep - ok
22:36:05.0028 0x0598 [ 431320C07A4073BD77AF7E32DB241FA8, 9285D8CE161291751A037C19ABA744A74B41EA6F9805F5A1101198C6E519F444 ] BFE C:\Windows\System32\bfe.dll
22:36:05.0043 0x0598 BFE - ok
22:36:05.0059 0x0598 [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS C:\Windows\System32\qmgr.dll
22:36:05.0090 0x0598 BITS - ok
22:36:05.0090 0x0598 [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:36:05.0106 0x0598 bowser - ok
22:36:05.0106 0x0598 [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
22:36:05.0122 0x0598 BrokerInfrastructure - ok
22:36:05.0122 0x0598 [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser C:\Windows\System32\browser.dll
22:36:05.0137 0x0598 Browser - ok
22:36:05.0153 0x0598 [ B600D86961C6DF87EEB637D4C4ABB663, 1847B661373AFC14607682C51A786D5E450E10A10ADCEE4A3951055552531301 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
22:36:05.0153 0x0598 BTATH_A2DP - ok
22:36:05.0153 0x0598 [ 43C965027229D9FF6E52E4C71C03B09E, AF0E39EAD8B17A65F885272BEF12BF91578289C183FB39BB803183BE0E5547D1 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
22:36:05.0168 0x0598 btath_avdt - ok
22:36:05.0168 0x0598 [ 23CEDCD7527A26B222732A158F76EB24, 5A45D7FC8DFB96A938EEB8604B79413A10C0C16A17D3139B712263211D8215E9 ] BTATH_BUS C:\Windows\System32\drivers\btath_bus.sys
22:36:05.0168 0x0598 BTATH_BUS - ok
22:36:05.0184 0x0598 [ 3DD64966A764BCAFF07C9DC064BD410E, 456252339BCA224549E4CBCD5A0501AF10340211CFD567C577067ABF5DABB21F ] BTATH_HCRP C:\Windows\System32\drivers\btath_hcrp.sys
22:36:05.0184 0x0598 BTATH_HCRP - ok
22:36:05.0200 0x0598 [ B68EE0721EAC305AB1C9C989CDF1AEFF, 3F7CE8E244836E23456E519E48E53E4B9331C9AD9BAF13C208C922404575638A ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
22:36:05.0200 0x0598 BTATH_LWFLT - ok
22:36:05.0200 0x0598 [ 057DA8351AD21AE485A11A8237DC9263, 151C0A591A26E26C7700F00EC8E95C6D8A5406869109A0CA01A3C38D1C5FBA2A ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys
22:36:05.0215 0x0598 BTATH_RCP - ok
22:36:05.0231 0x0598 [ F0B7281CE5B52BF847ADCA5846DE3CC8, 0F3DCB4C03BED812050D7B2EF54537A7EC77C3EFD70B1D0621A44C54903D881D ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
22:36:05.0247 0x0598 BtFilter - ok
22:36:05.0247 0x0598 [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
22:36:05.0247 0x0598 BthAvrcpTg - ok
22:36:05.0262 0x0598 [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
22:36:05.0262 0x0598 BthEnum - ok
22:36:05.0262 0x0598 [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
22:36:05.0293 0x0598 BthHFEnum - ok
22:36:05.0293 0x0598 [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
22:36:05.0309 0x0598 bthhfhid - ok
22:36:05.0309 0x0598 [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
22:36:05.0325 0x0598 BthLEEnum - ok
22:36:05.0325 0x0598 [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
22:36:05.0356 0x0598 BTHMODEM - ok
22:36:05.0356 0x0598 [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
22:36:05.0356 0x0598 BthPan - ok
22:36:05.0387 0x0598 [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:36:05.0418 0x0598 BTHPORT - ok
22:36:05.0418 0x0598 [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv C:\Windows\system32\bthserv.dll
22:36:05.0434 0x0598 bthserv - ok
22:36:05.0434 0x0598 [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:36:05.0450 0x0598 BTHUSB - ok
22:36:05.0450 0x0598 [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:36:05.0465 0x0598 cdfs - ok
22:36:05.0465 0x0598 [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom C:\Windows\System32\drivers\cdrom.sys
22:36:05.0481 0x0598 cdrom - ok
22:36:05.0481 0x0598 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc C:\Windows\System32\certprop.dll
22:36:05.0497 0x0598 CertPropSvc - ok
22:36:05.0497 0x0598 [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass C:\Windows\System32\drivers\circlass.sys
22:36:05.0512 0x0598 circlass - ok
22:36:05.0528 0x0598 [ 94250D5AE3E7269DB29BCF96E07F21A6, 538C6CDCD193AABDE40CC25220528F8F80AEF828C46D8660234CB0E592B607CB ] CLFS C:\Windows\system32\drivers\CLFS.sys
22:36:05.0544 0x0598 CLFS - ok
22:36:05.0544 0x0598 [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
22:36:05.0559 0x0598 CmBatt - ok
22:36:05.0575 0x0598 [ 1824F120E8390BC47B1C3013C9E84D84, CEC0D3F32410A33FD2CAE3533F0361615037FC20A4229262CB2ED555732EDBFC ] CNG C:\Windows\system32\Drivers\cng.sys
22:36:05.0590 0x0598 CNG - ok
22:36:05.0606 0x0598 [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
22:36:05.0622 0x0598 CompositeBus - ok
22:36:05.0622 0x0598 COMSysApp - ok
22:36:05.0622 0x0598 [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv C:\Windows\system32\drivers\condrv.sys
22:36:05.0637 0x0598 condrv - ok
22:36:05.0653 0x0598 [ 78AF1C499BF02F9814DF959A04A4F9C9, 9D569A57551C7ACE032C3ECC7BEB8C7606D6BAF58AC1660B4E9FBE907F47E274 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:36:05.0669 0x0598 cphs - ok
22:36:05.0669 0x0598 cpuz137 - ok
22:36:05.0684 0x0598 [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:36:05.0684 0x0598 CryptSvc - ok
22:36:05.0700 0x0598 [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam C:\Windows\system32\drivers\dam.sys
22:36:05.0700 0x0598 dam - ok
22:36:05.0715 0x0598 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:36:05.0747 0x0598 DcomLaunch - ok
22:36:05.0747 0x0598 [ FC1569B5705887D74FE7C8A39BE1C71C, 7DEB8FE472C72C439A2F54B6277C0A87AC2083869BD9AF8226071B7AA33B09FF ] defragsvc C:\Windows\System32\defragsvc.dll
22:36:05.0762 0x0598 defragsvc - ok
22:36:05.0778 0x0598 [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\Windows\system32\das.dll
22:36:05.0794 0x0598 DeviceAssociationService - ok
22:36:05.0809 0x0598 [ D06DB4200F9444B2386E6C0E68CD574A, 7266A22D6AF86813CF8AB13BE40384D20C24CE72EF75B0C467C5F88F5B058B1E ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
22:36:05.0809 0x0598 DeviceFastLaneService - ok
22:36:05.0825 0x0598 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
22:36:05.0840 0x0598 DeviceInstall - ok
22:36:05.0840 0x0598 [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
22:36:05.0840 0x0598 Dfsc - ok
22:36:05.0856 0x0598 [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
22:36:05.0856 0x0598 dg_ssudbus - ok
22:36:05.0887 0x0598 [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:36:05.0887 0x0598 Dhcp - ok
22:36:05.0903 0x0598 [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache C:\Windows\system32\drivers\discache.sys
22:36:05.0903 0x0598 discache - ok
22:36:05.0919 0x0598 [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk C:\Windows\system32\drivers\disk.sys
22:36:05.0919 0x0598 disk - ok
22:36:05.0934 0x0598 [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
22:36:05.0934 0x0598 dmvsc - ok
22:36:05.0950 0x0598 [ B9450BC3F1820A99D010D7426BCA60E9, FC7C35A0C522E5DA52B0616CF99F4903EAC14946180A18A8D8A0FF555BAA87C5 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:36:05.0950 0x0598 Dnscache - ok
22:36:05.0965 0x0598 [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc C:\Windows\System32\dot3svc.dll
22:36:05.0981 0x0598 dot3svc - ok
22:36:05.0981 0x0598 [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS C:\Windows\system32\dps.dll
22:36:05.0997 0x0598 DPS - ok
22:36:05.0997 0x0598 [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:36:06.0012 0x0598 drmkaud - ok
22:36:06.0012 0x0598 [ D2BCDD6BBFCD068090C109854FCEE079, 6DC8C67713566ABD2CC7860359AC7ABDBA8B6949D8F7ED001730BB0D53010693 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:36:06.0028 0x0598 DsiWMIService - ok
22:36:06.0044 0x0598 [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
22:36:06.0044 0x0598 DsmSvc - ok
22:36:06.0075 0x0598 [ 2BB5627EB587FA995086C3D8C21B6D3F, 871E35BBE66180781324D38823B74263B660CF9254EE348A15421FAC5667F294 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:36:06.0106 0x0598 DXGKrnl - ok
22:36:06.0122 0x0598 [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost C:\Windows\System32\eapsvc.dll
22:36:06.0122 0x0598 Eaphost - ok
22:36:06.0184 0x0598 [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:36:06.0262 0x0598 ebdrv - ok
22:36:06.0262 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS C:\Windows\System32\lsass.exe
22:36:06.0278 0x0598 EFS - ok
22:36:06.0278 0x0598 [ AD23FC5DB336CA89A6FC2DA1F70E421C, 8C543A0057873B71F19D4D94249D6690F27708FB4D6F4056EC87DF33D7D120EF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
22:36:06.0294 0x0598 EgisTec Ticket Service - ok
22:36:06.0294 0x0598 [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
22:36:06.0309 0x0598 EhStorClass - ok
22:36:06.0309 0x0598 [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
22:36:06.0309 0x0598 EhStorTcgDrv - ok
22:36:06.0325 0x0598 [ 5C5552BF36C443746A9808EB632B3947, 08969E5A04DECBF374C52A0A0A8DDB2188DFCDAE879D40943FE307971F03E027 ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
22:36:06.0340 0x0598 ePowerSvc - ok
22:36:06.0340 0x0598 [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev C:\Windows\System32\drivers\errdev.sys
22:36:06.0356 0x0598 ErrDev - ok
22:36:06.0372 0x0598 [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem C:\Windows\system32\es.dll
22:36:06.0387 0x0598 EventSystem - ok
22:36:06.0387 0x0598 [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat C:\Windows\system32\drivers\exfat.sys
22:36:06.0403 0x0598 exfat - ok
22:36:06.0419 0x0598 [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:36:06.0419 0x0598 fastfat - ok
22:36:06.0434 0x0598 [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax C:\Windows\system32\fxssvc.exe
22:36:06.0465 0x0598 Fax - ok
22:36:06.0465 0x0598 [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc C:\Windows\System32\drivers\fdc.sys
22:36:06.0465 0x0598 fdc - ok
22:36:06.0481 0x0598 [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost C:\Windows\system32\fdPHost.dll
22:36:06.0481 0x0598 fdPHost - ok
22:36:06.0497 0x0598 [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub C:\Windows\system32\fdrespub.dll
22:36:06.0497 0x0598 FDResPub - ok
22:36:06.0512 0x0598 [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc C:\Windows\system32\fhsvc.dll
22:36:06.0512 0x0598 fhsvc - ok
22:36:06.0528 0x0598 [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:36:06.0528 0x0598 FileInfo - ok
22:36:06.0528 0x0598 [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:36:06.0544 0x0598 Filetrace - ok
22:36:06.0559 0x0598 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
22:36:06.0575 0x0598 FLEXnet Licensing Service - ok
22:36:06.0575 0x0598 [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
22:36:06.0590 0x0598 flpydisk - ok
22:36:06.0590 0x0598 [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:36:06.0606 0x0598 FltMgr - ok
22:36:06.0637 0x0598 [ B4814D041FBC1AABD19178052A466D0A, 887823E37EC4891F2CC6462F156E5F1A100E35D7AD2EB2F2E7D6AA7C160615E2 ] FontCache C:\Windows\system32\FntCache.dll
22:36:06.0669 0x0598 FontCache - ok
22:36:06.0669 0x0598 [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:36:06.0684 0x0598 FontCache3.0.0.0 - ok
22:36:06.0684 0x0598 [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:36:06.0684 0x0598 FsDepends - ok
22:36:06.0700 0x0598 [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:36:06.0700 0x0598 Fs_Rec - ok
22:36:06.0715 0x0598 [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:36:06.0731 0x0598 fvevol - ok
22:36:06.0731 0x0598 [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
22:36:06.0731 0x0598 FxPPM - ok
22:36:06.0747 0x0598 [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:36:06.0747 0x0598 gagp30kx - ok
22:36:06.0747 0x0598 [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
22:36:06.0762 0x0598 gencounter - ok
22:36:06.0762 0x0598 [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
22:36:06.0778 0x0598 GPIOClx0101 - ok
22:36:06.0794 0x0598 [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc C:\Windows\System32\gpsvc.dll
22:36:06.0840 0x0598 gpsvc - ok
22:36:06.0840 0x0598 [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:36:06.0856 0x0598 HdAudAddService - ok
22:36:06.0856 0x0598 [ 58CC013EFA9893057160EDA018D8ADCE, BE8AA220CFBD90202C1B130DF349C3198E3447F3C2DC7BC5FC8816F57F78BA00 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
22:36:06.0872 0x0598 HDAudBus - ok
22:36:06.0872 0x0598 [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
22:36:06.0887 0x0598 HidBatt - ok
22:36:06.0887 0x0598 [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth C:\Windows\System32\drivers\hidbth.sys
22:36:06.0903 0x0598 HidBth - ok
22:36:06.0903 0x0598 [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
22:36:06.0903 0x0598 hidi2c - ok
22:36:06.0919 0x0598 [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr C:\Windows\System32\drivers\hidir.sys
22:36:06.0934 0x0598 HidIr - ok
22:36:06.0934 0x0598 [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv C:\Windows\system32\hidserv.dll
22:36:06.0934 0x0598 hidserv - ok
22:36:06.0950 0x0598 [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb C:\Windows\System32\drivers\hidusb.sys
22:36:06.0950 0x0598 HidUsb - ok
22:36:06.0950 0x0598 [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:36:06.0965 0x0598 hkmsvc - ok
22:36:06.0981 0x0598 [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:36:06.0981 0x0598 HomeGroupListener - ok
22:36:06.0997 0x0598 [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:36:07.0012 0x0598 HomeGroupProvider - ok
22:36:07.0012 0x0598 [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:36:07.0028 0x0598 HpSAMD - ok
22:36:07.0044 0x0598 [ 258A9103842E36CD27D07D5A1F6D2A23, 883E797263DB0A971C5FDDB588AAE041DD1021F079A891E8AA4525799C795B04 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:36:07.0059 0x0598 HTTP - ok
22:36:07.0090 0x0598 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
22:36:07.0090 0x0598 HWiNFO32 - ok
22:36:07.0090 0x0598 [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:36:07.0106 0x0598 hwpolicy - ok
22:36:07.0106 0x0598 [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
22:36:07.0106 0x0598 hyperkbd - ok
22:36:07.0122 0x0598 [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
22:36:07.0122 0x0598 HyperVideo - ok
22:36:07.0122 0x0598 [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
22:36:07.0137 0x0598 i8042prt - ok
22:36:07.0153 0x0598 [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
22:36:07.0169 0x0598 iaStorA - ok
22:36:07.0184 0x0598 [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:36:07.0200 0x0598 iaStorV - ok
22:36:07.0247 0x0598 [ 5AD5A7781BE907D6E2D75CA1DADAA97B, 355234ED6E49A1080CFFC9C18D185DA653A00C6B79B204368A971EACE5A416A9 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
22:36:07.0278 0x0598 IconMan_R - ok
22:36:07.0372 0x0598 [ A1CF07D24EDCDC6870535471654D957C, FA0CD2ABA2C15E9FC4A1DEE58F365EC10D9597D521556DC2648B50CE0537926D ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
22:36:07.0481 0x0598 igfx - ok
22:36:07.0481 0x0598 [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
22:36:07.0497 0x0598 iirsp - ok
22:36:07.0497 0x0598 [ EDCCC8C13B1EB882F77BA0ABB84566E7, DB299C1D2CFC197CF2FE69358F5EEDE94DCC4C919AF5D2CDFFF0DE476612C988 ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
22:36:07.0497 0x0598 IJPLMSVC - ok
22:36:07.0528 0x0598 [ 6F3037196ED82BA5ABA3135C49A1BAB4, 3862C6A27E78A279E974A5B97A1648CFD4FEF824CBEF6493F52812ECEA688D93 ] IKEEXT C:\Windows\System32\ikeext.dll
22:36:07.0559 0x0598 IKEEXT - ok
22:36:07.0622 0x0598 [ DDC860724AEF8F8E42AC61E6585769C6, 62AD5772E8097B03E161E6F14582E2A4BBA0DFA1A1E7F664D881D464E136DBD2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:36:07.0700 0x0598 IntcAzAudAddService - ok
22:36:07.0715 0x0598 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:36:07.0715 0x0598 IntcDAud - ok
22:36:07.0731 0x0598 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:36:07.0747 0x0598 Intel(R) Capability Licensing Service Interface - ok
22:36:07.0762 0x0598 [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide C:\Windows\system32\drivers\intelide.sys
22:36:07.0762 0x0598 intelide - ok
22:36:07.0762 0x0598 [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm C:\Windows\System32\drivers\intelppm.sys
22:36:07.0778 0x0598 intelppm - ok
22:36:07.0778 0x0598 [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:36:07.0794 0x0598 IpFilterDriver - ok
22:36:07.0809 0x0598 [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:36:07.0825 0x0598 iphlpsvc - ok
22:36:07.0841 0x0598 [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
22:36:07.0841 0x0598 IPMIDRV - ok
22:36:07.0856 0x0598 [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:36:07.0856 0x0598 IPNAT - ok
22:36:07.0872 0x0598 [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:36:07.0872 0x0598 IRENUM - ok
22:36:07.0872 0x0598 [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:36:07.0887 0x0598 isapnp - ok
22:36:07.0887 0x0598 [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
22:36:07.0903 0x0598 iScsiPrt - ok
22:36:07.0919 0x0598 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:36:07.0919 0x0598 jhi_service - ok
22:36:07.0919 0x0598 [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
22:36:07.0934 0x0598 kbdclass - ok
22:36:07.0934 0x0598 [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
22:36:07.0950 0x0598 kbdhid - ok
22:36:07.0950 0x0598 [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
22:36:07.0950 0x0598 kdnic - ok
22:36:07.0950 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso C:\Windows\system32\lsass.exe
22:36:07.0966 0x0598 KeyIso - ok
22:36:07.0966 0x0598 [ 559A933F5647A7A2783C8A0C6CB0514C, B4CF12D409F14E21DE081A5D7FC935719582FADA1505D03301B444B6B027F1EB ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:36:07.0981 0x0598 KSecDD - ok
22:36:07.0981 0x0598 [ 526F8A5EF20BC3633E8C4769BCBF60D0, EC736E1495018B7FD41273F05BA701370E86C24B95FBECC1402AA1EC2C1EAF68 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:36:07.0997 0x0598 KSecPkg - ok
22:36:07.0997 0x0598 [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:36:08.0012 0x0598 ksthunk - ok
22:36:08.0012 0x0598 [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:36:08.0028 0x0598 KtmRm - ok
22:36:08.0044 0x0598 [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C C:\Windows\system32\DRIVERS\L1C63x64.sys
22:36:08.0044 0x0598 L1C - ok
22:36:08.0059 0x0598 [ 05A5B36592BB5F371B6AB020A2691E42, 384230A10EA0394E260282509B7D8EFCBFF8814611F6EFAB2DD346B97963EC55 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:36:08.0059 0x0598 LanmanServer - ok
22:36:08.0075 0x0598 [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:36:08.0091 0x0598 LanmanWorkstation - ok
22:36:08.0091 0x0598 [ 8E4CA9AFD55EF6B509C80A8715ABF8C6, 45698605D17285D346D2052607AEF492EBD89E9625367C31584C7C84757EEFE0 ] lirsgt C:\Windows\system32\DRIVERS\lirsgt.sys
22:36:08.0091 0x0598 lirsgt - ok
22:36:08.0137 0x0598 [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
22:36:08.0200 0x0598 LiveUpdateSvc - ok
22:36:08.0200 0x0598 [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:36:08.0216 0x0598 lltdio - ok
22:36:08.0216 0x0598 [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:36:08.0231 0x0598 lltdsvc - ok
22:36:08.0231 0x0598 [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:36:08.0247 0x0598 lmhosts - ok
22:36:08.0247 0x0598 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:36:08.0262 0x0598 LMS - ok
22:36:08.0262 0x0598 [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:36:08.0278 0x0598 LSI_SAS - ok
22:36:08.0278 0x0598 [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
22:36:08.0294 0x0598 LSI_SAS2 - ok
22:36:08.0294 0x0598 [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
22:36:08.0309 0x0598 LSI_SCSI - ok
