| |
| |||||||
Log-Analyse und Auswertung: UCGuard nicht entfernbar und andere MalwareWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.11.2016, 23:39
| #3 |
 |  UCGuard nicht entfernbar und andere Malware FRST lässt sich bei mir nicht ausführen weder die 32 bit noch die eigentlich benötigte 64bit Version.
__________________32bit Version nicht kompatibel mit meiner 64bit Platform 64bit Version startet überhaupt nicht. Nur kurz das ladeicon am Mauszeiger dann nix. Zudem ist mir aufgefallen das beim Systemstart und beim versuch den Windowsbutton, der mit linksklick keine Funktion hat, ein Sound abgespielt wird, denn man auch hört wenn die Benutzerkontensteuerung aufgeruden wird. Ein Ping geräusch. Code:
ATTFilter 23:35:26.0085 0x5a3c TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
23:35:26.0085 0x5a3c UEFI system
23:35:29.0607 0x5a3c ============================================================
23:35:29.0607 0x5a3c Current date / time: 2016/11/05 23:35:29.0607
23:35:29.0608 0x5a3c SystemInfo:
23:35:29.0608 0x5a3c
23:35:29.0608 0x5a3c OS Version: 10.0.14393 ServicePack: 0.0
23:35:29.0608 0x5a3c Product type: Workstation
23:35:29.0608 0x5a3c ComputerName: PANDORY
23:35:29.0608 0x5a3c UserName: Benjamin
23:35:29.0608 0x5a3c Windows directory: C:\WINDOWS
23:35:29.0608 0x5a3c System windows directory: C:\WINDOWS
23:35:29.0608 0x5a3c Running under WOW64
23:35:29.0608 0x5a3c Processor architecture: Intel x64
23:35:29.0608 0x5a3c Number of processors: 4
23:35:29.0608 0x5a3c Page size: 0x1000
23:35:29.0608 0x5a3c Boot type: Normal boot
23:35:29.0608 0x5a3c CodeIntegrityOptions = 0x00000001
23:35:29.0608 0x5a3c ============================================================
23:35:29.0699 0x5a3c KLMD registered as C:\WINDOWS\system32\drivers\30580314.sys
23:35:29.0699 0x5a3c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.351, osProperties = 0x19
23:35:30.0008 0x5a3c System UUID: {A6B730A1-7071-0B8B-D12B-9015180BA20F}
23:35:30.0571 0x5a3c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:35:30.0576 0x5a3c ============================================================
23:35:30.0576 0x5a3c \Device\Harddisk0\DR0:
23:35:30.0576 0x5a3c GPT partitions:
23:35:30.0577 0x5a3c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {63C29FC2-692E-4DF6-AC25-A2F8474F43BF}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
23:35:30.0577 0x5a3c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {8BF56545-1BB9-4A99-9D03-EDF8CAECADE2}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
23:35:30.0577 0x5a3c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {3F37ABD9-3265-4741-A1FD-11988C7F0E0F}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
23:35:30.0577 0x5a3c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AED0EF8F-20A7-4687-B2B5-75535138F9D0}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
23:35:30.0577 0x5a3c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8B35356D-B091-4746-B3A2-A6A35C1458C3}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F3D0800
23:35:30.0577 0x5a3c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C9FC75C4-3E8B-454D-ABFC-31F9980840C6}, Name: Basic data partition, StartLBA 0x6F87B000, BlocksNum 0x3200000
23:35:30.0577 0x5a3c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FCDEBC20-B397-420C-A500-E1CA3F452777}, Name: Basic data partition, StartLBA 0x72A7B000, BlocksNum 0x1C8B800
23:35:30.0577 0x5a3c MBR partitions:
23:35:30.0577 0x5a3c ============================================================
23:35:30.0588 0x5a3c C: <-> \Device\Harddisk0\DR0\Partition5
23:35:30.0636 0x5a3c D: <-> \Device\Harddisk0\DR0\Partition6
23:35:30.0636 0x5a3c ============================================================
23:35:30.0636 0x5a3c Initialize success
23:35:30.0636 0x5a3c ============================================================
23:35:50.0890 0x40dc ============================================================
23:35:50.0890 0x40dc Scan started
23:35:50.0890 0x40dc Mode: Manual; SigCheck; TDLFS;
23:35:50.0890 0x40dc ============================================================
23:35:50.0890 0x40dc KSN ping started
23:35:51.0006 0x40dc KSN ping finished: true
23:35:52.0017 0x40dc ================ Scan system memory ========================
23:35:52.0017 0x40dc System memory - ok
23:35:52.0017 0x40dc ================ Scan services =============================
23:35:52.0222 0x40dc 1394ohci - ok
23:35:52.0232 0x40dc 3ware - ok
23:35:52.0244 0x40dc ACPI - ok
23:35:52.0254 0x40dc AcpiDev - ok
23:35:52.0262 0x40dc acpiex - ok
23:35:52.0269 0x40dc acpipagr - ok
23:35:52.0298 0x40dc AcpiPmi - ok
23:35:52.0304 0x40dc acpitime - ok
23:35:52.0317 0x40dc [ E13DE7CD2B62254DD4FF658B7798A37D, 9FCCC90DEF6BE83F8C41D4552D235A7BB5534954D2E7CB7B1C336A31FCCAB3AD ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
23:35:52.0395 0x40dc ACPIVPC - ok
23:35:52.0404 0x40dc ADP80XX - ok
23:35:52.0462 0x40dc AFD - ok
23:35:52.0477 0x40dc ahcache - ok
23:35:52.0487 0x40dc AJRouter - ok
23:35:52.0497 0x40dc ALG - ok
23:35:52.0504 0x40dc AmdK8 - ok
23:35:52.0511 0x40dc AmdPPM - ok
23:35:52.0516 0x40dc amdsata - ok
23:35:52.0523 0x40dc amdsbs - ok
23:35:52.0529 0x40dc amdxata - ok
23:35:52.0535 0x40dc [ 4126D30992B26303E47E8981313FD6D6, 4C8DB2DDDB88FBEA87CDBFB93D9855B40043778878AF4A5571C174434F9C0D4C ] AmUStor C:\WINDOWS\system32\drivers\AmUStor.SYS
23:35:52.0545 0x40dc AmUStor - ok
23:35:52.0652 0x40dc [ 3FD1A2079EB3FF7F158D135E5CAA96E3, AFDA1FE052304B721CD3653F24421A581308220269534C3D14899A683B44825E ] Apache2.4 C:\xampp\apache\bin\httpd.exe
23:35:52.0733 0x40dc Apache2.4 - detected UnsignedFile.Multi.Generic ( 1 )
23:35:52.0834 0x40dc Detect skipped due to KSN trusted
