| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Pc extrem verlangsamt inklusive suspekter MeldungenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.01.2017, 03:54
| #1 |
 |  Pc extrem verlangsamt inklusive suspekter Meldungen Hallo, seit einiger Zeit kommt es vermehrt zu Systemlacks und auch seltsamen Meldungen. z.B. meldet sich ein Windowsfenster( irgendwas mit controlcatalyst), welches nach einer Lösung sucht aber kein Problem findet oder Firefox mit einem Fenster was ich mit ok bestätigen soll. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-01-2017
durchgeführt von **** (Administrator) auf **** (24-01-2017 03:30:32)
Gestartet von C:\Users\****\Desktop
Geladene Profile: **** (Verfügbare Profile: ****)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Razer Inc.) C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
() C:\Program Files (x86)\Psi\Psi.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6846096 2012-11-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1253520 2012-11-19] (Realtek Semiconductor)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5757328 2012-10-19] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2796272 2013-11-22] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-10-25] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-01] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254976 2015-07-23] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [759696 2015-12-23] (Cisco Systems, Inc.)
HKU\S-1-5-21-3246641006-4039149904-3516313396-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3246641006-4039149904-3516313396-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-3246641006-4039149904-3516313396-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-10-13] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> Keine Datei
Startup: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Psi.lnk [2016-09-05]
ShortcutTarget: Psi.lnk -> C:\Program Files (x86)\Psi\Psi.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{699E1AB3-798B-460F-A639-81E2753AF0E1}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9CA7C1EB-024A-4308-A863-A64168A37D65}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-3246641006-4039149904-3516313396-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell13.msn.com/
HKU\S-1-5-21-3246641006-4039149904-3516313396-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-26] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-30] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-26] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-30] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\7j1nc3sb.default [2017-01-24]
FF Extension: (YouTube Video and Audio Downloader) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\7j1nc3sb.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2016-12-05]
FF Extension: (Firefox Hotfix) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\7j1nc3sb.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (FlyOrDie Quick Java Installer) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\7j1nc3sb.default\Extensions\java@flyordie.com.xpi [2013-11-15] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\7j1nc3sb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-13]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-13] (AVAST Software)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [132472 2016-09-09] (Dell Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-11] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-11] (Dell Inc.)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [173056 2012-06-19] (Dell Products, LP.) [Datei ist nicht signiert]
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-11-23] (Realtek Semiconductor)
R2 RzWizardService; C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe [368128 2015-07-23] (Razer Inc.) [Datei ist nicht signiert]
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-09-12] (SoftThinks SAS)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-03-14] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2013-12-15] (Advanced Micro Devices, Inc.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [37656 2016-10-13] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [37144 2016-10-13] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [108816 2016-10-13] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [103064 2016-10-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-10-13] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [969184 2016-10-13] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [513632 2016-10-13] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [163416 2016-10-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software)
R3 btmhsf; C:\WINDOWS\system32\DRIVERS\btmhsf.sys [857472 2012-08-29] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2013-01-25] (OSR Open Systems Resources, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [28040 2012-12-21] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-11-22] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 vpnva; C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys [52592 2015-12-23] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-24 03:30 - 2017-01-24 03:32 - 00019038 _____ C:\Users\****\Desktop\FRST.txt
2017-01-24 03:14 - 2017-01-24 03:14 - 02420736 _____ (Farbar) C:\Users\****\Desktop\FRST64.exe
2017-01-23 12:19 - 2017-01-23 12:19 - 00299522 _____ C:\Users\****\Downloads\doc06175020170123072330.pdf
2017-01-18 22:19 - 2017-01-18 22:19 - 00000867 _____ C:\Users\****\Downloads\Dokumente - Verknüpfung.lnk
2017-01-10 21:27 - 2017-01-17 13:12 - 00012576 _____ C:\Users\****\Desktop\handout.odt
2017-01-10 15:36 - 2015-12-23 08:01 - 00129520 ____R (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\acsock64.sys
2017-01-10 15:35 - 2017-01-10 15:35 - 00000000 ____D C:\Users\****\AppData\Local\Cisco
2017-01-10 15:35 - 2017-01-10 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2017-01-10 15:35 - 2017-01-10 15:35 - 00000000 ____D C:\ProgramData\Cisco
2017-01-10 15:33 - 2017-01-10 15:34 - 05001728 _____ C:\Users\****\Downloads\anyconnect-win-3.1.13015-pre-deploy-k9.msi
2017-01-10 14:00 - 2017-01-10 14:00 - 01580474 _____ C:\Users\****\Desktop\Pettit, Ph., 1999, Republican Freedom.pdf
2016-12-29 14:23 - 2016-12-29 14:23 - 00000000 ____D C:\ProgramData\PC-Doctor, Inc
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-24 03:30 - 2015-12-06 15:50 - 00000000 ____D C:\FRST
2017-01-24 03:00 - 2016-11-16 22:53 - 00000000 ____D C:\Users\****\AppData\LocalLow\Mozilla
2017-01-24 02:40 - 2013-08-18 16:59 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-24 01:59 - 2014-12-14 20:37 - 00000000 ____D C:\Users\****\AppData\Local\Battle.net
2017-01-23 21:19 - 2014-12-14 20:37 - 00000000 ____D C:\Program Files (x86)\Battle.net
2017-01-23 11:48 - 2013-08-18 16:44 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3246641006-4039149904-3516313396-1001
2017-01-22 22:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-22 22:39 - 2014-08-19 00:59 - 00004180 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2017-01-22 22:32 - 2013-03-18 05:25 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-01-22 22:23 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-22 16:11 - 2014-09-24 07:17 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-22 16:11 - 2014-09-24 06:43 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-22 16:11 - 2014-09-24 06:43 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-22 16:11 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2017-01-20 05:03 - 2015-05-18 21:48 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-19 14:43 - 2016-08-28 23:59 - 00000000 ____D C:\Users\****\Desktop\gimp
2017-01-15 18:32 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2017-01-15 18:31 - 2014-10-20 03:47 - 00000000 ____D C:\Users\****
2017-01-14 14:34 - 2013-08-18 23:28 - 00000000 ____D C:\ProgramData\Skype
2017-01-11 01:59 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 01:58 - 2013-08-30 01:42 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 01:56 - 2013-08-30 01:42 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 23:40 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-10 23:40 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-10 23:40 - 2013-08-18 16:59 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-01-10 17:07 - 2015-05-18 21:49 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 15:35 - 2013-11-23 02:29 - 00000000 ____D C:\Program Files (x86)\Cisco
2017-01-07 21:23 - 2016-12-14 03:40 - 00014736 _____ C:\Users\****\Desktop\zwischenmiete.odt
2017-01-03 01:30 - 2015-04-13 09:34 - 00000000 ____D C:\Users\****\Desktop\écriture
2016-12-27 03:44 - 2013-09-18 19:16 - 00000000 ____D C:\Users\****\AppData\Local\Diagnostics
2016-12-25 15:01 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-03-22 12:30 - 2016-03-22 12:30 - 0000000 _____ () C:\Users\****\AppData\Roaming\Microsoft\90F4.tmp
2016-12-12 21:35 - 2016-12-12 21:35 - 0002777 _____ () C:\Users\****\AppData\Local\recently-used.xbel
2013-11-10 18:44 - 2013-11-10 18:44 - 0007602 _____ () C:\Users\****\AppData\Local\Resmon.ResmonCfg
2016-04-12 21:30 - 2016-04-12 21:30 - 0000092 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2013-03-18 05:21 - 2013-03-18 05:21 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-03-18 05:16 - 2013-03-18 05:18 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-03-18 05:18 - 2013-03-18 05:19 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-03-18 05:16 - 2013-03-18 05:16 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-03-18 05:19 - 2013-03-18 05:21 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
Einige Dateien in TEMP:
====================
2015-07-02 16:52 - 2015-07-02 16:52 - 0023040 _____ () C:\Users\****\AppData\Local\Temp\ipugq0rh.dll
2016-08-05 18:01 - 2016-08-05 18:01 - 0741440 _____ (Oracle Corporation) C:\Users\****\AppData\Local\Temp\jre-8u101-windows-au.exe
2016-11-30 10:51 - 2016-11-30 10:51 - 0737856 _____ (Oracle Corporation) C:\Users\****\AppData\Local\Temp\jre-8u111-windows-au.exe
2015-07-20 12:48 - 2015-07-20 12:48 - 0563808 _____ (Oracle Corporation) C:\Users\****\AppData\Local\Temp\jre-8u51-windows-au.exe
2015-08-30 17:58 - 2015-08-30 17:58 - 0585824 _____ (Oracle Corporation) C:\Users\****\AppData\Local\Temp\jre-8u60-windows-au.exe
2015-12-03 00:29 - 2015-12-03 00:29 - 0585824 _____ (Oracle Corporation) C:\Users\****\AppData\Local\Temp\jre-8u66-windows-au.exe
2016-05-28 09:37 - 2016-05-28 09:37 - 0739904 _____ (Oracle Corporation) C:\Users\****\AppData\Local\Temp\jre-8u91-windows-au.exe
2015-10-14 18:42 - 2016-05-16 13:29 - 45196928 _____ (Skype Technologies S.A.) C:\Users\****\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-23 11:48
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-01-2017
durchgeführt von **** (24-01-2017 03:58:05)
Gestartet von C:\Users\****\Desktop
Windows 8.1 (Update) (X64) (2014-10-20 08:37:26)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3246641006-4039149904-3516313396-500 - Administrator - Disabled)
Gast (S-1-5-21-3246641006-4039149904-3516313396-501 - Limited - Disabled)
**** (S-1-5-21-3246641006-4039149904-3516313396-1001 - Administrator - Enabled) => C:\Users\****
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{B9C542F2-31A8-8EC1-B349-28C74D2A865C}) (Version: 8.0.891.0 - Advanced Micro Devices, Inc.)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
Audials USB (HKLM-x32\...\{8BF5D162-E215-4C00-8CDF-FDD9DADC7A34}) (Version: 10.3.34300.0 - RapidSolution Software AG)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6452 - CDBurnerXP)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.13015 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.13015 - Cisco Systems, Inc.) Hidden
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.2 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.2 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{35BEC446-269E-42E4-8EED-191A38CCFF3D}) (Version: 1.4.10.0 - Dell Inc.)
Dell Data Vault (Version: 4.3.8.0 - Dell Inc.) Hidden
Dell Digital Delivery (HKLM-x32\...\{D9ED3EFC-AB00-4CE0-ADED-80EE6B1158A7}) (Version: 2.2.2000.0 - Dell Products, LP)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{B57A8AFE-6735-4497-BD52-BD2F838F5CF0}) (Version: 1.2.1.31 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.1.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.4.1029 - DVDVideoSoft Ltd.)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{F13921D6-AE6D-41BF-807A-17BD99C0A4FD}) (Version: 15.5.5.0480 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0728A184-F899-4356-B93D-8228674F0DEB}) (Version: 2.6.1209.0268 - Motorola Solutions, Inc.)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Psi (remove only) (HKLM-x32\...\Psi) (Version: - )
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.012 - Dell Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3246641006-4039149904-3516313396-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-3246641006-4039149904-3516313396-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B0CDAAF-7212-4ACF-9FD0-6F90EC097AA7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {2076BD8D-66DC-496C-9415-85483DC23B4B} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {23E932E1-859D-41CF-AB48-37CF52BEEA5F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2016-09-13] (PC-Doctor, Inc.)
Task: {486318D5-65EE-4CAA-AF21-C3769DA1E893} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {4B2B2283-7536-4E6C-BD03-E4CE9EE07EBE} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {5EE083EA-1D22-4268-A23C-010EADB81760} - System32\Tasks\SafeZone scheduled Autoupdate 1458407381 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {7A3785A3-ECF7-4864-AE63-DE4EE14309DA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {C4598EA4-8021-4B78-9620-0BF056276EF4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-10-13] (AVAST Software)
Task: {E24A6BD5-76F9-4496-9057-959F8C2C4E1D} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-05] (AVAST Software)
Task: {E923E631-5120-4C61-B78A-AA20B80C4C58} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-03-14] (Dell Inc.)