22:36:08.0309 0x0598 [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
22:36:08.0309 0x0598 LSI_SSS - ok
22:36:08.0325 0x0598 [ 483B06BDD893D88A64887441910D9E51, 222CD4099DDF34E8AC05FC1099DF1C9E7E3905162B51D6820601BE097991F397 ] LSM C:\Windows\System32\lsm.dll
22:36:08.0341 0x0598 LSM - ok
22:36:08.0341 0x0598 [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv C:\Windows\system32\drivers\luafv.sys
22:36:08.0356 0x0598 luafv - ok
22:36:08.0372 0x0598 McAfee SiteAdvisor Service - ok
22:36:08.0372 0x0598 [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas C:\Windows\system32\drivers\megasas.sys
22:36:08.0372 0x0598 megasas - ok
22:36:08.0387 0x0598 [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
22:36:08.0403 0x0598 MegaSR - ok
22:36:08.0403 0x0598 [ 48F64A35BA9F2E4AC0587DDA555FF951, 77FE2BE86ADCE103F4220A641139C42B1407CF8EFFEB66F841ABF9CFC3621558 ] MEIx64 C:\Windows\System32\drivers\TeeDriverW8x64.sys
22:36:08.0419 0x0598 MEIx64 - ok
22:36:08.0419 0x0598 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS C:\Windows\system32\mmcss.dll
22:36:08.0434 0x0598 MMCSS - ok
22:36:08.0434 0x0598 [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem C:\Windows\system32\drivers\modem.sys
22:36:08.0450 0x0598 Modem - ok
22:36:08.0450 0x0598 [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor C:\Windows\System32\drivers\monitor.sys
22:36:08.0450 0x0598 monitor - ok
22:36:08.0466 0x0598 [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass C:\Windows\System32\drivers\mouclass.sys
22:36:08.0481 0x0598 mouclass - ok
22:36:08.0481 0x0598 [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid C:\Windows\System32\drivers\mouhid.sys
22:36:08.0481 0x0598 mouhid - ok
22:36:08.0497 0x0598 [ E7E9DBFDD3F25ED0C05B99AE9FA18BDE, 6D0204BA271FD3262DAE6E6BF9C12C0D49E3C9AF40EB1E072BD5CA5E2B8598D5 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:36:08.0497 0x0598 mountmgr - ok
22:36:08.0512 0x0598 [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:36:08.0512 0x0598 MozillaMaintenance - ok
22:36:08.0512 0x0598 [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:36:08.0528 0x0598 mpsdrv - ok
22:36:08.0544 0x0598 [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:36:08.0575 0x0598 MpsSvc - ok
22:36:08.0575 0x0598 [ 25560C1656DC7F0723A0CC0B0E1C6BED, 17E8565B833ED58CCB6F85B90A42553464C4408C54006E019AA5641EDB682E31 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:36:08.0591 0x0598 MRxDAV - ok
22:36:08.0591 0x0598 [ 6BA2A5D1C74E7CB3AFAF301A7E5D9E44, 92CACD154D3D7E738C6D2492186270762B1888E89F505EE00C3CAE58F71650ED ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:36:08.0606 0x0598 mrxsmb - ok
22:36:08.0622 0x0598 [ 7E86B45D5F84E0F96AE18BEAC7A51EE4, 2B4DC0B017FD90D7D2F6A35342F5A17B20E79D077D3DFC4AD2455C0D814B7B5E ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:36:08.0637 0x0598 mrxsmb10 - ok
22:36:08.0637 0x0598 [ 1BB4582396718EDEFF8A4493AEF67D66, 62AA83190CA041131E43B2031175D9F0F8ACD9A0EB0EC8B8F66C2951F15420E4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:36:08.0653 0x0598 mrxsmb20 - ok
22:36:08.0653 0x0598 [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
22:36:08.0669 0x0598 MsBridge - ok
22:36:08.0669 0x0598 [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC C:\Windows\System32\msdtc.exe
22:36:08.0684 0x0598 MSDTC - ok
22:36:08.0684 0x0598 [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:36:08.0700 0x0598 Msfs - ok
22:36:08.0700 0x0598 [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
22:36:08.0716 0x0598 msgpiowin32 - ok
22:36:08.0716 0x0598 [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:36:08.0716 0x0598 mshidkmdf - ok
22:36:08.0716 0x0598 [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
22:36:08.0731 0x0598 mshidumdf - ok
22:36:08.0731 0x0598 [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:36:08.0747 0x0598 msisadrv - ok
22:36:08.0747 0x0598 [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:36:08.0762 0x0598 MSiSCSI - ok
22:36:08.0762 0x0598 msiserver - ok
22:36:08.0762 0x0598 [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:36:08.0778 0x0598 MSKSSRV - ok
22:36:08.0778 0x0598 [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
22:36:08.0778 0x0598 MsLldp - ok
22:36:08.0794 0x0598 [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:36:08.0794 0x0598 MSPCLOCK - ok
22:36:08.0794 0x0598 [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:36:08.0809 0x0598 MSPQM - ok
22:36:08.0809 0x0598 [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:36:08.0825 0x0598 MsRPC - ok
22:36:08.0841 0x0598 [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
22:36:08.0841 0x0598 mssmbios - ok
22:36:08.0841 0x0598 [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:36:08.0856 0x0598 MSTEE - ok
22:36:08.0856 0x0598 [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
22:36:08.0856 0x0598 MTConfig - ok
22:36:08.0872 0x0598 [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup C:\Windows\system32\Drivers\mup.sys
22:36:08.0872 0x0598 Mup - ok
22:36:08.0887 0x0598 [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis C:\Windows\system32\drivers\mvumis.sys
22:36:08.0887 0x0598 mvumis - ok
22:36:08.0887 0x0598 [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
22:36:08.0903 0x0598 mwlPSDFilter - ok
22:36:08.0903 0x0598 [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
22:36:08.0903 0x0598 mwlPSDNServ - ok
22:36:08.0903 0x0598 [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
22:36:08.0919 0x0598 mwlPSDVDisk - ok
22:36:08.0919 0x0598 [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent C:\Windows\system32\qagentRT.dll
22:36:08.0934 0x0598 napagent - ok
22:36:08.0950 0x0598 [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:36:08.0966 0x0598 NativeWifiP - ok
22:36:08.0981 0x0598 [ 4DF6F43F761A600208F90A55D05F9B7E, AC93B4497FB428F7EC42DCF5956A2A61B951394E555BF6C89E55943E0B681586 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
22:36:08.0997 0x0598 NAUpdate - ok
22:36:09.0012 0x0598 [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc C:\Windows\System32\ncasvc.dll
22:36:09.0012 0x0598 NcaSvc - ok
22:36:09.0028 0x0598 [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
22:36:09.0028 0x0598 NcdAutoSetup - ok
22:36:09.0044 0x0598 [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS C:\Windows\system32\drivers\ndis.sys
22:36:09.0075 0x0598 NDIS - ok
22:36:09.0075 0x0598 [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:36:09.0091 0x0598 NdisCap - ok
22:36:09.0091 0x0598 [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
22:36:09.0106 0x0598 NdisImPlatform - ok
22:36:09.0106 0x0598 [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:36:09.0122 0x0598 NdisTapi - ok
22:36:09.0122 0x0598 [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:36:09.0137 0x0598 Ndisuio - ok
22:36:09.0137 0x0598 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:36:09.0153 0x0598 NdisWan - ok
22:36:09.0153 0x0598 [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
22:36:09.0169 0x0598 NDISWANLEGACY - ok
22:36:09.0169 0x0598 [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:36:09.0184 0x0598 NDProxy - ok
22:36:09.0184 0x0598 [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu C:\Windows\system32\drivers\Ndu.sys
22:36:09.0200 0x0598 Ndu - ok
22:36:09.0200 0x0598 [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:36:09.0216 0x0598 NetBIOS - ok
22:36:09.0216 0x0598 [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:36:09.0231 0x0598 NetBT - ok
22:36:09.0231 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon C:\Windows\system32\lsass.exe
22:36:09.0247 0x0598 Netlogon - ok
22:36:09.0247 0x0598 [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman C:\Windows\System32\netman.dll
22:36:09.0262 0x0598 Netman - ok
22:36:09.0278 0x0598 [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm C:\Windows\System32\netprofmsvc.dll
22:36:09.0294 0x0598 netprofm - ok
22:36:09.0294 0x0598 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:36:09.0309 0x0598 NetTcpPortSharing - ok
22:36:09.0309 0x0598 [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
22:36:09.0325 0x0598 nfrd960 - ok
22:36:09.0325 0x0598 [ 5177E35B186D2DED6F1EFF57BA61B975, B48C2E0FE2E95C37697107BDB8E0843D3E56200D2E242BF02E205C53978655D9 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:36:09.0341 0x0598 NlaSvc - ok
22:36:09.0356 0x0598 [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:36:09.0356 0x0598 Npfs - ok
22:36:09.0356 0x0598 [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
22:36:09.0372 0x0598 npsvctrig - ok
22:36:09.0372 0x0598 [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi C:\Windows\system32\nsisvc.dll
22:36:09.0388 0x0598 nsi - ok
22:36:09.0388 0x0598 [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:36:09.0403 0x0598 nsiproxy - ok
22:36:09.0434 0x0598 [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:36:09.0481 0x0598 Ntfs - ok
22:36:09.0481 0x0598 [ A9AE582FE2240E7FB0E9C11E1CC762A0, 60297CBEE5638E4E5EEF1098B2391A72DE75DC72B1DD812277758BEF770D6C71 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
22:36:09.0497 0x0598 NTI IScheduleSvc - ok
22:36:09.0497 0x0598 [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
22:36:09.0497 0x0598 NTIDrvr - ok
22:36:09.0513 0x0598 [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null C:\Windows\system32\drivers\Null.sys
22:36:09.0513 0x0598 Null - ok
22:36:09.0731 0x0598 [ 076C32433B06AAAD72742774E56FB854, 198D522AABA406EB0C36BEF25FD48A1BD914D877A7E8534605957F4FF3A3135B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:36:09.0950 0x0598 nvlddmkm - ok
22:36:09.0966 0x0598 [ 0AFB4857ADD1D11012E6B38C9F4B625B, 08FFD7DF327462CC2BFCBC251A075603B46E338156396C6A3AFD5896E9A9B8A1 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
22:36:09.0966 0x0598 nvpciflt - ok
22:36:09.0981 0x0598 [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:36:09.0981 0x0598 nvraid - ok
22:36:09.0997 0x0598 [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:36:09.0997 0x0598 nvstor - ok
22:36:10.0013 0x0598 [ A9495A3AAAB5E470F2460F85849A5F66, C84675F39BD07E2A7B0FB491709A2D83476208D235CD78F4ECB947BED82CE01C ] nvsvc C:\Windows\system32\nvvsvc.exe
22:36:10.0044 0x0598 nvsvc - ok
22:36:10.0059 0x0598 [ FAA2048284D763409F7BB84F61601C80, 9ED505AC0D0E124D2EBD2AC7EF463FC4640F67B54533FA560DF47A6CBB86E623 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:36:10.0091 0x0598 nvUpdatusService - ok
22:36:10.0091 0x0598 [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:36:10.0106 0x0598 nv_agp - ok
22:36:10.0106 0x0598 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:36:10.0122 0x0598 p2pimsvc - ok
22:36:10.0138 0x0598 [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc C:\Windows\system32\p2psvc.dll
22:36:10.0153 0x0598 p2psvc - ok
22:36:10.0153 0x0598 [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport C:\Windows\System32\drivers\parport.sys
22:36:10.0169 0x0598 Parport - ok
22:36:10.0169 0x0598 [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:36:10.0184 0x0598 partmgr - ok
22:36:10.0184 0x0598 [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:36:10.0200 0x0598 PcaSvc - ok
22:36:10.0216 0x0598 [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci C:\Windows\system32\drivers\pci.sys
22:36:10.0216 0x0598 pci - ok
22:36:10.0231 0x0598 [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide C:\Windows\system32\drivers\pciide.sys
22:36:10.0231 0x0598 pciide - ok
22:36:10.0247 0x0598 [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:36:10.0247 0x0598 pcmcia - ok
22:36:10.0263 0x0598 [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw C:\Windows\system32\drivers\pcw.sys
22:36:10.0263 0x0598 pcw - ok
22:36:10.0263 0x0598 [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc C:\Windows\system32\drivers\pdc.sys
22:36:10.0278 0x0598 pdc - ok
22:36:10.0294 0x0598 [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:36:10.0309 0x0598 PEAUTH - ok
22:36:10.0325 0x0598 [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:36:10.0341 0x0598 PerfHost - ok
22:36:10.0372 0x0598 [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla C:\Windows\system32\pla.dll
22:36:10.0403 0x0598 pla - ok
22:36:10.0419 0x0598 [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:36:10.0419 0x0598 PlugPlay - ok
22:36:10.0434 0x0598 [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:36:10.0434 0x0598 PNRPAutoReg - ok
22:36:10.0450 0x0598 [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:36:10.0450 0x0598 PNRPsvc - ok
22:36:10.0466 0x0598 [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:36:10.0481 0x0598 PolicyAgent - ok
22:36:10.0497 0x0598 [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power C:\Windows\system32\umpo.dll
22:36:10.0497 0x0598 Power - ok
22:36:10.0513 0x0598 [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:36:10.0513 0x0598 PptpMiniport - ok
22:36:10.0575 0x0598 [ 3D312AC13CB8D05822E9EFD234766BA7, 5914CAA563FAE4E21AD58A262369657135D320788A56ABF15C9D77E9ADC4CA36 ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
22:36:10.0638 0x0598 PrintNotify - ok
22:36:10.0638 0x0598 [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor C:\Windows\System32\drivers\processr.sys
22:36:10.0653 0x0598 Processor - ok
22:36:10.0653 0x0598 [ 1D7127048413309629233B50BF2DD9A6, 918322AFDD576D9966961B111F5E38BDDB4278F9456E7AA1A3453EC8CAF4B8A8 ] ProfSvc C:\Windows\system32\profsvc.dll
22:36:10.0669 0x0598 ProfSvc - ok
22:36:10.0684 0x0598 [ F115AF58ABE5605D7D709CBFBD83F418, 4855FCD6E455D6E374CE92E5B37D61E7E6D8A861BA76521E7CC2542621853471 ] ProtexisLicensing C:\Windows\SysWOW64\PSIService.exe
22:36:10.0700 0x0598 ProtexisLicensing - ok
22:36:10.0700 0x0598 [ AF038FA3D3748B7595FE7096AD803696, 55263B2424BE1F59F16050C8A0A3B16B2A3A4C212051170DE8A49AC387BE1386 ] Ps2Kb2Hid C:\Windows\System32\drivers\aPs2Kb2Hid.sys
22:36:10.0700 0x0598 Ps2Kb2Hid - ok
22:36:10.0716 0x0598 [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:36:10.0716 0x0598 Psched - ok
22:36:10.0731 0x0598 [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE C:\Windows\system32\qwave.dll
22:36:10.0747 0x0598 QWAVE - ok
22:36:10.0747 0x0598 [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:36:10.0763 0x0598 QWAVEdrv - ok
22:36:10.0763 0x0598 [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:36:10.0763 0x0598 RasAcd - ok
22:36:10.0778 0x0598 [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:36:10.0778 0x0598 RasAgileVpn - ok
22:36:10.0794 0x0598 [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto C:\Windows\System32\rasauto.dll
22:36:10.0794 0x0598 RasAuto - ok
22:36:10.0809 0x0598 [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:36:10.0825 0x0598 Rasl2tp - ok
22:36:10.0825 0x0598 [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan C:\Windows\System32\rasmans.dll
22:36:10.0841 0x0598 RasMan - ok
22:36:10.0841 0x0598 [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:36:10.0856 0x0598 RasPppoe - ok
22:36:10.0856 0x0598 [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:36:10.0872 0x0598 RasSstp - ok
22:36:10.0888 0x0598 [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:36:10.0903 0x0598 rdbss - ok
22:36:10.0903 0x0598 [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
22:36:10.0919 0x0598 rdpbus - ok
22:36:10.0919 0x0598 [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:36:10.0934 0x0598 RDPDR - ok
22:36:10.0934 0x0598 [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:36:10.0934 0x0598 RdpVideoMiniport - ok
22:36:10.0950 0x0598 [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:36:10.0950 0x0598 RDPWD - ok
22:36:10.0966 0x0598 [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:36:10.0981 0x0598 rdyboost - ok
22:36:10.0981 0x0598 [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:36:10.0997 0x0598 RemoteAccess - ok
22:36:10.0997 0x0598 [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:36:11.0013 0x0598 RemoteRegistry - ok
22:36:11.0013 0x0598 [ CF59781FCB68F859EB6C835ED285211D, E979014C07BF45F4F27E4433ED6B8FA618E4416CB01075FBF52CB2536EC63984 ] RfButtonDriverService C:\Windows\RfBtnSvc64.exe
22:36:11.0028 0x0598 RfButtonDriverService - ok
22:36:11.0028 0x0598 [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
22:36:11.0044 0x0598 RFCOMM - ok
22:36:11.0044 0x0598 [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:36:11.0059 0x0598 RpcEptMapper - ok
22:36:11.0059 0x0598 [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator C:\Windows\system32\locator.exe
22:36:11.0059 0x0598 RpcLocator - ok
22:36:11.0075 0x0598 [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs C:\Windows\system32\rpcss.dll
22:36:11.0106 0x0598 RpcSs - ok
22:36:11.0106 0x0598 [ B868B9C46B11067A809987415E8A08A0, 8139EF76613DD7F2A002E48A593B2B01C5AD38630B9E9E454EB271F8754D511B ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
22:36:11.0122 0x0598 RSPCIESTOR - ok
22:36:11.0122 0x0598 [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:36:11.0138 0x0598 rspndr - ok
22:36:11.0153 0x0598 [ 1E3B00B7645272F9033DDA2E26A0285B, 36E8BA7F2356227650E00AE85857BC06DB15E2A93132A4A5FCBC60E1E8EC33C4 ] rtop C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
22:36:11.0153 0x0598 rtop - ok
22:36:11.0153 0x0598 [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
22:36:11.0169 0x0598 s3cap - ok
22:36:11.0169 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs C:\Windows\system32\lsass.exe
22:36:11.0184 0x0598 SamSs - ok
22:36:11.0184 0x0598 [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:36:11.0200 0x0598 sbp2port - ok
22:36:11.0200 0x0598 [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:36:11.0216 0x0598 SCardSvr - ok
22:36:11.0216 0x0598 [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:36:11.0231 0x0598 scfilter - ok
22:36:11.0263 0x0598 [ 201C397A73DFEE109490F4BA1168CFC2, 74FC2A30CBF2E2197E75860A3B308CDCBEB3C28794ABED388B493505A2D84BAA ] Schedule C:\Windows\system32\schedsvc.dll
22:36:11.0294 0x0598 Schedule - ok
22:36:11.0294 0x0598 [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:36:11.0310 0x0598 SCPolicySvc - ok
22:36:11.0325 0x0598 [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus C:\Windows\System32\drivers\sdbus.sys
22:36:11.0325 0x0598 sdbus - ok
22:36:11.0341 0x0598 [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:36:11.0356 0x0598 SDRSVC - ok
22:36:11.0356 0x0598 [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor C:\Windows\System32\drivers\sdstor.sys
22:36:11.0356 0x0598 sdstor - ok
22:36:11.0372 0x0598 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:36:11.0372 0x0598 secdrv - ok
22:36:11.0372 0x0598 [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon C:\Windows\system32\seclogon.dll
22:36:11.0388 0x0598 seclogon - ok
22:36:11.0388 0x0598 [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS C:\Windows\System32\sens.dll
22:36:11.0403 0x0598 SENS - ok
22:36:11.0419 0x0598 [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:36:11.0435 0x0598 SensrSvc - ok
22:36:11.0435 0x0598 [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx C:\Windows\system32\drivers\SerCx.sys
22:36:11.0435 0x0598 SerCx - ok
22:36:11.0450 0x0598 [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum C:\Windows\System32\drivers\serenum.sys
22:36:11.0450 0x0598 Serenum - ok
22:36:11.0466 0x0598 [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial C:\Windows\System32\drivers\serial.sys
22:36:11.0466 0x0598 Serial - ok
22:36:11.0466 0x0598 [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse C:\Windows\System32\drivers\sermouse.sys
22:36:11.0481 0x0598 sermouse - ok
22:36:11.0497 0x0598 [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv C:\Windows\system32\sessenv.dll
22:36:11.0513 0x0598 SessionEnv - ok
