| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: nova.rambler.ru nicht entfernbarWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
27.01.2017, 09:27
| #16 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  nova.rambler.ru nicht entfernbarZitat:
 MBAR hatte alte Signaturen, tdsskiller wurde falsch eingestellt!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
27.01.2017, 16:37
| #17 |
 | nova.rambler.ru nicht entfernbar Ich bitte um Entschuldigung...
__________________Hier nun das richtige Log, Teil 1: Code:
ATTFilter 16:32:33.0199 0x23c8 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
16:32:33.0199 0x23c8 UEFI system
16:32:37.0466 0x23c8 ============================================================
16:32:37.0466 0x23c8 Current date / time: 2017/01/27 16:32:37.0466
16:32:37.0466 0x23c8 SystemInfo:
16:32:37.0466 0x23c8
16:32:37.0466 0x23c8 OS Version: 6.3.9600 ServicePack: 0.0
16:32:37.0466 0x23c8 Product type: Workstation
16:32:37.0466 0x23c8 ComputerName: SUPERPARCHITA
16:32:37.0466 0x23c8 UserName: Phil
16:32:37.0466 0x23c8 Windows directory: C:\WINDOWS
16:32:37.0466 0x23c8 System windows directory: C:\WINDOWS
16:32:37.0466 0x23c8 Running under WOW64
16:32:37.0466 0x23c8 Processor architecture: Intel x64
16:32:37.0466 0x23c8 Number of processors: 2
16:32:37.0466 0x23c8 Page size: 0x1000
16:32:37.0466 0x23c8 Boot type: Normal boot
16:32:37.0466 0x23c8 CodeIntegrityOptions = 0x00000001
16:32:37.0466 0x23c8 ============================================================
16:32:38.0198 0x23c8 KLMD registered as C:\WINDOWS\system32\drivers\71995046.sys
16:32:38.0199 0x23c8 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19
16:32:47.0190 0x23c8 System UUID: {C334BC4C-398D-93C8-1075-E5F506D16C21}
16:32:49.0393 0x23c8 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:32:49.0397 0x23c8 ============================================================
16:32:49.0397 0x23c8 \Device\Harddisk0\DR0:
16:32:49.0397 0x23c8 GPT partitions:
16:32:49.0398 0x23c8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D7E0B6FB-E275-449D-AD2B-34F0539C091F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
16:32:49.0398 0x23c8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {91CC3BA4-D96F-416D-A9B0-EA3F4AE89923}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
16:32:49.0398 0x23c8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {99D1CE56-F334-46DB-A809-EAD15CCD76C8}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
16:32:49.0398 0x23c8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E6A679AB-B102-46B6-8B6E-4AD991123CD9}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
16:32:49.0398 0x23c8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9DE476CF-8629-4F88-8CA2-2DF199D7C690}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F3A5800
16:32:49.0398 0x23c8 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9C114FAB-374E-4D69-AF5D-9B2220D8E5BC}, Name: Basic data partition, StartLBA 0x6F850000, BlocksNum 0x3200000
16:32:49.0398 0x23c8 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {62BA94D9-7E48-4BD9-AFB4-B35177B7D901}, Name: Basic data partition, StartLBA 0x72A50000, BlocksNum 0x1CB6800
16:32:49.0398 0x23c8 MBR partitions:
16:32:49.0398 0x23c8 ============================================================
16:32:49.0429 0x23c8 C: <-> \Device\Harddisk0\DR0\Partition5
16:32:49.0514 0x23c8 D: <-> \Device\Harddisk0\DR0\Partition6
16:32:49.0514 0x23c8 ============================================================
16:32:49.0514 0x23c8 Initialize success
16:32:49.0514 0x23c8 ============================================================
16:33:19.0820 0x1c8c ============================================================
16:33:19.0820 0x1c8c Scan started
16:33:19.0820 0x1c8c Mode: Manual; SigCheck; TDLFS;
16:33:19.0820 0x1c8c ============================================================
16:33:19.0820 0x1c8c KSN ping started
16:33:19.0959 0x1c8c KSN ping finished: true
16:33:21.0855 0x1c8c ================ Scan system memory ========================
16:33:21.0855 0x1c8c System memory - ok
16:33:21.0856 0x1c8c ================ Scan services =============================
16:33:21.0986 0x1c8c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
16:33:22.0201 0x1c8c 1394ohci - ok
16:33:22.0227 0x1c8c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
16:33:22.0242 0x1c8c 3ware - ok
16:33:22.0288 0x1c8c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
16:33:22.0345 0x1c8c ACPI - ok
16:33:22.0374 0x1c8c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
16:33:22.0391 0x1c8c acpiex - ok
16:33:22.0413 0x1c8c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
16:33:22.0461 0x1c8c acpipagr - ok
16:33:22.0485 0x1c8c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
16:33:22.0630 0x1c8c AcpiPmi - ok
16:33:22.0649 0x1c8c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
16:33:22.0697 0x1c8c acpitime - ok
16:33:22.0741 0x1c8c [ 561E1023BEB555A77DBEAFB83E74BA14, EBB6C4878F6D7BEF8AD861AF5F262DACE96ECCA68308E30E319CE962FC5C5F35 ] ACPIVPC C:\WINDOWS\System32\drivers\AcpiVpc.sys
16:33:22.0847 0x1c8c ACPIVPC - ok
16:33:22.0933 0x1c8c [ 1E16C9A8CFBE5D2317EADA233389928D, F08F65B4170104556BF8F2CD19D553D863DE5E1167CDE433C85DFE78C0F1DD96 ] AdBlockerService C:\Program Files (x86)\AdBlocker\AdBlockerService.exe
16:33:22.0961 0x1c8c AdBlockerService - detected UnsignedFile.Multi.Generic ( 1 )
16:33:23.0217 0x1c8c AdBlockerService ( UnsignedFile.Multi.Generic ) - warning
16:33:23.0217 0x1c8c Force sending object to P2P due to detect: AdBlockerService
16:33:23.0492 0x1c8c Object send P2P result: true
16:33:23.0746 0x1c8c [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:33:23.0776 0x1c8c AdobeFlashPlayerUpdateSvc - ok
16:33:23.0837 0x1c8c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:33:23.0895 0x1c8c ADP80XX - ok
16:33:23.0923 0x1c8c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
16:33:24.0033 0x1c8c AeLookupSvc - ok
16:33:24.0132 0x1c8c [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
16:33:24.0329 0x1c8c AFD - ok
16:33:24.0346 0x1c8c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
16:33:24.0362 0x1c8c agp440 - ok
16:33:24.0412 0x1c8c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:33:24.0501 0x1c8c ahcache - ok
16:33:24.0533 0x1c8c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
16:33:24.0630 0x1c8c ALG - ok
16:33:24.0667 0x1c8c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
16:33:24.0771 0x1c8c AmdK8 - ok
16:33:24.0797 0x1c8c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
16:33:24.0857 0x1c8c AmdPPM - ok
16:33:24.0880 0x1c8c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
16:33:24.0894 0x1c8c amdsata - ok
16:33:24.0912 0x1c8c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
16:33:24.0934 0x1c8c amdsbs - ok
16:33:24.0951 0x1c8c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
16:33:24.0962 0x1c8c amdxata - ok
16:33:25.0057 0x1c8c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
16:33:25.0219 0x1c8c AppID - ok
16:33:25.0254 0x1c8c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
16:33:25.0286 0x1c8c AppIDSvc - ok
16:33:25.0333 0x1c8c [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\WINDOWS\System32\appinfo.dll
16:33:25.0514 0x1c8c Appinfo - ok
16:33:25.0716 0x1c8c [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:33:25.0744 0x1c8c Apple Mobile Device Service - ok
16:33:25.0797 0x1c8c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
16:33:25.0923 0x1c8c AppReadiness - ok
16:33:26.0169 0x1c8c [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
16:33:26.0303 0x1c8c AppXSvc - ok
16:33:26.0343 0x1c8c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
16:33:26.0381 0x1c8c arcsas - ok
16:33:26.0433 0x1c8c [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:33:26.0562 0x1c8c AsyncMac - ok
16:33:26.0580 0x1c8c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
16:33:26.0593 0x1c8c atapi - ok
16:33:26.0713 0x1c8c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:33:26.0869 0x1c8c AudioEndpointBuilder - ok
16:33:26.0982 0x1c8c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
16:33:27.0044 0x1c8c Audiosrv - ok
16:33:27.0090 0x1c8c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