Task: {F9528EFD-8519-40FA-A9B2-788BDB4D9BD5} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2016-09-13] (PC-Doctor, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-03-18 05:19 - 2012-04-25 03:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2012-10-04 01:23 - 2012-10-04 01:23 - 07033344 _____ () C:\Program Files (x86)\Psi\Psi.exe
2016-09-30 21:47 - 2016-09-11 08:22 - 00110976 _____ () C:\Program Files\Dell\SupportAssist\libCSharpCommonCS.dll
2016-09-30 21:47 - 2016-09-11 08:22 - 00553344 _____ () C:\Program Files\Dell\SupportAssist\libAsapiCSharp.dll
2015-12-23 08:27 - 2015-12-23 08:27 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-10-13 00:33 - 2016-10-13 00:33 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-10-13 00:33 - 2016-10-13 00:33 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-01-23 11:10 - 2017-01-23 11:10 - 04458584 _____ () C:\Program Files\AVAST Software\Avast\defs\17012300\algo.dll
2015-02-16 17:24 - 2015-12-11 01:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-02-16 17:24 - 2015-12-11 01:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-02-16 17:24 - 2015-12-11 01:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-02-16 17:24 - 2015-12-11 01:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-02-16 17:24 - 2015-12-11 01:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-02-16 17:24 - 2015-12-11 01:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2012-10-04 01:23 - 2012-10-04 01:23 - 06940838 _____ () C:\Program Files (x86)\Psi\libaspell-15.dll
2012-10-04 01:23 - 2012-10-04 01:23 - 00850944 _____ () C:\Program Files (x86)\Psi\qca2.dll
2012-10-04 01:23 - 2012-10-04 01:23 - 00093696 _____ () C:\Program Files (x86)\Psi\zlib1.dll
2012-10-04 01:23 - 2012-10-04 01:23 - 00117248 _____ () C:\Program Files (x86)\Psi\libgcc_s_dw2-1.dll
2012-10-04 01:23 - 2012-10-04 01:23 - 01019406 _____ () C:\Program Files (x86)\Psi\libstdc++-6.dll
2012-10-04 01:23 - 2012-10-04 01:23 - 00203776 _____ () C:\Program Files (x86)\Psi\crypto\qca-gnupg2.dll
2012-10-04 01:23 - 2012-10-04 01:23 - 00243200 _____ () C:\Program Files (x86)\Psi\crypto\qca-ossl2.dll
2012-10-04 01:23 - 2012-10-04 01:23 - 00432128 _____ () C:\Program Files (x86)\Psi\gstprovider.dll
2012-08-20 15:24 - 2012-08-20 15:24 - 00972630 _____ () C:\Program Files (x86)\Psi\libgstaudio-0.10-0.dll
2012-08-20 14:24 - 2012-08-20 14:24 - 01416392 _____ () C:\Program Files (x86)\Psi\libgstbase-0.10-0.dll
2012-08-20 15:23 - 2012-08-20 15:23 - 00306894 _____ () C:\Program Files (x86)\Psi\libgstinterfaces-0.10-0.dll
2012-08-20 14:23 - 2012-08-20 14:23 - 03453165 _____ () C:\Program Files (x86)\Psi\libgstreamer-0.10-0.dll
2012-08-20 15:23 - 2012-08-20 15:23 - 00456972 _____ () C:\Program Files (x86)\Psi\libgstvideo-0.10-0.dll
2012-08-20 13:35 - 2012-08-20 13:35 - 00207462 _____ () C:\Program Files (x86)\Psi\libspeexdsp-1.dll
2012-08-20 09:32 - 2012-08-20 09:32 - 00106721 _____ () C:\Program Files (x86)\Psi\libffi-5.dll
2012-08-20 15:24 - 2012-08-20 15:24 - 00494310 _____ () C:\Program Files (x86)\Psi\libgstpbutils-0.10-0.dll
2012-08-20 13:54 - 2012-08-20 13:54 - 01843478 _____ () C:\Program Files (x86)\Psi\liborc-0.4-0.dll
2012-08-20 15:24 - 2012-08-20 15:24 - 00417853 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstaudioconvert.dll
2012-08-20 15:25 - 2012-08-20 15:25 - 00254837 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstaudioresample.dll
2012-08-20 13:54 - 2012-08-20 13:54 - 00127878 _____ () C:\Program Files (x86)\Psi\liborc-test-0.4-0.dll
2012-08-20 14:25 - 2012-08-20 14:25 - 01302375 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstcoreelements.dll
2012-08-20 14:25 - 2012-08-20 14:25 - 00059321 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstcoreindexers.dll
2012-08-20 15:25 - 2012-08-20 15:25 - 00185839 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstdecodebin.dll
2012-08-20 15:24 - 2012-08-20 15:24 - 01173102 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstffmpegcolorspace.dll
2012-08-20 16:32 - 2012-08-20 16:32 - 00433248 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstjpeg.dll
2012-08-20 16:30 - 2012-08-20 16:30 - 00082285 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstlevel.dll
2012-08-20 15:25 - 2012-08-20 15:25 - 00804404 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstogg.dll
2012-08-20 15:24 - 2012-08-20 15:24 - 00161147 _____ () C:\Program Files (x86)\Psi\libgstriff-0.10-0.dll
2012-08-20 15:23 - 2012-08-20 15:23 - 00800462 _____ () C:\Program Files (x86)\Psi\libgsttag-0.10-0.dll
2012-08-20 13:09 - 2012-08-20 13:09 - 00071961 _____ () C:\Program Files (x86)\Psi\libogg-0.dll
2012-08-20 16:31 - 2012-08-20 16:31 - 02439079 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstrtp.dll
2012-08-20 15:23 - 2012-08-20 15:23 - 00389863 _____ () C:\Program Files (x86)\Psi\libgstrtp-0.10-0.dll
2012-08-20 16:31 - 2012-08-20 16:31 - 00693314 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstrtpmanager.dll
2012-08-20 15:23 - 2012-08-20 15:23 - 00043641 _____ () C:\Program Files (x86)\Psi\libgstnetbuffer-0.10-0.dll
2012-08-20 16:32 - 2012-08-20 16:32 - 00151540 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstspeex.dll
2012-08-20 13:35 - 2012-08-20 13:35 - 00305255 _____ () C:\Program Files (x86)\Psi\libspeex-1.dll
2012-08-20 15:26 - 2012-08-20 15:26 - 00330205 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgsttheora.dll
2012-08-20 13:23 - 2012-08-20 13:23 - 00132755 _____ () C:\Program Files (x86)\Psi\libtheoradec-1.dll
2012-08-20 13:23 - 2012-08-20 13:23 - 00330321 _____ () C:\Program Files (x86)\Psi\libtheoraenc-1.dll
2012-08-20 15:25 - 2012-08-20 15:25 - 00276606 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgsttypefindfunctions.dll
2012-08-20 15:25 - 2012-08-20 15:25 - 00129763 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstvideorate.dll
2012-08-20 15:25 - 2012-08-20 15:25 - 00411969 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstvideoscale.dll
2012-08-20 15:25 - 2012-08-20 15:25 - 00180456 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstvolume.dll
2012-08-20 14:24 - 2012-08-20 14:24 - 00586284 _____ () C:\Program Files (x86)\Psi\libgstcontroller-0.10-0.dll
2012-08-20 15:26 - 2012-08-20 15:26 - 00281335 _____ () C:\Program Files (x86)\Psi\gstreamer-0.10\libgstvorbis.dll
2012-08-20 13:14 - 2012-08-20 13:14 - 00198752 _____ () C:\Program Files (x86)\Psi\libvorbis-0.dll
2012-08-20 13:15 - 2012-08-20 13:15 - 01640743 _____ () C:\Program Files (x86)\Psi\libvorbisenc-2.dll
2013-03-18 05:17 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-10-13 00:34 - 2016-10-13 00:34 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-09-09 07:32 - 2016-09-09 07:32 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2016-12-14 15:58 - 2016-12-14 15:58 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\f6defe2c13f18b87958324384069a694\PSIClient.ni.dll
2013-03-18 05:25 - 2012-09-12 21:18 - 02003304 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\STRestoreAPI.dll
2013-03-18 05:25 - 2012-08-06 10:59 - 01153384 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\libxml2.dll
2013-03-18 05:25 - 2012-08-06 10:59 - 00117608 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Restore\zlib1.dll
2013-03-18 05:10 - 2012-06-25 19:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-10-01 00:36 - 2016-10-01 00:36 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\system32\Drivers\btmhsf.sys:Microsoft_Appcompat_ReinstallUpgrade [0]
AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:50DD4118 [102]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2015-10-16 00:24 - 00000828 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3246641006-4039149904-3516313396-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\****\Pictures\ne_travaillez_jamais.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-3246641006-4039149904-3516313396-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3246641006-4039149904-3516313396-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3246641006-4039149904-3516313396-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [UDP Query User{D3C7EA35-5C17-4A71-B77F-EEAA696FA8C5}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{D0670AF8-5DEF-4540-8963-23717760A22D}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{320B8612-CE1C-44B6-9CDA-1C8AE5AEAF60}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{C6D51B65-3AA2-4266-A54B-1A5539BC4C17}] => C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1CCF7CC1-2BF8-4396-98E0-9D7232B55C96}] => C:\Users\****\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [UDP Query User{043A1D66-2310-4671-8BFC-F6E775229917}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B570E7A0-599E-4460-9296-42FCA655B091}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0E1A943E-83D6-46B1-88D0-22B8DCCB4648}] => C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{F4A414B7-4A05-403B-BED1-C6A5EDA51D88}] => C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5538CDE4-DA39-445C-BB36-445277B41CA3}] => LPort=1900
FirewallRules: [{186CA9B3-0355-436D-BC40-16773016712B}] => LPort=2869
FirewallRules: [{0185ADD7-F72A-4A1F-88AB-6E2A0A9A095A}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EE742F37-0514-497C-9282-4A0A971FC677}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{CBAB3269-5C3B-475B-9737-5424CCB4105F}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{D194B9A1-FF98-44EE-8B3A-A614A3CD04AC}] => C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{FBC2AC37-32F2-4409-AEF0-93BF8212D9A8}] => C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{6970F63D-74B9-420B-B122-9F8149BB9963}] => C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{51EBC294-DEE2-4165-8063-E62BECAEBACC}] => C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{1FC81DEF-E32D-40B0-974F-26FF3C5DA7F9}] => C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BC0BE92E-8F60-455E-AD5B-B844A5003C38}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{80B8A612-A323-4118-9777-E3ABE328C90F}] => C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{429D299D-A284-4A0F-9631-5F86778C97A2}] => C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{B757FF51-1DB2-4017-ACD1-F2916066F6DC}] => C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{80914421-9DAD-4A54-B176-7C059528BCCB}] => C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{44FDCD91-C8C7-4963-A096-4B2BC66F23BB}] => C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{E89A937B-AB00-4F5C-A085-25C4B7C46A09}C:\program files (x86)\hearthstone\hearthstone.exe] => C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{A023ACAC-2446-4A07-99FA-5E77A923DAB3}C:\program files (x86)\hearthstone\hearthstone.exe] => C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{1AD6AEF3-9257-468E-8E90-72312636F68C}] => C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{C7EBA08C-0FF8-43B1-8F5B-C7A17D2D69CE}] => C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{9DE4C0D4-28E4-4769-B729-71C09B0B737F}] => C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{5EE3E263-30CB-4050-B09E-012FB6C280F3}] => C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{98980CE1-F8FB-4AAE-9553-04BCD98A975E}] => C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{65BFA5B4-0C01-4F5B-8D38-37CEB44888EA}] => C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{54790678-E434-416E-A395-88DC55B21D5E}C:\programdata\battle.net\agent\agent.3668\agent.exe] => C:\programdata\battle.net\agent\agent.3668\agent.exe
FirewallRules: [UDP Query User{1F1A3CEE-9E51-4DCC-A8F8-48F9456046BB}C:\programdata\battle.net\agent\agent.3668\agent.exe] => C:\programdata\battle.net\agent\agent.3668\agent.exe
FirewallRules: [TCP Query User{51367C30-7AB8-4D1B-B74A-7A4E7285919F}C:\programdata\battle.net\agent\agent.3669\agent.exe] => C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [UDP Query User{BBEA8BC4-AF7F-4307-B48A-4C5513380CC1}C:\programdata\battle.net\agent\agent.3669\agent.exe] => C:\programdata\battle.net\agent\agent.3669\agent.exe
FirewallRules: [{E1A4DFF5-B770-4C61-AECA-ABA9A75B41AB}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9D397C94-92D6-4FF2-84B0-066165226A11}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AD50D1A1-1CF1-49AC-B9D2-D63E58CCDFA6}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{56E46199-B1D8-43D0-820C-D3C1EA4D0C0A}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{7BD4749E-0BF2-4026-8C8B-CC03CCDE0A86}C:\programdata\battle.net\agent\agent.3688\agent.exe] => C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [UDP Query User{22FBEDB4-CD2B-45D3-AA33-6EF1EC91D879}C:\programdata\battle.net\agent\agent.3688\agent.exe] => C:\programdata\battle.net\agent\agent.3688\agent.exe
FirewallRules: [{66082769-62E8-4D07-B36A-8785B6A735FA}] => C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{B4ABE796-A708-4F0A-AF69-879EB0AC568A}] => C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [TCP Query User{10986305-74CC-4422-A901-4FA6AE9A2570}C:\programdata\battle.net\agent\agent.3715\agent.exe] => C:\programdata\battle.net\agent\agent.3715\agent.exe
FirewallRules: [UDP Query User{B36A8C92-7F56-42D0-BE2B-DE8AD2542825}C:\programdata\battle.net\agent\agent.3715\agent.exe] => C:\programdata\battle.net\agent\agent.3715\agent.exe
FirewallRules: [TCP Query User{7C30D662-B12D-4F2E-B728-1246B8D49752}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D46201EA-6B51-46A7-A9F8-12E3C1F09E83}C:\program files (x86)\mozilla firefox\firefox.exe] => C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5B9C6EE1-3B96-4BA2-AA38-802E50B8D188}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{D2F83138-9AA6-44DF-8CCC-65BE69A9C501}] => C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{95A2540C-B0EF-4195-9E5A-61D6B40257C9}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{216EF17D-8086-4D23-BE01-03220F76E28E}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{5AAC0B08-42CF-445C-9A61-051482F68750}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{42141C61-7316-4A1C-A574-0ED49FA9E0A0}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6B591A5D-CFCF-44CC-9E94-0F3B2C98C9BB}C:\program files (x86)\psi\psi.exe] => C:\program files (x86)\psi\psi.exe