22:36:11.0513 0x0598 [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
22:36:11.0528 0x0598 sfloppy - ok
22:36:11.0528 0x0598 [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:36:11.0544 0x0598 SharedAccess - ok
22:36:11.0560 0x0598 [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:36:11.0591 0x0598 ShellHWDetection - ok
22:36:11.0591 0x0598 [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:36:11.0606 0x0598 SiSRaid2 - ok
22:36:11.0606 0x0598 [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:36:11.0622 0x0598 SiSRaid4 - ok
22:36:11.0622 0x0598 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:36:11.0638 0x0598 SkypeUpdate - ok
22:36:11.0653 0x0598 [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:36:11.0653 0x0598 SNMPTRAP - ok
22:36:11.0669 0x0598 [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport C:\Windows\system32\drivers\spaceport.sys
22:36:11.0685 0x0598 spaceport - ok
22:36:11.0685 0x0598 [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
22:36:11.0685 0x0598 SpbCx - ok
22:36:11.0700 0x0598 [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler C:\Windows\System32\spoolsv.exe
22:36:11.0731 0x0598 Spooler - ok
22:36:11.0810 0x0598 [ 010FD9B14E98E49ABC4D14F6F9B2B76F, F11FA52B1B6A4FD1BF923BD75E3E0A52E472165E867DADF7A105E84016546BB5 ] sppsvc C:\Windows\system32\sppsvc.exe
22:36:11.0919 0x0598 sppsvc - ok
22:36:11.0919 0x0598 [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv C:\Windows\system32\DRIVERS\srv.sys
22:36:11.0935 0x0598 srv - ok
22:36:11.0950 0x0598 [ B56A855B23676CCE05B626C6037FD02F, 3C0DCB16A96BD6A002A4FAF1AF939AF470D95137CB745F5DAD039B5D8C956E30 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:36:11.0966 0x0598 srv2 - ok
22:36:11.0981 0x0598 [ 78E9665C8DC59106D133CBEF0F0C3DE3, 380FD51EE00CEF3FFEF9BFB5E14538E084F1DDF8D8F8BCDF4EC23CB8C3A40D2F ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:36:11.0997 0x0598 srvnet - ok
22:36:11.0997 0x0598 [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:36:12.0013 0x0598 SSDPSRV - ok
22:36:12.0013 0x0598 [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:36:12.0028 0x0598 SstpSvc - ok
22:36:12.0044 0x0598 [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
22:36:12.0044 0x0598 ssudmdm - ok
22:36:12.0075 0x0598 [ 4674D48019BB457B402A756BE8F437A3, 94EF17E9E0F3BFC1C163231596899FBBE67BA36D33427E80032E700E07814E60 ] StartMenuService C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
22:36:12.0091 0x0598 StartMenuService - ok
22:36:12.0091 0x0598 [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:36:12.0106 0x0598 stexstor - ok
22:36:12.0106 0x0598 [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc C:\Windows\System32\wiaservc.dll
22:36:12.0138 0x0598 stisvc - ok
22:36:12.0138 0x0598 [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci C:\Windows\system32\drivers\storahci.sys
22:36:12.0138 0x0598 storahci - ok
22:36:12.0153 0x0598 [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
22:36:12.0153 0x0598 storflt - ok
22:36:12.0153 0x0598 [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc C:\Windows\system32\storsvc.dll
22:36:12.0169 0x0598 StorSvc - ok
22:36:12.0169 0x0598 [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:36:12.0185 0x0598 storvsc - ok
22:36:12.0185 0x0598 [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc C:\Windows\system32\svsvc.dll
22:36:12.0200 0x0598 svsvc - ok
22:36:12.0200 0x0598 [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum C:\Windows\System32\drivers\swenum.sys
22:36:12.0200 0x0598 swenum - ok
22:36:12.0216 0x0598 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:36:12.0231 0x0598 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
22:36:14.0607 0x0598 Detect skipped due to KSN trusted
22:36:14.0607 0x0598 SwitchBoard - ok
22:36:14.0622 0x0598 [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv C:\Windows\System32\swprv.dll
22:36:14.0638 0x0598 swprv - ok
22:36:14.0653 0x0598 [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain C:\Windows\system32\sysmain.dll
22:36:14.0685 0x0598 SysMain - ok
22:36:14.0700 0x0598 [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
22:36:14.0716 0x0598 SystemEventsBroker - ok
22:36:14.0716 0x0598 [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\Windows\System32\TabSvc.dll
22:36:14.0732 0x0598 TabletInputService - ok
22:36:14.0732 0x0598 [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv C:\Windows\System32\tapisrv.dll
22:36:14.0747 0x0598 TapiSrv - ok
22:36:14.0794 0x0598 [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:36:14.0841 0x0598 Tcpip - ok
22:36:14.0888 0x0598 [ 2AE9136724568DB4F08BC04F131CFC54, 11AA017AE39D0A63233D01A8AE33FD53D5302683E037D29B73366D6233764080 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:36:14.0935 0x0598 TCPIP6 - ok
22:36:14.0935 0x0598 [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:36:14.0950 0x0598 tcpipreg - ok
22:36:14.0950 0x0598 [ 217AEE5DAE1BEF81A1E9A184C4C0BF6A, E554EBE85EE27186C1BD3005E757F356D76574EAFD3E5E03A490C9B8DF19F21A ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:36:14.0966 0x0598 tdx - ok
22:36:14.0966 0x0598 [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt C:\Windows\System32\drivers\terminpt.sys
22:36:14.0982 0x0598 terminpt - ok
22:36:14.0997 0x0598 [ 2B3D2FDF50EDABEBE0A9E6F741C81858, F0C3A1DC968C5D28EF68BE4352577B4F8D4B4FB6274268DCCCD8A5C132DEC2F9 ] TermService C:\Windows\System32\termsrv.dll
22:36:15.0013 0x0598 TermService - ok
22:36:15.0013 0x0598 [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes C:\Windows\system32\themeservice.dll
22:36:15.0028 0x0598 Themes - ok
22:36:15.0028 0x0598 [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER C:\Windows\system32\mmcss.dll
22:36:15.0044 0x0598 THREADORDER - ok
22:36:15.0044 0x0598 [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
22:36:15.0060 0x0598 TimeBroker - ok
22:36:15.0060 0x0598 [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM C:\Windows\system32\drivers\tpm.sys
22:36:15.0075 0x0598 TPM - ok
22:36:15.0075 0x0598 [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks C:\Windows\System32\trkwks.dll
22:36:15.0091 0x0598 TrkWks - ok
22:36:15.0091 0x0598 [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:36:15.0107 0x0598 TrustedInstaller - ok
22:36:15.0107 0x0598 [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
22:36:15.0122 0x0598 TsUsbFlt - ok
22:36:15.0122 0x0598 [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
22:36:15.0122 0x0598 TsUsbGD - ok
22:36:15.0138 0x0598 [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:36:15.0153 0x0598 tunnel - ok
22:36:15.0153 0x0598 [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:36:15.0153 0x0598 uagp35 - ok
22:36:15.0169 0x0598 [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
22:36:15.0169 0x0598 UASPStor - ok
22:36:15.0169 0x0598 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
22:36:15.0185 0x0598 UBHelper - ok
22:36:15.0185 0x0598 [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
22:36:15.0200 0x0598 UCX01000 - ok
22:36:15.0200 0x0598 [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:36:15.0216 0x0598 udfs - ok
22:36:15.0232 0x0598 [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:36:15.0232 0x0598 UI0Detect - ok
22:36:15.0247 0x0598 [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:36:15.0247 0x0598 uliagpkx - ok
22:36:15.0247 0x0598 [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus C:\Windows\System32\drivers\umbus.sys
22:36:15.0263 0x0598 umbus - ok
22:36:15.0263 0x0598 [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass C:\Windows\System32\drivers\umpass.sys
22:36:15.0263 0x0598 UmPass - ok
22:36:15.0278 0x0598 [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService C:\Windows\System32\umrdp.dll
22:36:15.0294 0x0598 UmRdpService - ok
22:36:15.0294 0x0598 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:36:15.0310 0x0598 UNS - ok
22:36:15.0325 0x0598 [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost C:\Windows\System32\upnphost.dll
22:36:15.0341 0x0598 upnphost - ok
22:36:15.0341 0x0598 [ 9E9F21FF91D7ECC0BCCB94D3FE52A959, 85461393D62ED939F6741C2D0A90C8AB34F4415173223BB4CFC119715D10E7A7 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
22:36:15.0357 0x0598 usbaudio - ok
22:36:15.0357 0x0598 [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
22:36:15.0372 0x0598 usbccgp - ok
22:36:15.0372 0x0598 [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir C:\Windows\System32\drivers\usbcir.sys
22:36:15.0388 0x0598 usbcir - ok
22:36:15.0388 0x0598 [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci C:\Windows\System32\drivers\usbehci.sys
22:36:15.0403 0x0598 usbehci - ok
22:36:15.0403 0x0598 [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub C:\Windows\System32\drivers\usbhub.sys
22:36:15.0435 0x0598 usbhub - ok
22:36:15.0435 0x0598 [ FAAB461D5AEB21EE5FC5C0DBD6648223, 187EB7AC6CDE39621C587EB1551DBC358DE2BC7C8A4265DB817C9D6F5ADE54A3 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
22:36:15.0450 0x0598 USBHUB3 - ok
22:36:15.0466 0x0598 [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci C:\Windows\System32\drivers\usbohci.sys
22:36:15.0466 0x0598 usbohci - ok
22:36:15.0466 0x0598 [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint C:\Windows\System32\drivers\usbprint.sys
22:36:15.0482 0x0598 usbprint - ok
22:36:15.0482 0x0598 [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
22:36:15.0497 0x0598 USBSTOR - ok
22:36:15.0497 0x0598 [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
22:36:15.0497 0x0598 usbuhci - ok
22:36:15.0513 0x0598 [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:36:15.0513 0x0598 usbvideo - ok
22:36:15.0528 0x0598 [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
22:36:15.0544 0x0598 USBXHCI - ok
22:36:15.0544 0x0598 [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc C:\Windows\system32\lsass.exe
22:36:15.0560 0x0598 VaultSvc - ok
22:36:15.0560 0x0598 [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:36:15.0560 0x0598 vdrvroot - ok
22:36:15.0575 0x0598 [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds C:\Windows\System32\vds.exe
22:36:15.0607 0x0598 vds - ok
22:36:15.0607 0x0598 [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
22:36:15.0607 0x0598 VerifierExt - ok
22:36:15.0622 0x0598 [ D4051AA2ACD38AABF9DEC24B8A331EB1, 377D5DD98E4E09F3CCC330852F9FD9E4CC2069AE1A1C1AFBC90002FE3101708B ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
22:36:15.0638 0x0598 vhdmp - ok
22:36:15.0638 0x0598 [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide C:\Windows\system32\drivers\viaide.sys
22:36:15.0653 0x0598 viaide - ok
22:36:15.0653 0x0598 [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:36:15.0669 0x0598 vmbus - ok
22:36:15.0669 0x0598 [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
22:36:15.0669 0x0598 VMBusHID - ok
22:36:15.0685 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat C:\Windows\System32\ICSvc.dll
22:36:15.0700 0x0598 vmicheartbeat - ok
22:36:15.0700 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\Windows\System32\ICSvc.dll
22:36:15.0716 0x0598 vmickvpexchange - ok
22:36:15.0732 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv C:\Windows\System32\ICSvc.dll
22:36:15.0747 0x0598 vmicrdv - ok
22:36:15.0747 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown C:\Windows\System32\ICSvc.dll
22:36:15.0763 0x0598 vmicshutdown - ok
22:36:15.0763 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync C:\Windows\System32\ICSvc.dll
22:36:15.0778 0x0598 vmictimesync - ok
22:36:15.0794 0x0598 [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss C:\Windows\System32\ICSvc.dll
22:36:15.0810 0x0598 vmicvss - ok
22:36:15.0810 0x0598 [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:36:15.0825 0x0598 volmgr - ok
22:36:15.0825 0x0598 [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:36:15.0841 0x0598 volmgrx - ok
22:36:15.0857 0x0598 [ AA37946941ED3805AB3A924965907147, 11BD8FA585F193EED050458E93679D730FC2C09D19237DA40B0190132D328CB2 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:36:15.0857 0x0598 volsnap - ok
22:36:15.0872 0x0598 [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci C:\Windows\System32\drivers\vpci.sys
22:36:15.0872 0x0598 vpci - ok
22:36:15.0888 0x0598 [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:36:15.0888 0x0598 vsmraid - ok
22:36:15.0919 0x0598 [ FE37051171F3B90B18037FDBAC5B9D76, F220D71512E059F298F3CD958D69BE7225A8E8D492387347E75A0E615159782A ] VSS C:\Windows\system32\vssvc.exe
22:36:15.0950 0x0598 VSS - ok
22:36:15.0966 0x0598 [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
22:36:15.0982 0x0598 VSTXRAID - ok
22:36:15.0982 0x0598 [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:36:15.0982 0x0598 vwifibus - ok
22:36:15.0997 0x0598 [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
22:36:15.0997 0x0598 vwififlt - ok
22:36:16.0013 0x0598 [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
22:36:16.0013 0x0598 vwifimp - ok
22:36:16.0029 0x0598 [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time C:\Windows\system32\w32time.dll
22:36:16.0044 0x0598 W32Time - ok
22:36:16.0044 0x0598 [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen C:\Windows\System32\drivers\wacompen.sys
22:36:16.0060 0x0598 WacomPen - ok
22:36:16.0060 0x0598 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:36:16.0060 0x0598 Wanarp - ok
22:36:16.0075 0x0598 [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:36:16.0075 0x0598 Wanarpv6 - ok
22:36:16.0107 0x0598 [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine C:\Windows\system32\wbengine.exe
22:36:16.0138 0x0598 wbengine - ok
22:36:16.0154 0x0598 [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:36:16.0169 0x0598 WbioSrvc - ok
22:36:16.0169 0x0598 [ F43314B83101DEBF7D7CCD42493CFC60, F4B70372559F2FD9A74FB87422EC6EF024F925AE4D838473E04E6B48AB7255AF ] Wcmsvc C:\Windows\System32\wcmsvc.dll
22:36:16.0185 0x0598 Wcmsvc - ok
22:36:16.0200 0x0598 [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:36:16.0216 0x0598 wcncsvc - ok
22:36:16.0216 0x0598 [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:36:16.0232 0x0598 WcsPlugInService - ok
22:36:16.0232 0x0598 [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd C:\Windows\system32\drivers\wd.sys
22:36:16.0247 0x0598 Wd - ok
22:36:16.0247 0x0598 [ 5A416C253D2C50327928ABC4A1D8A0F2, A3A41F3E6229D86F85F68062BBEA38290FB78B3D3F0D8DF3B6C01FF5B93A9F16 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
22:36:16.0247 0x0598 WdBoot - ok
22:36:16.0247 0x0598 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\System32\drivers\wdcsam64.sys
22:36:16.0263 0x0598 WDC_SAM - ok
22:36:16.0279 0x0598 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:36:16.0294 0x0598 Wdf01000 - ok
22:36:16.0310 0x0598 [ 6FBA6CD2348DEC440D0C6D511C55F3FE, 0CB50B57D9C6E56B20FA8777540E2C8C5702753758075DA4C310A7B2B2F8A352 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
22:36:16.0310 0x0598 WdFilter - ok
22:36:16.0325 0x0598 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:36:16.0341 0x0598 WdiServiceHost - ok
22:36:16.0341 0x0598 [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:36:16.0357 0x0598 WdiSystemHost - ok
22:36:16.0357 0x0598 [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient C:\Windows\System32\webclnt.dll
22:36:16.0372 0x0598 WebClient - ok
22:36:16.0388 0x0598 [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:36:16.0388 0x0598 Wecsvc - ok
22:36:16.0404 0x0598 [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:36:16.0419 0x0598 wercplsupport - ok
22:36:16.0419 0x0598 [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc C:\Windows\System32\WerSvc.dll
22:36:16.0435 0x0598 WerSvc - ok
22:36:16.0435 0x0598 [ 8FDA12E934C7BB7CC317F90FC70DC4FC, AA0DA063BCE5692DFD46F0AAE07727B38D4AA87A9BAEBAFF137F9CAAF2808EC0 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
22:36:16.0450 0x0598 WFPLWFS - ok
22:36:16.0450 0x0598 [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc C:\Windows\System32\wiarpc.dll
22:36:16.0466 0x0598 WiaRpc - ok
22:36:16.0466 0x0598 [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:36:16.0482 0x0598 WIMMount - ok
22:36:16.0482 0x0598 WinDefend - ok
22:36:16.0497 0x0598 [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
22:36:16.0513 0x0598 WinHttpAutoProxySvc - ok
22:36:16.0529 0x0598 [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:36:16.0544 0x0598 Winmgmt - ok
22:36:16.0591 0x0598 [ 89DA335401D956F2696E35A38817BE19, D5A8D5C0BE285564AB0DF1B4594FE612359C72BE3B64063C3460BB73AA34F413 ] WinRM C:\Windows\system32\WsmSvc.dll
22:36:16.0638 0x0598 WinRM - ok
22:36:16.0654 0x0598 [ BB20956C424531003F7FA6CD36F11D5D, 2C55F1C7553A527A7C4C34E730BE943269AE23928731C64D3DC945E07AE1771E ] WinUsb C:\Windows\System32\drivers\WinUsb.sys
22:36:16.0669 0x0598 WinUsb - ok
22:36:16.0685 0x0598 [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc C:\Windows\System32\wlansvc.dll
22:36:16.0716 0x0598 WlanSvc - ok
22:36:16.0763 0x0598 [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc C:\Windows\system32\wlidsvc.dll
22:36:16.0794 0x0598 wlidsvc - ok
22:36:16.0794 0x0598 [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
22:36:16.0810 0x0598 WmiAcpi - ok
22:36:16.0810 0x0598 [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:36:16.0825 0x0598 wmiApSrv - ok
22:36:16.0825 0x0598 WMPNetworkSvc - ok
22:36:16.0841 0x0598 [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
22:36:16.0841 0x0598 wpcfltr - ok
22:36:16.0841 0x0598 [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:36:16.0857 0x0598 WPCSvc - ok
22:36:16.0857 0x0598 [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:36:16.0872 0x0598 WPDBusEnum - ok
22:36:16.0872 0x0598 [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
22:36:16.0888 0x0598 WpdUpFltr - ok
22:36:16.0888 0x0598 [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:36:16.0888 0x0598 ws2ifsl - ok
22:36:16.0904 0x0598 [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc C:\Windows\System32\wscsvc.dll
22:36:16.0904 0x0598 wscsvc - ok
22:36:16.0919 0x0598 [ 74EFDA0526862C3D8D01A776182798EA, 7C9AD6118CB344C63B60A8BA5FA8C85ADED30933821ABD1427857E826EFC2952 ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
22:36:16.0919 0x0598 WSDPrintDevice - ok
22:36:16.0919 0x0598 [ FA07DF46070F0826139709EF4D31FB71, 8F46A55D5C4336536E7974C9CEAFED55E7E9E9BF133D2AD0F6A55174F70B2F03 ] WSDScan C:\Windows\System32\drivers\WSDScan.sys
22:36:16.0935 0x0598 WSDScan - ok
22:36:16.0935 0x0598 WSearch - ok
22:36:16.0982 0x0598 [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService C:\Windows\System32\WSService.dll
22:36:17.0029 0x0598 WSService - ok
22:36:17.0091 0x0598 [ C5B45464B98F211FE58AEE62CFF21F05, A0AB6142F35707102B75C9C29A749C7EB12CB6F5E85E6BA67C5B961AF7EB3BE8 ] wuauserv C:\Windows\system32\wuaueng.dll
22:36:17.0154 0x0598 wuauserv - ok
22:36:17.0154 0x0598 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:36:17.0169 0x0598 WudfPf - ok
22:36:17.0169 0x0598 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
22:36:17.0185 0x0598 WUDFRd - ok
22:36:17.0185 0x0598 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:36:17.0200 0x0598 wudfsvc - ok
22:36:17.0200 0x0598 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
22:36:17.0216 0x0598 WUDFWpdFs - ok
22:36:17.0216 0x0598 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys
22:36:17.0232 0x0598 WUDFWpdMtp - ok
22:36:17.0247 0x0598 [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:36:17.0263 0x0598 WwanSvc - ok
22:36:17.0263 0x0598 [ BB1842E3AA602B401F7692718B0D0F9A, 6DE508F6CC917D046E61730706C70EF2965B12A7A31F180C22DF8BFA30C0CF67 ] ZAtheros Wlan Agent C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