16:33:27.0161 0x1c8c AxInstSV - ok
16:33:27.0202 0x1c8c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
16:33:27.0257 0x1c8c b06bdrv - ok
16:33:27.0292 0x1c8c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:33:27.0414 0x1c8c BasicDisplay - ok
16:33:27.0430 0x1c8c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
16:33:27.0522 0x1c8c BasicRender - ok
16:33:27.0567 0x1c8c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
16:33:27.0576 0x1c8c bcmfn2 - ok
16:33:27.0669 0x1c8c [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\WINDOWS\System32\bdesvc.dll
16:33:27.0792 0x1c8c BDESVC - ok
16:33:27.0811 0x1c8c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:33:27.0910 0x1c8c Beep - ok
16:33:27.0980 0x1c8c [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\WINDOWS\System32\bfe.dll
16:33:28.0255 0x1c8c BFE - ok
16:33:28.0331 0x1c8c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
16:33:28.0676 0x1c8c BITS - ok
16:33:28.0840 0x1c8c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:33:28.0863 0x1c8c Bonjour Service - ok
16:33:28.0899 0x1c8c [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
16:33:29.0366 0x1c8c bowser - ok
16:33:29.0524 0x1c8c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:33:29.0734 0x1c8c BrokerInfrastructure - ok
16:33:29.0760 0x1c8c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
16:33:29.0867 0x1c8c Browser - ok
16:33:29.0957 0x1c8c [ F4CB6F457D019857C8DB6F04CA2957F5, D9E7DD49AF9C38D1696045F6004E1B504A65227B41256961E28A8DCA9B068EA9 ] BthA2DP C:\WINDOWS\system32\drivers\BthA2DP.sys
16:33:30.0088 0x1c8c BthA2DP - ok
16:33:30.0123 0x1c8c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:33:30.0226 0x1c8c BthAvrcpTg - ok
16:33:30.0268 0x1c8c [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
16:33:30.0387 0x1c8c BthEnum - ok
16:33:30.0412 0x1c8c [ 7A2E3CB427309F56C2571F0610B7ADA8, 25C178EA7FC2CE6375CA1B75057FA7A992CF71BB7821F4A71107CDE6D0F04667 ] BthHFAud C:\WINDOWS\system32\DRIVERS\BthHfAud.sys
16:33:30.0463 0x1c8c BthHFAud - ok
16:33:30.0563 0x1c8c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
16:33:30.0732 0x1c8c BthHFEnum - ok
16:33:30.0761 0x1c8c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
16:33:30.0818 0x1c8c bthhfhid - ok
16:33:30.0980 0x1c8c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
16:33:31.0052 0x1c8c BthHFSrv - ok
16:33:31.0223 0x1c8c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
16:33:31.0332 0x1c8c BthLEEnum - ok
16:33:31.0362 0x1c8c [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
16:33:31.0405 0x1c8c BTHMODEM - ok
16:33:31.0436 0x1c8c [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
16:33:31.0612 0x1c8c BthPan - ok
16:33:31.0705 0x1c8c [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
16:33:31.0833 0x1c8c BTHPORT - ok
16:33:31.0874 0x1c8c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
16:33:32.0061 0x1c8c bthserv - ok
16:33:32.0239 0x1c8c [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
16:33:32.0644 0x1c8c BTHUSB - ok
16:33:32.0681 0x1c8c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:33:33.0001 0x1c8c cdfs - ok
16:33:33.0119 0x1c8c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
16:33:33.0247 0x1c8c cdrom - ok
16:33:33.0296 0x1c8c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
16:33:33.0450 0x1c8c CertPropSvc - ok
16:33:33.0463 0x1c8c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
16:33:33.0506 0x1c8c circlass - ok
16:33:33.0557 0x1c8c [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
16:33:33.0596 0x1c8c CLFS - ok
16:33:34.0661 0x1c8c [ ACFB2A62301C6A903FA6A97DB84E9C31, 7A3089812330B605D2F545374A1A916B6DBA188186EC88DA3348814A95C791F0 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
16:33:34.0841 0x1c8c ClickToRunSvc - ok
16:33:34.0893 0x1c8c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
16:33:35.0028 0x1c8c CmBatt - ok
16:33:35.0095 0x1c8c [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
16:33:35.0205 0x1c8c CNG - ok
16:33:35.0489 0x1c8c [ 38FB50952621B66F64CE8478293D9181, 74C615117404393ED8249196907477CF5954E7CA99DA18844619C9587B721351 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
16:33:35.0552 0x1c8c CnxtHdAudService - ok
16:33:35.0604 0x1c8c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
16:33:35.0687 0x1c8c CompositeBus - ok
16:33:35.0693 0x1c8c COMSysApp - ok
16:33:35.0716 0x1c8c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
16:33:35.0862 0x1c8c condrv - ok
16:33:35.0992 0x1c8c [ AE49702BBAB1497DF5D9B2B7B101FE0E, 4E98C8185B0552F0B529B8052AE7010458E912172CF8D869C15B72AF6E46CF5F ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:33:36.0208 0x1c8c cphs - ok
16:33:36.0252 0x1c8c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
16:33:36.0393 0x1c8c CryptSvc - ok
16:33:36.0425 0x1c8c [ 07F3534C07C5110E9A424C04634C4A8D, 39F97C8A8610A4EFB83A41E490BBDC19261A52DC9827645C1331EFC958F2EDF1 ] CxAudMsg C:\WINDOWS\system32\CxAudMsg64.exe
16:33:36.0475 0x1c8c CxAudMsg - ok
16:33:36.0505 0x1c8c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
16:33:36.0519 0x1c8c dam - ok
16:33:36.0524 0x1c8c dbx - ok
16:33:36.0582 0x1c8c [ 62C2617E1927776851B108717166BBA4, 5ED905AD21D2BA4308561BDFD2868A15A1F2062DFE1D28689D4082700C85500A ] DbxSvc C:\WINDOWS\system32\DbxSvc.exe
16:33:36.0599 0x1c8c DbxSvc - ok
16:33:36.0729 0x1c8c [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:33:36.0923 0x1c8c DcomLaunch - ok
16:33:36.0986 0x1c8c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
16:33:37.0196 0x1c8c defragsvc - ok
16:33:37.0259 0x1c8c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:33:37.0341 0x1c8c DeviceAssociationService - ok
16:33:37.0375 0x1c8c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
16:33:37.0422 0x1c8c DeviceInstall - ok
16:33:37.0478 0x1c8c [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
16:33:37.0670 0x1c8c Dfsc - ok
16:33:37.0717 0x1c8c [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
16:33:37.0746 0x1c8c dg_ssudbus - ok
16:33:37.0776 0x1c8c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
16:33:37.0878 0x1c8c Dhcp - ok
16:33:38.0024 0x1c8c [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
16:33:38.0274 0x1c8c DiagTrack - ok
16:33:38.0423 0x1c8c [ 465949FD7AF3931B415D3FE2193DB782, 4EE3881F62183EF4F9A32EBADC019DD1FB70A2FE009503130146343FA7915E36 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
16:33:38.0451 0x1c8c DigitalWave.Update.Service - ok
16:33:38.0526 0x1c8c [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\WINDOWS\system32\drivers\disk.sys
16:33:38.0543 0x1c8c disk - ok
16:33:38.0574 0x1c8c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
16:33:38.0684 0x1c8c dmvsc - ok
16:33:38.0748 0x1c8c [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:33:38.0926 0x1c8c Dnscache - ok
16:33:38.0953 0x1c8c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
16:33:39.0117 0x1c8c dot3svc - ok
16:33:39.0162 0x1c8c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
16:33:39.0196 0x1c8c DPS - ok
16:33:39.0234 0x1c8c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:33:39.0246 0x1c8c drmkaud - ok
16:33:39.0290 0x1c8c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
16:33:39.0359 0x1c8c DsmSvc - ok
16:33:39.0470 0x1c8c [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:33:39.0542 0x1c8c DXGKrnl - ok
16:33:39.0583 0x1c8c [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
16:33:39.0687 0x1c8c e1iexpress - ok
16:33:39.0717 0x1c8c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
16:33:39.0794 0x1c8c Eaphost - ok
16:33:39.0946 0x1c8c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
16:33:40.0086 0x1c8c ebdrv - ok
16:33:40.0139 0x1c8c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
16:33:40.0153 0x1c8c EFS - ok
16:33:40.0168 0x1c8c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
16:33:40.0182 0x1c8c EhStorClass - ok
16:33:40.0204 0x1c8c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:33:40.0220 0x1c8c EhStorTcgDrv - ok
16:33:40.0234 0x1c8c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
16:33:40.0287 0x1c8c ErrDev - ok
16:33:40.0378 0x1c8c [ C9EC31F59DF549819862E8DA83E5E9B0, 5F53AEF5276D495C095CD05CC8A598CD364A16DE058F0DF46FD3C3D6446244D5 ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