23:35:52.0834 0x40dc Apache2.4 - ok
23:35:52.0845 0x40dc AppID - ok
23:35:52.0854 0x40dc AppIDSvc - ok
23:35:52.0877 0x40dc Appinfo - ok
23:35:52.0882 0x40dc applockerfltr - ok
23:35:52.0900 0x40dc AppReadiness - ok
23:35:52.0917 0x40dc AppXSvc - ok
23:35:52.0975 0x40dc [ 8F1359937B6401C79C42CF6646FECA9B, D42093B5B21E9DECFFFDB15EC1B157AFB22268E38449AF508AD3BE084BDC3D77 ] Arakosatuhph C:\Program Files (x86)\Phowert\qonakclecisycln.dll
23:35:53.0062 0x40dc Arakosatuhph - detected UnsignedFile.Multi.Generic ( 1 )
23:35:53.0265 0x40dc Arakosatuhph ( UnsignedFile.Multi.Generic ) - warning
23:35:53.0429 0x40dc arcsas - ok
23:35:53.0443 0x40dc AsyncMac - ok
23:35:53.0454 0x40dc atapi - ok
23:35:53.0462 0x40dc athr - ok
23:35:53.0467 0x40dc AudioEndpointBuilder - ok
23:35:53.0476 0x40dc Audiosrv - ok
23:35:53.0506 0x40dc AxInstSV - ok
23:35:53.0509 0x40dc b06bdrv - ok
23:35:53.0512 0x40dc BasicDisplay - ok
23:35:53.0516 0x40dc BasicRender - ok
23:35:53.0521 0x40dc bcmfn - ok
23:35:53.0524 0x40dc bcmfn2 - ok
23:35:53.0527 0x40dc BDESVC - ok
23:35:53.0531 0x40dc Beep - ok
23:35:53.0599 0x40dc [ E543472B75FC78B3205273AE1E8CFE5F, 97CCA65B2BD59DF45B069DE66522E768968CD03B377F797691429E14D448BE9F ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
23:35:53.0633 0x40dc BEService - ok
23:35:53.0650 0x40dc BFE - ok
23:35:53.0664 0x40dc BITS - ok
23:35:53.0742 0x40dc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:35:53.0782 0x40dc Bonjour Service - ok
23:35:53.0790 0x40dc bowser - ok
23:35:53.0794 0x40dc BrokerInfrastructure - ok
23:35:53.0797 0x40dc Browser - ok
23:35:53.0866 0x40dc [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
23:35:53.0913 0x40dc BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:35:54.0005 0x40dc Detect skipped due to KSN trusted
23:35:54.0005 0x40dc BrYNSvc - ok
23:35:54.0046 0x40dc [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\WINDOWS\System32\drivers\btath_bus.sys
23:35:54.0073 0x40dc BTATH_BUS - ok
23:35:54.0120 0x40dc [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
23:35:54.0153 0x40dc BtFilter - ok
23:35:54.0173 0x40dc BthAvrcpTg - ok
23:35:54.0177 0x40dc BthHFEnum - ok
23:35:54.0180 0x40dc bthhfhid - ok
23:35:54.0184 0x40dc BthHFSrv - ok
23:35:54.0188 0x40dc BTHMODEM - ok
23:35:54.0192 0x40dc BTHPORT - ok
23:35:54.0195 0x40dc bthserv - ok
23:35:54.0244 0x40dc BTHUSB - ok
23:35:54.0271 0x40dc buttonconverter - ok
23:35:54.0282 0x40dc CapImg - ok
23:35:54.0294 0x40dc cdfs - ok
23:35:54.0320 0x40dc CDPSvc - ok
23:35:54.0346 0x40dc CDPUserSvc - ok
23:35:54.0395 0x40dc cdrom - ok
23:35:54.0407 0x40dc CertPropSvc - ok
23:35:54.0418 0x40dc cht4iscsi - ok
23:35:54.0423 0x40dc cht4vbd - ok
23:35:54.0428 0x40dc circlass - ok
23:35:54.0436 0x40dc CLFS - ok
23:35:54.0443 0x40dc ClipSVC - ok
23:35:54.0448 0x40dc clreg - ok
23:35:54.0459 0x40dc CmBatt - ok
23:35:54.0463 0x40dc CNG - ok
23:35:54.0467 0x40dc cnghwassist - ok
23:35:54.0530 0x40dc CompositeBus - ok
23:35:54.0542 0x40dc COMSysApp - ok
23:35:54.0557 0x40dc condrv - ok
23:35:54.0576 0x40dc CoreMessagingRegistrar - ok
23:35:54.0664 0x40dc [ 75C568E62A2BD89A869C34119A66D19B, 2954F25E511947728FE50AA76ACECE0B6952D1984301027F499E2F3DAAEB65D3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
23:35:54.0722 0x40dc cphs - ok
23:35:54.0761 0x40dc CryptSvc - ok
23:35:54.0764 0x40dc dam - ok
23:35:54.0769 0x40dc DcomLaunch - ok
23:35:54.0772 0x40dc DcpSvc - ok
23:35:54.0778 0x40dc defragsvc - ok
23:35:54.0786 0x40dc DeviceAssociationService - ok
23:35:54.0789 0x40dc DeviceInstall - ok
23:35:54.0811 0x40dc DevQueryBroker - ok
23:35:54.0826 0x40dc Dfsc - ok
23:35:54.0866 0x40dc [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
23:35:54.0890 0x40dc dg_ssudbus - ok
23:35:54.0927 0x40dc Dhcp - ok
23:35:54.0990 0x40dc diagnosticshub.standardcollector.service - ok
23:35:55.0023 0x40dc DiagTrack - ok
23:35:55.0033 0x40dc disk - ok
23:35:55.0048 0x40dc DmEnrollmentSvc - ok
23:35:55.0057 0x40dc dmvsc - ok
23:35:55.0062 0x40dc dmwappushservice - ok
23:35:55.0081 0x40dc Dnscache - ok
23:35:55.0090 0x40dc dot3svc - ok
23:35:55.0095 0x40dc DPS - ok
23:35:55.0118 0x40dc drmkaud - ok
23:35:55.0122 0x40dc DsmSvc - ok
23:35:55.0126 0x40dc DsSvc - ok
23:35:55.0138 0x40dc DXGKrnl - ok
23:35:55.0155 0x40dc [ E10FB5C1071F2ACC6638E1A157EEB389, F2E6F305E9B2625D4329E80FC2C66B230524EED493F750D7AF8071CB551E3BF6 ] EagleX64 C:\WINDOWS\system32\drivers\EagleX64.sys
23:35:55.0168 0x40dc EagleX64 - ok
23:35:55.0172 0x40dc EapHost - ok
23:35:55.0175 0x40dc EasyAntiCheat - ok
23:35:55.0179 0x40dc ebdrv - ok
23:35:55.0205 0x40dc EFS - ok
23:35:55.0209 0x40dc EhStorClass - ok
23:35:55.0224 0x40dc EhStorTcgDrv - ok
23:35:55.0227 0x40dc embeddedmode - ok
23:35:55.0230 0x40dc EntAppSvc - ok
23:35:55.0234 0x40dc ErrDev - ok
23:35:55.0258 0x40dc EventSystem - ok
23:35:55.0261 0x40dc exfat - ok
23:35:55.0264 0x40dc fastfat - ok
23:35:55.0281 0x40dc Fax - ok
23:35:55.0285 0x40dc fdc - ok
23:35:55.0288 0x40dc fdPHost - ok
23:35:55.0291 0x40dc FDResPub - ok
23:35:55.0294 0x40dc fhsvc - ok
23:35:55.0305 0x40dc FileCrypt - ok
23:35:55.0309 0x40dc FileInfo - ok
23:35:55.0312 0x40dc Filetrace - ok
23:35:55.0315 0x40dc flpydisk - ok
23:35:55.0318 0x40dc FltMgr - ok
23:35:55.0322 0x40dc FontCache - ok
23:35:55.0454 0x40dc FontCache3.0.0.0 - ok
23:35:55.0465 0x40dc FrameServer - ok
23:35:55.0476 0x40dc FsDepends - ok
23:35:55.0487 0x40dc Fs_Rec - ok
23:35:55.0497 0x40dc fvevol - ok
23:35:55.0600 0x40dc [ D56EE61F9B62AD677395BF003A49B4A7, A4B657AF38253F4BAE2A8BE7E9453E662BC378773A93631C0445C96267296B53 ] GDCAgent C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
23:35:55.0632 0x40dc GDCAgent - ok
23:35:55.0670 0x40dc gencounter - ok