22:36:17.0263 0x0598 ZAtheros Wlan Agent - detected UnsignedFile.Multi.Generic ( 1 )
22:36:19.0623 0x0598 Detect skipped due to KSN trusted
22:36:19.0623 0x0598 ZAtheros Wlan Agent - ok
22:36:19.0638 0x0598 ================ Scan global ===============================
22:36:19.0638 0x0598 [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\Windows\system32\basesrv.dll
22:36:19.0654 0x0598 [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\Windows\system32\winsrv.dll
22:36:19.0654 0x0598 [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\Windows\system32\sxssrv.dll
22:36:19.0669 0x0598 [ 590A2B4198DD35AA42893BA04F66FD3F, BDD9609F43275E895AE3A685DF921B19F11E4D8617F7BD3D4BA21A230EB9A060 ] C:\Windows\system32\services.exe
22:36:19.0669 0x0598 [ Global ] - ok
22:36:19.0669 0x0598 ================ Scan MBR ==================================
22:36:19.0669 0x0598 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:36:19.0716 0x0598 \Device\Harddisk0\DR0 - ok
22:36:19.0716 0x0598 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
22:36:20.0107 0x0598 \Device\Harddisk1\DR1 - ok
22:36:20.0107 0x0598 ================ Scan VBR ==================================
22:36:20.0107 0x0598 [ 1DD312DB413D82C7ED49B9FB05334035 ] \Device\Harddisk0\DR0\Partition1
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition1 - ok
22:36:20.0107 0x0598 [ 2793071A1EAF908686C8E6AEC714A6DB ] \Device\Harddisk0\DR0\Partition2
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition2 - ok
22:36:20.0107 0x0598 [ AAA70266135E901B74ECC71C6C64D272 ] \Device\Harddisk0\DR0\Partition3
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition3 - ok
22:36:20.0107 0x0598 [ 8A066CB216B952E01C7F58CC3AA2B40E ] \Device\Harddisk0\DR0\Partition4
22:36:20.0107 0x0598 \Device\Harddisk0\DR0\Partition4 - ok
22:36:20.0123 0x0598 [ 28E78E203442BC541DBDA0F493D9CA58 ] \Device\Harddisk1\DR1\Partition1
22:36:20.0123 0x0598 \Device\Harddisk1\DR1\Partition1 - ok
22:36:20.0138 0x0598 [ C7140EE0D8BD199563515902BFD1CE6E ] \Device\Harddisk1\DR1\Partition2
22:36:20.0138 0x0598 \Device\Harddisk1\DR1\Partition2 - ok
22:36:20.0138 0x0598 ================ Scan generic autorun ======================
22:36:20.0154 0x0598 [ 50D1476C84446135A990F4939DC2DC1D, D062F92863E32EC075BD672F3C185CE8C9329F8B679D5508C396131B1DB30EF7 ] C:\Dolby PCEE4\pcee4.exe
22:36:20.0169 0x0598 Dolby Home Theater v4 - ok
22:36:20.0185 0x0598 [ 66598E7BC1960E5E57A646B69671182F, A6B5008742A3E5C506C870CBA27711AF6F25B840E7B869FB33E9C080A4917C76 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
22:36:20.0201 0x0598 avgnt - ok
22:36:20.0216 0x0598 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:36:20.0232 0x0598 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
22:36:20.0232 0x0598 Detect skipped due to KSN trusted
22:36:20.0232 0x0598 SwitchBoard - ok
22:36:20.0248 0x0598 [ E1636F57581CAB5D995FD54D2991EF57, BB6B3D005054D386D596A4BA4D9D2F1284D7C845C1CD5EE63775B4569559E0EB ] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe
22:36:20.0279 0x0598 AdobeCS5.5ServiceManager - ok
22:36:20.0279 0x0598 [ CAA71374014DA23AF7E10F15EA975BDF, 8768D29F9494AEF1ED1817C685CDEF12CAB309310E9BB6929CA9340166E91AA2 ] C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe
22:36:20.0294 0x0598 Ulead AutoDetector v2 - detected UnsignedFile.Multi.Generic ( 1 )
22:36:22.0686 0x0598 Detect skipped due to KSN trusted
22:36:22.0686 0x0598 Ulead AutoDetector v2 - ok
22:36:22.0686 0x0598 [ B793DDE01D181ED91F333BF10FE2FC50, F9BA0FD8EC0C0E9D7E5969BC9ED0D0322EDFC8E65B11F642A7118B41F5BF197F ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
22:36:22.0701 0x0598 IJNetworkScannerSelectorEX - ok
22:36:22.0701 0x0598 [ E127B5D81CE968CD3858AF6BDCADEC7C, AF426B8259E2801679A8E3FAE42B617D0DA1D4E834DF0F7B1FD93AB5E64CBE34 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
22:36:22.0717 0x0598 Avira SystrayStartTrigger - ok
22:36:22.0717 0x0598 IsMyWinLockerReboot - ok
22:36:22.0717 0x0598 IsMyWinLockerReboot - ok
22:36:22.0717 0x0598 Skype - ok
22:36:22.0748 0x0598 [ 562A46474509A0F52C5035727207FD40, 47769A2738B11C2A6D459663249BD9CD79ACF4E1178768F1DF5ADEA11B3079E0 ] c:\users\sabine\appdata\local\chromium\application\chrome.exe
22:36:22.0764 0x0598 Chromium - detected UnsignedFile.Multi.Generic ( 1 )
22:36:25.0405 0x0598 Chromium ( UnsignedFile.Multi.Generic ) - warning
22:36:27.0811 0x0598 Waiting for KSN requests completion. In queue: 5
22:36:28.0827 0x0598 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.20.55 ), 0x41000 ( enabled : updated )
22:36:28.0827 0x0598 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
22:36:28.0842 0x0598 Win FW state via NFP2: enabled ( trusted )
22:36:31.0249 0x0598 ============================================================
22:36:31.0249 0x0598 Scan finished
22:36:31.0249 0x0598 ============================================================
22:36:31.0249 0x013c Detected object count: 1
22:36:31.0249 0x013c Actual detected object count: 1
22:37:00.0612 0x013c Chromium ( UnsignedFile.Multi.Generic ) - skipped by user
22:37:00.0612 0x013c Chromium ( UnsignedFile.Multi.Generic ) - User select action: Skip
Geändert von SabineB. (16.09.2016 um 22:31 Uhr) |
|
17.09.2016, 10:56
| #6 |
| /// TB-Ausbilder | Trojan Dropper Servus, bitte bis auf Weiteres keine Online-Geschäfte ausführen. Du hast dreimal die Logdatei von TDSS-Killer gepostet, jedoch fehlen die Logdateien von FRST (FRST.txt und Addition.txt). Bitte nachreichen. |
|
17.09.2016, 11:04
| #7 |
| | Trojan Dropper Hallo Matthias oh, da bin ich wohl durcheinander gekommen. FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2016
durchgeführt von Sabine (Administrator) auf SABINEB (17-09-2016 11:59:25)
Gestartet von C:\Users\Sabine\Desktop
Geladene Profile: UpdatusUser & Sabine & (Verfügbare Profile: UpdatusUser & Sabine)
Platform: Windows 8 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PSIService.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
() C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(AO Kaspersky Lab) C:\Users\Sabine\Desktop\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\Sabine\AppData\Local\Temp\{20C998B0-DF98-4408-A58C-1386F186220A}\{2B0E21F3-71B7-49E0-BEE8-D8951D7DD8D7}.exe
(VideoLAN) D:\VLC\vlc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-09-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2004-11-26] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [RegAutoPlay] => C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe /r
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\Run: [Chromium] => c:\users\sabine\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\MountPoints2: {575b8924-bac1-11e4-be70-7c050720b50f} - "G:\install.EXE" id= ver=1.0.0.0
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Chromium] => c:\users\sabine\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {575b8924-bac1-11e4-be70-7c050720b50f} - "G:\install.EXE" id= ver=1.0.0.0
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-12-20]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A931A0D1-6BCD-4E1B-9498-84DA70CD568F}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
URLSearchHook: [S-1-5-21-1592407861-1572848030-1984046367-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
SearchScopes: HKLM-x32 -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2012-11-10] (Qualcomm Atheros Commnucations)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-10-17] (IObit)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo! Powered
FF SelectedSearchEngine: Yahoo! Powered
FF Homepage: www.bluewin.ch
FF Session Restore: -> ist aktiviert.
FF Keyword.URL: user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-07-08] (Nero AG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\user.js [2015-08-06]
FF SearchPlugin: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\searchplugins\avira-safesearch.xml [2015-02-23]
FF Extension: (Firefox Hotfix) - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-09]
FF Extension: (Adblock Plus) - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-31]
FF Extension: (Adblock Edge) - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-08-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-09-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-09-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-09-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1454720 2016-09-13] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-03-28] (Dritek System INC.)
R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [254280 2016-09-16] ()
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-05-20] (IObit)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-11-09] (Atheros) [Datei ist nicht signiert]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2015-06-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-31] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-10] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-13] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-06-24] ()
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-28] (Dritek System Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-01-31] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [275712 2015-01-31] (Microsoft Corporation)
S3 cpuz137; \??\C:\Users\Sabine\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-17 11:59 - 2016-09-17 11:59 - 00017715 _____ C:\Users\Sabine\Desktop\FRST.txt
2016-09-16 22:33 - 2016-09-16 22:37 - 00231804 _____ C:\TDSSKiller.3.1.0.11_16.09.2016_22.33.37_log.txt
2016-09-16 22:30 - 2016-09-16 22:31 - 00000562 _____ C:\TDSSKiller.3.1.0.11_16.09.2016_22.30.19_log.txt
2016-09-16 22:28 - 2016-09-16 22:28 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Sabine\Desktop\tdsskiller.exe
2016-09-16 22:26 - 2016-09-17 11:59 - 00000000 ____D C:\FRST
2016-09-16 19:32 - 2016-09-16 19:32 - 00003476 _____ C:\Windows\System32\Tasks\ByteFence Scan
2016-09-16 19:32 - 2016-09-16 19:32 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
2016-09-16 19:17 - 2016-09-16 19:17 - 00001461 _____ C:\Users\Sabine\Desktop\Malwarebytes.txt
2016-09-16 19:11 - 2016-09-16 19:11 - 02399232 _____ (Farbar) C:\Users\Sabine\Desktop\FRST64.exe
2016-09-16 19:04 - 2016-09-16 19:16 - 00000000 ____D C:\Users\TEMP.SabineB
2016-09-16 18:44 - 2016-09-16 19:04 - 00000000 ____D C:\Users\TEMP
2016-09-16 18:37 - 2016-09-16 18:37 - 00000000 ____D C:\ProgramData\ByteFence
2016-09-16 18:27 - 2016-09-16 22:27 - 00000000 ____D C:\Program Files\ByteFence
2016-09-16 18:27 - 2016-09-16 18:27 - 00003370 _____ C:\Windows\System32\Tasks\ByteFence
2016-09-16 18:26 - 2016-09-16 18:29 - 00000000 ____D C:\KMPlayer
2016-09-08 14:00 - 2016-09-06 15:27 - 00011790 _____ C:\Users\Sabine\Documents\untitled_0.odt
2016-09-07 14:57 - 2016-09-07 14:58 - 00000000 ____D C:\Users\Sabine\AppData\Local\Nero
2016-09-07 14:57 - 2016-09-07 14:57 - 00000000 ____D C:\Users\Sabine\AppData\Local\Nero_AG
2016-09-07 14:46 - 2016-09-07 14:50 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\Nero
2016-09-07 14:45 - 2016-09-07 14:45 - 00000000 ____D C:\Windows\System32\Tasks\Nero
2016-09-07 14:44 - 2016-09-07 14:44 - 00002913 _____ C:\Users\Public\Desktop\Nero 2016.lnk
2016-09-07 14:41 - 2016-09-07 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016
2016-09-07 14:40 - 2016-09-07 14:45 - 00000000 ____D C:\ProgramData\Nero
2016-09-07 14:40 - 2016-09-07 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-09-07 14:40 - 2016-09-07 14:44 - 00000000 ____D C:\Program Files (x86)\Nero
2016-08-31 18:13 - 2016-08-31 18:13 - 00000000 ____D C:\Users\Sabine\Desktop\ld_Chloe K4 Morphlet
2016-08-31 13:47 - 2016-09-16 18:40 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\WinPatrol
2016-08-31 13:47 - 2016-09-16 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2016-08-30 16:16 - 2016-08-30 16:16 - 00002269 _____ C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-08-30 16:16 - 2016-08-30 16:16 - 00000000 ____D C:\Users\Sabine\AppData\Local\chromium
2016-08-30 16:15 - 2016-09-17 11:15 - 00000292 _____ C:\Windows\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}.job
2016-08-30 16:15 - 2016-08-30 16:15 - 00002630 _____ C:\Windows\System32\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}
2016-08-30 16:15 - 2016-08-30 16:15 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-08-29 01:25 - 2016-08-29 01:25 - 00000000 ____D C:\Users\Sabine\Desktop\MavkaWitchyPoo_191802
2016-08-29 01:24 - 2016-08-29 01:24 - 00000000 ____D C:\Users\Sabine\Desktop\Bells3_167802
2016-08-29 01:24 - 2016-08-29 01:24 - 00000000 ____D C:\Users\Sabine\Desktop\Bells2_167801
2016-08-29 01:24 - 2016-08-29 01:24 - 00000000 ____D C:\Users\Sabine\Desktop\Bells1_167800
2016-08-25 16:38 - 2016-08-30 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-23 18:43 - 2016-08-23 18:43 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Neila-Textures_189244
2016-08-23 18:43 - 2016-08-23 18:43 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Charity-Textures_192458
2016-08-23 18:43 - 2016-08-23 18:43 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Charity-Poser_192456
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Neila-Poser_189242
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\RhayvaenHair_171398
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\Rhayvaen_V4_171383
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\Rhayvaen_TX_171386
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-17 11:51 - 2015-07-15 16:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-17 09:54 - 2015-02-23 17:47 - 00000000 ____D C:\Users\Sabine\AppData\Local\Adobe
2016-09-16 23:38 - 2015-02-22 20:54 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\vlc
2016-09-16 23:38 - 2015-02-22 20:14 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1592407861-1572848030-1984046367-1002
2016-09-16 21:10 - 2015-09-06 13:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-16 19:18 - 2013-03-28 13:31 - 00780976 _____ C:\Windows\system32\perfh010.dat
2016-09-16 19:18 - 2013-03-28 13:31 - 00152608 _____ C:\Windows\system32\perfc010.dat
2016-09-16 19:18 - 2013-03-28 13:28 - 00790022 _____ C:\Windows\system32\perfh00C.dat
2016-09-16 19:18 - 2013-03-28 13:28 - 00155084 _____ C:\Windows\system32\perfc00C.dat
2016-09-16 19:18 - 2013-03-28 13:25 - 00753134 _____ C:\Windows\system32\perfh007.dat
2016-09-16 19:18 - 2013-03-28 13:25 - 00155826 _____ C:\Windows\system32\perfc007.dat
2016-09-16 19:18 - 2012-07-26 09:28 - 03624158 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-16 19:18 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\Inf
2016-09-16 19:14 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-16 19:01 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-09-16 18:41 - 2012-12-20 06:28 - 00000000 ____D C:\Windows\oem
2016-09-16 16:10 - 2015-02-22 21:02 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\dvdcss
2016-09-16 15:49 - 2015-02-22 21:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-16 15:49 - 2015-02-22 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-15 13:11 - 2015-06-14 19:11 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-14 19:00 - 2015-03-07 17:22 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-14 17:15 - 2012-07-26 10:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-14 17:15 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-09-14 07:21 - 2015-02-22 20:17 - 00000000 ____D C:\ProgramData\ProductData
2016-09-13 10:51 - 2015-07-15 16:53 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 10:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-13 10:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-07 08:17 - 2015-02-28 14:47 - 00001056 ___SH C:\Windows\SysWOW64\KGyGaAvL.sys
2016-09-07 08:17 - 2015-02-28 14:47 - 00000000 ____D C:\Users\Sabine\AppData\Local\Corel
2016-09-07 08:17 - 2015-02-28 14:45 - 00000000 ____D C:\Users\Sabine\Documents\My PSP Files
2016-09-07 08:15 - 2015-02-23 13:47 - 00000000 ____D C:\Users\Sabine\Documents\Trickkiste Backup2
2016-09-06 15:12 - 2015-02-23 13:40 - 00019681 _____ C:\Users\Sabine\Desktop\passwörter2.odt
2016-09-06 15:12 - 2015-02-22 22:58 - 06579712 ___SH C:\Users\Sabine\Desktop\Thumbs.db
2016-09-06 15:12 - 2015-02-22 21:33 - 00000000 ____D C:\Users\Sabine\Desktop\Katzenfutter-Rechner_2014.06. angepasst
2016-08-31 18:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\tracing
2016-08-30 16:40 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\Performance
2016-08-30 16:27 - 2015-03-06 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-30 16:15 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-08-30 16:15 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-02-24 09:19 - 1998-05-11 21:01 - 0280576 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcrt.dll
2015-02-24 09:19 - 1998-05-06 19:19 - 0210944 _____ () C:\Program Files (x86)\MSVCRT10.DLL
2015-02-24 09:19 - 1998-05-11 21:01 - 0274432 _____ (Microsoft Corporation) C:\Program Files (x86)\MSVCRT20.DLL
2015-02-24 09:19 - 1996-10-15 11:40 - 0326656 _____ (Microsoft Corporation) C:\Program Files (x86)\Msvcrt40.dll
2015-02-24 09:19 - 1996-10-30 10:35 - 0032768 _____ (Adobe Systems, Inc.) C:\Program Files (x86)\plugin.dll
2015-12-16 15:22 - 2016-03-13 16:35 - 0000132 _____ () C:\Users\Sabine\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-04-20 15:31 - 2015-11-05 19:39 - 0000034 _____ () C:\Users\Sabine\AppData\Roaming\SmithMicroDLM.cfg
2016-02-09 20:04 - 2016-04-05 13:27 - 0001456 _____ () C:\Users\Sabine\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2013-03-28 13:56 - 2013-03-28 13:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Windows\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}.job
Einige Dateien in TEMP:
====================
C:\Users\Sabine\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-10 23:10
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2016
durchgeführt von Sabine (17-09-2016 11:59:45)
Gestartet von C:\Users\Sabine\Desktop
Windows 8 (X64) (2015-02-22 18:07:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1592407861-1572848030-1984046367-500 - Administrator - Disabled)
Gast (S-1-5-21-1592407861-1572848030-1984046367-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1592407861-1572848030-1984046367-1004 - Limited - Enabled)
Sabine (S-1-5-21-1592407861-1572848030-1984046367-1002 - Administrator - Enabled) => C:\Users\Sabine
UpdatusUser (S-1-5-21-1592407861-1572848030-1984046367-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3012 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Agatha Christie - Das Böse unter der Sonne (HKLM-x32\...\{23B806E8-BA3C-4FC2-AAB8-116FC8514697}) (Version: 1.0 - )
Alien Skin Xenofex 2.0 (HKLM-x32\...\Xenofex2) (Version: - )
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.2020.116 - Alps Electric)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 2.5.0.0 - Byte Technologies LLC) <==== ACHTUNG
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.001.0000 - Corel Corporation)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.41) (Version: 1.1.0.41 - DAZ 3D)
DAZ PostgreSQL CMS (HKLM-x32\...\DAZ PostgreSQL CMS 9.3.4.3) (Version: 9.3.4.3 - DAZ 3D)
DAZ Studio 4.8 (64bit) (HKLM-x32\...\DAZ Studio 4.8 (64bit) 4.8.0.59) (Version: 4.8.0.59 - DAZ 3D)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.1.2.2 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Nero 2016 (HKLM-x32\...\{7E55E10F-82E5-4E11-B051-5D1DF76102FF}) (Version: 17.0.00900 - Nero AG)
Nero 2016 Content Pack (HKLM-x32\...\{006F5CFF-ED35-41AF-9B2A-F52B0F545BF4}) (Version: 17.0.00200 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9014 - NTI Corporation) Hidden