16:33:40.0399 0x1c8c ETD - ok
16:33:40.0510 0x1c8c [ BFFD4F272773F73F9A17A54469EF1B40, FF2981D15BB5A6B83D320BAC20D29E1906397026B8DDD4DBB5F948577E9DC4EF ] ETDService C:\Program Files\Elantech\ETDService.exe
16:33:40.0520 0x1c8c ETDService - ok
16:33:40.0574 0x1c8c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
16:33:40.0682 0x1c8c EventSystem - ok
16:33:40.0858 0x1c8c [ BF220856C02DF9AB74786BE92246A0E1, 9F35F4A08967634206B965BF94469380C0ACCF8A6C973E90ED85ECECF284CE34 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:33:40.0886 0x1c8c EvtEng - ok
16:33:40.0955 0x1c8c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
16:33:41.0121 0x1c8c exfat - ok
16:33:41.0149 0x1c8c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
16:33:41.0179 0x1c8c fastfat - ok
16:33:41.0225 0x1c8c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
16:33:41.0393 0x1c8c Fax - ok
16:33:41.0424 0x1c8c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
16:33:41.0466 0x1c8c fdc - ok
16:33:41.0493 0x1c8c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
16:33:41.0566 0x1c8c fdPHost - ok
16:33:41.0587 0x1c8c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
16:33:41.0621 0x1c8c FDResPub - ok
16:33:41.0667 0x1c8c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
16:33:41.0807 0x1c8c fhsvc - ok
16:33:41.0831 0x1c8c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
16:33:41.0851 0x1c8c FileInfo - ok
16:33:41.0866 0x1c8c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
16:33:41.0924 0x1c8c Filetrace - ok
16:33:41.0971 0x1c8c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
16:33:42.0025 0x1c8c flpydisk - ok
16:33:42.0070 0x1c8c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:33:42.0121 0x1c8c FltMgr - ok
16:33:42.0265 0x1c8c [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache C:\WINDOWS\system32\FntCache.dll
16:33:42.0403 0x1c8c FontCache - ok
16:33:42.0504 0x1c8c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:33:42.0516 0x1c8c FontCache3.0.0.0 - ok
16:33:42.0542 0x1c8c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
16:33:42.0555 0x1c8c FsDepends - ok
16:33:42.0571 0x1c8c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:33:42.0635 0x1c8c Fs_Rec - ok
16:33:42.0708 0x1c8c [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:33:42.0742 0x1c8c fvevol - ok
16:33:42.0762 0x1c8c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
16:33:42.0817 0x1c8c FxPPM - ok
16:33:42.0844 0x1c8c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
16:33:42.0858 0x1c8c gagp30kx - ok
16:33:42.0889 0x1c8c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
16:33:42.0944 0x1c8c gencounter - ok
16:33:42.0981 0x1c8c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:33:43.0004 0x1c8c GPIOClx0101 - ok
16:33:43.0099 0x1c8c [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
16:33:43.0210 0x1c8c gpsvc - ok
16:33:43.0364 0x1c8c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:33:43.0378 0x1c8c gupdate - ok
16:33:43.0385 0x1c8c [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:33:43.0398 0x1c8c gupdatem - ok
16:33:43.0465 0x1c8c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
16:33:43.0542 0x1c8c HdAudAddService - ok
16:33:43.0584 0x1c8c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
16:33:43.0728 0x1c8c HDAudBus - ok
16:33:43.0750 0x1c8c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
16:33:43.0865 0x1c8c HidBatt - ok
16:33:43.0911 0x1c8c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
16:33:44.0023 0x1c8c HidBth - ok
16:33:44.0033 0x1c8c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
16:33:44.0076 0x1c8c hidi2c - ok
16:33:44.0100 0x1c8c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
16:33:44.0153 0x1c8c HidIr - ok
16:33:44.0186 0x1c8c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
16:33:44.0233 0x1c8c hidserv - ok
16:33:44.0289 0x1c8c [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
16:33:44.0454 0x1c8c HidUsb - ok
16:33:44.0504 0x1c8c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
16:33:44.0544 0x1c8c hkmsvc - ok
16:33:44.0581 0x1c8c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:33:44.0641 0x1c8c HomeGroupListener - ok
16:33:44.0680 0x1c8c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:33:44.0731 0x1c8c HomeGroupProvider - ok
16:33:44.0767 0x1c8c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
16:33:44.0784 0x1c8c HpSAMD - ok
16:33:44.0874 0x1c8c [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
16:33:44.0948 0x1c8c HTTP - ok
16:33:44.0998 0x1c8c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
16:33:45.0045 0x1c8c hwpolicy - ok
16:33:45.0243 0x1c8c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
16:33:45.0360 0x1c8c hyperkbd - ok
16:33:45.0399 0x1c8c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
16:33:45.0463 0x1c8c HyperVideo - ok
16:33:45.0520 0x1c8c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
16:33:45.0861 0x1c8c i8042prt - ok
16:33:45.0883 0x1c8c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:33:46.0033 0x1c8c iaLPSSi_GPIO - ok
16:33:46.0126 0x1c8c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:33:46.0158 0x1c8c iaLPSSi_I2C - ok
16:33:46.0244 0x1c8c [ 815499B59D675E42A70894118E7A6422, 2E30C726C8E53C1C6B4F113569287B2F85F0502C13067C8C93C82B3561C760F4 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
16:33:46.0279 0x1c8c iaStorA - ok
16:33:46.0344 0x1c8c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
16:33:46.0381 0x1c8c iaStorAV - ok
16:33:46.0479 0x1c8c [ A55971BD810EBDEF1E83CE57F5AC091B, 43AAE856E0E1D1647DC8AF37E907DC8FB74C9C388E48A9F68D209AECAA1E54B6 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:33:46.0487 0x1c8c IAStorDataMgrSvc - ok
16:33:46.0529 0x1c8c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
16:33:46.0555 0x1c8c iaStorV - ok
16:33:46.0730 0x1c8c [ 351282A1CA1D8921028C3F653746FA20, F0C256880C6B638AF8F0EBC5D281C432090FC1DCA98E0A8F908C98EF446EF627 ] ibtsiva.exe C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
16:33:46.0741 0x1c8c ibtsiva.exe - ok
16:33:46.0801 0x1c8c [ 9C8AB34D88A61878D4A72FD55ED65674, CC109CDA60A0CE5E31509B02D4BB8F8906C405089D84D4A8570C42E0D6DC8E49 ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
16:33:46.0816 0x1c8c ibtusb - ok
16:33:46.0823 0x1c8c IEEtwCollectorService - ok
16:33:47.0085 0x1c8c [ 540E8D8F386F38F9609572FE92997DA1, DF8DACC88437B6A97FD184C8813784FB6710461623242F45D1E6B5C23DB34D2D ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:33:47.0298 0x1c8c igfx - ok
16:33:47.0325 0x1c8c [ 2C1A1DB9ED1BEEC1CE6632225A7CDFA9, 93553F5FBDF88046E44FBADD2732ABC10C19098C9E338450FD69D1D216504562 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
16:33:47.0344 0x1c8c igfxCUIService1.0.0.0 - ok
16:33:47.0520 0x1c8c [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT C:\WINDOWS\System32\ikeext.dll
16:33:47.0568 0x1c8c IKEEXT - ok
16:33:47.0595 0x1c8c [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
16:33:47.0604 0x1c8c intaud_WaveExtensible - ok
16:33:47.0653 0x1c8c [ 5F6F8E55DDB25BC41497DD11A85FC257, 45EF15064644729A776BBF35A790E23246309939A1614369553371EC82786890 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:33:47.0693 0x1c8c IntcDAud - ok
16:33:47.0778 0x1c8c [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:33:47.0829 0x1c8c Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
16:33:47.0984 0x1c8c Detect skipped due to KSN trusted
16:33:47.0985 0x1c8c Intel(R) Capability Licensing Service Interface - ok
16:33:48.0084 0x1c8c [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
16:33:49.0261 0x1c8c Intel(R) Capability Licensing Service TCP IP Interface - ok
16:33:49.0282 0x1c8c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
16:33:49.0311 0x1c8c intelide - ok
16:33:49.0389 0x1c8c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
16:33:49.0562 0x1c8c intelpep - ok
16:33:49.0602 0x1c8c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
16:33:49.0677 0x1c8c intelppm - ok
16:33:49.0714 0x1c8c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:33:49.0928 0x1c8c IpFilterDriver - ok
16:33:50.0117 0x1c8c [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