23:35:55.0673 0x40dc genericusbfn - ok
23:35:55.0676 0x40dc GPIOClx0101 - ok
23:35:55.0681 0x40dc gpsvc - ok
23:35:55.0692 0x40dc GpuEnergyDrv - ok
23:35:55.0763 0x40dc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:35:55.0781 0x40dc gupdate - ok
23:35:55.0789 0x40dc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:35:55.0804 0x40dc gupdatem - ok
23:35:55.0807 0x40dc HDAudBus - ok
23:35:55.0811 0x40dc HidBatt - ok
23:35:55.0814 0x40dc HidBth - ok
23:35:55.0817 0x40dc hidi2c - ok
23:35:55.0821 0x40dc hidinterrupt - ok
23:35:55.0824 0x40dc HidIr - ok
23:35:55.0827 0x40dc hidserv - ok
23:35:55.0876 0x40dc HidUsb - ok
23:35:55.0891 0x40dc HomeGroupListener - ok
23:35:55.0909 0x40dc HomeGroupProvider - ok
23:35:55.0915 0x40dc HpSAMD - ok
23:35:55.0922 0x40dc HTTP - ok
23:35:55.0932 0x40dc HvHost - ok
23:35:55.0969 0x40dc hvservice - ok
23:35:55.0974 0x40dc [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32 C:\WINDOWS\system32\drivers\HWiNFO64A.SYS
23:35:55.0986 0x40dc HWiNFO32 - ok
23:35:55.0990 0x40dc hwpolicy - ok
23:35:55.0996 0x40dc hyperkbd - ok
23:35:56.0013 0x40dc i8042prt - ok
23:35:56.0016 0x40dc iagpio - ok
23:35:56.0020 0x40dc iai2c - ok
23:35:56.0024 0x40dc iaLPSS2i_GPIO2 - ok
23:35:56.0028 0x40dc iaLPSS2i_I2C - ok
23:35:56.0031 0x40dc iaLPSSi_GPIO - ok
23:35:56.0035 0x40dc iaLPSSi_I2C - ok
23:35:56.0064 0x40dc [ E5A15FEDEBDFB8E12CB94DBF01833775, 9C751A1FD8A5CEC8DD9FE8AE46E86A514C67F07EED04AB23A26A36F400DF8EA4 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
23:35:56.0083 0x40dc iaStorA - ok
23:35:56.0087 0x40dc iaStorAV - ok
23:35:56.0162 0x40dc [ 95BA9605AE793746D8F6AD18E5DA7EFE, 1CFB12E798E268D812EB20EBC85AC1DD1345F073389DEF79986BA45E7BDC701D ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:35:56.0181 0x40dc IAStorDataMgrSvc - ok
23:35:56.0191 0x40dc iaStorV - ok
23:35:56.0195 0x40dc ibbus - ok
23:35:56.0242 0x40dc icssvc - ok
23:35:56.0475 0x40dc [ 658287D76E8D77C08AE98989F99B8948, DBA67B5772E1FE43ABDB3908A1CF86D76F2774BABC20359D2511F06A2A8CAC57 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
23:35:56.0736 0x40dc igfx - ok
23:35:56.0769 0x40dc [ A105AD05696D55E6E4F078ED850F6305, 8121A4226D2941EDD4809D516E7684E5C7164ADCF5AA4C8BC6620110625D3E8D ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
23:35:56.0837 0x40dc igfxCUIService2.0.0.0 - ok
23:35:56.0860 0x40dc IKEEXT - ok
23:35:56.0870 0x40dc IndirectKmd - ok
23:35:56.0890 0x40dc [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
23:35:56.0898 0x40dc intaud_WaveExtensible - ok
23:35:56.0911 0x40dc [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
23:35:56.0931 0x40dc IntcDAud - ok
23:35:56.0993 0x40dc [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
23:35:57.0057 0x40dc Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
23:35:57.0156 0x40dc Detect skipped due to KSN trusted
23:35:57.0157 0x40dc Intel(R) Capability Licensing Service Interface - ok
23:35:57.0235 0x40dc [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
23:35:57.0269 0x40dc Intel(R) Capability Licensing Service TCP IP Interface - ok
23:35:57.0310 0x40dc [ B1B3CED4AACC96080EE7E7516A558184, 3B76DDC32EDEF6FFC5722FB063576FBE154A958A73F9E3B377E541C9BB2F06D5 ] IntelHSWPcc C:\WINDOWS\system32\drivers\IntelPcc.sys
23:35:57.0324 0x40dc IntelHSWPcc - ok
23:35:57.0334 0x40dc intelide - ok
23:35:57.0355 0x40dc intelpep - ok
23:35:57.0359 0x40dc intelppm - ok
23:35:57.0363 0x40dc iorate - ok
23:35:57.0368 0x40dc IpFilterDriver - ok
23:35:57.0378 0x40dc iphlpsvc - ok
23:35:57.0382 0x40dc IPMIDRV - ok
23:35:57.0386 0x40dc IPNAT - ok
23:35:57.0391 0x40dc irda - ok
23:35:57.0394 0x40dc IRENUM - ok
23:35:57.0397 0x40dc irmon - ok
23:35:57.0401 0x40dc isapnp - ok
23:35:57.0404 0x40dc iScsiPrt - ok
23:35:57.0414 0x40dc [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
23:35:57.0422 0x40dc iwdbus - ok
23:35:57.0455 0x40dc [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:35:57.0468 0x40dc jhi_service - ok
23:35:57.0477 0x40dc kbdclass - ok
23:35:57.0483 0x40dc kbdhid - ok
23:35:57.0501 0x40dc kdnic - ok
23:35:57.0504 0x40dc KeyIso - ok
23:35:57.0526 0x40dc KSecDD - ok
23:35:57.0528 0x40dc KSecPkg - ok
23:35:57.0532 0x40dc ksthunk - ok
23:35:57.0559 0x40dc KtmRm - ok
23:35:57.0562 0x40dc L1C - ok
23:35:57.0628 0x40dc [ 86F06574763A0E7CDCD57DD85632E44F, 045940240494DBD1158C017754A14404E7D7F857D57DF78D4ECA326A2E3000B1 ] LADF_BakerCOnly C:\WINDOWS\system32\DRIVERS\ladfBakerCamd64.sys
23:35:57.0653 0x40dc LADF_BakerCOnly - ok
23:35:57.0674 0x40dc [ 89B4981F949A14148365DE8D98A310B5, DE408582146B98C8867C49738E585A18ABC6C135DB51B9D20786EEEC34CFAFAB ] LADF_BakerROnly C:\WINDOWS\system32\DRIVERS\ladfBakerRamd64.sys
23:35:57.0690 0x40dc LADF_BakerROnly - ok
23:35:57.0712 0x40dc [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\WINDOWS\system32\DRIVERS\ladfGSCamd64.sys
23:35:57.0728 0x40dc LADF_CaptureOnly - ok
23:35:57.0745 0x40dc [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\WINDOWS\system32\DRIVERS\ladfGSRamd64.sys
23:35:57.0755 0x40dc LADF_RenderOnly - ok
23:35:57.0777 0x40dc LanmanServer - ok
23:35:57.0780 0x40dc LanmanWorkstation - ok
23:35:57.0848 0x40dc [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
23:35:57.0872 0x40dc LBTServ - ok
23:35:57.0899 0x40dc lfsvc - ok
23:35:57.0903 0x40dc [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
23:35:57.0910 0x40dc LGBusEnum - ok
23:35:57.0940 0x40dc [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
23:35:57.0953 0x40dc LGJoyXlCore - ok
23:35:57.0967 0x40dc [ 07B1C1927BAE6431D3DFB1816DF05BBA, 9B296F6E801D14CE89F5E3EA9B3962EE99E1D3E22077D075F5B0EE4FE3CAB65E ] lgLowAudio C:\WINDOWS\system32\drivers\lgLowAudio.sys
23:35:57.0977 0x40dc lgLowAudio - ok