NVIDIA Graphics Driver 307.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Private Tax 2015 1.5.0 (HKLM-x32\...\6588-3357-8633-9771) (Version: 1.5.0 - Information Factory AG)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.30 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28124 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1B1C8769-C231-45F6-9451-65EA2EF95F77} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {278D73C0-4CB3-4F89-AE14-0B9FD9FD10A1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)
Task: {302D3EAD-291D-412A-8C8A-5841FFDB23A5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
Task: {33C2859A-717C-443E-A46F-A62E2853DC09} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Sabine**** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {36172A88-D35A-42AE-8DCB-E9E73A5DB48E} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {52721E86-0C1E-48B6-8DC7-809AF6E57A05} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {7926FA87-DA5C-4ECC-8267-781CFD8C0023} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {803A8445-BF59-4BE9-9CEA-FC9EB367FA54} - System32\Tasks\Driver Booster SkipUAC (Sabine) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9044F6F5-E178-4C57-88A1-31F4E5A3FB90} - System32\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2} => C:\Users\Sabine\AppData\Roaming\{BCE18~1\Updater.exe <==== ACHTUNG
Task: {9D955706-4397-403E-A38B-CA7DC75D9A18} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2016-08-27] (Byte Technologies LLC) <==== ACHTUNG
Task: {A0D74459-F6C2-4B27-8D10-B969DB648A06} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2016-08-27] (Byte Technologies LLC) <==== ACHTUNG
Task: {D9F0462D-76DC-4445-AB75-8E1D0695B8FC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {E5507CDC-2F41-42A4-A869-178992957D7C} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {EAC1663F-40B1-4CFE-9A44-FEAAB2C7E5CF} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {F6D7C425-917C-40D7-B02B-1056630F7A60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}.job => C:\Users\Sabine\AppData\Roaming\{BCE18~1\Updater.exe <==== ACHTUNG
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Sabine\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com/
Shortcut: C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZStudio4\Online Documentation.lnk -> hxxp:docs.daz3d.com\doku.php\public\software\dazstudio(
Shortcut: C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\14811(
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-06-14 19:12 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\Windows\SysWOW64\PSIService.exe
2012-06-22 04:12 - 2012-06-22 04:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2016-05-25 14:38 - 2016-05-25 14:38 - 00129304 _____ () C:\Program Files\ByteFence\x64\lz4_x64.dll
2016-09-16 19:15 - 2016-09-16 19:15 - 00254280 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
2016-09-16 18:37 - 2016-09-16 19:15 - 00565064 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
2012-08-23 01:04 - 2012-08-23 01:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-23 01:04 - 2012-08-23 01:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2016-06-01 16:45 - 2016-06-01 16:45 - 00152000 _____ () D:\VLC\libvlc.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 02763200 _____ () D:\VLC\libvlccore.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00626624 _____ () D:\VLC\plugins\access\libdshow_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00046016 _____ () D:\VLC\plugins\audio_output\libdirectsound_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00042944 _____ () D:\VLC\plugins\audio_output\libwaveout_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00091072 _____ () D:\VLC\plugins\video_output\libdirect3d_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00083392 _____ () D:\VLC\plugins\video_output\libdirectdraw_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 02568640 _____ () D:\VLC\plugins\access\liblibbluray_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00118720 _____ () D:\VLC\plugins\access\libaccess_bd_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00267712 _____ () D:\VLC\plugins\access\libdvdnav_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00091072 _____ () D:\VLC\plugins\access\libvdr_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00059328 _____ () D:\VLC\plugins\access\libfilesystem_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00074176 _____ () D:\VLC\plugins\stream_filter\libsmooth_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00684480 _____ () D:\VLC\plugins\stream_filter\libhttplive_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00833984 _____ () D:\VLC\plugins\stream_filter\libdash_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00140224 _____ () D:\VLC\plugins\access\libzip_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00055232 _____ () D:\VLC\plugins\access\librar_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00026560 _____ () D:\VLC\plugins\stream_filter\librecord_plugin.dll
2016-06-01 16:45 - 2016-06-01 16:45 - 00150464 _____ () D:\VLC\plugins\demux\libplaylist_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 01605056 _____ () D:\VLC\plugins\meta_engine\libtaglib_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00349120 _____ () D:\VLC\plugins\lua\liblua_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 01487808 _____ () D:\VLC\plugins\misc\libxml_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00028608 _____ () D:\VLC\plugins\control\libwin_msg_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00068032 _____ () D:\VLC\plugins\control\libhotkeys_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00051648 _____ () D:\VLC\plugins\control\libwin_hotkeys_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00049600 _____ () D:\VLC\plugins\meta_engine\libfolder_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 12298176 _____ () D:\VLC\plugins\gui\libqt4_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00330688 _____ () D:\VLC\plugins\codec\libjpeg_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00031168 _____ () D:\VLC\plugins\codec\libcdg_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00347584 _____ () D:\VLC\plugins\codec\libpng_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 01521088 _____ () D:\VLC\plugins\codec\libschroedinger_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00844736 _____ () D:\VLC\plugins\codec\libvorbis_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00339392 _____ () D:\VLC\plugins\codec\libtheora_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00032704 _____ () D:\VLC\plugins\codec\libdts_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00049600 _____ () D:\VLC\plugins\codec\libaraw_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00056256 _____ () D:\VLC\plugins\codec\libsubstx3g_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00437696 _____ () D:\VLC\plugins\codec\libflac_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00038848 _____ () D:\VLC\plugins\codec\libg711_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00028096 _____ () D:\VLC\plugins\codec\libaes3_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00199616 _____ () D:\VLC\plugins\codec\libspeex_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 03009472 _____ () D:\VLC\plugins\codec\liblibass_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00426432 _____ () D:\VLC\plugins\codec\libfaad_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00031680 _____ () D:\VLC\plugins\codec\liba52_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00031168 _____ () D:\VLC\plugins\codec\libmpeg_audio_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00035264 _____ () D:\VLC\plugins\codec\liblpcm_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00455616 _____ () D:\VLC\plugins\codec\libopus_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00135104 _____ () D:\VLC\plugins\codec\libdvbsub_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00032192 _____ () D:\VLC\plugins\codec\libspudec_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 15975872 _____ () D:\VLC\plugins\codec\libavcodec_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00028608 _____ () D:\VLC\plugins\codec\librawvideo_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00095680 _____ () D:\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00035264 _____ () D:\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00044480 _____ () D:\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00034240 _____ () D:\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00085952 _____ () D:\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00049088 _____ () D:\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00030144 _____ () D:\VLC\plugins\codec\libsvcdsub_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00038336 _____ () D:\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2016-06-01 16:47 - 2016-06-01 16:47 - 00038336 _____ () D:\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00916928 _____ () D:\VLC\plugins\text_renderer\libfreetype_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00051136 _____ () D:\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00037824 _____ () D:\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00816576 _____ () D:\VLC\plugins\video_chroma\libswscale_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00041920 _____ () D:\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00133056 _____ () D:\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00068032 _____ () D:\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00033216 _____ () D:\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00046528 _____ () D:\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00030656 _____ () D:\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00059840 _____ () D:\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00042944 _____ () D:\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00053696 _____ () D:\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00043456 _____ () D:\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00027072 _____ () D:\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00027072 _____ () D:\VLC\plugins\video_filter\libscale_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00026560 _____ () D:\VLC\plugins\video_filter\libyuvp_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00026560 _____ () D:\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00034240 _____ () D:\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00148928 _____ () D:\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00196544 _____ () D:\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00091584 _____ () D:\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 01515456 _____ () D:\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00036800 _____ () D:\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00025536 _____ () D:\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00026560 _____ () D:\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00032192 _____ () D:\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00026048 _____ () D:\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00029632 _____ () D:\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2016-06-01 16:46 - 2016-06-01 16:46 - 00051136 _____ () D:\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2015-02-22 20:17 - 2014-12-18 21:04 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2012-11-03 02:38 - 2012-11-03 02:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 02:38 - 2012-11-03 02:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2015-03-30 12:53 - 2015-05-20 19:03 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2015-03-30 12:53 - 2015-05-20 19:03 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2015-03-30 12:53 - 2015-05-20 19:03 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2015-03-30 12:53 - 2015-05-20 19:04 - 00268920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll
2015-03-30 12:53 - 2015-05-20 19:03 - 00053024 _____ () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll
2015-03-30 12:53 - 2015-05-20 19:03 - 00622880 _____ () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll
2015-03-30 12:53 - 2015-05-20 19:04 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2015-02-28 14:22 - 2004-07-26 18:11 - 00028672 ____N () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2013-03-28 13:45 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2012-07-26 07:26 - 2016-09-16 18:41 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Da befinden sich 4 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sabine\Desktop\DSC_0012.JPG
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Sabine\Desktop\DSC_0012.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Corel Photo Downloader"
HKLM\...\StartupApproved\Run32: => "Dolby Home Theater v4"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{932B982B-00D4-4AAA-A64A-54E429826A6E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{11949497-D45E-4D66-B54C-359E4C56EF23}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7A66D30B-6DCC-446A-8FE3-ACFDDD3BADAB}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [{35D07C68-64E1-4BA9-8333-CB4868E30F42}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{92947C6A-7E23-4F63-835A-2FF4AC8E29D4}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{DE193115-B9F5-4380-A1FB-8A9825275BE8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3C7303D3-7F44-40EB-BB13-730AB2EE1405}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4500F513-8D94-4FE2-870A-02077BD922D3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{58DF6BD2-55E2-4690-AFE6-67B6BCF95CAC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{04A38A5E-88BB-4C20-B294-9F66753A6746}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{BA7E9C65-F269-4488-80E7-61258AAEC235}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{A15732B8-856E-4CC3-A763-C3A8D871DD40}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{6A398FD3-1B50-40EA-B61E-81A0E33F72B1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{23E51D31-DEE7-4F3C-9530-0487894A8175}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{87DB0CF5-86E2-4157-BA79-0FF5D69398EC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{33D38864-3393-45B5-B61F-FEFCA2FC2DE0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{64D3218E-3231-415B-A5FD-3EE1CD394FDB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{623C1707-673D-4410-AA8A-56D458D84EFE}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6E117C01-6FD0-4B26-8391-F7DFB1150732}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{DAEFF0B7-7D06-45B4-B983-DAE850B7BE6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{31713335-6978-4DB4-BB70-D88DE1F5E622}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{86DC67B2-AE99-4675-969B-0752B3ED241D}D:\poser 7 deutsch\poserg.exe] => (Allow) D:\poser 7 deutsch\poserg.exe
FirewallRules: [UDP Query User{E69A9EAF-8399-4E5B-BACC-2E69298BA821}D:\poser 7 deutsch\poserg.exe] => (Allow) D:\poser 7 deutsch\poserg.exe
FirewallRules: [TCP Query User{CA92EA95-6EE0-4EEA-ADE6-B002E2AD8052}D:\poser 9 deutsch\poser.exe] => (Allow) D:\poser 9 deutsch\poser.exe
FirewallRules: [UDP Query User{D963047F-AEAC-4F7E-B081-AFA360B8FFFA}D:\poser 9 deutsch\poser.exe] => (Allow) D:\poser 9 deutsch\poser.exe
FirewallRules: [TCP Query User{DE2A0B6C-0B53-473A-8543-69DB678A815F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{84912DB6-459D-4B70-8F85-D8E2A3EAC500}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{97AD5190-AE64-482C-B07B-575FB5412912}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [UDP Query User{ED90D823-9EB5-4FBE-8502-2590AAECFBDE}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [{46973A33-AC39-4C70-B58F-ACABF8E56CA4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3565BCB6-436B-46F6-B419-A5B5D2301CF0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C39CC848-666D-49B0-8BF5-D696BBE688D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C8F6DA60-EDED-4145-9070-891E03A9BC23}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [UDP Query User{A7E86DBB-3554-462F-8989-71398BDE6D13}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [{F95289CD-FD1C-4F04-AE7E-DE8DBDF1EC1A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{7C9C0A2A-AC29-4B6D-8DC5-9387E3D32D06}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{5FC49228-EFDB-4A74-A659-664B31ADED61}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{0DDF3C92-5814-4F0F-AE85-E9770F61C2CE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{084247DD-62BE-4736-8236-820C8D6B733B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{2FAD0EEA-439C-4E0F-A12A-4153CEBCA950}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{4F372F84-47DD-4908-AABC-B24143114523}] => (Allow) C:\Users\Sabine\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{9341B26B-580F-46E8-8AD3-C2BD3242FC91}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{381BCDC0-CD26-40D0-A070-43CE8208D5F9}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{70D2691D-B4D7-4182-BF2F-0CCC1FD92ADE}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe
==================== Wiederherstellungspunkte =========================
07-09-2016 14:40:10 Installed Nero 2016.
16-09-2016 14:38:59 Installed Nero 2016 Content Pack.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/17/2016 09:51:54 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume D:\ sind nicht aktiv.
Kontext: Windows Anwendung
Details:
Das Datenträgeränderungsjournal wird gelöscht. (HRESULT : 0x8007049a) (0x8007049a)
Error: (09/17/2016 09:51:41 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv.
Kontext: Windows Anwendung
Details:
Falscher Parameter. (HRESULT : 0x80070057) (0x80070057)
Error: (09/16/2016 07:16:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: NT-AUTORITÄT)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\TEMP.SabineB. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.
DETAIL - Das Verzeichnis ist nicht leer.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: SabineB)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: SabineB)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: SabineB)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
for C:\Users\UpdatusUser\ntuser.dat
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: NT-AUTORITÄT)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\TEMP. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.
DETAIL - Das Verzeichnis ist nicht leer.
Error: (09/16/2016 06:44:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: SabineB)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (09/16/2016 06:44:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: SabineB)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Systemfehler:
=============
Error: (09/16/2016 07:14:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (09/16/2016 07:14:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
This driver has been blocked from loading
Error: (09/16/2016 07:14:34 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: atksgt.sys
Error: (09/16/2016 07:01:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2 = Das System kann die angegebene Datei nicht finden.
Error: (09/16/2016 07:01:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.
Error: (09/16/2016 07:01:50 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: atksgt.sys
Error: (09/16/2016 06:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2 = Das System kann die angegebene Datei nicht finden.
Error: (09/16/2016 06:41:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275 = Der Treiber konnte nicht geladen werden.