FirewallRules: [UDP Query User{37D4A094-9585-452E-A813-FB30A1CA2AE1}C:\program files (x86)\psi\psi.exe] => C:\program files (x86)\psi\psi.exe
FirewallRules: [{7AB0302C-D879-4528-AD6F-5858427AA663}] => C:\program files (x86)\psi\psi.exe
FirewallRules: [{8F393D3C-2CA0-45D3-8688-91F1FA2E19F1}] => C:\program files (x86)\psi\psi.exe
==================== Wiederherstellungspunkte =========================
08-01-2017 18:12:12 Geplanter Prüfpunkt
10-01-2017 15:34:35 Installed Cisco AnyConnect Secure Mobility Client
18-01-2017 08:45:46 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/24/2017 02:46:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WerFault.exe, Version: 6.3.9600.17415, Zeitstempel: 0x54503815
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000142
Fehleroffset: 0x0009d3c2
ID des fehlerhaften Prozesses: 0x1d9c
Startzeit der fehlerhaften Anwendung: 0x01d275e3b20ae416
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\WerFault.exe
Pfad des fehlerhaften Moduls: USER32.dll
Berichtskennung: f008a7c8-e1d6-11e6-bf41-74867a073a29
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/24/2017 02:46:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WerFault.exe, Version: 6.3.9600.17415, Zeitstempel: 0x54503815
Name des fehlerhaften Moduls: USER32.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000142
Fehleroffset: 0x0009d3c2
ID des fehlerhaften Prozesses: 0xfa8
Startzeit der fehlerhaften Anwendung: 0x01d275e3b17bd120
Pfad der fehlerhaften Anwendung: C:\WINDOWS\SysWOW64\WerFault.exe
Pfad des fehlerhaften Moduls: USER32.dll
Berichtskennung: f00880b8-e1d6-11e6-bf41-74867a073a29
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/22/2017 10:26:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzWizard.exe, Version: 1.0.5.2, Zeitstempel: 0x55b0b18e
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x5736541b
Ausnahmecode: 0xe0434352
Fehleroffset: 0x00014878
ID des fehlerhaften Prozesses: 0x1118
Startzeit der fehlerhaften Anwendung: 0x01d274f616040be2
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\KERNELBASE.dll
Berichtskennung: 78c949e1-e0e9-11e6-bf41-606c660c9c5c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/22/2017 10:26:39 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzWizard.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Configuration.ConfigurationErrorsException
Stapel:
bei System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
bei System.Configuration.BaseConfigurationRecord.GetSection(System.String)
bei System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
bei System.Configuration.ConfigurationManager.GetSection(System.String)
bei System.Configuration.ClientSettingsStore.ReadSettings(System.String, Boolean)
bei System.Configuration.LocalFileSettingsProvider.GetPropertyValues(System.Configuration.SettingsContext, System.Configuration.SettingsPropertyCollection)
bei System.Configuration.SettingsBase.GetPropertiesFromProvider(System.Configuration.SettingsProvider)
bei System.Configuration.SettingsBase.GetPropertyValueByName(System.String)
bei System.Configuration.SettingsBase.get_Item(System.String)
bei System.Configuration.ApplicationSettingsBase.GetPropertyValue(System.String)
bei System.Configuration.ApplicationSettingsBase.get_Item(System.String)
bei Razer.UpdateNInstallManagerUI.Properties.Settings.get_PopupWay()
bei Razer.UpdateNInstallManagerUI.MiniInstallerUI.MiniInstallerUI_Controller()
bei Razer.UpdateNInstallManagerUI.MiniInstallerUI..ctor(Boolean)
bei Razer.MiniInstaller.MiniInstallerVIewModel..ctor()
bei Razer.MiniInstaller.App.OnStartup(System.Windows.StartupEventArgs)
bei System.Windows.Application.<.ctor>b__1(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Razer.MiniInstaller.App.Main()
Error: (01/19/2017 02:08:25 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Hearthstone.exe, Version 1.0.0.15590 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1988
Startzeit: 01d271d0f3f6498e
Endzeit: 913
Anwendungspfad: C:\Program Files (x86)\Hearthstone\Hearthstone.exe
Berichts-ID: bb789b0b-dde3-11e6-bf40-74867a073a29
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/18/2017 05:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SupportAssist.exe, Version: 1.2.1.31, Zeitstempel: 0x56e6dc2b
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434f4d
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xSupportAssist.exe0
Pfad der fehlerhaften Anwendung: SupportAssist.exe1
Pfad des fehlerhaften Moduls: SupportAssist.exe2
Berichtskennung: SupportAssist.exe3
Vollständiger Name des fehlerhaften Pakets: SupportAssist.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SupportAssist.exe5
Error: (01/17/2017 02:36:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Hearthstone.exe, Version 1.0.0.15590 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1974
Startzeit: 01d2704d072fa6c8
Endzeit: 2003
Anwendungspfad: C:\Program Files (x86)\Hearthstone\Hearthstone.exe
Berichts-ID: 380d98c1-dc55-11e6-bf40-74867a073a29
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/16/2017 01:43:52 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Battle.net.exe, Version 1.6.0.8265 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 167c
Startzeit: 01d26f78d097bbf5
Endzeit: 1311
Anwendungspfad: C:\Program Files (x86)\Battle.net\Battle.net.8265\Battle.net.exe
Berichts-ID: d685db2d-db84-11e6-bf40-74867a073a29
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/16/2017 01:43:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Hearthstone.exe, Version 1.0.0.15590 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1250
Startzeit: 01d26f78e995b7fd
Endzeit: 1806
Anwendungspfad: C:\Program Files (x86)\Hearthstone\Hearthstone.exe
Berichts-ID: c260cbd6-db84-11e6-bf40-74867a073a29
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/15/2017 06:38:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 3.5.0.0, Zeitstempel: 0x4f8350e0
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x1164
Startzeit der fehlerhaften Anwendung: 0x01d26f55e99b6836
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\KERNELBASE.dll
Berichtskennung: 64ef425a-db49-11e6-bf40-74867a073a29
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (01/24/2017 03:19:17 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "OTTMA",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{699E1AB3-798B-460F-A639-81E2753AF0E1}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/23/2017 03:21:37 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "OTTMA",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{699E1AB3-798B-460F-A639-81E2753AF0E1}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/23/2017 11:49:11 AM) (Source: DCOM) (EventID: 10010) (User: ****)
Description: Der Server "{BF6C1E47-86EC-4194-9CE5-13C15DCB2001}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/23/2017 11:48:01 AM) (Source: DCOM) (EventID: 10010) (User: ****)
Description: Der Server "{1B1F472E-3221-4826-97DB-2C2324D389AE}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/22/2017 10:45:42 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "OTTMA",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{699E1AB3-798B-460F-A639-81E2753AF0E1}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (01/22/2017 10:30:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell SupportAssist Agent" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (01/22/2017 10:30:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dell SupportAssist Agent" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 32767 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.
Error: (01/22/2017 10:29:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dell SupportAssist Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 32767 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.
Error: (01/22/2017 10:29:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Software Protection" wurde nicht richtig gestartet.
Error: (01/22/2017 10:27:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Dell Digital Delivery Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3337U CPU @ 1.80GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 3965.27 MB
Verfügbarer physikalischer RAM: 1663.72 MB
Summe virtueller Speicher: 8039.55 MB
Verfügbarer virtueller Speicher: 4449.81 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:916.12 GB) (Free:415 GB) NTFS
Drive w: (PBR Image) (Fixed) (Total:13.81 GB) (Free:0.25 GB) NTFS
Drive x: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.22 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 4CDD2617)
Partition: GPT.
==================== Ende von Addition.txt ============================
vielen Dank schonmal , l.c. Geändert von louis cyphre (24.01.2017 um 04:00 Uhr) |
|
24.01.2017, 12:29
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Pc extrem verlangsamt inklusive suspekter Meldungen+++ WICHTIGER HINWEIS +++ Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache. Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung! Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben. Gelesen und verstanden? Bitte Avast deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, AVG oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc; so was ist bei Sicherheitssoftware einfach inakzeptabel. Gib Bescheid wenn Avast weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ |
|
24.01.2017, 15:32
| #3 |
| | Pc extrem verlangsamt inklusive suspekter Meldungen hallo,
__________________find ich ja krass! Gut avast ist jetzt deinstalliert. |
|
24.01.2017, 15:39
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc extrem verlangsamt inklusive suspekter Meldungen Läuft der Rechner ohne Avast schon schnelller?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
24.01.2017, 15:47
| #5 |
| | Pc extrem verlangsamt inklusive suspekter Meldungen Vom ersten Eindruck her, auf jeden Fall. Wie geht's weiter? |
|
24.01.2017, 15:49
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc extrem verlangsamt inklusive suspekter Meldungen 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Pc extrem verlangsamt inklusive suspekter Meldungen |
|
24.01.2017, 15:49
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc extrem verlangsamt inklusive suspekter Meldungen 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.01.2017, 23:30
| #8 |
| | Pc extrem verlangsamt inklusive suspekter Meldungen die mbar und der tdss haben nix gefunden Code:
ATTFilter 16:31:37.0125 0x1cc0 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
16:31:37.0125 0x1cc0 UEFI system
16:31:45.0508 0x1cc0 ============================================================
16:31:45.0508 0x1cc0 Current date / time: 2017/01/24 16:31:45.0508
16:31:45.0508 0x1cc0 SystemInfo:
16:31:45.0508 0x1cc0
16:31:45.0509 0x1cc0 OS Version: 6.3.9600 ServicePack: 0.0
16:31:45.0509 0x1cc0 Product type: Workstation
16:31:45.0509 0x1cc0 ComputerName: ****
16:31:45.0509 0x1cc0 UserName: ****
16:31:45.0509 0x1cc0 Windows directory: C:\WINDOWS
16:31:45.0509 0x1cc0 System windows directory: C:\WINDOWS
16:31:45.0509 0x1cc0 Running under WOW64
16:31:45.0509 0x1cc0 Processor architecture: Intel x64
16:31:45.0509 0x1cc0 Number of processors: 4
16:31:45.0509 0x1cc0 Page size: 0x1000
16:31:45.0509 0x1cc0 Boot type: Normal boot
16:31:45.0509 0x1cc0 CodeIntegrityOptions = 0x00000001
16:31:45.0509 0x1cc0 ============================================================
16:31:46.0576 0x1cc0 KLMD registered as C:\WINDOWS\system32\drivers\62067583.sys
16:31:46.0576 0x1cc0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19
16:31:47.0949 0x1cc0 System UUID: {E1D80447-BB38-EB75-10C9-9DBF4F504794}
16:31:51.0054 0x1cc0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:31:51.0102 0x1cc0 ============================================================
16:31:51.0102 0x1cc0 \Device\Harddisk0\DR0:
16:31:51.0103 0x1cc0 GPT partitions:
16:31:51.0103 0x1cc0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CB6F62F4-FD97-452C-A954-45951A58354D}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
16:31:51.0103 0x1cc0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {9AC705D9-E2BF-452D-8497-8A5086ACC71F}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
16:31:51.0103 0x1cc0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {851117FD-17F7-407A-AD0E-CE9184ABA9C6}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
16:31:51.0103 0x1cc0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A80F32E9-B193-421D-9F72-40081D734072}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xFA000
16:31:51.0103 0x1cc0 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {80B6DA3D-1495-4C7A-B252-2317ED686991}, Name: Basic data partition, StartLBA 0x248800, BlocksNum 0x7283E000
16:31:51.0103 0x1cc0 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {44576358-A9E3-418F-9711-EFFBB41B38D2}, Name: , StartLBA 0x72A86800, BlocksNum 0xE1000
16:31:51.0103 0x1cc0 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {37D5B3C4-F641-4AA1-A100-52E80B69C120}, Name: Microsoft recovery partition, StartLBA 0x72B67800, BlocksNum 0x1B9EDB0
16:31:51.0103 0x1cc0 MBR partitions:
16:31:51.0103 0x1cc0 ============================================================
16:31:51.0126 0x1cc0 C: <-> \Device\Harddisk0\DR0\Partition5
16:31:51.0126 0x1cc0 ============================================================
16:31:51.0126 0x1cc0 Initialize success
16:31:51.0126 0x1cc0 ============================================================
16:32:28.0839 0x0f3c ============================================================
16:32:28.0839 0x0f3c Scan started
16:32:28.0839 0x0f3c Mode: Manual; SigCheck; TDLFS;
16:32:28.0839 0x0f3c ============================================================
16:32:28.0839 0x0f3c KSN ping started
16:32:28.0980 0x0f3c KSN ping finished: true
16:32:34.0652 0x0f3c ================ Scan system memory ========================
16:32:34.0652 0x0f3c System memory - ok