16:33:50.0351 0x1c8c iphlpsvc - ok
16:33:50.0441 0x1c8c [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:33:50.0737 0x1c8c IPMIDRV - ok
16:33:50.0799 0x1c8c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
16:33:50.0916 0x1c8c IPNAT - ok
16:33:50.0980 0x1c8c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
16:33:51.0053 0x1c8c IRENUM - ok
16:33:51.0115 0x1c8c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
16:33:51.0133 0x1c8c isapnp - ok
16:33:51.0192 0x1c8c [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
16:33:51.0238 0x1c8c iScsiPrt - ok
16:33:51.0263 0x1c8c [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
16:33:51.0280 0x1c8c iwdbus - ok
16:33:51.0373 0x1c8c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:33:51.0392 0x1c8c jhi_service - ok
16:33:51.0442 0x1c8c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
16:33:51.0463 0x1c8c kbdclass - ok
16:33:51.0522 0x1c8c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
16:33:51.0617 0x1c8c kbdhid - ok
16:33:51.0649 0x1c8c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
16:33:51.0859 0x1c8c kdnic - ok
16:33:51.0877 0x1c8c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
16:33:51.0930 0x1c8c KeyIso - ok
16:33:51.0937 0x1c8c KMDFVirtualKbd - ok
16:33:51.0974 0x1c8c [ 23E3E79A244E63F416A89640359C78B3, 721EBE47CF5617762DA16E0450B5B2DA857F9B04EA3D167770E2A8CA9D31C77C ] KMDFVirtualMouse C:\WINDOWS\System32\drivers\KMDFVirtualMouse.sys
16:33:52.0057 0x1c8c KMDFVirtualMouse - ok
16:33:52.0124 0x1c8c [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
16:33:52.0139 0x1c8c KSecDD - ok
16:33:52.0211 0x1c8c [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:33:52.0242 0x1c8c KSecPkg - ok
16:33:52.0275 0x1c8c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
16:33:52.0375 0x1c8c ksthunk - ok
16:33:52.0452 0x1c8c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
16:33:52.0558 0x1c8c KtmRm - ok
16:33:52.0671 0x1c8c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
16:33:52.0752 0x1c8c LanmanServer - ok
16:33:52.0899 0x1c8c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:33:53.0014 0x1c8c LanmanWorkstation - ok
16:33:53.0231 0x1c8c [ DA297A7BAB4E3889CFF60C02AE7BFB5D, 9E533D6FE2C9777A298F1E09C6E74F4135CC32D406382655EA9C0B7B2C533F3E ] Lenovo EasyPlus Hotspot C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe
16:33:53.0266 0x1c8c Lenovo EasyPlus Hotspot - ok
16:33:53.0480 0x1c8c [ 8CD7568B0F809731D931144DE376FD16, 78902FA1BED048B336DE71FB82A3614A58BBAA834483F2F2B5ABF4A70FA491F3 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe
16:33:53.0516 0x1c8c Lenovo System Agent Service - ok
16:33:53.0597 0x1c8c [ 031199B929009F268A478F0283E1CE32, B7BFB848A03535C16798085D489AB294935955F2982330B39190B2074BF9122B ] LenovoWiFiHotspotSvr C:\Windows\System32\LenovoWiFiHotspotSvr.exe
16:33:53.0615 0x1c8c LenovoWiFiHotspotSvr - ok
16:33:53.0674 0x1c8c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
16:33:53.0832 0x1c8c lfsvc - ok
16:33:53.0861 0x1c8c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
16:33:53.0918 0x1c8c lltdio - ok
16:33:53.0966 0x1c8c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
16:33:54.0013 0x1c8c lltdsvc - ok
16:33:54.0046 0x1c8c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
16:33:54.0122 0x1c8c lmhosts - ok
16:33:54.0290 0x1c8c [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:33:54.0314 0x1c8c LMS - ok
16:33:54.0436 0x1c8c [ DB470EC2922A1DA3936CAFD2647B7C52, 2B973A2685031EDD1026B98070699384F11EF7AE574DC429A69B352B18047403 ] LSCWinService C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
16:33:54.0455 0x1c8c LSCWinService - ok
16:33:54.0484 0x1c8c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
16:33:54.0518 0x1c8c LSI_SAS - ok
16:33:54.0552 0x1c8c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
16:33:54.0569 0x1c8c LSI_SAS2 - ok
16:33:54.0596 0x1c8c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
16:33:54.0613 0x1c8c LSI_SAS3 - ok
16:33:54.0636 0x1c8c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
16:33:54.0651 0x1c8c LSI_SSS - ok
16:33:54.0796 0x1c8c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
16:33:54.0975 0x1c8c LSM - ok
16:33:54.0999 0x1c8c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
16:33:55.0265 0x1c8c luafv - ok
16:33:55.0332 0x1c8c [ 02CF33AD83CB69A7CF8598B1CDBC11B6, 9C9C7329F0EB3B94915676E4911BCC04F2FBDFDAF0C98F605B1B5C6606554A0D ] LUService C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
16:33:55.0341 0x1c8c LUService - ok
16:33:55.0374 0x1c8c [ 60DC593BA44E433DF97EBC8940703D08, 253B6892D7FCBD647D6FA645670871A76A38CD379FCC1F66F1181949740C72EA ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
16:33:55.0384 0x1c8c ManyCam - ok
16:33:55.0482 0x1c8c [ F0DB70EA6B32DA9E8D3DFE50206CF9C4, F2CE20E7019C029388A24326B149B0FBF17649F2BA805C96E9F6FB27EB4CB3CD ] ManyCam Service C:\ProgramData\ManyCam\Service\ManyCamService.exe
16:33:55.0620 0x1c8c ManyCam Service - ok
16:33:55.0653 0x1c8c [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
16:33:55.0679 0x1c8c MBAMProtector - ok
16:33:55.0777 0x1c8c [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
16:33:55.0865 0x1c8c MBAMScheduler - ok
16:33:55.0936 0x1c8c [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
16:33:55.0992 0x1c8c MBAMService - ok
16:33:56.0116 0x1c8c [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
16:33:56.0175 0x1c8c MBAMSwissArmy - ok
16:33:56.0207 0x1c8c [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
16:33:56.0221 0x1c8c MBAMWebAccessControl - ok
16:33:56.0244 0x1c8c [ 7382E4A888A7D4333DFF8A30B6850EE9, 3F63680A96438DF841FD46F99DA9670520ED3295176820DEDC9D5C770CA659D0 ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv_x64.sys
16:33:56.0275 0x1c8c mcaudrv_simple - ok
16:33:56.0333 0x1c8c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
16:33:56.0351 0x1c8c megasas - ok
16:33:56.0396 0x1c8c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
16:33:56.0437 0x1c8c megasr - ok
16:33:56.0509 0x1c8c [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
16:33:56.0540 0x1c8c MEIx64 - ok
16:33:56.0572 0x1c8c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
16:33:56.0693 0x1c8c MMCSS - ok
16:33:56.0723 0x1c8c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
16:33:56.0803 0x1c8c Modem - ok
16:33:56.0837 0x1c8c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
16:33:56.0992 0x1c8c monitor - ok
16:33:57.0013 0x1c8c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
16:33:57.0039 0x1c8c mouclass - ok
16:33:57.0068 0x1c8c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
16:33:57.0165 0x1c8c mouhid - ok
16:33:57.0244 0x1c8c [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
16:33:57.0264 0x1c8c mountmgr - ok
16:33:57.0361 0x1c8c [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:33:57.0394 0x1c8c MozillaMaintenance - ok
16:33:57.0431 0x1c8c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
16:33:57.0626 0x1c8c mpsdrv - ok
16:33:57.0682 0x1c8c [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
16:33:57.0771 0x1c8c MpsSvc - ok
16:33:57.0832 0x1c8c [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
16:33:58.0138 0x1c8c MRxDAV - ok
16:33:58.0176 0x1c8c [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:33:58.0292 0x1c8c mrxsmb - ok
16:33:58.0443 0x1c8c [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:33:58.0969 0x1c8c mrxsmb10 - ok
16:33:58.0997 0x1c8c [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:33:59.0157 0x1c8c mrxsmb20 - ok
16:33:59.0192 0x1c8c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
16:33:59.0273 0x1c8c MsBridge - ok
16:33:59.0320 0x1c8c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
16:33:59.0362 0x1c8c MSDTC - ok
16:33:59.0420 0x1c8c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:33:59.0490 0x1c8c Msfs - ok
16:33:59.0505 0x1c8c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:33:59.0525 0x1c8c msgpiowin32 - ok
16:33:59.0552 0x1c8c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:33:59.0605 0x1c8c mshidkmdf - ok
16:33:59.0635 0x1c8c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
16:33:59.0690 0x1c8c mshidumdf - ok
16:33:59.0717 0x1c8c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