23:35:58.0015 0x40dc [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
23:35:58.0027 0x40dc LGVirHid - ok
23:35:58.0052 0x40dc LicenseManager - ok
23:35:58.0058 0x40dc lltdio - ok
23:35:58.0065 0x40dc lltdsvc - ok
23:35:58.0093 0x40dc lmhosts - ok
23:35:58.0147 0x40dc [ 6A35B295812CE7064CFBCD9F254169CF, 561DD131FED6F90686D8C031B45B87B6D065C7E0C8804AEFCDE239725AAEE43E ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:35:58.0174 0x40dc LMS - ok
23:35:58.0205 0x40dc LSI_SAS - ok
23:35:58.0208 0x40dc LSI_SAS2i - ok
23:35:58.0212 0x40dc LSI_SAS3i - ok
23:35:58.0216 0x40dc LSI_SSS - ok
23:35:58.0219 0x40dc LSM - ok
23:35:58.0232 0x40dc luafv - ok
23:35:58.0250 0x40dc MapsBroker - ok
23:35:58.0293 0x40dc [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
23:35:58.0312 0x40dc MBAMProtector - ok
23:35:58.0359 0x40dc [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
23:35:58.0396 0x40dc MBAMScheduler - ok
23:35:58.0427 0x40dc [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
23:35:58.0452 0x40dc MBAMService - ok
23:35:58.0522 0x40dc [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
23:35:58.0533 0x40dc MBAMSwissArmy - ok
23:35:58.0578 0x40dc [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
23:35:58.0594 0x40dc MBAMWebAccessControl - ok
23:35:58.0600 0x40dc megasas - ok
23:35:58.0649 0x40dc megasas2i - ok
23:35:58.0658 0x40dc megasr - ok
23:35:58.0674 0x40dc [ 926C135CFB0C75B32FB714B5C0C58FAA, AF627CD125794B69D450D298D5608D357F2C91FB89EBFAA0DA2A0F07C6A304A8 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
23:35:58.0694 0x40dc MEIx64 - ok
23:35:58.0716 0x40dc MessagingService - ok
23:35:58.0738 0x40dc mlx4_bus - ok
23:35:58.0742 0x40dc MMCSS - ok
23:35:58.0746 0x40dc Modem - ok
23:35:58.0767 0x40dc monitor - ok
23:35:58.0771 0x40dc mouclass - ok
23:35:58.0774 0x40dc mouhid - ok
23:35:58.0778 0x40dc mountmgr - ok
23:35:58.0834 0x40dc [ 269BDB3CB77EB77BABE2862BEAB1F208, EC693365C73D59244CB77E181042128A9901BA5C1109CD4F1B9A2008DF1F9582 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:35:58.0847 0x40dc MozillaMaintenance - ok
23:35:58.0852 0x40dc mpsdrv - ok
23:35:58.0856 0x40dc MpsSvc - ok
23:35:58.0860 0x40dc MRxDAV - ok
23:35:58.0876 0x40dc mrxsmb - ok
23:35:58.0887 0x40dc mrxsmb10 - ok
23:35:58.0900 0x40dc mrxsmb20 - ok
23:35:58.0918 0x40dc MsBridge - ok
23:35:58.0922 0x40dc MSDTC - ok
23:35:58.0927 0x40dc Msfs - ok
23:35:58.0933 0x40dc msgpiowin32 - ok
23:35:58.0937 0x40dc mshidkmdf - ok
23:35:58.0940 0x40dc mshidumdf - ok
23:35:58.0943 0x40dc msisadrv - ok
23:35:58.0955 0x40dc MSiSCSI - ok
23:35:58.0958 0x40dc msiserver - ok
23:35:58.0961 0x40dc MSKSSRV - ok
23:35:58.0965 0x40dc MsLldp - ok
23:35:58.0968 0x40dc MSPCLOCK - ok
23:35:58.0971 0x40dc MSPQM - ok
23:35:58.0974 0x40dc MsRPC - ok
23:35:58.0978 0x40dc mssmbios - ok
23:35:58.0982 0x40dc MSTEE - ok
23:35:58.0986 0x40dc MTConfig - ok
23:35:58.0990 0x40dc Mup - ok
23:35:58.0994 0x40dc mvumis - ok
23:35:59.0072 0x40dc mysql - ok
23:35:59.0099 0x40dc NativeWifiP - ok
23:35:59.0107 0x40dc NcaSvc - ok
23:35:59.0135 0x40dc NcbService - ok
23:35:59.0141 0x40dc NcdAutoSetup - ok
23:35:59.0149 0x40dc ndfltr - ok
23:35:59.0164 0x40dc NDIS - ok
23:35:59.0171 0x40dc NdisCap - ok
23:35:59.0178 0x40dc NdisImPlatform - ok
23:35:59.0184 0x40dc NdisTapi - ok
23:35:59.0190 0x40dc Ndisuio - ok
23:35:59.0194 0x40dc NdisVirtualBus - ok
23:35:59.0197 0x40dc NdisWan - ok
23:35:59.0201 0x40dc ndiswanlegacy - ok
23:35:59.0204 0x40dc ndproxy - ok
23:35:59.0209 0x40dc Ndu - ok
23:35:59.0213 0x40dc NetAdapterCx - ok
23:35:59.0217 0x40dc NetBIOS - ok
23:35:59.0223 0x40dc NetBT - ok
23:35:59.0226 0x40dc Netlogon - ok
23:35:59.0230 0x40dc Netman - ok
23:35:59.0234 0x40dc netprofm - ok
23:35:59.0245 0x40dc NetSetupSvc - ok
23:35:59.0332 0x40dc NetTcpPortSharing - ok
23:35:59.0349 0x40dc NgcCtnrSvc - ok
23:35:59.0360 0x40dc NgcSvc - ok
23:35:59.0414 0x40dc [ 02E736F9861F1A6134736CF7473C513F, 7C574A50980885B213EFC0C394AFE613879B669246A4EA5EA6B5F791F7F6F32E ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
23:35:59.0433 0x40dc NitroDriverReadSpool9 - ok
23:35:59.0438 0x40dc NlaSvc - ok
23:35:59.0504 0x40dc [ CD2C0C25ECFCF816306126D3C208614B, C0C8B59BDDB349A593DFF5107841EB76618631C867D7C8F234C9ECBD76713CB0 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
23:35:59.0530 0x40dc nlsX86cc - ok
23:35:59.0537 0x40dc Npfs - ok
23:35:59.0544 0x40dc npsvctrig - ok
23:35:59.0550 0x40dc nsi - ok
23:35:59.0553 0x40dc nsiproxy - ok
23:35:59.0558 0x40dc NTFS - ok
23:35:59.0561 0x40dc Null - ok
23:35:59.0589 0x40dc [ EEA88C63F67A236097F02EEF0944152E, 1256BFAF5960D794DB9C6587B15E05BC681FD7AC159590F8E2C1250477AF95B7 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
23:35:59.0603 0x40dc NvContainerLocalSystem - ok
23:35:59.0612 0x40dc [ EEA88C63F67A236097F02EEF0944152E, 1256BFAF5960D794DB9C6587B15E05BC681FD7AC159590F8E2C1250477AF95B7 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
23:35:59.0626 0x40dc NvContainerNetworkService - ok
23:35:59.0669 0x40dc [ 2D6C4040310C274F93C7B35DF894EA16, E28E516EB3BF40FF27EBD3AE2B248D0AB3F10BD4F757C57423AE70D032C857A5 ] NVIDIA Wireless Controller Service C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
23:35:59.0695 0x40dc NVIDIA Wireless Controller Service - ok
23:36:00.0148 0x40dc [ 9E42C9D22FAB2D286E85AB7D91097BA8, 7E6A13A34C82740D3212B29115C52F3AAEEFF20FD35970089045D28B7B46D292 ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nvlti.inf_amd64_463df33ecac6d590\nvlddmkm.sys
23:36:00.0433 0x40dc nvlddmkm - ok
23:36:00.0470 0x40dc nvraid - ok
23:36:00.0473 0x40dc nvstor - ok
23:36:00.0502 0x40dc [ 6DF7C9E4BF71EBA2CE838394D2EF55B4, 2F13422A2EB4AF6BFDADA9A2DB3BE6A3AFA0D7588645D24222D3A7D813721C7D ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