16:32:34.0652 0x0f3c ================ Scan services =============================
16:32:40.0527 0x0f3c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
16:32:40.0683 0x0f3c 1394ohci - ok
16:32:40.0746 0x0f3c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
16:32:40.0793 0x0f3c 3ware - ok
16:32:41.0105 0x0f3c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
16:32:41.0136 0x0f3c ACPI - ok
16:32:41.0168 0x0f3c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
16:32:41.0183 0x0f3c acpiex - ok
16:32:41.0199 0x0f3c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
16:32:41.0230 0x0f3c acpipagr - ok
16:32:41.0261 0x0f3c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
16:32:41.0386 0x0f3c AcpiPmi - ok
16:32:41.0402 0x0f3c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
16:32:41.0433 0x0f3c acpitime - ok
16:32:41.0465 0x0f3c [ AAA8E68E685DB1B68747E3DF68F96368, 1A5BE239B2D0C6F727303A98CFFC91070B6A05ECD6B9CD05AB326AC1910ECEBF ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
16:32:41.0496 0x0f3c acsock - ok
16:32:41.0777 0x0f3c [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:32:41.0793 0x0f3c AdobeARMservice - ok
16:32:45.0152 0x0f3c [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:32:45.0184 0x0f3c AdobeFlashPlayerUpdateSvc - ok
16:32:45.0371 0x0f3c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:32:45.0402 0x0f3c ADP80XX - ok
16:32:45.0480 0x0f3c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
16:32:45.0574 0x0f3c AeLookupSvc - ok
16:32:45.0762 0x0f3c [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
16:32:45.0777 0x0f3c AERTFilters - ok
16:32:46.0012 0x0f3c [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
16:32:46.0137 0x0f3c AFD - ok
16:32:46.0199 0x0f3c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
16:32:46.0230 0x0f3c agp440 - ok
16:32:46.0293 0x0f3c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:32:46.0355 0x0f3c ahcache - ok
16:32:46.0387 0x0f3c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
16:32:46.0465 0x0f3c ALG - ok
16:32:46.0559 0x0f3c [ B85B5F067E29A94D598E3C35CC76EE2B, 4D6890FCF677637C6FB1E73E212D9208DB2B72432E4155557290892C21895F59 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
16:32:46.0605 0x0f3c AMD External Events Utility - ok
16:32:46.0621 0x0f3c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
16:32:46.0652 0x0f3c AmdK8 - ok
16:32:48.0793 0x0f3c [ 8E5F9BD597E596ABC7D0CBBF1F5DD229, 2F7A64B3C6F555D13DB151C77816889090DE4CEA0A62EC7B1618748C10F589B4 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
16:32:49.0309 0x0f3c amdkmdag - ok
16:32:49.0465 0x0f3c [ C80088CF1D9BE6391051D080EE20BB40, 3CFA490DAAB6E4E8B96497C58308D30A87086A7B1B3F2C542004FEDEDCC2A17F ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
16:32:49.0528 0x0f3c amdkmdap - ok
16:32:49.0559 0x0f3c [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
16:32:49.0559 0x0f3c amdkmpfd - ok
16:32:49.0590 0x0f3c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
16:32:49.0621 0x0f3c AmdPPM - ok
16:32:49.0668 0x0f3c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
16:32:49.0684 0x0f3c amdsata - ok
16:32:49.0699 0x0f3c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
16:32:49.0715 0x0f3c amdsbs - ok
16:32:49.0793 0x0f3c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
16:32:49.0824 0x0f3c amdxata - ok
16:32:49.0903 0x0f3c [ 444459C4A5530343E786AA71B0047B7C, 5213103CBF608B58D508E297A61C92836D30E321F1810137BB5C1A1C0C9309F7 ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys
16:32:50.0012 0x0f3c AMPPAL - ok
16:32:50.0153 0x0f3c [ AA6FC5C35650A953DFDB2C4444A79823, 841B700601D73B8B1125597EA17B81D36642A26F0E609CBB4DB1FA9268F1122B ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
16:32:50.0199 0x0f3c AMPPALR3 - ok
16:32:50.0246 0x0f3c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
16:32:50.0371 0x0f3c AppID - ok
16:32:50.0403 0x0f3c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
16:32:50.0434 0x0f3c AppIDSvc - ok
16:32:50.0481 0x0f3c [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\WINDOWS\System32\appinfo.dll
16:32:50.0653 0x0f3c Appinfo - ok
16:32:50.0684 0x0f3c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
16:32:50.0778 0x0f3c AppReadiness - ok
16:32:51.0106 0x0f3c [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
16:32:51.0215 0x0f3c AppXSvc - ok
16:32:51.0231 0x0f3c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
16:32:51.0246 0x0f3c arcsas - ok
16:32:51.0293 0x0f3c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
16:32:51.0309 0x0f3c atapi - ok
16:32:51.0340 0x0f3c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:32:51.0387 0x0f3c AudioEndpointBuilder - ok
16:32:51.0418 0x0f3c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
16:32:51.0496 0x0f3c Audiosrv - ok
16:32:51.0528 0x0f3c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
16:32:51.0590 0x0f3c AxInstSV - ok
16:32:51.0778 0x0f3c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
16:32:51.0825 0x0f3c b06bdrv - ok
16:32:51.0856 0x0f3c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:32:51.0903 0x0f3c BasicDisplay - ok
16:32:51.0918 0x0f3c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
16:32:51.0996 0x0f3c BasicRender - ok
16:32:52.0028 0x0f3c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
16:32:52.0043 0x0f3c bcmfn2 - ok
16:32:52.0106 0x0f3c [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\WINDOWS\System32\bdesvc.dll
16:32:52.0231 0x0f3c BDESVC - ok
16:32:52.0262 0x0f3c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:32:52.0293 0x0f3c Beep - ok
16:32:52.0356 0x0f3c [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\WINDOWS\System32\bfe.dll
16:32:52.0434 0x0f3c BFE - ok
16:32:52.0481 0x0f3c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
16:32:52.0606 0x0f3c BITS - ok
16:32:53.0043 0x0f3c [ 13C358D27CBFAF537FA7CA48B9052CF3, BC6AD061DA6B348774E9B65750C986F43148B78E8F97CCBE9AA99EA7D8759620 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:32:53.0090 0x0f3c Bluetooth Device Monitor - ok
16:32:53.0168 0x0f3c [ 7525C93645FDA8E9D8F677FEA833798A, 9878B88C57119580EF1F5D1DF93C62A3CFFFD0AC4E764D9AC05C727D0D1B2EED ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
16:32:53.0184 0x0f3c Bluetooth OBEX Service - ok
16:32:53.0246 0x0f3c [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
16:32:53.0418 0x0f3c bowser - ok
16:32:53.0512 0x0f3c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:32:53.0653 0x0f3c BrokerInfrastructure - ok
16:32:53.0700 0x0f3c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
16:32:53.0793 0x0f3c Browser - ok
16:32:53.0825 0x0f3c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:32:53.0856 0x0f3c BthAvrcpTg - ok
16:32:53.0903 0x0f3c [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
16:32:53.0950 0x0f3c BthEnum - ok
16:32:53.0981 0x0f3c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
16:32:54.0059 0x0f3c BthHFEnum - ok
16:32:54.0090 0x0f3c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
16:32:54.0121 0x0f3c bthhfhid - ok
16:32:54.0184 0x0f3c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
16:32:54.0231 0x0f3c BthHFSrv - ok
16:32:54.0293 0x0f3c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
16:32:54.0372 0x0f3c BthLEEnum - ok
16:32:54.0403 0x0f3c [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
16:32:54.0465 0x0f3c BTHMODEM - ok
16:32:54.0497 0x0f3c [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
16:32:54.0590 0x0f3c BthPan - ok
16:32:55.0122 0x0f3c [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
16:32:55.0184 0x0f3c BTHPORT - ok
16:32:55.0215 0x0f3c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
16:32:55.0293 0x0f3c bthserv - ok
16:32:55.0309 0x0f3c [ F5F860CD0C1AC84F299295277E436701, 94A38146DE2C1354E4EA3B1C8CF8670C56C06F6147387D8A88E11F6BC0912A2F ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
16:32:55.0325 0x0f3c BTHSSecurityMgr - ok
16:32:55.0418 0x0f3c [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
16:32:55.0481 0x0f3c BTHUSB - ok
16:32:55.0747 0x0f3c [ 76D0DDD58A773CA1BFB4D30AAE03517A, E631CAAEEA5D1F632FF0A60F4466664A6FD9DA19F4A28A379294D8E6690ADAD9 ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys
16:32:55.0809 0x0f3c btmhsf - ok
16:32:55.0856 0x0f3c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:32:55.0887 0x0f3c cdfs - ok
16:32:55.0918 0x0f3c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
16:32:55.0934 0x0f3c cdrom - ok
16:32:55.0965 0x0f3c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
16:32:56.0028 0x0f3c CertPropSvc - ok
16:32:56.0059 0x0f3c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
16:32:56.0090 0x0f3c circlass - ok
16:32:56.0137 0x0f3c [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
16:32:56.0153 0x0f3c CLFS - ok
16:32:56.0200 0x0f3c [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
16:32:56.0215 0x0f3c CLVirtualDrive - ok
16:32:56.0231 0x0f3c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
16:32:56.0278 0x0f3c CmBatt - ok
16:32:56.0325 0x0f3c [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
16:32:56.0356 0x0f3c CNG - ok
16:32:56.0372 0x0f3c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
16:32:56.0403 0x0f3c CompositeBus - ok
16:32:56.0418 0x0f3c COMSysApp - ok
16:32:56.0434 0x0f3c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
16:32:56.0559 0x0f3c condrv - ok
16:32:56.0747 0x0f3c [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:32:56.0778 0x0f3c cphs - ok
16:32:56.0825 0x0f3c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
16:32:56.0919 0x0f3c CryptSvc - ok
16:32:56.0950 0x0f3c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
16:32:56.0981 0x0f3c dam - ok
16:32:57.0200 0x0f3c [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:32:57.0403 0x0f3c DcomLaunch - ok
16:32:57.0481 0x0f3c [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys
16:32:57.0512 0x0f3c DDDriver - ok
16:32:57.0653 0x0f3c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
16:32:57.0715 0x0f3c defragsvc - ok
16:32:57.0778 0x0f3c [ 7225523A1034972D034298A5728E5D3C, 94277EDBC0D9246F75F1BAEB1A4A6C0DD15568157A641AE30633E7EDA95CA1A3 ] Dell Customer Connect C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
16:32:57.0794 0x0f3c Dell Customer Connect - ok
16:32:58.0747 0x0f3c [ E554163D138B79CD8C6EDF73187FC635, 0EDC0B76437B145607C39288F3E6B92975E3B406859EA8213BBE635A0C21922D ] DellDataVault C:\Program Files\Dell\DellDataVault\DellDataVault.exe
16:32:58.0840 0x0f3c DellDataVault - ok
16:32:58.0919 0x0f3c [ D8F74B93897C8FDF2EAF4C99E30500A4, 565D69AE486074C3E2D30EC8DCF11D720F1887BF45BF7EE1DF24DB012ED1F4A3 ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
16:32:58.0934 0x0f3c DellDataVaultWiz - ok
16:32:59.0075 0x0f3c [ 18B5C959CBE24D4D4C2381EFB87611DE, 57E974F13D316E1A89BDB93CEF8D790B499219A159277944644F533A5010AB23 ] DellDigitalDelivery c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
16:32:59.0106 0x0f3c DellDigitalDelivery - detected UnsignedFile.Multi.Generic ( 1 )
16:32:59.0434 0x0f3c Detect skipped due to KSN trusted
16:32:59.0434 0x0f3c DellDigitalDelivery - ok
16:32:59.0481 0x0f3c [ DC3BD578642252FD9569B9CD75CEF81E, 63F44BC19389C19BA9F9E974BF2E5236AF7F66D9076943B9CF46775264BBE413 ] DellProf C:\WINDOWS\system32\drivers\DellProf.sys
16:32:59.0512 0x0f3c DellProf - ok
16:32:59.0559 0x0f3c [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn C:\WINDOWS\System32\drivers\DellRbtn.sys
16:32:59.0637 0x0f3c DellRbtn - ok
16:32:59.0747 0x0f3c [ 44C694C2B542DB3CDAEBDB1FF3233F4D, 888CA6F60ECF508DE4D414FCAB680BC7A103237701D47840552F6CCA64FF7176 ] DellUpdate C:\Program Files (x86)\Dell Update\DellUpService.exe
16:32:59.0778 0x0f3c DellUpdate - ok
16:32:59.0887 0x0f3c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:32:59.0981 0x0f3c DeviceAssociationService - ok
16:33:00.0028 0x0f3c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
16:33:00.0106 0x0f3c DeviceInstall - ok
16:33:00.0153 0x0f3c [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
16:33:00.0169 0x0f3c Dfsc - ok
16:33:00.0200 0x0f3c [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
16:33:00.0216 0x0f3c dg_ssudbus - ok
16:33:00.0262 0x0f3c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
16:33:00.0356 0x0f3c Dhcp - ok
16:33:00.0466 0x0f3c [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
16:33:00.0606 0x0f3c DiagTrack - ok
16:33:00.0950 0x0f3c [ 045135BAA14040385E1EEA31669E47F4, 7B3B6A420D2CD96B557824C743CE574C5691726D40B5B50588CCEDF9C26025BF ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
16:33:00.0966 0x0f3c DigitalWave.Update.Service - ok
16:33:01.0059 0x0f3c [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\WINDOWS\system32\drivers\disk.sys
16:33:01.0106 0x0f3c disk - ok
16:33:01.0137 0x0f3c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
16:33:01.0231 0x0f3c dmvsc - ok
16:33:01.0278 0x0f3c [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:33:01.0403 0x0f3c Dnscache - ok
16:33:01.0450 0x0f3c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
16:33:01.0528 0x0f3c dot3svc - ok
16:33:01.0559 0x0f3c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
16:33:01.0575 0x0f3c DPS - ok
16:33:01.0622 0x0f3c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:33:01.0638 0x0f3c drmkaud - ok
16:33:01.0684 0x0f3c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
16:33:01.0716 0x0f3c DsmSvc - ok
16:33:01.0903 0x0f3c [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:33:01.0966 0x0f3c DXGKrnl - ok
16:33:02.0013 0x0f3c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
16:33:02.0106 0x0f3c Eaphost - ok
16:33:02.0950 0x0f3c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
16:33:03.0075 0x0f3c ebdrv - ok
16:33:03.0138 0x0f3c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
16:33:03.0153 0x0f3c EFS - ok
16:33:03.0200 0x0f3c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
16:33:03.0216 0x0f3c EhStorClass - ok
16:33:03.0231 0x0f3c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:33:03.0247 0x0f3c EhStorTcgDrv - ok
16:33:03.0263 0x0f3c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