16:33:59.0731 0x1c8c msisadrv - ok
16:33:59.0773 0x1c8c [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
16:33:59.0936 0x1c8c MSiSCSI - ok
16:33:59.0943 0x1c8c msiserver - ok
16:34:00.0009 0x1c8c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:34:00.0103 0x1c8c MSKSSRV - ok
16:34:00.0137 0x1c8c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
16:34:00.0229 0x1c8c MsLldp - ok
16:34:00.0246 0x1c8c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:34:00.0282 0x1c8c MSPCLOCK - ok
16:34:00.0305 0x1c8c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:34:00.0369 0x1c8c MSPQM - ok
16:34:00.0419 0x1c8c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
16:34:00.0462 0x1c8c MsRPC - ok
16:34:00.0477 0x1c8c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
16:34:00.0507 0x1c8c mssmbios - ok
16:34:00.0529 0x1c8c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:34:00.0602 0x1c8c MSTEE - ok
16:34:00.0624 0x1c8c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
16:34:00.0684 0x1c8c MTConfig - ok
16:34:00.0736 0x1c8c [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\WINDOWS\system32\Drivers\mup.sys
16:34:00.0762 0x1c8c Mup - ok
16:34:00.0786 0x1c8c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
16:34:00.0801 0x1c8c mvumis - ok
16:34:00.0847 0x1c8c [ 1EE90E273094252917843D111E898C94, D0D7D155E3CA022BC1F718327165E44F954A40B96259DEE5266C48ADCC8B4556 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:34:00.0866 0x1c8c MyWiFiDHCPDNS - ok
16:34:00.0911 0x1c8c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
16:34:00.0965 0x1c8c napagent - ok
16:34:01.0020 0x1c8c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:34:01.0138 0x1c8c NativeWifiP - ok
16:34:01.0330 0x1c8c [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
16:34:01.0379 0x1c8c NAUpdate - ok
16:34:01.0471 0x1c8c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
16:34:01.0533 0x1c8c NcaSvc - ok
16:34:01.0553 0x1c8c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
16:34:01.0649 0x1c8c NcbService - ok
16:34:01.0681 0x1c8c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
16:34:01.0811 0x1c8c NcdAutoSetup - ok
16:34:01.0912 0x1c8c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
16:34:01.0983 0x1c8c NDIS - ok
16:34:02.0071 0x1c8c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
16:34:02.0126 0x1c8c NdisCap - ok
16:34:02.0176 0x1c8c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
16:34:02.0251 0x1c8c NdisImPlatform - ok
16:34:02.0285 0x1c8c [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:34:02.0371 0x1c8c NdisTapi - ok
16:34:02.0398 0x1c8c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:34:02.0532 0x1c8c Ndisuio - ok
16:34:02.0557 0x1c8c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:34:02.0640 0x1c8c NdisVirtualBus - ok
16:34:02.0691 0x1c8c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:34:02.0876 0x1c8c NdisWan - ok
16:34:02.0885 0x1c8c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:34:02.0950 0x1c8c NdisWanLegacy - ok
16:34:02.0999 0x1c8c [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:34:03.0078 0x1c8c NDProxy - ok
16:34:03.0119 0x1c8c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
16:34:03.0246 0x1c8c Ndu - ok
16:34:03.0278 0x1c8c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:34:03.0313 0x1c8c NetBIOS - ok
16:34:03.0411 0x1c8c [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:34:03.0584 0x1c8c NetBT - ok
16:34:03.0616 0x1c8c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
16:34:03.0631 0x1c8c Netlogon - ok
16:34:03.0684 0x1c8c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
16:34:03.0723 0x1c8c Netman - ok
16:34:03.0852 0x1c8c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
16:34:03.0926 0x1c8c netprofm - ok
16:34:04.0000 0x1c8c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:34:04.0058 0x1c8c NetTcpPortSharing - ok
16:34:04.0099 0x1c8c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
16:34:04.0472 0x1c8c netvsc - ok
16:34:04.0815 0x1c8c [ 619EE1E89B759F4C3B3B684D1FF24A6D, 3654F7F3AB3FF55C6EE3F5CC17CDC660B9C2A2EDEC4CA118BC8660D38E14C191 ] NETwNb64 C:\WINDOWS\system32\DRIVERS\Netwbw02.sys
16:34:04.0985 0x1c8c NETwNb64 - ok
16:34:05.0285 0x1c8c [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64 C:\WINDOWS\system32\DRIVERS\NETwew02.sys
16:34:05.0665 0x1c8c NETwNe64 - ok
16:34:05.0780 0x1c8c [ 02E736F9861F1A6134736CF7473C513F, 7C574A50980885B213EFC0C394AFE613879B669246A4EA5EA6B5F791F7F6F32E ] NitroDriverReadSpool9 C:\Program Files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe
16:34:05.0796 0x1c8c NitroDriverReadSpool9 - ok
16:34:05.0852 0x1c8c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
16:34:05.0971 0x1c8c NlaSvc - ok
16:34:06.0122 0x1c8c [ CD2C0C25ECFCF816306126D3C208614B, C0C8B59BDDB349A593DFF5107841EB76618631C867D7C8F234C9ECBD76713CB0 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
16:34:06.0540 0x1c8c nlsX86cc - ok
16:34:06.0582 0x1c8c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:34:06.0649 0x1c8c Npfs - ok
16:34:06.0674 0x1c8c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
16:34:06.0844 0x1c8c npsvctrig - ok
16:34:06.0864 0x1c8c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
16:34:06.0991 0x1c8c nsi - ok
16:34:07.0025 0x1c8c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
16:34:07.0084 0x1c8c nsiproxy - ok
16:34:07.0220 0x1c8c [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:34:07.0341 0x1c8c Ntfs - ok
16:34:07.0363 0x1c8c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
16:34:07.0415 0x1c8c Null - ok
16:34:07.0445 0x1c8c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
16:34:07.0471 0x1c8c nvraid - ok
16:34:07.0535 0x1c8c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
16:34:07.0559 0x1c8c nvstor - ok
16:34:07.0579 0x1c8c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
16:34:07.0619 0x1c8c nv_agp - ok
16:34:07.0747 0x1c8c [ AC0F1B7B71D9D435EC33456F7EDF6FF1, 8FEFF5F99F1AFF21CF9415D4BF26936EF3A7347DA06F30ADD1DD1B14916F2585 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:34:07.0771 0x1c8c ose - ok
16:34:07.0805 0x1c8c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
16:34:07.0894 0x1c8c p2pimsvc - ok
16:34:07.0926 0x1c8c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
16:34:08.0022 0x1c8c p2psvc - ok
16:34:08.0066 0x1c8c [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\WINDOWS\System32\drivers\parport.sys
16:34:08.0443 0x1c8c Parport - ok
16:34:08.0480 0x1c8c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
16:34:08.0511 0x1c8c partmgr - ok
16:34:08.0594 0x1c8c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
16:34:08.0657 0x1c8c PcaSvc - ok
16:34:08.0701 0x1c8c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
16:34:08.0733 0x1c8c pci - ok
16:34:08.0762 0x1c8c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
16:34:08.0776 0x1c8c pciide - ok
16:34:08.0801 0x1c8c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
16:34:08.0821 0x1c8c pcmcia - ok
16:34:08.0843 0x1c8c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
16:34:08.0884 0x1c8c pcw - ok
16:34:08.0927 0x1c8c [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
16:34:08.0952 0x1c8c pdc - ok
16:34:09.0000 0x1c8c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
16:34:09.0128 0x1c8c PEAUTH - ok
16:34:09.0162 0x1c8c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
16:34:09.0360 0x1c8c PerfHost - ok
16:34:09.0503 0x1c8c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
16:34:09.0623 0x1c8c pla - ok
16:34:09.0672 0x1c8c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
16:34:09.0691 0x1c8c PlugPlay - ok
16:34:09.0726 0x1c8c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
16:34:09.0749 0x1c8c PNRPAutoReg - ok
16:34:09.0780 0x1c8c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
16:34:09.0806 0x1c8c PNRPsvc - ok
16:34:09.0887 0x1c8c [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
16:34:09.0977 0x1c8c PolicyAgent - ok
16:34:10.0037 0x1c8c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
16:34:10.0158 0x1c8c Power - ok
16:34:10.0196 0x1c8c [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:34:10.0238 0x1c8c PptpMiniport - ok