Error: (09/16/2016 06:41:56 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: atksgt.sys
Error: (09/13/2016 09:15:26 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom1.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 32650.27 MB
Verfügbarer physikalischer RAM: 28370.53 MB
Summe virtueller Speicher: 34650.27 MB
Verfügbarer virtueller Speicher: 30367.33 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:118.63 GB) (Free:46.83 GB) NTFS
Drive d: (DATA) (Fixed) (Total:908.51 GB) (Free:471.77 GB) NTFS
Drive g: (LAST_CRUSADE_UK_GERMANY) (CDROM) (Total:6.67 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: E49DDE42)
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E49DDE55)
==================== Ende von Addition.txt ============================
|
|
17.09.2016, 11:27
| #8 |
| /// TB-Ausbilder | Trojan Dropper Servus, Avira während den einzelnen Schritten bitte deaktivieren, da es die Bereinigung erheblich stören kann! Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
17.09.2016, 12:05
| #9 |
| | Trojan Dropper Huhu also ich habe zwei Logdateien von Adw, ich poste sie mal beide: Code:
ATTFilter # AdwCleaner v6.020 - Bericht erstellt am 17/09/2016 um 12:37:20
# Aktualisiert am 14/09/2016 von ToolsLib
# Datenbank : 2016-09-17.1 [Server]
# Betriebssystem : Windows 8 (X64)
# Benutzername : Sabine - SABINEB
# Gestartet von : C:\Users\Sabine\Desktop\AdwCleaner_6.020.exe
# Modus: Löschen
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst gelöscht: rtop
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
[-] Ordner gelöscht: C:\Program Files\ByteFence
[-] Ordner gelöscht: C:\ProgramData\ByteFence
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\ByteFence
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\searchplugins\avira-safesearch.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Schlüssel gelöscht: HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\Software\ByteFence
[-] Schlüssel gelöscht: HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\Software\OCS
[-] Schlüssel gelöscht: HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\ByteFence
[-] Schlüssel gelöscht: HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\ByteFence
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\OCS
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ByteFence
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\ByteFence
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\OCS
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\ByteFence
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.search.defaultenginename" - "Yahoo! Powered"
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" - "Yahoo! Powered"
[-] Firefox Einstellungen bereinigt: "network.hxxp.request.max-start-delay" - 0
[-] Firefox Einstellungen bereinigt: "network.hxxp.request.max-start-delay" - 0
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [3746 Bytes] - [17/09/2016 12:37:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [3992 Bytes] - [17/09/2016 12:36:36]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3892 Bytes] ##########
Code:
ATTFilter # AdwCleaner v6.020 - Bericht erstellt am 17/09/2016 um 12:36:36
# Aktualisiert am 14/09/2016 von ToolsLib
# Datenbank : 2016-09-17.1 [Server]
# Betriebssystem : Windows 8 (X64)
# Benutzername : Sabine - SABINEB
# Gestartet von : C:\Users\Sabine\Desktop\AdwCleaner_6.020.exe
# Modus: Suchlauf
# Unterstützung : https://toolslib.net/forum
***** [ Dienste ] *****
Dienst Gefunden: rtop
***** [ Ordner ] *****
Ordner Gefunden: C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence
Ordner Gefunden: C:\Program Files\ByteFence
Ordner Gefunden: C:\ProgramData\ByteFence
Ordner Gefunden: C:\ProgramData\Application Data\ByteFence
***** [ Dateien ] *****
Datei Gefunden: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\searchplugins\avira-safesearch.xml
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Aufgabe Gefunden: ByteFence
Aufgabe Gefunden: ByteFence Scan
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gefunden: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gefunden: HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gefunden: HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\Software\ByteFence
Schlüssel Gefunden: HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\Software\OCS
Schlüssel Gefunden: HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\ByteFence
Schlüssel Gefunden: HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\OCS
Schlüssel Gefunden: HKCU\Software\ByteFence
Schlüssel Gefunden: HKCU\Software\OCS
Schlüssel Gefunden: HKLM\SOFTWARE\ByteFence
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
Schlüssel Gefunden: [x64] HKCU\Software\ByteFence
Schlüssel Gefunden: [x64] HKCU\Software\OCS
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\ByteFence
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan
***** [ Internetbrowser ] *****
Firefox pref Gefunden: [C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\prefs.js] - "browser.search.defaultenginename" - "Yahoo! Powered"
Firefox pref Gefunden: [C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\prefs.js] - "browser.search.selectedEngine" - "Yahoo! Powered"
Firefox pref Gefunden: [C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\prefs.js] - "network.hxxp.request.max-start-delay" - 0
Firefox pref Gefunden: [C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\user.js] - "network.hxxp.request.max-start-delay" - 0
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [3824 Bytes] - [17/09/2016 12:36:36]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3897 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 17.09.2016 Suchlaufzeit: 12:42 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.09.17.03 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8 CPU: x64 Dateisystem: NTFS Benutzer: Sabine Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 352510 Abgelaufene Zeit: 10 Min., 26 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 8 x64
Ran by Sabine (Administrator) on 17.09.2016 at 12:55:32.79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 22
Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Sabine\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\user.js (File)
Successfully deleted: C:\Users\Sabine\AppData\Roaming\productdata (Folder)
Successfully deleted: C:\Windows\system32\Tasks\Driver Booster SkipUAC (Sabine) (Task)
Successfully deleted: C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2PTGZ0M0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33RXM4P3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Y5IWB9U (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5NFS9N2V (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OTDEPNW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AUOAVK4B (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RV53HV0K (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Sabine\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V9BHFBA0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2PTGZ0M0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\33RXM4P3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3Y5IWB9U (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5NFS9N2V (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6OTDEPNW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AUOAVK4B (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RV53HV0K (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V9BHFBA0 (Temporary Internet Files Folder)
Deleted the following from C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\prefs.js
user_pref(avira.safe_search.search_was_active, false);
user_pref(browser.search.hiddenOneOffs, Wikipedia (de),Avira SafeSearch);
user_pref(extensions.safesearch.MP_DISTINCT_ID, \14bb2b8a49faa-020f01ea53ff2d-46544236-0-14bb2b8a4a039d\);
user_pref(extensions.safesearch.SAUTH_expires_at, 1425237421);
user_pref(extensions.safesearch.SAUTH_rndsnr, \5c744903d778761bb90d515eaf219ef49a349754\);
user_pref(extensions.safesearch.SAUTH_userid, 5867361759);
user_pref(extensions.safesearch.SAUTH_utoken, \6c9c4eec2f231c82f70c08242a4b371727844bec\);
user_pref(extensions.safesearch.install, 1424632620199);
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.09.2016 at 12:56:10.68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2016
durchgeführt von Sabine (Administrator) auf SABINEB (17-09-2016 12:56:58)
Gestartet von C:\Users\Sabine\Desktop
Geladene Profile: UpdatusUser & Sabine & (Verfügbare Profile: UpdatusUser & Sabine)
Platform: Windows 8 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PSIService.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-09-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2004-11-26] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\Run: [Chromium] => c:\users\sabine\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\MountPoints2: {575b8924-bac1-11e4-be70-7c050720b50f} - "G:\install.EXE" id= ver=1.0.0.0
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Chromium] => c:\users\sabine\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {575b8924-bac1-11e4-be70-7c050720b50f} - "G:\install.EXE" id= ver=1.0.0.0
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-12-20]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A931A0D1-6BCD-4E1B-9498-84DA70CD568F}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
SearchScopes: HKLM-x32 -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2012-11-10] (Qualcomm Atheros Commnucations)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default
FF NewTab: about:newtab
FF Homepage: www.bluewin.ch
FF Session Restore: -> ist aktiviert.
FF Keyword.URL: user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-07-08] (Nero AG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (Firefox Hotfix) - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-09]
FF Extension: (Adblock Plus) - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-31]
FF Extension: (Adblock Edge) - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-08-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-09-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-09-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-09-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1454720 2016-09-13] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-03-28] (Dritek System INC.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-05-20] (IObit)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-11-09] (Atheros) [Datei ist nicht signiert]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2015-06-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-31] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-10] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-13] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-06-24] ()
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-28] (Dritek System Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-01-31] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [275712 2015-01-31] (Microsoft Corporation)
S3 cpuz137; \??\C:\Users\Sabine\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-17 12:56 - 2016-09-17 12:57 - 00015326 _____ C:\Users\Sabine\Desktop\FRST.txt
2016-09-17 12:56 - 2016-09-17 12:56 - 00004386 _____ C:\Users\Sabine\Desktop\JRT.txt
2016-09-17 12:53 - 2016-09-17 12:53 - 00001194 _____ C:\Users\Sabine\Desktop\mbam.txt
2016-09-17 12:35 - 2016-09-17 12:37 - 00000000 ____D C:\AdwCleaner
2016-09-17 12:32 - 2016-09-17 12:32 - 01610560 _____ (Malwarebytes) C:\Users\Sabine\Desktop\JRT.exe
2016-09-17 12:30 - 2016-09-17 12:30 - 03861056 _____ C:\Users\Sabine\Desktop\AdwCleaner_6.020.exe
2016-09-16 22:33 - 2016-09-17 12:33 - 00231892 _____ C:\TDSSKiller.3.1.0.11_16.09.2016_22.33.37_log.txt
2016-09-16 22:30 - 2016-09-16 22:31 - 00000562 _____ C:\TDSSKiller.3.1.0.11_16.09.2016_22.30.19_log.txt
2016-09-16 22:28 - 2016-09-16 22:28 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Sabine\Desktop\tdsskiller.exe
2016-09-16 22:26 - 2016-09-17 12:56 - 00000000 ____D C:\FRST
2016-09-16 19:11 - 2016-09-16 19:11 - 02399232 _____ (Farbar) C:\Users\Sabine\Desktop\FRST64.exe
2016-09-16 19:04 - 2016-09-16 19:16 - 00000000 ____D C:\Users\TEMP.SabineB
2016-09-16 18:44 - 2016-09-16 19:04 - 00000000 ____D C:\Users\TEMP
2016-09-16 18:26 - 2016-09-16 18:29 - 00000000 ____D C:\KMPlayer
2016-09-08 14:00 - 2016-09-06 15:27 - 00011790 _____ C:\Users\Sabine\Documents\untitled_0.odt
2016-09-07 14:57 - 2016-09-07 14:58 - 00000000 ____D C:\Users\Sabine\AppData\Local\Nero
2016-09-07 14:57 - 2016-09-07 14:57 - 00000000 ____D C:\Users\Sabine\AppData\Local\Nero_AG
2016-09-07 14:46 - 2016-09-07 14:50 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\Nero
2016-09-07 14:45 - 2016-09-07 14:45 - 00000000 ____D C:\Windows\System32\Tasks\Nero
2016-09-07 14:44 - 2016-09-07 14:44 - 00002913 _____ C:\Users\Public\Desktop\Nero 2016.lnk
2016-09-07 14:41 - 2016-09-07 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016
2016-09-07 14:40 - 2016-09-07 14:45 - 00000000 ____D C:\ProgramData\Nero
2016-09-07 14:40 - 2016-09-07 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-09-07 14:40 - 2016-09-07 14:44 - 00000000 ____D C:\Program Files (x86)\Nero
2016-08-31 18:13 - 2016-08-31 18:13 - 00000000 ____D C:\Users\Sabine\Desktop\ld_Chloe K4 Morphlet
2016-08-31 13:47 - 2016-09-16 18:40 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\WinPatrol
2016-08-31 13:47 - 2016-09-16 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2016-08-30 16:16 - 2016-08-30 16:16 - 00002269 _____ C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-08-30 16:16 - 2016-08-30 16:16 - 00000000 ____D C:\Users\Sabine\AppData\Local\chromium
2016-08-30 16:15 - 2016-09-17 12:37 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-08-30 16:15 - 2016-09-17 12:15 - 00000292 _____ C:\Windows\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}.job
2016-08-30 16:15 - 2016-08-30 16:15 - 00002630 _____ C:\Windows\System32\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}
2016-08-29 01:25 - 2016-08-29 01:25 - 00000000 ____D C:\Users\Sabine\Desktop\MavkaWitchyPoo_191802
2016-08-29 01:24 - 2016-08-29 01:24 - 00000000 ____D C:\Users\Sabine\Desktop\Bells3_167802
2016-08-29 01:24 - 2016-08-29 01:24 - 00000000 ____D C:\Users\Sabine\Desktop\Bells2_167801
2016-08-29 01:24 - 2016-08-29 01:24 - 00000000 ____D C:\Users\Sabine\Desktop\Bells1_167800
2016-08-25 16:38 - 2016-08-30 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-23 18:43 - 2016-08-23 18:43 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Neila-Textures_189244
2016-08-23 18:43 - 2016-08-23 18:43 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Charity-Textures_192458
2016-08-23 18:43 - 2016-08-23 18:43 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Charity-Poser_192456
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Neila-Poser_189242
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\RhayvaenHair_171398
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\Rhayvaen_V4_171383
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\Rhayvaen_TX_171386
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-17 12:55 - 2015-02-22 20:17 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\IObit
2016-09-17 12:55 - 2015-02-22 20:17 - 00000000 ____D C:\ProgramData\IObit
2016-09-17 12:54 - 2015-09-06 13:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-17 12:51 - 2015-07-15 16:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-17 12:43 - 2015-02-22 20:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1592407861-1572848030-1984046367-1002
2016-09-17 12:42 - 2013-03-28 13:31 - 00780976 _____ C:\Windows\system32\perfh010.dat
2016-09-17 12:42 - 2013-03-28 13:31 - 00152608 _____ C:\Windows\system32\perfc010.dat
2016-09-17 12:42 - 2013-03-28 13:28 - 00790022 _____ C:\Windows\system32\perfh00C.dat
2016-09-17 12:42 - 2013-03-28 13:28 - 00155084 _____ C:\Windows\system32\perfc00C.dat
2016-09-17 12:42 - 2013-03-28 13:25 - 00753134 _____ C:\Windows\system32\perfh007.dat
2016-09-17 12:42 - 2013-03-28 13:25 - 00155826 _____ C:\Windows\system32\perfc007.dat
2016-09-17 12:42 - 2012-07-26 09:28 - 03624158 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-17 12:42 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\Inf
2016-09-17 12:38 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-17 12:33 - 2015-02-22 20:54 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\vlc
2016-09-17 09:54 - 2015-02-23 17:47 - 00000000 ____D C:\Users\Sabine\AppData\Local\Adobe
2016-09-16 19:01 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-09-16 18:41 - 2012-12-20 06:28 - 00000000 ____D C:\Windows\oem
2016-09-16 16:10 - 2015-02-22 21:02 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\dvdcss
2016-09-16 15:49 - 2015-02-22 21:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-16 15:49 - 2015-02-22 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-15 13:11 - 2015-06-14 19:11 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-14 19:00 - 2015-03-07 17:22 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-14 17:15 - 2012-07-26 10:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-14 17:15 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-09-13 10:51 - 2015-07-15 16:53 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 10:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-13 10:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-07 08:17 - 2015-02-28 14:47 - 00001056 ___SH C:\Windows\SysWOW64\KGyGaAvL.sys
2016-09-07 08:17 - 2015-02-28 14:47 - 00000000 ____D C:\Users\Sabine\AppData\Local\Corel
2016-09-07 08:17 - 2015-02-28 14:45 - 00000000 ____D C:\Users\Sabine\Documents\My PSP Files
2016-09-07 08:15 - 2015-02-23 13:47 - 00000000 ____D C:\Users\Sabine\Documents\Trickkiste Backup2
2016-09-06 15:12 - 2015-02-23 13:40 - 00019681 _____ C:\Users\Sabine\Desktop\passwörter2.odt
2016-09-06 15:12 - 2015-02-22 22:58 - 06579712 ___SH C:\Users\Sabine\Desktop\Thumbs.db
2016-09-06 15:12 - 2015-02-22 21:33 - 00000000 ____D C:\Users\Sabine\Desktop\Katzenfutter-Rechner_2014.06. angepasst
2016-08-31 18:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\tracing
2016-08-30 16:40 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\Performance
2016-08-30 16:27 - 2015-03-06 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-02-24 09:19 - 1998-05-11 21:01 - 0280576 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcrt.dll
2015-02-24 09:19 - 1998-05-06 19:19 - 0210944 _____ () C:\Program Files (x86)\MSVCRT10.DLL
2015-02-24 09:19 - 1998-05-11 21:01 - 0274432 _____ (Microsoft Corporation) C:\Program Files (x86)\MSVCRT20.DLL
2015-02-24 09:19 - 1996-10-15 11:40 - 0326656 _____ (Microsoft Corporation) C:\Program Files (x86)\Msvcrt40.dll
2015-02-24 09:19 - 1996-10-30 10:35 - 0032768 _____ (Adobe Systems, Inc.) C:\Program Files (x86)\plugin.dll
2015-12-16 15:22 - 2016-03-13 16:35 - 0000132 _____ () C:\Users\Sabine\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-04-20 15:31 - 2015-11-05 19:39 - 0000034 _____ () C:\Users\Sabine\AppData\Roaming\SmithMicroDLM.cfg
2016-02-09 20:04 - 2016-04-05 13:27 - 0001456 _____ () C:\Users\Sabine\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2013-03-28 13:56 - 2013-03-28 13:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Windows\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}.job
Einige Dateien in TEMP:
====================
C:\Users\Sabine\AppData\Local\Temp\avgnt.exe
C:\Users\Sabine\AppData\Local\Temp\kernel32.dll
C:\Users\Sabine\AppData\Local\Temp\libeay32.dll
C:\Users\Sabine\AppData\Local\Temp\msvcr120.dll
C:\Users\Sabine\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-10 23:10
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 16-09-2016
durchgeführt von Sabine (17-09-2016 12:57:14)
Gestartet von C:\Users\Sabine\Desktop
Windows 8 (X64) (2015-02-22 18:07:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1592407861-1572848030-1984046367-500 - Administrator - Disabled)
Gast (S-1-5-21-1592407861-1572848030-1984046367-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1592407861-1572848030-1984046367-1004 - Limited - Enabled)
Sabine (S-1-5-21-1592407861-1572848030-1984046367-1002 - Administrator - Enabled) => C:\Users\Sabine
UpdatusUser (S-1-5-21-1592407861-1572848030-1984046367-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3012 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Agatha Christie - Das Böse unter der Sonne (HKLM-x32\...\{23B806E8-BA3C-4FC2-AAB8-116FC8514697}) (Version: 1.0 - )
Alien Skin Xenofex 2.0 (HKLM-x32\...\Xenofex2) (Version: - )
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.2020.116 - Alps Electric)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.001.0000 - Corel Corporation)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.41) (Version: 1.1.0.41 - DAZ 3D)
DAZ PostgreSQL CMS (HKLM-x32\...\DAZ PostgreSQL CMS 9.3.4.3) (Version: 9.3.4.3 - DAZ 3D)
DAZ Studio 4.8 (64bit) (HKLM-x32\...\DAZ Studio 4.8 (64bit) 4.8.0.59) (Version: 4.8.0.59 - DAZ 3D)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.1.2.2 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Nero 2016 (HKLM-x32\...\{7E55E10F-82E5-4E11-B051-5D1DF76102FF}) (Version: 17.0.00900 - Nero AG)
Nero 2016 Content Pack (HKLM-x32\...\{006F5CFF-ED35-41AF-9B2A-F52B0F545BF4}) (Version: 17.0.00200 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9014 - NTI Corporation) Hidden
NVIDIA Graphics Driver 307.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Private Tax 2015 1.5.0 (HKLM-x32\...\6588-3357-8633-9771) (Version: 1.5.0 - Information Factory AG)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.30 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28124 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1B1C8769-C231-45F6-9451-65EA2EF95F77} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {278D73C0-4CB3-4F89-AE14-0B9FD9FD10A1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)
Task: {302D3EAD-291D-412A-8C8A-5841FFDB23A5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
Task: {33C2859A-717C-443E-A46F-A62E2853DC09} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Sabine**** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {36172A88-D35A-42AE-8DCB-E9E73A5DB48E} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {52721E86-0C1E-48B6-8DC7-809AF6E57A05} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {7926FA87-DA5C-4ECC-8267-781CFD8C0023} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {9044F6F5-E178-4C57-88A1-31F4E5A3FB90} - System32\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2} => C:\Users\Sabine\AppData\Roaming\{BCE18~1\Updater.exe <==== ACHTUNG
Task: {D9F0462D-76DC-4445-AB75-8E1D0695B8FC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {E5507CDC-2F41-42A4-A869-178992957D7C} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {EAC1663F-40B1-4CFE-9A44-FEAAB2C7E5CF} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {F6D7C425-917C-40D7-B02B-1056630F7A60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}.job => C:\Users\Sabine\AppData\Roaming\{BCE18~1\Updater.exe <==== ACHTUNG
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Sabine\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com/
Shortcut: C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZStudio4\Online Documentation.lnk -> hxxp:docs.daz3d.com\doku.php\public\software\dazstudio(
Shortcut: C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\14811(
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-06-14 19:12 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\Windows\SysWOW64\PSIService.exe
2012-06-22 04:12 - 2012-06-22 04:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2015-02-22 20:17 - 2014-12-18 21:04 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2012-11-03 02:38 - 2012-11-03 02:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 02:38 - 2012-11-03 02:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2013-03-28 13:45 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2012-07-26 07:26 - 2016-09-16 18:41 - 00002024 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
0.0.0.0 cdn.appround.biz
0.0.0.0 cdn.bigspeedpro.com
0.0.0.0 cdn.bispd.com
Da befinden sich 4 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sabine\Desktop\DSC_0012.JPG
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Sabine\Desktop\DSC_0012.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Corel Photo Downloader"
HKLM\...\StartupApproved\Run32: => "Dolby Home Theater v4"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{932B982B-00D4-4AAA-A64A-54E429826A6E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{11949497-D45E-4D66-B54C-359E4C56EF23}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7A66D30B-6DCC-446A-8FE3-ACFDDD3BADAB}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [{35D07C68-64E1-4BA9-8333-CB4868E30F42}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{92947C6A-7E23-4F63-835A-2FF4AC8E29D4}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{DE193115-B9F5-4380-A1FB-8A9825275BE8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3C7303D3-7F44-40EB-BB13-730AB2EE1405}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4500F513-8D94-4FE2-870A-02077BD922D3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{58DF6BD2-55E2-4690-AFE6-67B6BCF95CAC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{04A38A5E-88BB-4C20-B294-9F66753A6746}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{BA7E9C65-F269-4488-80E7-61258AAEC235}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{A15732B8-856E-4CC3-A763-C3A8D871DD40}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{6A398FD3-1B50-40EA-B61E-81A0E33F72B1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{23E51D31-DEE7-4F3C-9530-0487894A8175}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{87DB0CF5-86E2-4157-BA79-0FF5D69398EC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{33D38864-3393-45B5-B61F-FEFCA2FC2DE0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{64D3218E-3231-415B-A5FD-3EE1CD394FDB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{623C1707-673D-4410-AA8A-56D458D84EFE}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6E117C01-6FD0-4B26-8391-F7DFB1150732}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{DAEFF0B7-7D06-45B4-B983-DAE850B7BE6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{31713335-6978-4DB4-BB70-D88DE1F5E622}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{86DC67B2-AE99-4675-969B-0752B3ED241D}D:\poser 7 deutsch\poserg.exe] => (Allow) D:\poser 7 deutsch\poserg.exe
FirewallRules: [UDP Query User{E69A9EAF-8399-4E5B-BACC-2E69298BA821}D:\poser 7 deutsch\poserg.exe] => (Allow) D:\poser 7 deutsch\poserg.exe
FirewallRules: [TCP Query User{CA92EA95-6EE0-4EEA-ADE6-B002E2AD8052}D:\poser 9 deutsch\poser.exe] => (Allow) D:\poser 9 deutsch\poser.exe
FirewallRules: [UDP Query User{D963047F-AEAC-4F7E-B081-AFA360B8FFFA}D:\poser 9 deutsch\poser.exe] => (Allow) D:\poser 9 deutsch\poser.exe
FirewallRules: [TCP Query User{DE2A0B6C-0B53-473A-8543-69DB678A815F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{84912DB6-459D-4B70-8F85-D8E2A3EAC500}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{97AD5190-AE64-482C-B07B-575FB5412912}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [UDP Query User{ED90D823-9EB5-4FBE-8502-2590AAECFBDE}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [{46973A33-AC39-4C70-B58F-ACABF8E56CA4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3565BCB6-436B-46F6-B419-A5B5D2301CF0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C39CC848-666D-49B0-8BF5-D696BBE688D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C8F6DA60-EDED-4145-9070-891E03A9BC23}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [UDP Query User{A7E86DBB-3554-462F-8989-71398BDE6D13}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [{F95289CD-FD1C-4F04-AE7E-DE8DBDF1EC1A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{7C9C0A2A-AC29-4B6D-8DC5-9387E3D32D06}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{5FC49228-EFDB-4A74-A659-664B31ADED61}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{0DDF3C92-5814-4F0F-AE85-E9770F61C2CE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{084247DD-62BE-4736-8236-820C8D6B733B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{2FAD0EEA-439C-4E0F-A12A-4153CEBCA950}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{4F372F84-47DD-4908-AABC-B24143114523}] => (Allow) C:\Users\Sabine\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{9341B26B-580F-46E8-8AD3-C2BD3242FC91}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{381BCDC0-CD26-40D0-A070-43CE8208D5F9}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{70D2691D-B4D7-4182-BF2F-0CCC1FD92ADE}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe
==================== Wiederherstellungspunkte =========================
07-09-2016 14:40:10 Installed Nero 2016.