16:33:03.0294 0x0f3c ErrDev - ok
16:33:03.0341 0x0f3c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
16:33:03.0403 0x0f3c EventSystem - ok
16:33:03.0731 0x0f3c [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:33:03.0778 0x0f3c EvtEng - ok
16:33:03.0872 0x0f3c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
16:33:03.0950 0x0f3c exfat - ok
16:33:03.0981 0x0f3c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
16:33:03.0997 0x0f3c fastfat - ok
16:33:04.0028 0x0f3c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
16:33:04.0122 0x0f3c Fax - ok
16:33:04.0138 0x0f3c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
16:33:04.0169 0x0f3c fdc - ok
16:33:04.0216 0x0f3c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
16:33:04.0278 0x0f3c fdPHost - ok
16:33:04.0325 0x0f3c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
16:33:04.0388 0x0f3c FDResPub - ok
16:33:04.0419 0x0f3c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
16:33:04.0528 0x0f3c fhsvc - ok
16:33:04.0560 0x0f3c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
16:33:04.0606 0x0f3c FileInfo - ok
16:33:04.0622 0x0f3c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
16:33:04.0685 0x0f3c Filetrace - ok
16:33:04.0716 0x0f3c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
16:33:04.0747 0x0f3c flpydisk - ok
16:33:04.0794 0x0f3c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:33:04.0825 0x0f3c FltMgr - ok
16:33:05.0263 0x0f3c [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache C:\WINDOWS\system32\FntCache.dll
16:33:05.0388 0x0f3c FontCache - ok
16:33:05.0638 0x0f3c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:33:05.0638 0x0f3c FontCache3.0.0.0 - ok
16:33:05.0685 0x0f3c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
16:33:05.0716 0x0f3c FsDepends - ok
16:33:05.0747 0x0f3c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:33:05.0763 0x0f3c Fs_Rec - ok
16:33:05.0810 0x0f3c [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:33:05.0856 0x0f3c fvevol - ok
16:33:05.0903 0x0f3c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
16:33:05.0935 0x0f3c FxPPM - ok
16:33:05.0981 0x0f3c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
16:33:06.0013 0x0f3c gagp30kx - ok
16:33:06.0060 0x0f3c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
16:33:06.0091 0x0f3c gencounter - ok
16:33:06.0153 0x0f3c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:33:06.0216 0x0f3c GPIOClx0101 - ok
16:33:06.0466 0x0f3c [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
16:33:06.0591 0x0f3c gpsvc - ok
16:33:06.0622 0x0f3c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
16:33:06.0669 0x0f3c HDAudBus - ok
16:33:06.0685 0x0f3c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
16:33:06.0700 0x0f3c HidBatt - ok
16:33:06.0747 0x0f3c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
16:33:06.0763 0x0f3c HidBth - ok
16:33:06.0794 0x0f3c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
16:33:06.0810 0x0f3c hidi2c - ok
16:33:06.0841 0x0f3c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
16:33:06.0872 0x0f3c HidIr - ok
16:33:06.0903 0x0f3c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
16:33:06.0997 0x0f3c hidserv - ok
16:33:07.0028 0x0f3c [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
16:33:07.0091 0x0f3c HidUsb - ok
16:33:07.0122 0x0f3c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
16:33:07.0138 0x0f3c hkmsvc - ok
16:33:07.0185 0x0f3c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:33:07.0247 0x0f3c HomeGroupListener - ok
16:33:07.0278 0x0f3c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:33:07.0294 0x0f3c HomeGroupProvider - ok
16:33:07.0310 0x0f3c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
16:33:07.0325 0x0f3c HpSAMD - ok
16:33:07.0403 0x0f3c [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
16:33:07.0466 0x0f3c HTTP - ok
16:33:07.0497 0x0f3c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
16:33:07.0513 0x0f3c hwpolicy - ok
16:33:07.0528 0x0f3c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
16:33:07.0560 0x0f3c hyperkbd - ok
16:33:07.0575 0x0f3c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
16:33:07.0607 0x0f3c HyperVideo - ok
16:33:07.0653 0x0f3c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
16:33:07.0747 0x0f3c i8042prt - ok
16:33:07.0763 0x0f3c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:33:07.0778 0x0f3c iaLPSSi_GPIO - ok
16:33:07.0825 0x0f3c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:33:07.0857 0x0f3c iaLPSSi_I2C - ok
16:33:07.0903 0x0f3c [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044, 0486DDD6EC60A9695BC8D030158503E02BB0561EEA4B9F4A7FB19F89B3622C90 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
16:33:07.0919 0x0f3c iaStorA - ok
16:33:07.0950 0x0f3c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
16:33:07.0997 0x0f3c iaStorAV - ok
16:33:08.0216 0x0f3c [ 777788D9B63CCEEEF2DB353BA4EDD454, 36A3099C252F1F18D09A8B03A4F103E5E8AF09C80AB4F08133CCD4D3BB71EE25 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:33:08.0216 0x0f3c IAStorDataMgrSvc - ok
16:33:08.0357 0x0f3c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
16:33:08.0388 0x0f3c iaStorV - ok
16:33:08.0435 0x0f3c [ C430482AC892D52CED021EDDD4D368A2, C54C12EAC14F40BE3E7D7159F8876A664D00CA928000E25306071D28B52EA33A ] iBtFltCoex C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
16:33:08.0450 0x0f3c iBtFltCoex - ok
16:33:08.0450 0x0f3c IEEtwCollectorService - ok
16:33:09.0044 0x0f3c [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:33:09.0232 0x0f3c igfx - ok
16:33:09.0263 0x0f3c [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
16:33:09.0279 0x0f3c igfxCUIService1.0.0.0 - ok
16:33:09.0607 0x0f3c [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT C:\WINDOWS\System32\ikeext.dll
16:33:09.0669 0x0f3c IKEEXT - ok
16:33:10.0607 0x0f3c [ 5C0BBE779BA3D6F84EB5AE3CB8793E11, EA729B622F30E847E2700787E6747A33769B405DD08D36175AACF42BE7A8600F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:33:10.0825 0x0f3c IntcAzAudAddService - ok
16:33:10.0966 0x0f3c [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:33:11.0013 0x0f3c IntcDAud - ok
16:33:11.0122 0x0f3c [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface c:\Program Files\Intel\iCLS Client\HeciServer.exe
16:33:11.0154 0x0f3c Intel(R) Capability Licensing Service Interface - ok
16:33:11.0169 0x0f3c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
16:33:11.0185 0x0f3c intelide - ok
16:33:11.0232 0x0f3c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
16:33:11.0263 0x0f3c intelpep - ok
16:33:11.0310 0x0f3c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
16:33:11.0450 0x0f3c intelppm - ok
16:33:11.0482 0x0f3c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:33:11.0513 0x0f3c IpFilterDriver - ok
16:33:11.0716 0x0f3c [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
16:33:11.0794 0x0f3c iphlpsvc - ok
16:33:11.0841 0x0f3c [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:33:11.0919 0x0f3c IPMIDRV - ok
16:33:11.0966 0x0f3c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
16:33:12.0029 0x0f3c IPNAT - ok
16:33:12.0044 0x0f3c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
16:33:12.0060 0x0f3c IRENUM - ok
16:33:12.0107 0x0f3c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
16:33:12.0122 0x0f3c isapnp - ok
16:33:12.0216 0x0f3c [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
16:33:12.0247 0x0f3c iScsiPrt - ok
16:33:12.0279 0x0f3c [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
16:33:12.0310 0x0f3c iwdbus - ok
16:33:12.0466 0x0f3c [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:33:12.0482 0x0f3c jhi_service - ok
16:33:12.0513 0x0f3c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
16:33:12.0529 0x0f3c kbdclass - ok
16:33:12.0560 0x0f3c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
16:33:12.0591 0x0f3c kbdhid - ok
16:33:12.0607 0x0f3c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
16:33:12.0685 0x0f3c kdnic - ok
16:33:12.0701 0x0f3c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
16:33:12.0716 0x0f3c KeyIso - ok
16:33:12.0794 0x0f3c [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
16:33:12.0810 0x0f3c KSecDD - ok
16:33:12.0857 0x0f3c [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:33:12.0888 0x0f3c KSecPkg - ok
16:33:12.0904 0x0f3c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
16:33:12.0935 0x0f3c ksthunk - ok
16:33:12.0966 0x0f3c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
16:33:13.0013 0x0f3c KtmRm - ok
16:33:13.0044 0x0f3c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
16:33:13.0091 0x0f3c LanmanServer - ok
16:33:13.0138 0x0f3c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:33:13.0185 0x0f3c LanmanWorkstation - ok
16:33:13.0232 0x0f3c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
16:33:13.0326 0x0f3c lfsvc - ok
16:33:13.0372 0x0f3c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
16:33:13.0435 0x0f3c lltdio - ok
16:33:13.0560 0x0f3c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
16:33:13.0607 0x0f3c lltdsvc - ok
16:33:13.0622 0x0f3c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
16:33:13.0685 0x0f3c lmhosts - ok
16:33:13.0794 0x0f3c [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:33:13.0810 0x0f3c LMS - ok
16:33:13.0857 0x0f3c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
16:33:13.0888 0x0f3c LSI_SAS - ok
16:33:13.0904 0x0f3c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
16:33:13.0919 0x0f3c LSI_SAS2 - ok
16:33:13.0951 0x0f3c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
16:33:13.0951 0x0f3c LSI_SAS3 - ok
16:33:13.0982 0x0f3c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
16:33:13.0997 0x0f3c LSI_SSS - ok
16:33:14.0044 0x0f3c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
16:33:14.0107 0x0f3c LSM - ok
16:33:14.0138 0x0f3c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
16:33:14.0169 0x0f3c luafv - ok
16:33:14.0216 0x0f3c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
16:33:14.0232 0x0f3c megasas - ok
16:33:14.0263 0x0f3c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
16:33:14.0294 0x0f3c megasr - ok
16:33:14.0341 0x0f3c [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
16:33:14.0357 0x0f3c MEIx64 - ok
16:33:14.0388 0x0f3c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
16:33:14.0451 0x0f3c MMCSS - ok
16:33:14.0482 0x0f3c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
16:33:14.0513 0x0f3c Modem - ok
16:33:14.0529 0x0f3c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
16:33:14.0544 0x0f3c monitor - ok
16:33:14.0591 0x0f3c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
16:33:14.0591 0x0f3c mouclass - ok
16:33:14.0623 0x0f3c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
16:33:14.0654 0x0f3c mouhid - ok
16:33:14.0685 0x0f3c [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
16:33:14.0701 0x0f3c mountmgr - ok
16:33:14.0732 0x0f3c [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:33:14.0748 0x0f3c MozillaMaintenance - ok
16:33:14.0779 0x0f3c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
16:33:14.0810 0x0f3c mpsdrv - ok
16:33:14.0841 0x0f3c [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
16:33:14.0935 0x0f3c MpsSvc - ok
16:33:14.0966 0x0f3c [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
16:33:15.0107 0x0f3c MRxDAV - ok
16:33:15.0201 0x0f3c [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:33:15.0263 0x0f3c mrxsmb - ok
16:33:15.0310 0x0f3c [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:33:15.0576 0x0f3c mrxsmb10 - ok
16:33:15.0623 0x0f3c [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:33:15.0732 0x0f3c mrxsmb20 - ok
16:33:15.0763 0x0f3c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
16:33:15.0794 0x0f3c MsBridge - ok
16:33:15.0826 0x0f3c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
16:33:15.0841 0x0f3c MSDTC - ok
16:33:15.0873 0x0f3c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:33:15.0904 0x0f3c Msfs - ok
16:33:15.0951 0x0f3c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:33:15.0966 0x0f3c msgpiowin32 - ok
16:33:15.0982 0x0f3c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:33:15.0998 0x0f3c mshidkmdf - ok
16:33:16.0013 0x0f3c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
16:33:16.0044 0x0f3c mshidumdf - ok
16:33:16.0060 0x0f3c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
16:33:16.0060 0x0f3c msisadrv - ok
16:33:16.0107 0x0f3c [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
16:33:16.0201 0x0f3c MSiSCSI - ok
16:33:16.0216 0x0f3c msiserver - ok
16:33:16.0232 0x0f3c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:33:16.0232 0x0f3c MSKSSRV - ok
16:33:16.0248 0x0f3c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
16:33:16.0326 0x0f3c MsLldp - ok
16:33:16.0326 0x0f3c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:33:16.0357 0x0f3c MSPCLOCK - ok
16:33:16.0357 0x0f3c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:33:16.0388 0x0f3c MSPQM - ok
16:33:16.0404 0x0f3c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
16:33:16.0482 0x0f3c MsRPC - ok
16:33:16.0498 0x0f3c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
16:33:16.0513 0x0f3c mssmbios - ok
16:33:16.0529 0x0f3c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:33:16.0560 0x0f3c MSTEE - ok
16:33:16.0591 0x0f3c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
16:33:16.0638 0x0f3c MTConfig - ok
16:33:16.0670 0x0f3c [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\WINDOWS\system32\Drivers\mup.sys
16:33:16.0685 0x0f3c Mup - ok
16:33:16.0701 0x0f3c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
16:33:16.0716 0x0f3c mvumis - ok
16:33:16.0748 0x0f3c [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:33:16.0748 0x0f3c MyWiFiDHCPDNS - ok
16:33:16.0795 0x0f3c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
16:33:16.0826 0x0f3c napagent - ok
16:33:16.0873 0x0f3c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:33:16.0920 0x0f3c NativeWifiP - ok
16:33:16.0951 0x0f3c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