16:34:10.0414 0x1c8c [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:34:10.0723 0x1c8c PrintNotify - ok
16:34:10.0785 0x1c8c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
16:34:10.0850 0x1c8c Processor - ok
16:34:10.0898 0x1c8c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
16:34:11.0000 0x1c8c ProfSvc - ok
16:34:11.0023 0x1c8c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
16:34:11.0083 0x1c8c Psched - ok
16:34:11.0210 0x1c8c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
16:34:11.0314 0x1c8c QWAVE - ok
16:34:11.0343 0x1c8c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
16:34:11.0392 0x1c8c QWAVEdrv - ok
16:34:11.0436 0x1c8c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:34:11.0502 0x1c8c RasAcd - ok
16:34:11.0545 0x1c8c [ D5ECE7E7F349EB3C4B152AFF3577280D, 3A5D3E440D1ED72D654BBFE30A73667F055C0AD04375C22C202F21BF75B612B2 ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
16:34:11.0751 0x1c8c RasAgileVpn - ok
16:34:11.0786 0x1c8c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:34:11.0832 0x1c8c RasAuto - ok
16:34:11.0890 0x1c8c [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:34:12.0019 0x1c8c Rasl2tp - ok
16:34:12.0084 0x1c8c [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:34:12.0154 0x1c8c RasMan - ok
16:34:12.0192 0x1c8c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:34:12.0248 0x1c8c RasPppoe - ok
16:34:12.0294 0x1c8c [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
16:34:12.0357 0x1c8c RasSstp - ok
16:34:12.0426 0x1c8c [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:34:12.0602 0x1c8c rdbss - ok
16:34:12.0622 0x1c8c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
16:34:12.0739 0x1c8c rdpbus - ok
16:34:12.0774 0x1c8c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
16:34:12.0904 0x1c8c RDPDR - ok
16:34:12.0961 0x1c8c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:34:12.0984 0x1c8c RdpVideoMiniport - ok
16:34:13.0017 0x1c8c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
16:34:13.0052 0x1c8c rdyboost - ok
16:34:13.0130 0x1c8c [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
16:34:13.0185 0x1c8c ReFS - ok
16:34:13.0340 0x1c8c [ 37F021CF7D670D305C1687781173069E, 286D6D04B0A9C4399086BE8DDA5126CDE462EE3B9F5B40A65CD9CD2B7C160886 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:34:13.0357 0x1c8c RegSrvc - ok
16:34:13.0410 0x1c8c [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:34:13.0452 0x1c8c RemoteAccess - ok
16:34:13.0501 0x1c8c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:34:13.0584 0x1c8c RemoteRegistry - ok
16:34:13.0664 0x1c8c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
16:34:13.0726 0x1c8c RFCOMM - ok
16:34:13.0857 0x1c8c [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
16:34:13.0881 0x1c8c RichVideo64 - ok
16:34:13.0931 0x1c8c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
16:34:13.0979 0x1c8c RpcEptMapper - ok
16:34:14.0025 0x1c8c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
16:34:14.0111 0x1c8c RpcLocator - ok
16:34:14.0186 0x1c8c [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:34:14.0253 0x1c8c RpcSs - ok
16:34:14.0312 0x1c8c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:34:14.0367 0x1c8c rspndr - ok
16:34:14.0443 0x1c8c [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\WINDOWS\System32\Drivers\RtsUVStor.sys
16:34:14.0473 0x1c8c RSUSBVSTOR - ok
16:34:14.0519 0x1c8c [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
16:34:14.0562 0x1c8c RTL8168 - ok
16:34:15.0044 0x1c8c [ 6EA6AC66600E01E55FFB69AE53EE1553, 81ADE4CA618C5229DC241F10711578633093E1E43739AA6726923D9E6D27A0BE ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
16:34:15.0521 0x1c8c rtsuvc - ok
16:34:15.0581 0x1c8c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
16:34:15.0630 0x1c8c s3cap - ok
16:34:15.0677 0x1c8c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
16:34:15.0692 0x1c8c SamSs - ok
16:34:15.0698 0x1c8c SAService - ok
16:34:15.0717 0x1c8c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
16:34:15.0738 0x1c8c sbp2port - ok
16:34:15.0762 0x1c8c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
16:34:15.0803 0x1c8c SCardSvr - ok
16:34:15.0840 0x1c8c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
16:34:15.0869 0x1c8c ScDeviceEnum - ok
16:34:15.0898 0x1c8c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:34:15.0947 0x1c8c scfilter - ok
16:34:16.0053 0x1c8c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:34:16.0206 0x1c8c Schedule - ok
16:34:16.0241 0x1c8c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
16:34:16.0262 0x1c8c SCPolicySvc - ok
16:34:16.0351 0x1c8c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
16:34:16.0379 0x1c8c sdbus - ok
16:34:16.0411 0x1c8c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
16:34:16.0447 0x1c8c sdstor - ok
16:34:16.0483 0x1c8c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
16:34:16.0631 0x1c8c secdrv - ok
16:34:16.0690 0x1c8c [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\WINDOWS\system32\seclogon.dll
16:34:16.0792 0x1c8c seclogon - ok
16:34:16.0821 0x1c8c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
16:34:16.0883 0x1c8c SENS - ok
16:34:16.0932 0x1c8c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
16:34:17.0050 0x1c8c SensrSvc - ok
16:34:17.0111 0x1c8c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
16:34:17.0140 0x1c8c SerCx - ok
16:34:17.0200 0x1c8c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
16:34:17.0220 0x1c8c SerCx2 - ok
16:34:17.0282 0x1c8c [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
16:34:17.0316 0x1c8c Serenum - ok
16:34:17.0370 0x1c8c [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\WINDOWS\System32\drivers\serial.sys
16:34:17.0422 0x1c8c Serial - ok
16:34:17.0478 0x1c8c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
16:34:17.0551 0x1c8c sermouse - ok
16:34:17.0598 0x1c8c [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
16:34:17.0759 0x1c8c SessionEnv - ok
16:34:17.0778 0x1c8c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
16:34:17.0866 0x1c8c sfloppy - ok
16:34:17.0939 0x1c8c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:34:18.0005 0x1c8c SharedAccess - ok
16:34:18.0064 0x1c8c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:34:18.0160 0x1c8c ShellHWDetection - ok
16:34:18.0240 0x1c8c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:34:18.0258 0x1c8c SiSRaid2 - ok
16:34:18.0277 0x1c8c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
16:34:18.0292 0x1c8c SiSRaid4 - ok
16:34:18.0424 0x1c8c [ F3AAB7DF6408431C762D8721B68F46E4, 56ED764AA660955B8B06322703D086B3A52106625A83CCAF195B08BCBDEDA88F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:34:18.0454 0x1c8c SkypeUpdate - ok
16:34:18.0496 0x1c8c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
16:34:18.0806 0x1c8c smphost - ok
16:34:18.0857 0x1c8c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
16:34:18.0893 0x1c8c SNMPTRAP - ok
16:34:18.0951 0x1c8c [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
16:34:18.0992 0x1c8c spaceport - ok
16:34:19.0045 0x1c8c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
16:34:19.0073 0x1c8c SpbCx - ok
16:34:19.0154 0x1c8c [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
16:34:19.0266 0x1c8c Spooler - ok
16:34:19.0684 0x1c8c [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
16:34:20.0161 0x1c8c sppsvc - ok
16:34:20.0258 0x1c8c [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:34:20.0426 0x1c8c srv - ok
16:34:20.0562 0x1c8c [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
16:34:20.0660 0x1c8c srv2 - ok
16:34:20.0764 0x1c8c [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:34:20.0877 0x1c8c srvnet - ok
16:34:21.0016 0x1c8c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:34:21.0085 0x1c8c SSDPSRV - ok
16:34:21.0302 0x1c8c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
16:34:21.0430 0x1c8c SstpSvc - ok
16:34:21.0590 0x1c8c [ 36C3697CA09B23C77BDF95A6B0B57310, DAEF9CFBDE444A80FB41DA0BC5C3C4E1E4B535497A5EDA43EC8768A6EC42E4EA ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
16:34:21.0645 0x1c8c ssudmdm - ok
16:34:21.0746 0x1c8c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
16:34:21.0764 0x1c8c stexstor - ok