23:36:00.0508 0x40dc NvStreamKms - ok
23:36:00.0529 0x40dc [ C29547CB9B1ED535AE76384D888BB90C, 63E4F5AE16EC13486340F73A3613038A0363C37E48B4F099B4CBBD476226E4DB ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
23:36:00.0538 0x40dc nvvad_WaveExtensible - ok
23:36:00.0562 0x40dc OneSyncSvc - ok
23:36:00.0717 0x40dc [ 2906AF02B5D06B0EFCD32382F19B88DB, 52A57816017591AC18693095ED6877EC6187F01A1B075ECC0F7E8FA73543E9D0 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
23:36:00.0806 0x40dc Origin Client Service - ok
23:36:00.0874 0x40dc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:36:00.0903 0x40dc ose - ok
23:36:00.0955 0x40dc [ 94F4247BB74CE835705EE4013118181A, 7412CFEBFAD1EBB39B91F2C42E4DD560EDF0B1CE0FA05D9506B16BE7CDD51BD2 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
23:36:00.0984 0x40dc OverwolfUpdater - ok
23:36:01.0009 0x40dc p2pimsvc - ok
23:36:01.0019 0x40dc p2psvc - ok
23:36:01.0024 0x40dc Parport - ok
23:36:01.0052 0x40dc partmgr - ok
23:36:01.0091 0x40dc PcaSvc - ok
23:36:01.0118 0x40dc pci - ok
23:36:01.0146 0x40dc pciide - ok
23:36:01.0154 0x40dc pcmcia - ok
23:36:01.0159 0x40dc pcw - ok
23:36:01.0166 0x40dc pdc - ok
23:36:01.0228 0x40dc [ 1EAE050F8CDC82B12C9F8C58DFB7567A, DE5B4839FCFDD09CA33D8ACB97635D805FAFED33C7F6DD119AE4D5EC17733B62 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
23:36:01.0270 0x40dc PDFProFiltSrvPP - ok
23:36:01.0306 0x40dc PEAUTH - ok
23:36:01.0310 0x40dc percsas2i - ok
23:36:01.0314 0x40dc percsas3i - ok
23:36:01.0399 0x40dc PerfHost - ok
23:36:01.0433 0x40dc PhoneSvc - ok
23:36:01.0437 0x40dc PimIndexMaintenanceSvc - ok
23:36:01.0447 0x40dc pla - ok
23:36:01.0473 0x40dc PlugPlay - ok
23:36:01.0477 0x40dc PNRPAutoReg - ok
23:36:01.0481 0x40dc PNRPsvc - ok
23:36:01.0497 0x40dc PolicyAgent - ok
23:36:01.0506 0x40dc Power - ok
23:36:01.0514 0x40dc PptpMiniport - ok
23:36:01.0667 0x40dc [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
23:36:01.0960 0x40dc PrintNotify - ok
23:36:01.0971 0x40dc Processor - ok
23:36:01.0983 0x40dc ProfSvc - ok
23:36:02.0004 0x40dc Psched - ok
23:36:02.0008 0x40dc QWAVE - ok
23:36:02.0011 0x40dc QWAVEdrv - ok
23:36:02.0015 0x40dc RasAcd - ok
23:36:02.0019 0x40dc RasAgileVpn - ok
23:36:02.0022 0x40dc RasAuto - ok
23:36:02.0025 0x40dc Rasl2tp - ok
23:36:02.0029 0x40dc RasMan - ok
23:36:02.0032 0x40dc RasPppoe - ok
23:36:02.0036 0x40dc RasSstp - ok
23:36:02.0171 0x40dc [ 170C5DE900F60768C380ECD8A812512F, BFD085C32CF25E8261EF4BCFA5903A496785BCDA08037F4EB580BBDEDF42B656 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
23:36:02.0196 0x40dc Razer Game Scanner Service - ok
23:36:02.0205 0x40dc rdbss - ok
23:36:02.0228 0x40dc rdpbus - ok
23:36:02.0232 0x40dc RDPDR - ok
23:36:02.0266 0x40dc RdpVideoMiniport - ok
23:36:02.0269 0x40dc rdyboost - ok
23:36:02.0275 0x40dc ReFSv1 - ok
23:36:02.0279 0x40dc RemoteAccess - ok
23:36:02.0285 0x40dc RemoteRegistry - ok
23:36:02.0295 0x40dc RetailDemo - ok
23:36:02.0337 0x40dc [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
23:36:02.0349 0x40dc RichVideo64 - ok
23:36:02.0365 0x40dc RmSvc - ok
23:36:02.0368 0x40dc RpcEptMapper - ok
23:36:02.0384 0x40dc RpcLocator - ok
23:36:02.0387 0x40dc RpcSs - ok
23:36:02.0391 0x40dc rspndr - ok
23:36:02.0635 0x40dc [ 5D298E56746D170E95C763F1BB65687B, 35BB342748246488595D47FC85BB90C6EC4BB3C9D89758541E7D0D87ED5217DD ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
23:36:02.0908 0x40dc rtsuvc - ok
23:36:02.0929 0x40dc [ 0C90E6CEA576095888E779E5BD9DD060, 8A13A92D5A8E577E2B919CC879FA8CFA1FAD0A6BFF0CF4FCC59B8E74AB22A673 ] rzpmgrk C:\WINDOWS\system32\drivers\rzpmgrk.sys
23:36:02.0937 0x40dc rzpmgrk - ok
23:36:02.0955 0x40dc [ 288471F132C7249F598032D03575F083, 9E3430D5E0E93BC4A5DCCC985053912065E65722BFC2EAF431BC1DA91410434C ] rzpnk C:\WINDOWS\system32\drivers\rzpnk.sys
23:36:02.0965 0x40dc rzpnk - ok
23:36:02.0969 0x40dc s3cap - ok
23:36:03.0005 0x40dc SamSs - ok
23:36:03.0008 0x40dc sbp2port - ok
23:36:03.0012 0x40dc SCardSvr - ok
23:36:03.0036 0x40dc ScDeviceEnum - ok
23:36:03.0039 0x40dc scfilter - ok
23:36:03.0043 0x40dc Schedule - ok
23:36:03.0045 0x40dc scmbus - ok
23:36:03.0049 0x40dc scmdisk0101 - ok
23:36:03.0061 0x40dc SCPolicySvc - ok
23:36:03.0068 0x40dc sdbus - ok
23:36:03.0073 0x40dc SDRSVC - ok
23:36:03.0077 0x40dc sdstor - ok
23:36:03.0082 0x40dc seclogon - ok
23:36:03.0085 0x40dc SENS - ok
23:36:03.0120 0x40dc SensorDataService - ok
23:36:03.0133 0x40dc SensorService - ok
23:36:03.0136 0x40dc SensrSvc - ok
23:36:03.0140 0x40dc SerCx - ok
23:36:03.0143 0x40dc SerCx2 - ok
23:36:03.0147 0x40dc Serenum - ok
23:36:03.0151 0x40dc Serial - ok
23:36:03.0155 0x40dc sermouse - ok
23:36:03.0163 0x40dc SessionEnv - ok
23:36:03.0167 0x40dc sfloppy - ok
23:36:03.0170 0x40dc SharedAccess - ok
23:36:03.0184 0x40dc ShellHWDetection - ok
23:36:03.0188 0x40dc shpamsvc - ok
23:36:03.0192 0x40dc SiSRaid2 - ok
23:36:03.0197 0x40dc SiSRaid4 - ok
23:36:03.0230 0x40dc [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:36:03.0254 0x40dc SkypeUpdate - ok
23:36:03.0282 0x40dc [ 8A6571231D93C08434A56E19E33A35CB, 78A12B58D129D5B2017C9A94734656B9F1ED41345DF1D01F82702D4D95C1BE3F ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
23:36:03.0292 0x40dc SmbDrvI - ok
23:36:03.0346 0x40dc smphost - ok
23:36:03.0381 0x40dc SmsRouter - ok
23:36:03.0403 0x40dc SNMPTRAP - ok
23:36:03.0445 0x40dc spaceport - ok
23:36:03.0451 0x40dc SpbCx - ok
23:36:03.0471 0x40dc Spooler - ok
23:36:03.0489 0x40dc sppsvc - ok
23:36:03.0495 0x40dc srv - ok
23:36:03.0501 0x40dc srv2 - ok
23:36:03.0506 0x40dc srvnet - ok
23:36:03.0552 0x40dc SSDPSRV - ok
23:36:03.0601 0x40dc SstpSvc - ok