16:33:16.0998 0x0f3c NcaSvc - ok
16:33:17.0029 0x0f3c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
16:33:17.0076 0x0f3c NcbService - ok
16:33:17.0107 0x0f3c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
16:33:17.0138 0x0f3c NcdAutoSetup - ok
16:33:17.0201 0x0f3c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
16:33:17.0248 0x0f3c NDIS - ok
16:33:17.0295 0x0f3c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
16:33:17.0341 0x0f3c NdisCap - ok
16:33:17.0388 0x0f3c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
16:33:17.0451 0x0f3c NdisImPlatform - ok
16:33:17.0466 0x0f3c [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:33:17.0529 0x0f3c NdisTapi - ok
16:33:17.0560 0x0f3c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:33:17.0591 0x0f3c Ndisuio - ok
16:33:17.0607 0x0f3c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:33:17.0638 0x0f3c NdisVirtualBus - ok
16:33:17.0763 0x0f3c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:33:17.0841 0x0f3c NdisWan - ok
16:33:17.0873 0x0f3c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:33:17.0904 0x0f3c NdisWanLegacy - ok
16:33:17.0951 0x0f3c [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:33:18.0013 0x0f3c NDProxy - ok
16:33:18.0029 0x0f3c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
16:33:18.0060 0x0f3c Ndu - ok
16:33:18.0091 0x0f3c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:33:18.0123 0x0f3c NetBIOS - ok
16:33:18.0232 0x0f3c [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:33:18.0279 0x0f3c NetBT - ok
16:33:18.0295 0x0f3c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
16:33:18.0310 0x0f3c Netlogon - ok
16:33:18.0420 0x0f3c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
16:33:18.0482 0x0f3c Netman - ok
16:33:18.0685 0x0f3c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
16:33:18.0732 0x0f3c netprofm - ok
16:33:18.0810 0x0f3c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:33:18.0841 0x0f3c NetTcpPortSharing - ok
16:33:18.0857 0x0f3c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
16:33:18.0935 0x0f3c netvsc - ok
16:33:19.0498 0x0f3c [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64 C:\WINDOWS\system32\DRIVERS\Netwew00.sys
16:33:19.0623 0x0f3c NETwNe64 - ok
16:33:19.0779 0x0f3c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
16:33:19.0842 0x0f3c NlaSvc - ok
16:33:19.0888 0x0f3c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:33:19.0904 0x0f3c Npfs - ok
16:33:19.0951 0x0f3c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
16:33:19.0998 0x0f3c npsvctrig - ok
16:33:20.0045 0x0f3c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
16:33:20.0107 0x0f3c nsi - ok
16:33:20.0138 0x0f3c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
16:33:20.0170 0x0f3c nsiproxy - ok
16:33:20.0373 0x0f3c [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:33:20.0513 0x0f3c Ntfs - ok
16:33:20.0560 0x0f3c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
16:33:20.0592 0x0f3c Null - ok
16:33:20.0623 0x0f3c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
16:33:20.0623 0x0f3c nvraid - ok
16:33:20.0670 0x0f3c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
16:33:20.0685 0x0f3c nvstor - ok
16:33:20.0701 0x0f3c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
16:33:20.0717 0x0f3c nv_agp - ok
16:33:20.0748 0x0f3c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
16:33:20.0842 0x0f3c p2pimsvc - ok
16:33:20.0888 0x0f3c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
16:33:20.0935 0x0f3c p2psvc - ok
16:33:20.0982 0x0f3c [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\WINDOWS\System32\drivers\parport.sys
16:33:21.0154 0x0f3c Parport - ok
16:33:21.0185 0x0f3c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
16:33:21.0201 0x0f3c partmgr - ok
16:33:21.0217 0x0f3c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
16:33:21.0263 0x0f3c PcaSvc - ok
16:33:21.0310 0x0f3c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
16:33:21.0326 0x0f3c pci - ok
16:33:21.0342 0x0f3c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
16:33:21.0357 0x0f3c pciide - ok
16:33:21.0373 0x0f3c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
16:33:21.0373 0x0f3c pcmcia - ok
16:33:21.0388 0x0f3c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
16:33:21.0404 0x0f3c pcw - ok
16:33:21.0420 0x0f3c [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
16:33:21.0435 0x0f3c pdc - ok
16:33:21.0514 0x0f3c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
16:33:21.0560 0x0f3c PEAUTH - ok
16:33:21.0748 0x0f3c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
16:33:21.0842 0x0f3c PerfHost - ok
16:33:22.0295 0x0f3c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
16:33:22.0373 0x0f3c pla - ok
16:33:22.0404 0x0f3c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
16:33:22.0420 0x0f3c PlugPlay - ok
16:33:22.0482 0x0f3c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
16:33:22.0529 0x0f3c PNRPAutoReg - ok
16:33:22.0545 0x0f3c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
16:33:22.0576 0x0f3c PNRPsvc - ok
16:33:22.0639 0x0f3c [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
16:33:22.0717 0x0f3c PolicyAgent - ok
16:33:22.0748 0x0f3c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
16:33:22.0795 0x0f3c Power - ok
16:33:23.0170 0x0f3c [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:33:23.0373 0x0f3c PrintNotify - ok
16:33:23.0404 0x0f3c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
16:33:23.0435 0x0f3c Processor - ok
16:33:23.0482 0x0f3c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
16:33:23.0529 0x0f3c ProfSvc - ok
16:33:23.0576 0x0f3c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
16:33:23.0607 0x0f3c Psched - ok
16:33:23.0639 0x0f3c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
16:33:23.0670 0x0f3c QWAVE - ok
16:33:23.0701 0x0f3c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
16:33:23.0732 0x0f3c QWAVEdrv - ok
16:33:23.0748 0x0f3c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:33:23.0748 0x0f3c RasAcd - ok
16:33:23.0779 0x0f3c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:33:23.0810 0x0f3c RasAuto - ok
16:33:23.0857 0x0f3c [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:33:23.0935 0x0f3c RasMan - ok
16:33:23.0967 0x0f3c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:33:23.0998 0x0f3c RasPppoe - ok
16:33:24.0045 0x0f3c [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
16:33:24.0061 0x0f3c RasSstp - ok
16:33:24.0107 0x0f3c [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:33:24.0170 0x0f3c rdbss - ok
16:33:24.0201 0x0f3c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
16:33:24.0232 0x0f3c rdpbus - ok
16:33:24.0248 0x0f3c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
16:33:24.0326 0x0f3c RDPDR - ok
16:33:24.0389 0x0f3c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:33:24.0420 0x0f3c RdpVideoMiniport - ok
16:33:24.0436 0x0f3c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
16:33:24.0451 0x0f3c rdyboost - ok
16:33:24.0514 0x0f3c [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
16:33:24.0545 0x0f3c ReFS - ok
16:33:24.0779 0x0f3c [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:33:24.0795 0x0f3c RegSrvc - ok
16:33:24.0842 0x0f3c [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:33:24.0889 0x0f3c RemoteAccess - ok
16:33:24.0967 0x0f3c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:33:25.0014 0x0f3c RemoteRegistry - ok
16:33:25.0061 0x0f3c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
16:33:25.0092 0x0f3c RFCOMM - ok
16:33:25.0295 0x0f3c [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
16:33:25.0326 0x0f3c RichVideo - ok
16:33:25.0357 0x0f3c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
16:33:25.0404 0x0f3c RpcEptMapper - ok
16:33:25.0436 0x0f3c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
16:33:25.0482 0x0f3c RpcLocator - ok
16:33:25.0545 0x0f3c [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:33:25.0561 0x0f3c RpcSs - ok
16:33:25.0623 0x0f3c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:33:25.0670 0x0f3c rspndr - ok
16:33:25.0717 0x0f3c [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
16:33:25.0732 0x0f3c RSUSBVSTOR - ok
16:33:25.0826 0x0f3c [ A10CF010E1A2B4337230B4929E0FE4A1, AE9F6896029FE00F8642E1DDD705D4F35E77ECD4BC6CE59C96351BC21499150A ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
16:33:25.0842 0x0f3c RtkAudioService - ok
16:33:25.0998 0x0f3c [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
16:33:26.0029 0x0f3c RTL8168 - ok
16:33:26.0201 0x0f3c [ F3D67BC2EACD3975BC217EC0AB39F649, 88338DBFE8C044D9DCF47A388CFFBCC6382E8BE839FB4941DAB1A8BC988BA11A ] RzWizardService C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe
16:33:26.0248 0x0f3c RzWizardService - detected UnsignedFile.Multi.Generic ( 1 )
16:33:26.0483 0x0f3c Detect skipped due to KSN trusted
16:33:26.0483 0x0f3c RzWizardService - ok
16:33:26.0529 0x0f3c [ 6C90231046FB9FC4123C42179832817F, 68161EC19787C074B9B3B3426E744FBDD637E8A72ABB51436ED83DD1554A68C6 ] s117bus C:\WINDOWS\System32\drivers\s117bus.sys
16:33:26.0576 0x0f3c s117bus - ok
16:33:26.0608 0x0f3c [ 3279341C90EF8F226AF77623039F4495, DAE52030277454601A401DBCE8ABACB9952362968C2C1D848AD594DC7CBB478D ] s117mdfl C:\WINDOWS\system32\DRIVERS\s117mdfl.sys
16:33:26.0623 0x0f3c s117mdfl - ok
16:33:26.0670 0x0f3c [ 73E331F555279E753B312675DDAF4516, 07592A944057B613E5BC19BE459F221423A16E792A3B0421DABE6D74A414C147 ] s117mdm C:\WINDOWS\system32\DRIVERS\s117mdm.sys
16:33:26.0686 0x0f3c s117mdm - ok
16:33:26.0717 0x0f3c [ D420731FD2880F0F40F20771EFAAD671, 6CFE6B5FD22530A6BD55BC0E7C1BB4A3701D51F36613FAB07BB1E361C1B0A7A1 ] s117mgmt C:\WINDOWS\system32\DRIVERS\s117mgmt.sys
16:33:26.0733 0x0f3c s117mgmt - ok
16:33:26.0764 0x0f3c [ 98236CA5A9A77D0983AC3F6D6527C796, D27C1C123CC4FCDF2EC54C12EE1A60FBCA9252EDA3D5635A45C2CDAF5763AE9E ] s117nd5 C:\WINDOWS\system32\DRIVERS\s117nd5.sys
16:33:26.0764 0x0f3c s117nd5 - ok
16:33:26.0779 0x0f3c [ 1DD613909477AE298C98E86617EC356B, FA848B6BFB0C5313BB9AC37B0196D2B49F4AE0E8906C92624F10E602614654D3 ] s117obex C:\WINDOWS\system32\DRIVERS\s117obex.sys
16:33:26.0795 0x0f3c s117obex - ok
16:33:26.0811 0x0f3c [ 9A22DF5FE9B6BE279D820776A6ADB56F, 77790E331C7C10850B40EBE8FD99A536BB467935832D895D082639DAA3A86E6A ] s117unic C:\WINDOWS\System32\drivers\s117unic.sys
16:33:26.0811 0x0f3c s117unic - ok
16:33:26.0858 0x0f3c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
16:33:26.0904 0x0f3c s3cap - ok
16:33:26.0936 0x0f3c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
16:33:26.0951 0x0f3c SamSs - ok
16:33:27.0029 0x0f3c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
16:33:27.0076 0x0f3c sbp2port - ok
16:33:27.0123 0x0f3c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
16:33:27.0170 0x0f3c SCardSvr - ok
16:33:27.0201 0x0f3c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
16:33:27.0217 0x0f3c ScDeviceEnum - ok
16:33:27.0233 0x0f3c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:33:27.0248 0x0f3c scfilter - ok
16:33:27.0311 0x0f3c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:33:27.0389 0x0f3c Schedule - ok
16:33:27.0404 0x0f3c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
16:33:27.0420 0x0f3c SCPolicySvc - ok
16:33:27.0529 0x0f3c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
16:33:27.0592 0x0f3c sdbus - ok
16:33:27.0608 0x0f3c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
16:33:27.0623 0x0f3c sdstor - ok
16:33:27.0654 0x0f3c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
16:33:27.0686 0x0f3c secdrv - ok
16:33:27.0733 0x0f3c [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\WINDOWS\system32\seclogon.dll
16:33:27.0826 0x0f3c seclogon - ok
16:33:27.0858 0x0f3c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
16:33:27.0873 0x0f3c SENS - ok
16:33:27.0951 0x0f3c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
16:33:28.0045 0x0f3c SensrSvc - ok
16:33:28.0092 0x0f3c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
16:33:28.0139 0x0f3c SerCx - ok
16:33:28.0154 0x0f3c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
16:33:28.0170 0x0f3c SerCx2 - ok
16:33:28.0201 0x0f3c [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
16:33:28.0233 0x0f3c Serenum - ok
16:33:28.0248 0x0f3c [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\WINDOWS\System32\drivers\serial.sys
16:33:28.0280 0x0f3c Serial - ok
16:33:28.0311 0x0f3c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
16:33:28.0326 0x0f3c sermouse - ok
16:33:28.0451 0x0f3c [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
16:33:28.0576 0x0f3c SessionEnv - ok
16:33:28.0592 0x0f3c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
16:33:28.0623 0x0f3c sfloppy - ok
16:33:29.0139 0x0f3c [ AA37EE4C012656A974561D68E0A40291, 3C029D3A0929B698ED02185354DD2AAF9575774B3AE1FC2AEF65F08F19235A8C ] SftService C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
16:33:29.0186 0x0f3c SftService - ok
16:33:29.0248 0x0f3c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:33:29.0264 0x0f3c SharedAccess - ok
16:33:29.0311 0x0f3c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:33:29.0358 0x0f3c ShellHWDetection - ok
16:33:29.0389 0x0f3c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:33:29.0405 0x0f3c SiSRaid2 - ok
16:33:29.0420 0x0f3c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
16:33:29.0436 0x0f3c SiSRaid4 - ok
16:33:29.0545 0x0f3c [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:33:29.0592 0x0f3c SkypeUpdate - ok
16:33:29.0655 0x0f3c [ DC3DE448C5B5FA63B6CC58BBD08C96C0, B2FA665F913AF96E32D8364CE3C0229C69420536F1C416E8FF17D8EB94A94478 ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
16:33:29.0670 0x0f3c SmbDrv - ok
16:33:29.0717 0x0f3c [ 016B6E23FC7F2E4C63D0F5C00501EEEE, 61A920C1289D25DB7F4A07A690D2152B9994BDFDEC8DA836D9D3BCBBF824185D ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
16:33:29.0748 0x0f3c SmbDrvI - ok
16:33:29.0795 0x0f3c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
16:33:29.0967 0x0f3c smphost - ok