16-09-2016 14:38:59 Installed Nero 2016 Content Pack.
17-09-2016 12:55:33 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/17/2016 09:51:54 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume D:\ sind nicht aktiv.
Kontext: Windows Anwendung
Details:
Das Datenträgeränderungsjournal wird gelöscht. (HRESULT : 0x8007049a) (0x8007049a)
Error: (09/17/2016 09:51:41 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv.
Kontext: Windows Anwendung
Details:
Falscher Parameter. (HRESULT : 0x80070057) (0x80070057)
Error: (09/16/2016 07:16:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: NT-AUTORITÄT)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\TEMP.SabineB. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.
DETAIL - Das Verzeichnis ist nicht leer.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: SabineB)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: SabineB)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: SabineB)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
for C:\Users\UpdatusUser\ntuser.dat
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: NT-AUTORITÄT)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\TEMP. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.
DETAIL - Das Verzeichnis ist nicht leer.
Error: (09/16/2016 06:44:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: SabineB)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (09/16/2016 06:44:07 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: SabineB)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Systemfehler:
=============
Error: (09/17/2016 12:55:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/17/2016 12:38:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (09/17/2016 12:38:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/17/2016 12:38:31 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: atksgt.sys
Error: (09/17/2016 12:37:36 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (09/17/2016 12:37:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/17/2016 12:37:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/17/2016 12:37:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/17/2016 12:37:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/17/2016 12:37:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "IconMan_R" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 9%
Installierter physikalischer RAM: 32650.27 MB
Verfügbarer physikalischer RAM: 29510.95 MB
Summe virtueller Speicher: 34650.27 MB
Verfügbarer virtueller Speicher: 31572.31 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:118.63 GB) (Free:46.93 GB) NTFS
Drive d: (DATA) (Fixed) (Total:908.51 GB) (Free:471.73 GB) NTFS
Drive g: (LAST_CRUSADE_UK_GERMANY) (CDROM) (Total:6.67 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: E49DDE42)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E49DDE55)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
17.09.2016, 19:54
| #10 |
| /// TB-Ausbilder | Trojan Dropper Servus, du hast alles richtig gemacht.  Avira wieder deaktivieren. So geht es weiter: Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
SearchScopes: HKLM -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
SearchScopes: HKLM-x32 -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
FF NewTab: about:newtab
FF Homepage: www.bluewin.ch
FF Keyword.URL: user_pref("keyword.URL", true);
Task: {9044F6F5-E178-4C57-88A1-31F4E5A3FB90} - System32\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2} => C:\Users\Sabine\AppData\Roaming\{BCE18~1\Updater.exe <==== ACHTUNG
Task: C:\Windows\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}.job => C:\Users\Sabine\AppData\Roaming\{BCE18~1\Updater.exe <==== ACHTUNG
CMD: dir /B "%ProgramFiles%"
CMD: dir /B "%ProgramFiles(x86)%"
CMD: dir /B "%ProgramData%"
CMD: dir /B "%Appdata%"
CMD: dir /B "%LocalAppdata%"
Unlock: C:\Windows\system32\Drivers\etc\hosts
C:\Windows\system32\Drivers\etc\hosts
Hosts:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
17.09.2016, 20:09
| #11 |
| | Trojan Dropper Huhu zu Schritt 1: "Starte nun FRST erneut und klicke den Entfernen Button." Muss ich da keine Haken entfernen? |
|
17.09.2016, 20:39
| #12 | |
| /// TB-Ausbilder | Trojan DropperZitat:
Die FRST.exe liest die Daten der zuvor erstellten "fixlog.txt" aus und beginnt dann mit der Bereinigung. |
|
17.09.2016, 20:59
| #13 |
| | Trojan Dropper Okay. Fixlog: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von Sabine (17-09-2016 21:42:54) Run:1
Gestartet von C:\Users\Sabine\Desktop
Geladene Profile: UpdatusUser & Sabine & (Verfügbare Profile: UpdatusUser & Sabine)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
SearchScopes: HKLM -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
SearchScopes: HKLM-x32 -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {CD59917B-ACE7-4DF9-A3ED-879938435692} URL =
FF NewTab: about:newtab
FF Homepage: www.bluewin.ch
FF Keyword.URL: user_pref("keyword.URL", true);
Task: {9044F6F5-E178-4C57-88A1-31F4E5A3FB90} - System32\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2} => C:\Users\Sabine\AppData\Roaming\{BCE18~1\Updater.exe <==== ACHTUNG
Task: C:\Windows\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}.job => C:\Users\Sabine\AppData\Roaming\{BCE18~1\Updater.exe <==== ACHTUNG
CMD: dir /B "%ProgramFiles%"
CMD: dir /B "%ProgramFiles(x86)%"
CMD: dir /B "%ProgramData%"
CMD: dir /B "%Appdata%"
CMD: dir /B "%LocalAppdata%"
Unlock: C:\Windows\system32\Drivers\etc\hosts
C:\Windows\system32\Drivers\etc\hosts
Hosts:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
Firefox "newtab" erfolgreich entfernt
Firefox "homepage" erfolgreich entfernt
Firefox "Keyword.URL" erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9044F6F5-E178-4C57-88A1-31F4E5A3FB90}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9044F6F5-E178-4C57-88A1-31F4E5A3FB90}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}" => Schlüssel erfolgreich entfernt
C:\Windows\Tasks\{1CA179F5-9B6B-ED65-79FA-7035E4AAF8A2}.job => erfolgreich verschoben
========= dir /B "%ProgramFiles%" =========
Acer
Apoint2K
Canon
Common Files
DAZ 3D
EgisTec IPS
Intel
Internet Explorer
MSBuild
NVIDIA Corporation
Realtek
Reference Assemblies
Windows Defender
Windows Journal
Windows Mail
Windows Media Player
Windows Multimedia Platform
Windows NT
Windows Photo Viewer
Windows Portable Devices
========= Ende von CMD: =========
========= dir /B "%ProgramFiles(x86)%" =========
Acer
Adobe
Avira
Canon
Common Files
Corel
DAZ 3D
EgisTec IPS
EgisTec MyWinLocker
EgisTec MyWinLockerSuite
EgisTec Shredder
ffdshow
Intel
Internet Explorer
IObit
Launch Manager
Malwarebytes Anti-Malware
Microsoft Office
Microsoft.NET
Mozilla Firefox
Mozilla Maintenance Service
MSBuild
msvcrt.dll
MSVCRT10.DLL
MSVCRT20.DLL
Msvcrt40.dll
Nero
NTI
NVIDIA Corporation
OpenOffice 4
plugin.dll
ProtectDisc Driver Installer
Qualcomm Atheros
Realtek
Reference Assemblies
Skype
Symantec
The Adventure Company
Ulead Systems
VS Revo Group
Windows Defender
Windows Mail
Windows Media Player
Windows Multimedia Platform
Windows NT
Windows Photo Viewer
Windows Portable Devices
========= Ende von CMD: =========
========= dir /B "%ProgramData%" =========
Acer
Adobe
Atheros
Avira
BackupManager
boost_interprocess
Canon IJ Network Tool
CanonIJPLM
CanonIJWSpt
CLSK
Corel
CyberLink
DAZ 3D
EgisTec
EgisTec IPS
FLEXnet
InstallShield
install_clap
Intel
IObit
IsolatedStorage
Malwarebytes
McAfee
Mozilla
MyPrinter
Nero
Norton
NortonInstaller
NTI Launcher
NVIDIA
NVIDIA Corporation
OEM
Package Cache
Poser
PRICache
ProductData
Qualcomm Atheros
regid.1986-12.com.adobe
regid.1991-06.com.microsoft
Skype
Symantec
Temp
Ulead Systems
WildTangent
========= Ende von CMD: =========
========= dir /B "%Appdata%" =========
Adobe
Adobe Mini Bridge CS5.1
Adobe PNG Format CS5 Prefs
Alien Skin
Apple Computer
Atheros
Avira
Canon
Corel
CyberLink
DAZ 3D
dvdcss
FileZilla
hdbADS
Information Factory
IObit
IsolatedStorage
lm
Macromedia
Mozilla
MrJobs
Nero
NVIDIA
Nvu
OpenOffice
Poser
Poser 7
ProtectDISC
Skype
SmithMicroDLM.cfg
StageManager.BD092818F67280F4B42B04877600987F0111B594.1
Ulead Systems
vlc
WinPatrol
WinRAR
========= Ende von CMD: =========
========= dir /B "%LocalAppdata%" =========
Adobe
Adobe Fr Web speichern 12.0 Prefs
CEF
chromium
clear.fi
Corel
CrashDumps
Cyberlink
Diagnostics
EgisTec IPS
Information Factory
Macromedia
Microsoft
Mozilla
Nero
Nero_AG
Packages
Programs
Skype
Software
Temp
VirtualStore
========= Ende von CMD: =========
"C:\Windows\system32\Drivers\etc\hosts" => wurde entsperrt
C:\Windows\system32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
========= RemoveProxy: =========
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 52482990 B
Java, Flash, Steam htmlcache => 11991 B
Windows/system/drivers => 40994069 B
Edge => 0 B
Chrome => 0 B
Firefox => 392618736 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 26402758 B
NetworkService => 11596 B
UpdatusUser => 0 B
Sabine => 597107515 B
RecycleBin => 40236379 B
EmptyTemp: => 1.1 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 21:43:04 ====
Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 21:48 on 17/09/2016 by Sabine
Administrator - Elevation successful
========== folderfind ==========
Searching for "ByteFence"
No folders found.