23:36:03.0676 0x40dc [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
23:36:03.0701 0x40dc ssudmdm - ok
23:36:03.0819 0x40dc [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
23:36:03.0848 0x40dc ss_conn_service - ok
23:36:03.0884 0x40dc [ BE46045F8BF205454C2D3C43843A9531, E86074A8205E0A04DC5E5E2C080B2EE9F315BFDBA915C1AE63974CC0BE7C3B6F ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
23:36:03.0931 0x40dc STacSV - detected UnsignedFile.Multi.Generic ( 1 )
23:36:04.0020 0x40dc Detect skipped due to KSN trusted
23:36:04.0020 0x40dc STacSV - ok
23:36:04.0056 0x40dc StateRepository - ok
23:36:04.0181 0x40dc [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:36:04.0231 0x40dc Steam Client Service - ok
23:36:04.0254 0x40dc stexstor - ok
23:36:04.0269 0x40dc [ 4CB363C52A44E14DE73E3D41FD5CEC3B, 0DE8CF21B4A18B7D408DD5B22B41348EF6FC356EB8A545A72FBE969FCEEFC812 ] STHDA C:\WINDOWS\system32\DRIVERS\stwrt64.sys
23:36:04.0349 0x40dc STHDA - ok
23:36:04.0355 0x40dc [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
23:36:04.0394 0x40dc StillCam - ok
23:36:04.0450 0x40dc stisvc - ok
23:36:04.0483 0x40dc storahci - ok
23:36:04.0494 0x40dc storflt - ok
23:36:04.0506 0x40dc stornvme - ok
23:36:04.0524 0x40dc storqosflt - ok
23:36:04.0554 0x40dc StorSvc - ok
23:36:04.0560 0x40dc storufs - ok
23:36:04.0566 0x40dc storvsc - ok
23:36:04.0573 0x40dc svsvc - ok
23:36:04.0579 0x40dc swenum - ok
23:36:04.0585 0x40dc swprv - ok
23:36:04.0603 0x40dc Synth3dVsc - ok
23:36:04.0620 0x40dc [ 7DC2B34FB6F1798F2D13453E0321D025, 60EF12A8824384DD88D9C5D188E8FB137F0F85A63C06AAF720CB2D616EB847F4 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:36:04.0638 0x40dc SynTP - ok
23:36:04.0731 0x40dc [ 6FBDBC24B1642868E041463795CBFA44, E9FA0DB094E7B2129ABD325BC91A48D6646380D6AA97BE6233C220E0C98637AF ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
23:36:04.0753 0x40dc SynTPEnhService - ok
23:36:04.0760 0x40dc SysMain - ok
23:36:04.0795 0x40dc SystemEventsBroker - ok
23:36:04.0806 0x40dc TabletInputService - ok
23:36:04.0811 0x40dc TapiSrv - ok
23:36:04.0824 0x40dc Tcpip - ok
23:36:04.0829 0x40dc Tcpip6 - ok
23:36:04.0837 0x40dc tcpipreg - ok
23:36:04.0845 0x40dc tdx - ok
23:36:05.0065 0x40dc [ F2F02E436BA56A96A06E4427C5787B6E, 1562FF264011A15AC69808CB74F387917C4E8ED3B91546B12933BE10B6E20B3A ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
23:36:05.0195 0x40dc TeamViewer - ok
23:36:05.0206 0x40dc terminpt - ok
23:36:05.0210 0x40dc TermService - ok
23:36:05.0217 0x40dc Themes - ok
23:36:05.0236 0x40dc TieringEngineService - ok
23:36:05.0241 0x40dc tiledatamodelsvc - ok
23:36:05.0245 0x40dc TimeBrokerSvc - ok
23:36:05.0249 0x40dc TPM - ok
23:36:05.0254 0x40dc TrkWks - ok
23:36:05.0288 0x40dc TrustedInstaller - ok
23:36:05.0293 0x40dc tsusbflt - ok
23:36:05.0298 0x40dc TsUsbGD - ok
23:36:05.0301 0x40dc tunnel - ok
23:36:05.0316 0x40dc tzautoupdate - ok
23:36:05.0320 0x40dc UASPStor - ok
23:36:05.0336 0x40dc [ 209F5CEAAAFE601851E7B40902FC230D, B7BFD753DF9EA1AD6D6BD8FB47F24E79FA84208E7A66C88B934C3A13B087901D ] ucdrv C:\WINDOWS\System32\drivers:ucdrv-x64.sys
23:36:05.0440 0x40dc Suspicious file ( Hidden ): C:\WINDOWS\System32\drivers:ucdrv-x64.sys. md5: 209F5CEAAAFE601851E7B40902FC230D, sha256: B7BFD753DF9EA1AD6D6BD8FB47F24E79FA84208E7A66C88B934C3A13B087901D
23:36:05.0440 0x40dc ucdrv - detected HiddenFile.Multi.Generic ( 1 )
23:36:05.0541 0x40dc Detect skipped due to KSN trusted
23:36:05.0541 0x40dc ucdrv - ok
23:36:05.0581 0x40dc [ EB482DBC9786F1A9E3ED5AB6864794FA, 4154B259587D743612830F67800450DD04031C215A8459CC26E11D3498640BA0 ] UCGuard C:\WINDOWS\system32\DRIVERS\ucguard.sys
23:36:05.0613 0x40dc UCGuard - ok
23:36:05.0618 0x40dc UcmCx0101 - ok
23:36:05.0623 0x40dc UcmTcpciCx0101 - ok
23:36:05.0627 0x40dc UcmUcsi - ok
23:36:05.0632 0x40dc Ucx01000 - ok
23:36:05.0637 0x40dc UdeCx - ok
23:36:05.0643 0x40dc udfs - ok
23:36:05.0646 0x40dc UEFI - ok
23:36:05.0650 0x40dc Ufx01000 - ok
23:36:05.0653 0x40dc UfxChipidea - ok
23:36:05.0657 0x40dc ufxsynopsys - ok
23:36:05.0665 0x40dc UI0Detect - ok
23:36:05.0668 0x40dc umbus - ok
23:36:05.0671 0x40dc UmPass - ok
23:36:05.0675 0x40dc UmRdpService - ok
23:36:05.0679 0x40dc UnistoreSvc - ok
23:36:05.0684 0x40dc upnphost - ok
23:36:05.0689 0x40dc UrsChipidea - ok
23:36:05.0693 0x40dc UrsCx01000 - ok
23:36:05.0696 0x40dc UrsSynopsys - ok
23:36:05.0707 0x40dc usbaudio - ok
23:36:05.0711 0x40dc usbccgp - ok
23:36:05.0715 0x40dc usbcir - ok
23:36:05.0719 0x40dc usbehci - ok
23:36:05.0723 0x40dc usbhub - ok
23:36:05.0726 0x40dc USBHUB3 - ok
23:36:05.0731 0x40dc usbohci - ok
23:36:05.0736 0x40dc usbprint - ok
23:36:05.0739 0x40dc usbser - ok
23:36:05.0742 0x40dc USBSTOR - ok
23:36:05.0747 0x40dc usbuhci - ok
23:36:05.0750 0x40dc USBXHCI - ok
23:36:05.0755 0x40dc UserDataSvc - ok
23:36:05.0760 0x40dc UserManager - ok
23:36:05.0777 0x40dc UsoSvc - ok
23:36:05.0781 0x40dc VaultSvc - ok
23:36:05.0850 0x40dc [ 1AEF0B09CC241604ECFCCA037FC9B9A7, 992CD1F3647585F3CF7B92ECDBD9537BFB159D0C0DF0BF7D37432F3DA44C2422 ] VBoxDrv C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
23:36:05.0876 0x40dc VBoxDrv - ok
23:36:05.0902 0x40dc [ F429FED78CC80F85BD55CDA8403FD681, 581579E2616D4F69B068BC37C63DD0EC87AE28F1D011B9564EB7756A1FD22A9F ] VBoxNetAdp C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys
23:36:05.0912 0x40dc VBoxNetAdp - ok
23:36:05.0928 0x40dc [ 37C2B3B717BB16C003074B17911682EE, E8EBBBF325D04E33532265DF518B6CDAB59521766660905178BEFFC1C9A47E22 ] VBoxNetLwf C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
23:36:05.0938 0x40dc VBoxNetLwf - ok
23:36:05.0946 0x40dc [ D31F5F9B3D768C68DBB5BCE5855471D4, 7462FCDD7C4FCA0E1DE42E2C677F31AF509475C76B6030CEA3ACEF25B50C50D7 ] VBoxUSBMon C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