16:33:30.0014 0x0f3c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
16:33:30.0076 0x0f3c SNMPTRAP - ok
16:33:30.0139 0x0f3c [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
16:33:30.0186 0x0f3c spaceport - ok
16:33:30.0217 0x0f3c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
16:33:30.0248 0x0f3c SpbCx - ok
16:33:30.0498 0x0f3c [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
16:33:30.0576 0x0f3c Spooler - ok
16:33:31.0545 0x0f3c [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
16:33:31.0858 0x0f3c sppsvc - ok
16:33:32.0061 0x0f3c [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:33:32.0186 0x0f3c srv - ok
16:33:32.0373 0x0f3c [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
16:33:32.0452 0x0f3c srv2 - ok
16:33:32.0483 0x0f3c [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:33:32.0530 0x0f3c srvnet - ok
16:33:32.0592 0x0f3c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:33:32.0686 0x0f3c SSDPSRV - ok
16:33:32.0717 0x0f3c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
16:33:32.0733 0x0f3c SstpSvc - ok
16:33:32.0764 0x0f3c [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
16:33:32.0780 0x0f3c ssudmdm - ok
16:33:32.0811 0x0f3c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
16:33:32.0827 0x0f3c stexstor - ok
16:33:32.0873 0x0f3c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
16:33:32.0936 0x0f3c stisvc - ok
16:33:32.0952 0x0f3c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
16:33:32.0967 0x0f3c storahci - ok
16:33:32.0983 0x0f3c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
16:33:32.0998 0x0f3c storflt - ok
16:33:33.0030 0x0f3c [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
16:33:33.0045 0x0f3c stornvme - ok
16:33:33.0077 0x0f3c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
16:33:33.0108 0x0f3c StorSvc - ok
16:33:33.0123 0x0f3c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
16:33:33.0123 0x0f3c storvsc - ok
16:33:33.0202 0x0f3c [ 9CC3E88C12CC5A421FC049EB6C292D36, D1741C300B760624AEEAA226F6AF8EBDFB721CF4C4A41DF502B836DB6D5EE338 ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
16:33:33.0217 0x0f3c SupportAssistAgent - ok
16:33:33.0248 0x0f3c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
16:33:33.0327 0x0f3c svsvc - ok
16:33:33.0358 0x0f3c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
16:33:33.0373 0x0f3c swenum - ok
16:33:33.0498 0x0f3c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
16:33:33.0530 0x0f3c swprv - ok
16:33:33.0592 0x0f3c [ F80FE7A585E3B855D8680FDEB3107A1F, 73786227B4D90155A3FF37634BE1E92CAB30FF992B7B0EDBA6B14901DEDBD04B ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:33:33.0655 0x0f3c SynTP - ok
16:33:33.0983 0x0f3c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
16:33:34.0124 0x0f3c SysMain - ok
16:33:34.0186 0x0f3c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:33:34.0264 0x0f3c SystemEventsBroker - ok
16:33:34.0295 0x0f3c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:33:34.0389 0x0f3c TabletInputService - ok
16:33:34.0436 0x0f3c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:33:34.0499 0x0f3c TapiSrv - ok
16:33:34.0842 0x0f3c [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
16:33:34.0920 0x0f3c Tcpip - ok
16:33:35.0249 0x0f3c [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:33:35.0311 0x0f3c TCPIP6 - ok
16:33:35.0358 0x0f3c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
16:33:35.0405 0x0f3c tcpipreg - ok
16:33:35.0436 0x0f3c [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
16:33:35.0483 0x0f3c tdx - ok
16:33:35.0499 0x0f3c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
16:33:35.0514 0x0f3c terminpt - ok
16:33:35.0827 0x0f3c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
16:33:35.0952 0x0f3c TermService - ok
16:33:35.0999 0x0f3c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
16:33:36.0045 0x0f3c Themes - ok
16:33:36.0092 0x0f3c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
16:33:36.0124 0x0f3c THREADORDER - ok
16:33:36.0217 0x0f3c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
16:33:36.0280 0x0f3c TimeBroker - ok
16:33:36.0311 0x0f3c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
16:33:36.0358 0x0f3c TPM - ok
16:33:36.0389 0x0f3c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
16:33:36.0421 0x0f3c TrkWks - ok
16:33:36.0467 0x0f3c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:33:36.0530 0x0f3c TrustedInstaller - ok
16:33:36.0561 0x0f3c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
16:33:36.0655 0x0f3c TsUsbFlt - ok
16:33:36.0702 0x0f3c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:33:36.0764 0x0f3c TsUsbGD - ok
16:33:36.0796 0x0f3c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
16:33:36.0827 0x0f3c tunnel - ok
16:33:36.0858 0x0f3c [ 42350E49DA754D2D77362FDAE3491651, F29E8BA444ECB0484066B02C0A3DCE09B8417159EE37D7A2E05D4C06A98449C4 ] TurboB C:\WINDOWS\system32\DRIVERS\TurboB.sys
16:33:36.0874 0x0f3c TurboB - ok
16:33:37.0014 0x0f3c [ 4F4B0AB2FB69C414CCBCEF7CF2E1C8D8, E1F197554369C97DBF61389346B4CB0233F40AAA2575F5D2FEC809AC9123FC69 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:33:37.0046 0x0f3c TurboBoost - ok
16:33:37.0077 0x0f3c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
16:33:37.0092 0x0f3c uagp35 - ok
16:33:37.0108 0x0f3c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
16:33:37.0124 0x0f3c UASPStor - ok
16:33:37.0155 0x0f3c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
16:33:37.0171 0x0f3c UCX01000 - ok
16:33:37.0217 0x0f3c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
16:33:37.0264 0x0f3c udfs - ok
16:33:37.0296 0x0f3c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
16:33:37.0296 0x0f3c UEFI - ok
16:33:37.0327 0x0f3c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
16:33:37.0389 0x0f3c UI0Detect - ok
16:33:37.0436 0x0f3c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
16:33:37.0467 0x0f3c uliagpkx - ok
16:33:37.0483 0x0f3c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
16:33:37.0546 0x0f3c umbus - ok
16:33:37.0577 0x0f3c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
16:33:37.0624 0x0f3c UmPass - ok
16:33:37.0655 0x0f3c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
16:33:37.0749 0x0f3c UmRdpService - ok
16:33:37.0999 0x0f3c [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:33:38.0014 0x0f3c UNS - ok
16:33:38.0186 0x0f3c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:33:38.0249 0x0f3c upnphost - ok
16:33:38.0280 0x0f3c [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
16:33:38.0327 0x0f3c usbaudio - ok
16:33:38.0343 0x0f3c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
16:33:38.0358 0x0f3c usbccgp - ok
16:33:38.0374 0x0f3c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
16:33:38.0421 0x0f3c usbcir - ok
16:33:38.0467 0x0f3c [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
16:33:38.0483 0x0f3c usbehci - ok
16:33:38.0530 0x0f3c [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
16:33:38.0546 0x0f3c usbhub - ok
16:33:38.0796 0x0f3c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
16:33:38.0843 0x0f3c USBHUB3 - ok
16:33:38.0858 0x0f3c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
16:33:39.0030 0x0f3c usbohci - ok
16:33:39.0093 0x0f3c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
16:33:39.0186 0x0f3c usbprint - ok
16:33:39.0264 0x0f3c [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:33:39.0358 0x0f3c USBSTOR - ok
16:33:39.0389 0x0f3c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
16:33:39.0405 0x0f3c usbuhci - ok
16:33:39.0452 0x0f3c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
16:33:39.0499 0x0f3c usbvideo - ok
16:33:39.0530 0x0f3c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:33:39.0561 0x0f3c USBXHCI - ok
16:33:39.0577 0x0f3c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
16:33:39.0577 0x0f3c VaultSvc - ok
16:33:39.0639 0x0f3c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
16:33:39.0686 0x0f3c vdrvroot - ok
16:33:40.0014 0x0f3c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
16:33:40.0061 0x0f3c vds - ok
16:33:40.0093 0x0f3c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
16:33:40.0108 0x0f3c VerifierExt - ok
16:33:40.0155 0x0f3c [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
16:33:40.0186 0x0f3c vhdmp - ok
16:33:40.0218 0x0f3c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
16:33:40.0218 0x0f3c viaide - ok
16:33:40.0249 0x0f3c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
16:33:40.0264 0x0f3c vmbus - ok
16:33:40.0296 0x0f3c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
16:33:40.0327 0x0f3c VMBusHID - ok
16:33:40.0374 0x0f3c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
16:33:40.0389 0x0f3c vmicguestinterface - ok
16:33:40.0405 0x0f3c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
16:33:40.0421 0x0f3c vmicheartbeat - ok
16:33:40.0514 0x0f3c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
16:33:40.0546 0x0f3c vmickvpexchange - ok
16:33:40.0624 0x0f3c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
16:33:40.0655 0x0f3c vmicrdv - ok
16:33:40.0749 0x0f3c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
16:33:40.0780 0x0f3c vmicshutdown - ok
16:33:40.0874 0x0f3c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
16:33:40.0905 0x0f3c vmictimesync - ok
16:33:40.0952 0x0f3c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
16:33:40.0999 0x0f3c vmicvss - ok
16:33:41.0061 0x0f3c [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
16:33:41.0077 0x0f3c volmgr - ok
16:33:41.0124 0x0f3c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
16:33:41.0139 0x0f3c volmgrx - ok
16:33:41.0186 0x0f3c [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
16:33:41.0218 0x0f3c volsnap - ok
16:33:41.0233 0x0f3c [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
16:33:41.0249 0x0f3c vpci - ok
16:33:41.0452 0x0f3c [ B7B7ABA926F0FB35CFA28635856227FE, 75C8B8EC78CC5D90F5A48E8AB9FA9AB79D02B39109D980BCC728D8B06B7FD4E9 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
16:33:41.0499 0x0f3c vpnagent - ok
16:33:41.0546 0x0f3c [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys
16:33:41.0577 0x0f3c vpnva - ok
16:33:41.0624 0x0f3c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
16:33:41.0671 0x0f3c vsmraid - ok
16:33:41.0749 0x0f3c [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\WINDOWS\system32\vssvc.exe
16:33:41.0874 0x0f3c VSS - ok
16:33:41.0952 0x0f3c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
16:33:41.0999 0x0f3c VSTXRAID - ok
16:33:42.0030 0x0f3c [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
16:33:42.0140 0x0f3c vwifibus - ok
16:33:42.0186 0x0f3c [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
16:33:42.0233 0x0f3c vwififlt - ok
16:33:42.0265 0x0f3c [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
16:33:42.0296 0x0f3c vwifimp - ok
16:33:42.0468 0x0f3c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
16:33:42.0546 0x0f3c W32Time - ok
16:33:42.0561 0x0f3c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
16:33:42.0593 0x0f3c WacomPen - ok
16:33:42.0905 0x0f3c [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\WINDOWS\system32\wbengine.exe
16:33:43.0061 0x0f3c wbengine - ok
16:33:43.0218 0x0f3c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
16:33:43.0280 0x0f3c WbioSrvc - ok
16:33:43.0311 0x0f3c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
16:33:43.0327 0x0f3c Wcmsvc - ok
16:33:43.0358 0x0f3c [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
16:33:43.0374 0x0f3c wcncsvc - ok
16:33:43.0390 0x0f3c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
16:33:43.0452 0x0f3c WcsPlugInService - ok
16:33:43.0483 0x0f3c [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
16:33:43.0499 0x0f3c WdBoot - ok
16:33:43.0546 0x0f3c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
16:33:43.0593 0x0f3c Wdf01000 - ok
16:33:43.0608 0x0f3c [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
16:33:43.0624 0x0f3c WdFilter - ok
16:33:43.0655 0x0f3c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
16:33:43.0687 0x0f3c WdiServiceHost - ok
16:33:43.0687 0x0f3c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
16:33:43.0702 0x0f3c WdiSystemHost - ok
16:33:43.0733 0x0f3c [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:33:43.0765 0x0f3c WdNisDrv - ok
16:33:43.0796 0x0f3c WdNisSvc - ok
16:33:43.0905 0x0f3c [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\WINDOWS\System32\webclnt.dll
16:33:44.0030 0x0f3c WebClient - ok
16:33:44.0108 0x0f3c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
16:33:44.0155 0x0f3c Wecsvc - ok
16:33:44.0218 0x0f3c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
16:33:44.0265 0x0f3c WEPHOSTSVC - ok
16:33:44.0312 0x0f3c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
16:33:44.0405 0x0f3c wercplsupport - ok
16:33:44.0437 0x0f3c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
16:33:44.0468 0x0f3c WerSvc - ok
16:33:44.0499 0x0f3c [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
16:33:44.0515 0x0f3c WFPLWFS - ok
16:33:44.0546 0x0f3c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
16:33:44.0562 0x0f3c WiaRpc - ok
16:33:44.0608 0x0f3c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
16:33:44.0608 0x0f3c WIMMount - ok
16:33:44.0624 0x0f3c WinDefend - ok
16:33:44.0671 0x0f3c [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:33:44.0765 0x0f3c WinHttpAutoProxySvc - ok
16:33:44.0890 0x0f3c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:33:44.0999 0x0f3c Winmgmt - ok
16:33:45.0718 0x0f3c [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
16:33:45.0874 0x0f3c WinRM - ok
16:33:45.0952 0x0f3c [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
16:33:46.0030 0x0f3c WinUsb - ok
16:33:46.0405 0x0f3c [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
16:33:46.0468 0x0f3c WlanSvc - ok
16:33:46.0562 0x0f3c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
16:33:46.0624 0x0f3c wlidsvc - ok
16:33:46.0687 0x0f3c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