========== regfind ==========
Searching for "ByteFence"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"3"="C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence\ByteFence Anti-Malware.lnk C:\Program Files\ByteFence\ByteFence.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ByteFence_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\ByteFence_RASMANCS]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Reason\ReasonByteFence]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence]
[HKEY_USERS\S-1-5-21-1592407861-1572848030-1984046367-1002\Software\Microsoft\Windows\CurrentVersion\UFH\SHC]
"3"="C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\ByteFence\ByteFence Anti-Malware.lnk C:\Program Files\ByteFence\ByteFence.exe"
-= EOF =-
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2016
durchgeführt von Sabine (Administrator) auf SABINEB (17-09-2016 21:57:31)
Gestartet von C:\Users\Sabine\Desktop
Geladene Profile: UpdatusUser & Sabine (Verfügbare Profile: UpdatusUser & Sabine)
Platform: Windows 8 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 10 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
() C:\Windows\SysWOW64\PSIService.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Atheros) C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [508656 2012-07-26] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [830064 2016-09-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [90112 2004-11-26] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\Run: [Chromium] => c:\users\sabine\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\MountPoints2: {575b8924-bac1-11e4-be70-7c050720b50f} - "G:\install.EXE" id= ver=1.0.0.0
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-12-20]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A931A0D1-6BCD-4E1B-9498-84DA70CD568F}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2012-11-10] (Qualcomm Atheros Commnucations)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-13] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-07-08] (Nero AG)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: (Firefox Hotfix) - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-09]
FF Extension: (Adblock Plus) - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-08-31]
FF Extension: (Adblock Edge) - C:\Users\Sabine\AppData\Roaming\Mozilla\Firefox\Profiles\t4d4glv8.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-08-31]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [989696 2016-09-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [470600 2016-09-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [470600 2016-09-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1454720 2016-09-13] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [231040 2012-11-10] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-17] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-03] (NTI Corporation)
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2013-03-28] (Dritek System INC.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-05-20] (IObit)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [336384 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe [81536 2012-11-09] (Atheros) [Datei ist nicht signiert]
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2015-06-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-28] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-31] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-10] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-13] (REALiX(tm))
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2015-06-24] ()
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-28] (Dritek System Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-01-31] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [275712 2015-01-31] (Microsoft Corporation)
S3 cpuz137; \??\C:\Users\Sabine\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-17 21:57 - 2016-09-17 21:57 - 00014500 _____ C:\Users\Sabine\Desktop\FRST.txt
2016-09-17 21:48 - 2016-09-17 21:52 - 00002120 _____ C:\Users\Sabine\Desktop\SystemLook.txt
2016-09-17 21:47 - 2016-09-17 21:47 - 00165376 _____ C:\Users\Sabine\Desktop\SystemLook_x64.exe
2016-09-17 21:45 - 2016-09-17 21:45 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\ProductData
2016-09-17 21:42 - 2016-09-17 21:43 - 00007753 _____ C:\Users\Sabine\Desktop\Fixlog.txt
2016-09-17 21:07 - 2016-09-17 21:07 - 00000000 ____D C:\Users\Sabine\Desktop\FRST-OlderVersion
2016-09-17 13:20 - 2016-09-17 13:20 - 00000000 ____D C:\ProgramData\ProductData
2016-09-17 12:35 - 2016-09-17 12:37 - 00000000 ____D C:\AdwCleaner
2016-09-17 12:32 - 2016-09-17 12:32 - 01610560 _____ (Malwarebytes) C:\Users\Sabine\Desktop\JRT.exe
2016-09-17 12:30 - 2016-09-17 12:30 - 03861056 _____ C:\Users\Sabine\Desktop\AdwCleaner_6.020.exe
2016-09-16 22:33 - 2016-09-17 12:33 - 00231892 _____ C:\TDSSKiller.3.1.0.11_16.09.2016_22.33.37_log.txt
2016-09-16 22:30 - 2016-09-16 22:31 - 00000562 _____ C:\TDSSKiller.3.1.0.11_16.09.2016_22.30.19_log.txt
2016-09-16 22:28 - 2016-09-16 22:28 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Sabine\Desktop\tdsskiller.exe
2016-09-16 22:26 - 2016-09-17 21:57 - 00000000 ____D C:\FRST
2016-09-16 19:11 - 2016-09-17 21:07 - 02399232 _____ (Farbar) C:\Users\Sabine\Desktop\FRST64.exe
2016-09-16 19:04 - 2016-09-16 19:16 - 00000000 ____D C:\Users\TEMP.SabineB
2016-09-16 18:44 - 2016-09-16 19:04 - 00000000 ____D C:\Users\TEMP
2016-09-16 18:26 - 2016-09-16 18:29 - 00000000 ____D C:\KMPlayer
2016-09-08 14:00 - 2016-09-06 15:27 - 00011790 _____ C:\Users\Sabine\Documents\untitled_0.odt
2016-09-07 14:57 - 2016-09-07 14:58 - 00000000 ____D C:\Users\Sabine\AppData\Local\Nero
2016-09-07 14:57 - 2016-09-07 14:57 - 00000000 ____D C:\Users\Sabine\AppData\Local\Nero_AG
2016-09-07 14:46 - 2016-09-07 14:50 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\Nero
2016-09-07 14:45 - 2016-09-07 14:45 - 00000000 ____D C:\Windows\System32\Tasks\Nero
2016-09-07 14:44 - 2016-09-07 14:44 - 00002913 _____ C:\Users\Public\Desktop\Nero 2016.lnk
2016-09-07 14:41 - 2016-09-07 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016
2016-09-07 14:40 - 2016-09-07 14:45 - 00000000 ____D C:\ProgramData\Nero
2016-09-07 14:40 - 2016-09-07 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2016-09-07 14:40 - 2016-09-07 14:44 - 00000000 ____D C:\Program Files (x86)\Nero
2016-08-31 18:13 - 2016-08-31 18:13 - 00000000 ____D C:\Users\Sabine\Desktop\ld_Chloe K4 Morphlet
2016-08-31 13:47 - 2016-09-16 18:40 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\WinPatrol
2016-08-31 13:47 - 2016-09-16 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2016-08-30 16:16 - 2016-08-30 16:16 - 00002269 _____ C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2016-08-30 16:16 - 2016-08-30 16:16 - 00000000 ____D C:\Users\Sabine\AppData\Local\chromium
2016-08-30 16:15 - 2016-09-17 12:37 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-08-29 01:25 - 2016-08-29 01:25 - 00000000 ____D C:\Users\Sabine\Desktop\MavkaWitchyPoo_191802
2016-08-29 01:24 - 2016-08-29 01:24 - 00000000 ____D C:\Users\Sabine\Desktop\Bells3_167802
2016-08-29 01:24 - 2016-08-29 01:24 - 00000000 ____D C:\Users\Sabine\Desktop\Bells2_167801
2016-08-29 01:24 - 2016-08-29 01:24 - 00000000 ____D C:\Users\Sabine\Desktop\Bells1_167800
2016-08-25 16:38 - 2016-08-30 16:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-23 18:43 - 2016-08-23 18:43 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Neila-Textures_189244
2016-08-23 18:43 - 2016-08-23 18:43 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Charity-Textures_192458
2016-08-23 18:43 - 2016-08-23 18:43 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Charity-Poser_192456
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\SV7_Neila-Poser_189242
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\RhayvaenHair_171398
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\Rhayvaen_V4_171383
2016-08-23 18:42 - 2016-08-23 18:42 - 00000000 ____D C:\Users\Sabine\Desktop\Rhayvaen_TX_171386
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-17 21:51 - 2015-07-15 16:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-09-17 21:49 - 2015-02-22 20:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1592407861-1572848030-1984046367-1002
2016-09-17 21:48 - 2013-03-28 13:31 - 00780976 _____ C:\Windows\system32\perfh010.dat
2016-09-17 21:48 - 2013-03-28 13:31 - 00152608 _____ C:\Windows\system32\perfc010.dat
2016-09-17 21:48 - 2013-03-28 13:28 - 00790022 _____ C:\Windows\system32\perfh00C.dat
2016-09-17 21:48 - 2013-03-28 13:28 - 00155084 _____ C:\Windows\system32\perfc00C.dat
2016-09-17 21:48 - 2013-03-28 13:25 - 00753134 _____ C:\Windows\system32\perfh007.dat
2016-09-17 21:48 - 2013-03-28 13:25 - 00155826 _____ C:\Windows\system32\perfc007.dat
2016-09-17 21:48 - 2012-07-26 09:28 - 03624158 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-17 21:48 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\Inf
2016-09-17 21:44 - 2015-02-22 22:58 - 06579712 ___SH C:\Users\Sabine\Desktop\Thumbs.db
2016-09-17 21:43 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-17 18:27 - 2015-02-23 13:47 - 00000000 ____D C:\Users\Sabine\Documents\Trickkiste Backup2
2016-09-17 18:23 - 2015-02-22 21:33 - 00000000 ____D C:\Users\Sabine\Desktop\Katzenfutter-Rechner_2014.06. angepasst
2016-09-17 12:55 - 2015-02-22 20:17 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\IObit
2016-09-17 12:55 - 2015-02-22 20:17 - 00000000 ____D C:\ProgramData\IObit
2016-09-17 12:54 - 2015-09-06 13:31 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-17 12:33 - 2015-02-22 20:54 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\vlc
2016-09-17 09:54 - 2015-02-23 17:47 - 00000000 ____D C:\Users\Sabine\AppData\Local\Adobe
2016-09-16 19:01 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-09-16 18:41 - 2012-12-20 06:28 - 00000000 ____D C:\Windows\oem
2016-09-16 16:10 - 2015-02-22 21:02 - 00000000 ____D C:\Users\Sabine\AppData\Roaming\dvdcss
2016-09-16 15:49 - 2015-02-22 21:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-16 15:49 - 2015-02-22 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-15 13:11 - 2015-06-14 19:11 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-09-14 19:00 - 2015-03-07 17:22 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-14 17:15 - 2012-07-26 10:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-14 17:15 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-09-13 10:51 - 2015-07-15 16:53 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 10:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-13 10:51 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\Macromed
2016-09-07 08:17 - 2015-02-28 14:47 - 00001056 ___SH C:\Windows\SysWOW64\KGyGaAvL.sys
2016-09-07 08:17 - 2015-02-28 14:47 - 00000000 ____D C:\Users\Sabine\AppData\Local\Corel
2016-09-07 08:17 - 2015-02-28 14:45 - 00000000 ____D C:\Users\Sabine\Documents\My PSP Files
2016-09-06 15:12 - 2015-02-23 13:40 - 00019681 _____ C:\Users\Sabine\Desktop\passwörter2.odt
2016-08-31 18:01 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\tracing
2016-08-30 16:40 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\Performance
2016-08-30 16:27 - 2015-03-06 13:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-02-24 09:19 - 1998-05-11 21:01 - 0280576 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcrt.dll
2015-02-24 09:19 - 1998-05-06 19:19 - 0210944 _____ () C:\Program Files (x86)\MSVCRT10.DLL
2015-02-24 09:19 - 1998-05-11 21:01 - 0274432 _____ (Microsoft Corporation) C:\Program Files (x86)\MSVCRT20.DLL
2015-02-24 09:19 - 1996-10-15 11:40 - 0326656 _____ (Microsoft Corporation) C:\Program Files (x86)\Msvcrt40.dll
2015-02-24 09:19 - 1996-10-30 10:35 - 0032768 _____ (Adobe Systems, Inc.) C:\Program Files (x86)\plugin.dll
2015-12-16 15:22 - 2016-03-13 16:35 - 0000132 _____ () C:\Users\Sabine\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-04-20 15:31 - 2015-11-05 19:39 - 0000034 _____ () C:\Users\Sabine\AppData\Roaming\SmithMicroDLM.cfg
2016-02-09 20:04 - 2016-04-05 13:27 - 0001456 _____ () C:\Users\Sabine\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2013-03-28 13:56 - 2013-03-28 13:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-10 23:10
==================== Ende von FRST.txt ============================
|
|
17.09.2016, 20:59
| #14 |
| /// TB-Ausbilder | Trojan Dropper Servus, edit... |
|
17.09.2016, 21:00
| #15 |
| | Trojan Dropper Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2016
durchgeführt von Sabine (17-09-2016 21:57:51)
Gestartet von C:\Users\Sabine\Desktop
Windows 8 (X64) (2015-02-22 18:07:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1592407861-1572848030-1984046367-500 - Administrator - Disabled)
Gast (S-1-5-21-1592407861-1572848030-1984046367-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1592407861-1572848030-1984046367-1004 - Limited - Enabled)
Sabine (S-1-5-21-1592407861-1572848030-1984046367-1002 - Administrator - Enabled) => C:\Users\Sabine
UpdatusUser (S-1-5-21-1592407861-1572848030-1984046367-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0071 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{8215A318-CC27-435E-B3EA-2E3443C8998C}) (Version: 1.00.3013 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3011 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3012 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3204 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Agatha Christie - Das Böse unter der Sonne (HKLM-x32\...\{23B806E8-BA3C-4FC2-AAB8-116FC8514697}) (Version: 1.0 - )
Alien Skin Xenofex 2.0 (HKLM-x32\...\Xenofex2) (Version: - )
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.100.2020.116 - Alps Electric)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.20.59 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0071 - NTI Corporation) Hidden
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MG4200 series On-screen Manual (HKLM-x32\...\Canon MG4200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3109 - Acer Incorporated)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.001.0000 - Corel Corporation)
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.41) (Version: 1.1.0.41 - DAZ 3D)
DAZ PostgreSQL CMS (HKLM-x32\...\DAZ PostgreSQL CMS 9.3.4.3) (Version: 9.3.4.3 - DAZ 3D)
DAZ Studio 4.8 (64bit) (HKLM-x32\...\DAZ Studio 4.8 (64bit) 4.8.0.59) (Version: 4.8.0.59 - DAZ 3D)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 4.1.2.2 - PandoraTV)
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.10 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3006 - Acer Incorporated)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
Nero 2016 (HKLM-x32\...\{7E55E10F-82E5-4E11-B051-5D1DF76102FF}) (Version: 17.0.00900 - Nero AG)
Nero 2016 Content Pack (HKLM-x32\...\{006F5CFF-ED35-41AF-9B2A-F52B0F545BF4}) (Version: 17.0.00200 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9014 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9014 - NTI Corporation) Hidden
NVIDIA Graphics Driver 307.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 307.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3202 - Acer)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden
Private Tax 2015 1.5.0 (HKLM-x32\...\6588-3357-8633-9771) (Version: 1.5.0 - Information Factory AG)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.30 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28124 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Ulead PhotoImpact 12 (HKLM-x32\...\{11AFE21E-B193-430D-B57A-DFF7815BB962}) (Version: 12.0 - Ulead System)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1B1C8769-C231-45F6-9451-65EA2EF95F77} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {278D73C0-4CB3-4F89-AE14-0B9FD9FD10A1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-10-23] (Acer Incorporated)
Task: {302D3EAD-291D-412A-8C8A-5841FFDB23A5} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-11-06] ()
Task: {33C2859A-717C-443E-A46F-A62E2853DC09} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Sabine**** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {36172A88-D35A-42AE-8DCB-E9E73A5DB48E} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-08-23] ()
Task: {52721E86-0C1E-48B6-8DC7-809AF6E57A05} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-08] (Adobe Systems Incorporated)
Task: {7926FA87-DA5C-4ECC-8267-781CFD8C0023} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-21] ()
Task: {D9F0462D-76DC-4445-AB75-8E1D0695B8FC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {E5507CDC-2F41-42A4-A869-178992957D7C} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-08-23] ()
Task: {EAC1663F-40B1-4CFE-9A44-FEAAB2C7E5CF} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {F6D7C425-917C-40D7-B02B-1056630F7A60} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-13] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Sabine\Favorites\Acer\Acer.lnk -> hxxp://www.acer.com/
Shortcut: C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZStudio4\Online Documentation.lnk -> hxxp:docs.daz3d.com\doku.php\public\software\dazstudio(
Shortcut: C:\Users\Sabine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\14811(
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-06-14 19:12 - 2012-03-28 14:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\Windows\SysWOW64\PSIService.exe
2012-06-22 04:12 - 2012-06-22 04:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2012-08-23 01:04 - 2012-08-23 01:04 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-08-23 01:04 - 2012-08-23 01:04 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2015-02-22 20:17 - 2014-12-18 21:04 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2012-11-03 02:38 - 2012-11-03 02:38 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00125504 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2012-11-03 02:38 - 2012-11-03 02:38 - 00155712 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\VolumeSnapshot.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00118336 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\Online.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 01081408 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00052288 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OsSettingPort.dll
2012-11-03 02:37 - 2012-11-03 02:37 - 00727616 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\OutlookShadow.dll
2015-03-30 12:53 - 2015-05-20 19:03 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2015-03-30 12:53 - 2015-05-20 19:03 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2015-03-30 12:53 - 2015-05-20 19:03 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2015-03-30 12:53 - 2015-05-20 19:04 - 00268920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll
2015-03-30 12:53 - 2015-05-20 19:03 - 00053024 _____ () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll
2015-03-30 12:53 - 2015-05-20 19:03 - 00622880 _____ () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll
2015-03-30 12:53 - 2015-05-20 19:04 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2015-02-28 14:22 - 2004-07-26 18:11 - 00028672 ____N () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2013-03-28 13:45 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2012-07-26 07:26 - 2016-09-17 21:42 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sabine\Desktop\DSC_0012.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run: => "BtPreLoad"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Corel Photo Downloader"
HKLM\...\StartupApproved\Run32: => "Dolby Home Theater v4"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1592407861-1572848030-1984046367-1002\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{932B982B-00D4-4AAA-A64A-54E429826A6E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{11949497-D45E-4D66-B54C-359E4C56EF23}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{7A66D30B-6DCC-446A-8FE3-ACFDDD3BADAB}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe
FirewallRules: [{35D07C68-64E1-4BA9-8333-CB4868E30F42}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
FirewallRules: [{92947C6A-7E23-4F63-835A-2FF4AC8E29D4}] => (Allow) C:\Program Files (x86)\NTI\Acer Backup Manager\FileExplorer.exe
FirewallRules: [{DE193115-B9F5-4380-A1FB-8A9825275BE8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3C7303D3-7F44-40EB-BB13-730AB2EE1405}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4500F513-8D94-4FE2-870A-02077BD922D3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{58DF6BD2-55E2-4690-AFE6-67B6BCF95CAC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{04A38A5E-88BB-4C20-B294-9F66753A6746}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{BA7E9C65-F269-4488-80E7-61258AAEC235}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{A15732B8-856E-4CC3-A763-C3A8D871DD40}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{6A398FD3-1B50-40EA-B61E-81A0E33F72B1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{23E51D31-DEE7-4F3C-9530-0487894A8175}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{87DB0CF5-86E2-4157-BA79-0FF5D69398EC}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{33D38864-3393-45B5-B61F-FEFCA2FC2DE0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{64D3218E-3231-415B-A5FD-3EE1CD394FDB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{623C1707-673D-4410-AA8A-56D458D84EFE}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{6E117C01-6FD0-4B26-8391-F7DFB1150732}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{DAEFF0B7-7D06-45B4-B983-DAE850B7BE6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{31713335-6978-4DB4-BB70-D88DE1F5E622}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{86DC67B2-AE99-4675-969B-0752B3ED241D}D:\poser 7 deutsch\poserg.exe] => (Allow) D:\poser 7 deutsch\poserg.exe
FirewallRules: [UDP Query User{E69A9EAF-8399-4E5B-BACC-2E69298BA821}D:\poser 7 deutsch\poserg.exe] => (Allow) D:\poser 7 deutsch\poserg.exe
FirewallRules: [TCP Query User{CA92EA95-6EE0-4EEA-ADE6-B002E2AD8052}D:\poser 9 deutsch\poser.exe] => (Allow) D:\poser 9 deutsch\poser.exe
FirewallRules: [UDP Query User{D963047F-AEAC-4F7E-B081-AFA360B8FFFA}D:\poser 9 deutsch\poser.exe] => (Allow) D:\poser 9 deutsch\poser.exe
FirewallRules: [TCP Query User{DE2A0B6C-0B53-473A-8543-69DB678A815F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{84912DB6-459D-4B70-8F85-D8E2A3EAC500}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{97AD5190-AE64-482C-B07B-575FB5412912}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [UDP Query User{ED90D823-9EB5-4FBE-8502-2590AAECFBDE}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [{46973A33-AC39-4C70-B58F-ACABF8E56CA4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3565BCB6-436B-46F6-B419-A5B5D2301CF0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C39CC848-666D-49B0-8BF5-D696BBE688D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C8F6DA60-EDED-4145-9070-891E03A9BC23}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [UDP Query User{A7E86DBB-3554-462F-8989-71398BDE6D13}D:\poser 10\poser.exe] => (Allow) D:\poser 10\poser.exe
FirewallRules: [{F95289CD-FD1C-4F04-AE7E-DE8DBDF1EC1A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{7C9C0A2A-AC29-4B6D-8DC5-9387E3D32D06}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{5FC49228-EFDB-4A74-A659-664B31ADED61}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{0DDF3C92-5814-4F0F-AE85-E9770F61C2CE}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{084247DD-62BE-4736-8236-820C8D6B733B}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{2FAD0EEA-439C-4E0F-A12A-4153CEBCA950}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{4F372F84-47DD-4908-AABC-B24143114523}] => (Allow) C:\Users\Sabine\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{9341B26B-580F-46E8-8AD3-C2BD3242FC91}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{381BCDC0-CD26-40D0-A070-43CE8208D5F9}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{70D2691D-B4D7-4182-BF2F-0CCC1FD92ADE}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe
==================== Wiederherstellungspunkte =========================
16-09-2016 14:38:59 Installed Nero 2016 Content Pack.
17-09-2016 12:55:33 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/17/2016 07:40:05 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (4380) Versuch, Datei "C:\Users\Sabine\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
Error: (09/17/2016 07:20:51 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume D:\ sind nicht aktiv.
Kontext: Windows Anwendung
Details:
Das Datenträgeränderungsjournal wird gelöscht. (HRESULT : 0x8007049a) (0x8007049a)
Error: (09/17/2016 07:20:37 PM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv.
Kontext: Windows Anwendung
Details:
Falscher Parameter. (HRESULT : 0x80070057) (0x80070057)
Error: (09/17/2016 09:51:54 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume D:\ sind nicht aktiv.
Kontext: Windows Anwendung
Details:
Das Datenträgeränderungsjournal wird gelöscht. (HRESULT : 0x8007049a) (0x8007049a)
Error: (09/17/2016 09:51:41 AM) (Source: Windows Search Service) (EventID: 3079) (User: )
Description: Benachrichtigungen für Volume C:\ sind nicht aktiv.
Kontext: Windows Anwendung
Details:
Falscher Parameter. (HRESULT : 0x80070057) (0x80070057)
Error: (09/16/2016 07:16:46 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: NT-AUTORITÄT)
Description: Das Profilverzeichnis kann nicht gelöscht werden C:\Users\TEMP.SabineB. Dies liegt u. U. daran, dass Dateien in diesem Verzeichnis von einem anderen Programm verwendet werden.
DETAIL - Das Verzeichnis ist nicht leer.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: SabineB)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: SabineB)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: SabineB)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
Error: (09/16/2016 07:04:02 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht.
Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
for C:\Users\UpdatusUser\ntuser.dat
Systemfehler:
=============
Error: (09/17/2016 09:43:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (09/17/2016 09:43:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet:
This driver has been blocked from loading
Error: (09/17/2016 09:43:55 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: atksgt.sys
Error: (09/17/2016 09:43:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1069 = Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
Error: (09/17/2016 09:43:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069 = Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
Error: (09/17/2016 09:43:24 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50 = Die Anforderung wird nicht unterstützt.
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (09/17/2016 09:43:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069 = Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
Error: (09/17/2016 09:43:24 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50 = Die Anforderung wird nicht unterstützt.
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (09/17/2016 09:42:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/17/2016 09:42:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 11%
Installierter physikalischer RAM: 32650.27 MB
Verfügbarer physikalischer RAM: 28871.33 MB
Summe virtueller Speicher: 34650.27 MB
Verfügbarer virtueller Speicher: 31011.7 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:118.63 GB) (Free:50.23 GB) NTFS
Drive d: (DATA) (Fixed) (Total:908.51 GB) (Free:471.73 GB) NTFS
Drive g: (LAST_CRUSADE_UK_GERMANY) (CDROM) (Total:6.67 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: E49DDE42)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: E49DDE55)
Partition: GPT.
==================== Ende von Addition.txt ============================
Geändert von SabineB. (17.09.2016 um 21:06 Uhr) |
|
| Themen zu Trojan Dropper |
| ausführung, bytefence, code, computer, dropper, eingefangen, erkannt, files, gelöscht, gen, installieren, kostenlose, legal, löschen, malwarebytes, meldung, neustart, quarantäne, scanne, scannen, services, trojan, trojan dropper, unbekannte, unbekannten, websites, windows |
Linear-Darstellung