23:36:05.0955 0x40dc VBoxUSBMon - ok
23:36:05.0959 0x40dc vdrvroot - ok
23:36:05.0965 0x40dc vds - ok
23:36:05.0968 0x40dc VerifierExt - ok
23:36:05.0972 0x40dc vhdmp - ok
23:36:05.0975 0x40dc vhf - ok
23:36:05.0978 0x40dc vmbus - ok
23:36:05.0982 0x40dc VMBusHID - ok
23:36:05.0985 0x40dc vmgid - ok
23:36:05.0990 0x40dc vmicguestinterface - ok
23:36:05.0993 0x40dc vmicheartbeat - ok
23:36:05.0997 0x40dc vmickvpexchange - ok
23:36:06.0022 0x40dc vmicrdv - ok
23:36:06.0025 0x40dc vmicshutdown - ok
23:36:06.0030 0x40dc vmictimesync - ok
23:36:06.0037 0x40dc vmicvmsession - ok
23:36:06.0045 0x40dc vmicvss - ok
23:36:06.0053 0x40dc volmgr - ok
23:36:06.0060 0x40dc volmgrx - ok
23:36:06.0065 0x40dc volsnap - ok
23:36:06.0069 0x40dc volume - ok
23:36:06.0085 0x40dc vpci - ok
23:36:06.0089 0x40dc vsmraid - ok
23:36:06.0092 0x40dc VSS - ok
23:36:06.0097 0x40dc VSTXRAID - ok
23:36:06.0101 0x40dc vwifibus - ok
23:36:06.0104 0x40dc vwififlt - ok
23:36:06.0108 0x40dc vwifimp - ok
23:36:06.0135 0x40dc W32Time - ok
23:36:06.0138 0x40dc WacomPen - ok
23:36:06.0143 0x40dc WalletService - ok
23:36:06.0215 0x40dc [ E3FC2555BE0E38969E52DE08818B8CD8, A17C543DFDD5D3A00EA998889B1D4715F2B48FD4D0888FC1EBEB74F1105D20B1 ] wampstackApache C:\Bitnami\WAMPST~1.0BE\apache2\bin\httpd.exe
23:36:06.0252 0x40dc wampstackApache - detected UnsignedFile.Multi.Generic ( 1 )
23:36:06.0342 0x40dc Detect skipped due to KSN trusted
23:36:06.0342 0x40dc wampstackApache - ok
23:36:06.0362 0x40dc wampstackMySQL - ok
23:36:06.0373 0x40dc wanarp - ok
23:36:06.0387 0x40dc wanarpv6 - ok
23:36:06.0396 0x40dc wbengine - ok
23:36:06.0424 0x40dc WbioSrvc - ok
23:36:06.0432 0x40dc wcifs - ok
23:36:06.0441 0x40dc Wcmsvc - ok
23:36:06.0448 0x40dc wcncsvc - ok
23:36:06.0455 0x40dc wcnfs - ok
23:36:06.0459 0x40dc WdBoot - ok
23:36:06.0465 0x40dc Wdf01000 - ok
23:36:06.0469 0x40dc WdFilter - ok
23:36:06.0474 0x40dc WdiServiceHost - ok
23:36:06.0479 0x40dc WdiSystemHost - ok
23:36:06.0483 0x40dc wdiwifi - ok
23:36:06.0487 0x40dc WdNisDrv - ok
23:36:06.0502 0x40dc WdNisSvc - ok
23:36:06.0507 0x40dc WebClient - ok
23:36:06.0512 0x40dc Wecsvc - ok
23:36:06.0516 0x40dc WEPHOSTSVC - ok
23:36:06.0520 0x40dc wercplsupport - ok
23:36:06.0523 0x40dc WerSvc - ok
23:36:06.0527 0x40dc WFPLWFS - ok
23:36:06.0532 0x40dc WiaRpc - ok
23:36:06.0536 0x40dc WIMMount - ok
23:36:06.0538 0x40dc WinDefend - ok
23:36:06.0557 0x40dc WindowsTrustedRT - ok
23:36:06.0565 0x40dc WindowsTrustedRTProxy - ok
23:36:06.0579 0x40dc WinHttpAutoProxySvc - ok
23:36:06.0583 0x40dc WinMad - ok
23:36:06.0615 0x40dc Winmgmt - ok
23:36:06.0650 0x40dc WinRM - ok
23:36:06.0670 0x40dc WINUSB - ok
23:36:06.0674 0x40dc WinVerbs - ok
23:36:06.0685 0x40dc wisvc - ok
23:36:06.0699 0x40dc WlanSvc - ok
23:36:06.0734 0x40dc wlidsvc - ok
23:36:06.0737 0x40dc WmiAcpi - ok
23:36:06.0743 0x40dc wmiApSrv - ok
23:36:06.0747 0x40dc WMPNetworkSvc - ok
23:36:06.0751 0x40dc Wof - ok
23:36:06.0757 0x40dc workfolderssvc - ok
23:36:06.0762 0x40dc WPDBusEnum - ok
23:36:06.0767 0x40dc WpdUpFltr - ok
23:36:06.0772 0x40dc WpnService - ok
23:36:06.0775 0x40dc WpnUserService - ok
23:36:06.0795 0x40dc ws2ifsl - ok
23:36:06.0815 0x40dc wscsvc - ok
23:36:06.0831 0x40dc WSDPrintDevice - ok
23:36:06.0835 0x40dc WSDScan - ok
23:36:06.0838 0x40dc WSearch - ok
23:36:06.0868 0x40dc [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
23:36:06.0876 0x40dc wsvd - ok
23:36:06.0889 0x40dc wuauserv - ok
23:36:06.0893 0x40dc WudfPf - ok
23:36:06.0897 0x40dc WUDFRd - ok
23:36:06.0901 0x40dc wudfsvc - ok
23:36:06.0905 0x40dc WUDFWpdFs - ok
23:36:06.0908 0x40dc WUDFWpdMtp - ok
23:36:06.0913 0x40dc WwanSvc - ok
23:36:06.0917 0x40dc XblAuthManager - ok
23:36:06.0931 0x40dc XblGameSave - ok
23:36:06.0958 0x40dc xboxgip - ok
23:36:06.0963 0x40dc XboxNetApiSvc - ok
23:36:06.0981 0x40dc [ 92693510C2636CC86622724FB4581E75, A660E4A0C452654ACA6892857ECF9C019863A02A46A75D5A88A8961564926A41 ] xhunter1 C:\WINDOWS\xhunter1.sys
23:36:06.0989 0x40dc xhunter1 - ok
23:36:07.0005 0x40dc xinputhid - ok
23:36:07.0011 0x40dc xusb22 - ok
23:36:07.0073 0x40dc [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
23:36:07.0142 0x40dc ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
23:36:07.0257 0x40dc Detect skipped due to KSN trusted
23:36:07.0257 0x40dc ZAtheros Bt and Wlan Coex Agent - ok
23:36:07.0258 0x40dc ================ Scan global ===============================
23:36:07.0326 0x40dc [ Global ] - ok
23:36:07.0327 0x40dc ================ Scan MBR ==================================
23:36:07.0350 0x40dc [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:36:07.0473 0x40dc \Device\Harddisk0\DR0 - ok
23:36:07.0474 0x40dc ================ Scan VBR ==================================
23:36:07.0491 0x40dc [ 2035F77E8501BB5D016AAD63E680E798 ] \Device\Harddisk0\DR0\Partition1
23:36:07.0494 0x40dc \Device\Harddisk0\DR0\Partition1 - ok
23:36:07.0512 0x40dc [ FB2D66BC4070DAC477A1FE3777DB4917 ] \Device\Harddisk0\DR0\Partition2
23:36:07.0515 0x40dc \Device\Harddisk0\DR0\Partition2 - ok
23:36:07.0529 0x40dc [ 175BA71408419365814693E98A43B1A8 ] \Device\Harddisk0\DR0\Partition3
23:36:07.0532 0x40dc \Device\Harddisk0\DR0\Partition3 - ok
23:36:07.0537 0x40dc [ 5D14BFFB51A238D3EBA2523AFA9B1649 ] \Device\Harddisk0\DR0\Partition4
23:36:07.0537 0x40dc \Device\Harddisk0\DR0\Partition4 - ok
23:36:07.0544 0x40dc [ 667402E12DE1DE8FE8D97EE08BDF64C0 ] \Device\Harddisk0\DR0\Partition5
23:36:07.0547 0x40dc \Device\Harddisk0\DR0\Partition5 - ok
23:36:07.0553 0x40dc [ 881D88CA05DF6E1F07EBBAAD6E5A95BC ] \Device\Harddisk0\DR0\Partition6
23:36:07.0556 0x40dc \Device\Harddisk0\DR0\Partition6 - ok