16:33:46.0734 0x0f3c WmiAcpi - ok
16:33:46.0827 0x0f3c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:33:46.0859 0x0f3c wmiApSrv - ok
16:33:46.0874 0x0f3c WMPNetworkSvc - ok
16:33:46.0968 0x0f3c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
16:33:46.0999 0x0f3c Wof - ok
16:33:47.0359 0x0f3c [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
16:33:47.0577 0x0f3c workfolderssvc - ok
16:33:47.0624 0x0f3c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
16:33:47.0655 0x0f3c wpcfltr - ok
16:33:47.0734 0x0f3c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
16:33:47.0827 0x0f3c WPCSvc - ok
16:33:47.0859 0x0f3c [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
16:33:47.0937 0x0f3c WPDBusEnum - ok
16:33:47.0968 0x0f3c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:33:47.0984 0x0f3c WpdUpFltr - ok
16:33:48.0015 0x0f3c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:33:48.0046 0x0f3c ws2ifsl - ok
16:33:48.0124 0x0f3c [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\WINDOWS\System32\wscsvc.dll
16:33:48.0202 0x0f3c wscsvc - ok
16:33:48.0202 0x0f3c WSearch - ok
16:33:49.0093 0x0f3c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
16:33:49.0218 0x0f3c WSService - ok
16:33:50.0171 0x0f3c [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
16:33:50.0452 0x0f3c wuauserv - ok
16:33:50.0531 0x0f3c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
16:33:50.0577 0x0f3c WudfPf - ok
16:33:50.0609 0x0f3c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
16:33:50.0640 0x0f3c WUDFRd - ok
16:33:50.0671 0x0f3c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
16:33:50.0702 0x0f3c wudfsvc - ok
16:33:50.0702 0x0f3c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
16:33:50.0718 0x0f3c WUDFWpdFs - ok
16:33:50.0734 0x0f3c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
16:33:50.0734 0x0f3c WUDFWpdMtp - ok
16:33:50.0937 0x0f3c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
16:33:50.0984 0x0f3c WwanSvc - ok
16:33:51.0890 0x0f3c [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
16:33:51.0968 0x0f3c ZeroConfigService - ok
16:33:51.0968 0x0f3c ================ Scan global ===============================
16:33:52.0031 0x0f3c [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
16:33:52.0062 0x0f3c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
16:33:52.0093 0x0f3c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
16:33:52.0109 0x0f3c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
16:33:52.0124 0x0f3c [ Global ] - ok
16:33:52.0124 0x0f3c ================ Scan MBR ==================================
16:33:52.0140 0x0f3c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:33:52.0249 0x0f3c \Device\Harddisk0\DR0 - ok
16:33:52.0249 0x0f3c ================ Scan VBR ==================================
16:33:52.0296 0x0f3c [ 4C49D53AA476855E3485C61A14C987D4 ] \Device\Harddisk0\DR0\Partition1
16:33:52.0296 0x0f3c \Device\Harddisk0\DR0\Partition1 - ok
16:33:52.0343 0x0f3c [ E96D4A28BD700A0B814FA233FD9C11E1 ] \Device\Harddisk0\DR0\Partition2
16:33:52.0343 0x0f3c \Device\Harddisk0\DR0\Partition2 - ok
16:33:52.0374 0x0f3c [ 3D0A13E45AFD71F8B59F7DB9F2549E3A ] \Device\Harddisk0\DR0\Partition3
16:33:52.0374 0x0f3c \Device\Harddisk0\DR0\Partition3 - ok
16:33:52.0390 0x0f3c [ 3AF665597E151921275445B1A2BEB24E ] \Device\Harddisk0\DR0\Partition4
16:33:52.0390 0x0f3c \Device\Harddisk0\DR0\Partition4 - ok
16:33:52.0406 0x0f3c [ 5DE80B69AD3F57738072843BF8A55C5F ] \Device\Harddisk0\DR0\Partition5
16:33:52.0406 0x0f3c \Device\Harddisk0\DR0\Partition5 - ok
16:33:52.0468 0x0f3c [ FE1DD004C2B6791DE4E15675F0E3C105 ] \Device\Harddisk0\DR0\Partition6
16:33:52.0546 0x0f3c \Device\Harddisk0\DR0\Partition6 - ok
16:33:52.0578 0x0f3c [ A809C9099632BF76C0564CB29E7D36AC ] \Device\Harddisk0\DR0\Partition7
16:33:52.0656 0x0f3c \Device\Harddisk0\DR0\Partition7 - ok
16:33:52.0656 0x0f3c ================ Scan generic autorun ======================
16:33:54.0609 0x0f3c [ DB333A5F69B00A6B550901A5C854929F, 7CAB6D0D20CDE3AE41B06826C9045CC3E3438AB94BB3D9D5C0E50EEF3C41101F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
16:33:54.0734 0x0f3c RTHDVCPL - ok
16:33:55.0093 0x0f3c [ E9752E0CD9FB37612474B23973443FC9, B497B77BCC70A721D74DDE5551C0314D43FDAFE547D071C26750F0314128FCB8 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
16:33:55.0125 0x0f3c RtHDVBg - ok
16:33:55.0296 0x0f3c [ E85BD90950497619C39D1F5068228CF4, BA5CD7035EC1ACDB214EB8D534B00EA409739DD2DDD01D92D98A1B3925FB428E ] C:\Windows\system32\igfxtray.exe
16:33:55.0328 0x0f3c IgfxTray - ok
16:33:55.0328 0x0f3c HotKeysCmds - ok
16:33:55.0343 0x0f3c Persistence - ok
16:33:56.0922 0x0f3c [ AC4FF112191B096061FFE1FDFACE89EB, FF0379F5CF2E3A9E2937DA82F777B06DCC1114FAF44C325047275392AA08DA90 ] c:\Program Files\Dell\QuickSet\QuickSet.exe
16:33:57.0047 0x0f3c QuickSet - ok
16:33:57.0062 0x0f3c IntelTBRunOnce - ok
16:33:57.0062 0x0f3c BTMTrayAgent - ok
16:33:57.0062 0x0f3c SynTPEnh - ok
16:33:57.0218 0x0f3c [ 7BC5778BF0A2E87D3270DA11ECB5110A, 957FE93DC86DC3B0353787233BF2307EC446B5BA77F096024A7A45704C81A9CD ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
16:33:57.0250 0x0f3c IAStorIcon - ok
16:33:58.0422 0x0f3c [ B9646FA4D1A66FE3402DB028A19904F5, 4B26375BC6AC8618E0A5ED9FEBE1ED5B601DFA8149AD226CA059B970774E2FA5 ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:33:58.0500 0x0f3c StartCCC - ok
16:33:58.0656 0x0f3c [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
16:33:58.0687 0x0f3c CLMLServer_For_P2G8 - ok
16:33:58.0797 0x0f3c [ 3A632F4EA3386DFEE9D8FDE68C34EFE0, 481B3732D47E3738F74C073CEA41CAD3AF64F702FD42ECCE6551B53AFDAE72AD ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
16:33:58.0844 0x0f3c CLVirtualDrive - ok
16:33:59.0031 0x0f3c [ 9388FBA0B9985B18B3693A32B530A16B, F3C3DCDB4D66433EB33C7BA3BD1B8B80E8E67E6B3614DDF37EE77FEA143015B3 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
16:33:59.0047 0x0f3c RemoteControl10 - ok
16:33:59.0047 0x0f3c mcui_exe - ok
16:33:59.0250 0x0f3c [ B08ECF1A28499D720B470CBBDC6D7EAD, 2E282611B1AD2070164098972C6722F44F1CAB00BA9A55A6F3569FFC8AAC0C0C ] C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe
16:33:59.0297 0x0f3c RzWizard - detected UnsignedFile.Multi.Generic ( 1 )
16:33:59.0453 0x0f3c Detect skipped due to KSN trusted
16:33:59.0453 0x0f3c RzWizard - ok
16:33:59.0687 0x0f3c [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
16:33:59.0703 0x0f3c SunJavaUpdateSched - ok
16:33:59.0906 0x0f3c [ AABF303621DEB6362EA37702375A6B73, F2C741B72AE2B1CA9A8B675BF1A8AB6A87B609BF5DA3A0D1FFB7AA9191C84DC0 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
16:33:59.0922 0x0f3c Cisco AnyConnect Secure Mobility Agent for Windows - ok
16:34:00.0812 0x0f3c [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
16:34:00.0969 0x0f3c DAEMON Tools Lite - ok
16:34:01.0016 0x0f3c [ 6F94A57D1F05A1A68C33D49B6751C8C6, D37ADB69E8FB2209F6DBD9A55E67800AAED35973DE0830878C6177BDCC073676 ] C:\Windows\System32\StikyNot.exe
16:34:01.0094 0x0f3c RESTART_STICKY_NOTES - ok
16:34:01.0125 0x0f3c Skype - ok
16:34:01.0125 0x0f3c Waiting for KSN requests completion. In queue: 171
16:34:01.0328 0x05c4 Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
16:34:01.0578 0x05c4 Object send P2P result: true
16:34:02.0156 0x0f3c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
16:34:02.0187 0x0f3c Win FW state via NFP2: enabled ( trusted )
16:34:02.0359 0x0f3c ============================================================
16:34:02.0359 0x0f3c Scan finished
16:34:02.0359 0x0f3c ============================================================
16:34:02.0359 0x00c0 Detected object count: 0
16:34:02.0359 0x00c0 Actual detected object count: 0
sorry, ich will nicht stressen, aber ich hab bald Prüfungen und brauche die Maschine. LG |
|
25.01.2017, 00:28
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc extrem verlangsamt inklusive suspekter Meldungen Ich hab mich zu einem AV doch klar ausgedrückt. Wenn wir hier durch sind gibt es Empfehlungen. Log zu MBAR fehlt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.01.2017, 00:28
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc extrem verlangsamt inklusive suspekter Meldungen Ich hab mich zu einem AV doch klar ausgedrückt. Wenn wir hier durch sind gibt es Empfehlungen. Log zu MBAR fehlt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.01.2017, 00:30
| #11 |
| | Pc extrem verlangsamt inklusive suspekter Meldungen sry. Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.3.9200 Windows 8.1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.18538
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, W:\ DRIVE_FIXED, X:\ DRIVE_FIXED
CPU speed: 1.796000 GHz
Memory total: 4157890560, free: 2003259392
Downloaded database version: v2017.01.24.04
Downloaded database version: v2016.11.20.01
Downloaded database version: v2017.01.23.01
Initializing...
======================
Driver version: 0.3.0.4
------------ Kernel report ------------
01/24/2017 15:56:41
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\amdkmpfd.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\system32\DRIVERS\Netwew00.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\system32\drivers\DellProf.sys
\SystemRoot\system32\drivers\DDDriver64Dcsa.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\AMPPAL.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\iBtFltCoex.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\btmhsf.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\Drivers\RtsUVStor.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\TurboB.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\Drivers\WdNisDrv.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2017.01.24.04
rootkit: v2016.11.20.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe001ffbf8060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe001ffbf8b20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe001ffbf8060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe001ffad8060, DeviceName: \Device\0000001f\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 4CDD2617
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 1337768113
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid aef02596-926a-4c87-9531-de18f378a09f
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 1337768113
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid aef02596-926a-4c87-9531-de18f378a09f
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128
Partition 0 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID cb6f62f4-fd97-452c-a954-45951a58354d
FirstLBA 2048 Last LBA 1026047
Attributes 0
Partition Name EFI system partition
GPT Partition 0 is bootable
Partition 1 Type 796badd3-6bbf-4d9f-b631-466eb71a4965
Partition ID 9ac705d9-e2bf-452d-8497-8a5086acc71f
FirstLBA 1026048 Last LBA 1107967
Attributes 1
Partition Name Basic data partition
Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 851117fd-17f7-407a-ade-ce9184aba9c6
FirstLBA 1107968 Last LBA 1370111
Attributes 0
Partition Name Microsoft reserved partition
Partition 3 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID a80f32e9-b193-421d-9f72-4081d734072
FirstLBA 1370112 Last LBA 2394111
Attributes 1
Partition Name Basic data partition
Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 80b6da3d-1495-4c7a-b252-2317ed686991
FirstLBA 2394112 Last LBA 1923639295
Attributes 0
Partition Name Basic data partition
Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 44576358-a9e3-418f-9711-effbb41b38d2
FirstLBA 1923639296 Last LBA 1924560895
Attributes 1
Partition Name
Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 37d5b3c4-f641-4aa1-a10-52e8b69c120
FirstLBA 1924560896 Last LBA 1953523119
Attributes 1
Partition Name Microsoft recovery partition
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICRENDER.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHAVRCPTG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHLEENUM.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\COMPOSITEBUS.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MSGPIOWIN32.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\BthHFSrv.dll" is compressed (flags = 1)
File "C:\Windows\System32\CIRCoInst.dll" is compressed (flags = 1)
File "C:\Windows\System32\iscsilog.dll" is compressed (flags = 1)
File "C:\Windows\System32\SysFxUI.dll" is compressed (flags = 1)
File "C:\Windows\System32\fsquirt.exe" is compressed (flags = 1)
File "C:\Windows\System32\streamci.dll" is compressed (flags = 1)
File "C:\Windows\System32\WpdMtp.dll" is compressed (flags = 1)
File "C:\Windows\System32\WpdMtpUS.dll" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
|
|
25.01.2017, 00:31
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc extrem verlangsamt inklusive suspekter Meldungen Bitte das richtige Log posten... -.-
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.01.2017, 00:33
| #13 |
| | Pc extrem verlangsamt inklusive suspekter Meldungen es gibt leider nur das, hat der vllt keins erstellt weil er nix gefunden hat? |
|
25.01.2017, 00:35
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Pc extrem verlangsamt inklusive suspekter Meldungen Bitte die Anleitung richtig lesen 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.01.2017, 00:38
| #15 |
| | Pc extrem verlangsamt inklusive suspekter Meldungen Verzeihung, ich bin ein Tollpatsch Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.01.24.04
rootkit: v2016.11.20.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18538
**** :: **** [administrator]
24.01.2017 15:56:51
mbar-log-2017-01-24 (15-56-51).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 330969
Time elapsed: 31 minute(s), 15 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
| Themen zu Pc extrem verlangsamt inklusive suspekter Meldungen |
| administrator, adobe, adobe flash player, antivirus, avast, computer, defender, dll, downloader, explorer, firefox, flash player, microsoft, mozilla, ordner, problem, prozesse, realtek, registry, rundll, scan, services.exe, software, svchost.exe, winlogon.exe |
Linear-Darstellung