16:34:21.0823 0x1c8c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
16:34:21.0964 0x1c8c stisvc - ok
16:34:21.0986 0x1c8c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
16:34:22.0003 0x1c8c storahci - ok
16:34:22.0070 0x1c8c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
16:34:22.0084 0x1c8c storflt - ok
16:34:22.0142 0x1c8c [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
16:34:22.0166 0x1c8c stornvme - ok
16:34:22.0191 0x1c8c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
16:34:22.0286 0x1c8c StorSvc - ok
16:34:22.0318 0x1c8c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
16:34:22.0333 0x1c8c storvsc - ok
16:34:22.0364 0x1c8c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
16:34:22.0426 0x1c8c svsvc - ok
16:34:22.0452 0x1c8c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
16:34:22.0466 0x1c8c swenum - ok
16:34:22.0546 0x1c8c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
16:34:22.0616 0x1c8c swprv - ok
16:34:22.0723 0x1c8c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
16:34:22.0874 0x1c8c SysMain - ok
16:34:22.0920 0x1c8c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:34:23.0012 0x1c8c SystemEventsBroker - ok
16:34:23.0036 0x1c8c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:34:23.0133 0x1c8c TabletInputService - ok
16:34:23.0158 0x1c8c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:34:23.0255 0x1c8c TapiSrv - ok
16:34:23.0439 0x1c8c [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
16:34:23.0599 0x1c8c Tcpip - ok
16:34:23.0691 0x1c8c [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:34:23.0825 0x1c8c TCPIP6 - ok
16:34:23.0864 0x1c8c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
16:34:24.0030 0x1c8c tcpipreg - ok
16:34:24.0100 0x1c8c [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
16:34:24.0161 0x1c8c tdx - ok
16:34:24.0595 0x1c8c [ D778B8E00A5ABF6C27DDB74F382ACBE9, E874053B0DC603465F08559961E57D9D65AAFA0C8E525B606F91299BC1BE309B ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:34:24.0991 0x1c8c TeamViewer - ok
16:34:25.0039 0x1c8c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
16:34:25.0054 0x1c8c terminpt - ok
16:34:25.0129 0x1c8c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
16:34:25.0325 0x1c8c TermService - ok
16:34:25.0371 0x1c8c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
16:34:25.0413 0x1c8c Themes - ok
16:34:25.0473 0x1c8c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
16:34:25.0510 0x1c8c THREADORDER - ok
16:34:25.0557 0x1c8c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
16:34:25.0624 0x1c8c TimeBroker - ok
16:34:25.0699 0x1c8c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
16:34:25.0725 0x1c8c TPM - ok
16:34:25.0773 0x1c8c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
16:34:25.0814 0x1c8c TrkWks - ok
16:34:25.0967 0x1c8c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:34:26.0134 0x1c8c TrustedInstaller - ok
16:34:26.0157 0x1c8c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
16:34:26.0310 0x1c8c TsUsbFlt - ok
16:34:26.0341 0x1c8c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:34:26.0426 0x1c8c TsUsbGD - ok
16:34:26.0503 0x1c8c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
16:34:26.0665 0x1c8c tunnel - ok
16:34:26.0705 0x1c8c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
16:34:26.0743 0x1c8c uagp35 - ok
16:34:26.0776 0x1c8c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
16:34:26.0793 0x1c8c UASPStor - ok
16:34:26.0825 0x1c8c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
16:34:26.0849 0x1c8c UCX01000 - ok
16:34:26.0963 0x1c8c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
16:34:27.0096 0x1c8c udfs - ok
16:34:27.0111 0x1c8c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
16:34:27.0127 0x1c8c UEFI - ok
16:34:27.0164 0x1c8c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
16:34:27.0227 0x1c8c UI0Detect - ok
16:34:27.0278 0x1c8c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
16:34:27.0292 0x1c8c uliagpkx - ok
16:34:27.0312 0x1c8c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
16:34:27.0378 0x1c8c umbus - ok
16:34:27.0405 0x1c8c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
16:34:27.0452 0x1c8c UmPass - ok
16:34:27.0519 0x1c8c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
16:34:27.0656 0x1c8c UmRdpService - ok
16:34:27.0699 0x1c8c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:34:27.0781 0x1c8c upnphost - ok
16:34:27.0853 0x1c8c [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
16:34:27.0955 0x1c8c usbaudio - ok
16:34:27.0985 0x1c8c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
16:34:28.0012 0x1c8c usbccgp - ok
16:34:28.0055 0x1c8c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
16:34:28.0137 0x1c8c usbcir - ok
16:34:28.0178 0x1c8c [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
16:34:28.0211 0x1c8c usbehci - ok
16:34:28.0303 0x1c8c [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
16:34:28.0346 0x1c8c usbhub - ok
16:34:28.0386 0x1c8c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
16:34:28.0426 0x1c8c USBHUB3 - ok
16:34:28.0497 0x1c8c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
16:34:28.0761 0x1c8c usbohci - ok
16:34:28.0790 0x1c8c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
16:34:28.0882 0x1c8c usbprint - ok
16:34:28.0926 0x1c8c [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:34:29.0039 0x1c8c usbscan - ok
16:34:29.0094 0x1c8c [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:34:29.0139 0x1c8c USBSTOR - ok
16:34:29.0173 0x1c8c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
16:34:29.0223 0x1c8c usbuhci - ok
16:34:29.0262 0x1c8c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
16:34:29.0349 0x1c8c usbvideo - ok
16:34:29.0442 0x1c8c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:34:29.0474 0x1c8c USBXHCI - ok
16:34:29.0489 0x1c8c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
16:34:29.0505 0x1c8c VaultSvc - ok
16:34:29.0542 0x1c8c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
16:34:29.0570 0x1c8c vdrvroot - ok
16:34:29.0655 0x1c8c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
16:34:29.0737 0x1c8c vds - ok
16:34:29.0853 0x1c8c [ E28127C422E5E0C91A0EC040C9838A0B, 1D881AE97138829E40847796972FE32F267DCD21B0BC83899AF9D6144FA0709B ] VeriFaceSrv C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
16:34:29.0870 0x1c8c VeriFaceSrv - ok
16:34:29.0893 0x1c8c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
16:34:29.0930 0x1c8c VerifierExt - ok
16:34:29.0975 0x1c8c [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
16:34:30.0021 0x1c8c vhdmp - ok
16:34:30.0066 0x1c8c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
16:34:30.0095 0x1c8c viaide - ok
16:34:30.0117 0x1c8c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
16:34:30.0134 0x1c8c vmbus - ok
16:34:30.0166 0x1c8c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
16:34:30.0231 0x1c8c VMBusHID - ok
16:34:30.0299 0x1c8c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
16:34:30.0406 0x1c8c vmicguestinterface - ok
16:34:30.0429 0x1c8c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
16:34:30.0483 0x1c8c vmicheartbeat - ok
16:34:30.0505 0x1c8c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
16:34:30.0542 0x1c8c vmickvpexchange - ok
16:34:30.0564 0x1c8c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
16:34:30.0612 0x1c8c vmicrdv - ok
16:34:30.0640 0x1c8c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
16:34:30.0678 0x1c8c vmicshutdown - ok
16:34:30.0699 0x1c8c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
16:34:30.0732 0x1c8c vmictimesync - ok
16:34:30.0761 0x1c8c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
16:34:30.0829 0x1c8c vmicvss - ok
16:34:30.0901 0x1c8c [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
16:34:30.0918 0x1c8c volmgr - ok
16:34:30.0956 0x1c8c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
16:34:30.0984 0x1c8c volmgrx - ok
16:34:31.0111 0x1c8c [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
16:34:31.0145 0x1c8c volsnap - ok
16:34:31.0172 0x1c8c [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
16:34:31.0190 0x1c8c vpci - ok