23:36:07.0561 0x40dc [ 208C4D4546BF660CE1B49EE67299C745 ] \Device\Harddisk0\DR0\Partition7
23:36:07.0562 0x40dc \Device\Harddisk0\DR0\Partition7 - ok
23:36:07.0563 0x40dc ================ Scan generic autorun ======================
23:36:07.0566 0x40dc Logitech Download Assistant - ok
23:36:07.0771 0x40dc [ 50D20C57D4977601FD66F2ACDE1B1D3A, 6432868E2DEC32D6391FA7E16C049260C8A168C5D3159245A9D0463FCC69E2BD ] C:\WINDOWS\RTFTrack.exe
23:36:07.0877 0x40dc RtsFT - ok
23:36:07.0900 0x40dc [ F3E1B4D249B9E2E820870A3C1ED82AC8, AA8BA7B6B0C064253289896CE5283F429C43A22E9D58DB687130899F1A09F8EF ] C:\WINDOWS\system32\igfxtray.exe
23:36:07.0917 0x40dc IgfxTray - ok
23:36:07.0952 0x40dc [ 37F0C08BFCEDF218A43C84B2447AACB1, 895C1EAF1BC4C7CB4AA803D19A422E8CC59FDC07FAC1A78E5FCC03C31D4AFB84 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
23:36:07.0980 0x40dc IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
23:36:08.0068 0x40dc Detect skipped due to KSN trusted
23:36:08.0068 0x40dc IAStorIcon - ok
23:36:08.0246 0x40dc [ E7C8E8D71978722E1D3C4D6FBC7D98C0, C45B79FCAA1D3D25DD50A525CE26D1469E4C6183E117DDD7950B57BBAB31E8D9 ] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
23:36:08.0319 0x40dc OnekeyStudio - ok
23:36:08.0431 0x40dc [ 51B634D617073986FA73417318F7C121, CAB64175383F501FA515D335167334D7F2147F0889E5052484AA1FF866C6F8CF ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
23:36:08.0460 0x40dc AdobeAAMUpdater-1.0 - ok
23:36:08.0515 0x40dc [ C72FB9CC856ECFF3B6459B27CB674638, 4D5FED8FD31E24A0BC52AE11C1FBCB9C08B1B7EB4A90771B0174117E8D84B966 ] C:\WINDOWS\PixArt\PAC207\Monitor.exe
23:36:08.0624 0x40dc PAC207_Monitor - ok
23:36:08.0771 0x40dc [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
23:36:08.0826 0x40dc EvtMgr6 - ok
23:36:08.0854 0x40dc [ EF271BF6215D7FD3C2955015582A0B45, D32564C5AA6087F1D87CD7B2CB7FC8613A453D4555CAD0EE839F86AA90FB87F3 ] c:\Program Files\TortoiseHg\TortoiseHgOverlayServer.exe
23:36:08.0862 0x40dc TortoiseHgOverlayIconServer - ok
23:36:08.0905 0x40dc [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
23:36:08.0924 0x40dc XboxStat - ok
23:36:09.0275 0x40dc [ 3F0B5EBDEB180C073E01A4A2DFA28C12, 0ACE6F70260E17284B8307D0DD0ACC9B59B379A99AE43429AB644B421ADAE8A7 ] C:\Program Files\Logitech Gaming Software\LCore.exe
23:36:09.0493 0x40dc Launch LCore - ok
23:36:09.0504 0x40dc SynTPEnh - ok
23:36:09.0505 0x40dc WindowsDefender - ok
23:36:09.0508 0x40dc ShadowPlay - ok
23:36:09.0582 0x40dc [ E71832FC681D0F1E0F917D265CDDB6A1, 9C82E57C1261E97760AD1343BA49D2F3BB7ADFF2958DBEE0E9F5077F1D0D0E90 ] C:\Program Files\IDT\WDM\sttray64.exe
23:36:09.0657 0x40dc SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
23:36:09.0746 0x40dc Detect skipped due to KSN trusted
23:36:09.0746 0x40dc SysTrayApp - ok
23:36:09.0801 0x40dc [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
23:36:09.0823 0x40dc UpdateP2GShortCut - ok
23:36:09.0951 0x40dc [ 86E7B43D60B16FCEB967FA089111F796, C32F8BA0BC253C7049ED6D160EFD657C47698A23EBEA11BBDEFEF59C2DC14059 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
23:36:09.0998 0x40dc Adobe Creative Cloud - ok
23:36:10.0037 0x40dc [ 2199723879C9F75A709680E2935C052F, DDD5B5CC86463284D9137372CB8541D1258AC020EA811F1AD3735809F314B086 ] C:\Program Files (x86)\PDF24\pdf24.exe
23:36:10.0049 0x40dc PDFPrint - ok
23:36:10.0135 0x40dc OneDriveSetup - ok
23:36:10.0138 0x40dc OneDriveSetup - ok
23:36:10.0221 0x40dc [ 406E7DF08CE79BE3016CC6D15E2ED956, 9DA8D10AE642B9411A3EB253F97918A6F470F1772F0057964267497CE0BDA53A ] C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
23:36:10.0276 0x40dc Dxtory Update Checker 2.0 - detected UnsignedFile.Multi.Generic ( 1 )
23:36:10.0384 0x40dc Detect skipped due to KSN trusted
23:36:10.0384 0x40dc Dxtory Update Checker 2.0 - ok
23:36:10.0541 0x40dc [ AA7DDCE2175C6D58E83966DEF236F732, 2EA65CDD5096A0A88FAB788CEE29A6B0161856061C9C625D27A58BA987E1E38E ] C:\Spiele\World of Tanks\WargamingGameUpdater.exe
23:36:10.0599 0x40dc World of Tanks - ok
23:36:10.0655 0x40dc [ 72C4380EE0D19B7B76196B488E2DFD39, 066E21A906F954D8054CA8601BA2663998AA9018AE47A8A8DB398111E973F7EF ] C:\Program Files (x86)\TradeSkillMaster Application\app\TSMApplication.exe
23:36:10.0724 0x40dc TSMApplication - detected UnsignedFile.Multi.Generic ( 1 )
23:36:10.0811 0x40dc TSMApplication ( UnsignedFile.Multi.Generic ) - warning
23:36:10.0995 0x40dc Uninstall C:\Users\Benjamin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64 - ok
23:36:10.0996 0x40dc Waiting for KSN requests completion. In queue: 88
23:36:12.0082 0x40dc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
23:36:12.0098 0x40dc Win FW state via NFP2: enabled ( trusted )
23:36:12.0206 0x40dc ============================================================
23:36:12.0206 0x40dc Scan finished
23:36:12.0206 0x40dc ============================================================
23:36:12.0224 0x4d04 Detected object count: 2
23:36:12.0224 0x4d04 Actual detected object count: 2
23:37:49.0906 0x4d04 Arakosatuhph ( UnsignedFile.Multi.Generic ) - skipped by user
23:37:49.0906 0x4d04 Arakosatuhph ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:37:49.0906 0x4d04 TSMApplication ( UnsignedFile.Multi.Generic ) - skipped by user
23:37:49.0906 0x4d04 TSMApplication ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:38:01.0655 0x58fc Deinitialize success
Geändert von kakuzu (05.11.2016 um 23:57 Uhr) |
| Themen zu UCGuard nicht entfernbar und andere Malware |
| appdata, bericht, button, cid, code, dateien, defender, dll, entfernen, firefox, google, home, hängt, infizierte, lösung, malware, microsoft, ordner, rechner, registry, secure, server, software, windows, wmi |
Baum-Darstellung