16:34:31.0223 0x1c8c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
16:34:31.0244 0x1c8c vsmraid - ok
16:34:31.0376 0x1c8c [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\WINDOWS\system32\vssvc.exe
16:34:31.0533 0x1c8c VSS - ok
16:34:31.0562 0x1c8c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
16:34:31.0601 0x1c8c VSTXRAID - ok
16:34:31.0649 0x1c8c [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
16:34:31.0949 0x1c8c vwifibus - ok
16:34:31.0974 0x1c8c [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
16:34:32.0094 0x1c8c vwififlt - ok
16:34:32.0117 0x1c8c [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
16:34:32.0149 0x1c8c vwifimp - ok
16:34:32.0213 0x1c8c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
16:34:32.0305 0x1c8c W32Time - ok
16:34:32.0343 0x1c8c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
16:34:32.0404 0x1c8c WacomPen - ok
16:34:32.0447 0x1c8c [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:34:32.0500 0x1c8c Wanarp - ok
16:34:32.0506 0x1c8c [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:34:32.0525 0x1c8c Wanarpv6 - ok
16:34:32.0630 0x1c8c [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\WINDOWS\system32\wbengine.exe
16:34:32.0915 0x1c8c wbengine - ok
16:34:32.0960 0x1c8c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
16:34:33.0061 0x1c8c WbioSrvc - ok
16:34:33.0099 0x1c8c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
16:34:33.0130 0x1c8c Wcmsvc - ok
16:34:33.0177 0x1c8c [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
16:34:33.0210 0x1c8c wcncsvc - ok
16:34:33.0257 0x1c8c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
16:34:33.0321 0x1c8c WcsPlugInService - ok
16:34:33.0362 0x1c8c [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
16:34:33.0381 0x1c8c WdBoot - ok
16:34:33.0420 0x1c8c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
16:34:33.0466 0x1c8c Wdf01000 - ok
16:34:33.0541 0x1c8c [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
16:34:33.0566 0x1c8c WdFilter - ok
16:34:33.0602 0x1c8c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
16:34:33.0631 0x1c8c WdiServiceHost - ok
16:34:33.0641 0x1c8c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
16:34:33.0661 0x1c8c WdiSystemHost - ok
16:34:33.0678 0x1c8c [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:34:33.0695 0x1c8c WdNisDrv - ok
16:34:33.0724 0x1c8c WdNisSvc - ok
16:34:33.0805 0x1c8c [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\WINDOWS\System32\webclnt.dll
16:34:33.0944 0x1c8c WebClient - ok
16:34:33.0981 0x1c8c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
16:34:34.0031 0x1c8c Wecsvc - ok
16:34:34.0070 0x1c8c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
16:34:34.0137 0x1c8c WEPHOSTSVC - ok
16:34:34.0162 0x1c8c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
16:34:34.0262 0x1c8c wercplsupport - ok
16:34:34.0335 0x1c8c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
16:34:34.0375 0x1c8c WerSvc - ok
16:34:34.0479 0x1c8c [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
16:34:34.0499 0x1c8c WFPLWFS - ok
16:34:34.0533 0x1c8c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
16:34:34.0584 0x1c8c WiaRpc - ok
16:34:34.0625 0x1c8c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
16:34:34.0650 0x1c8c WIMMount - ok
16:34:34.0655 0x1c8c WinDefend - ok
16:34:34.0766 0x1c8c [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:34:34.0931 0x1c8c WinHttpAutoProxySvc - ok
16:34:35.0003 0x1c8c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:34:35.0143 0x1c8c Winmgmt - ok
16:34:35.0425 0x1c8c [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
16:34:35.0630 0x1c8c WinRM - ok
16:34:35.0673 0x1c8c [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
16:34:35.0893 0x1c8c WinUsb - ok
16:34:36.0006 0x1c8c [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
16:34:36.0139 0x1c8c WlanSvc - ok
16:34:36.0281 0x1c8c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
16:34:36.0401 0x1c8c wlidsvc - ok
16:34:36.0446 0x1c8c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
16:34:36.0500 0x1c8c WmiAcpi - ok
16:34:36.0540 0x1c8c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:34:36.0585 0x1c8c wmiApSrv - ok
16:34:36.0614 0x1c8c WMPNetworkSvc - ok
16:34:36.0634 0x1c8c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
16:34:36.0671 0x1c8c Wof - ok
16:34:36.0878 0x1c8c [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
16:34:37.0047 0x1c8c workfolderssvc - ok
16:34:37.0126 0x1c8c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
16:34:37.0146 0x1c8c wpcfltr - ok
16:34:37.0191 0x1c8c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
16:34:37.0266 0x1c8c WPCSvc - ok
16:34:37.0297 0x1c8c [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
16:34:37.0405 0x1c8c WPDBusEnum - ok
16:34:37.0445 0x1c8c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:34:37.0460 0x1c8c WpdUpFltr - ok
16:34:37.0481 0x1c8c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:34:37.0539 0x1c8c ws2ifsl - ok
16:34:37.0593 0x1c8c [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\WINDOWS\System32\wscsvc.dll
16:34:37.0713 0x1c8c wscsvc - ok
16:34:37.0720 0x1c8c WSearch - ok
16:34:37.0931 0x1c8c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
16:34:38.0118 0x1c8c WSService - ok
16:34:38.0199 0x1c8c [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
16:34:38.0237 0x1c8c wsvd - ok
16:34:38.0504 0x1c8c [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
16:34:38.0752 0x1c8c wuauserv - ok
16:34:38.0791 0x1c8c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
16:34:38.0906 0x1c8c WudfPf - ok
16:34:38.0935 0x1c8c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
16:34:39.0002 0x1c8c WUDFRd - ok
16:34:39.0016 0x1c8c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:34:39.0042 0x1c8c WUDFSensorLP - ok
16:34:39.0100 0x1c8c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
16:34:39.0120 0x1c8c wudfsvc - ok
16:34:39.0133 0x1c8c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
16:34:39.0154 0x1c8c WUDFWpdFs - ok
16:34:39.0165 0x1c8c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
16:34:39.0186 0x1c8c WUDFWpdMtp - ok
16:34:39.0312 0x1c8c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
16:34:39.0350 0x1c8c WwanSvc - ok
16:34:39.0682 0x1c8c [ 8D809F4ECFE9E80723C49B427854068A, 4186B6C56BA70106A95D28371360C780F55FECA1A1C61966F091A07A390BA189 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
16:34:39.0882 0x1c8c ZeroConfigService - ok
16:34:39.0920 0x1c8c ================ Scan global ===============================
16:34:39.0998 0x1c8c [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
16:34:40.0085 0x1c8c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
16:34:40.0125 0x1c8c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
16:34:40.0194 0x1c8c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
16:34:40.0238 0x1c8c [ Global ] - ok
16:34:40.0240 0x1c8c ================ Scan MBR ==================================
16:34:40.0260 0x1c8c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:34:40.0404 0x1c8c \Device\Harddisk0\DR0 - ok
16:34:40.0412 0x1c8c ================ Scan VBR ==================================
16:34:40.0452 0x1c8c [ C307F981B085B939E9144D2BA8D35BFB ] \Device\Harddisk0\DR0\Partition1
16:34:40.0477 0x1c8c \Device\Harddisk0\DR0\Partition1 - ok
16:34:40.0494 0x1c8c [ DBD7E31BB7C36769AF538F5940AB8FE5 ] \Device\Harddisk0\DR0\Partition2
16:34:40.0496 0x1c8c \Device\Harddisk0\DR0\Partition2 - ok
16:34:40.0517 0x1c8c [ 27CF5568853A0D8392A39E65E6EA7437 ] \Device\Harddisk0\DR0\Partition3
16:34:40.0541 0x1c8c \Device\Harddisk0\DR0\Partition3 - ok
16:34:40.0556 0x1c8c [ 84833E3E69F2AA95FF524F3C579ABBA8 ] \Device\Harddisk0\DR0\Partition4
16:34:40.0556 0x1c8c \Device\Harddisk0\DR0\Partition4 - ok
16:34:40.0573 0x1c8c [ ABD4AE5CC8E81AB7F1813CBBA8F6C8A5 ] \Device\Harddisk0\DR0\Partition5
16:34:40.0575 0x1c8c \Device\Harddisk0\DR0\Partition5 - ok
16:34:40.0612 0x1c8c [ E6B4D91E07A89FD54CAE04B996A8087E ] \Device\Harddisk0\DR0\Partition6
16:34:40.0614 0x1c8c \Device\Harddisk0\DR0\Partition6 - ok
16:34:40.0628 0x1c8c [ 5519F2C2D861C7E302FD2DCC21547517 ] \Device\Harddisk0\DR0\Partition7
16:34:40.0631 0x1c8c \Device\Harddisk0\DR0\Partition7 - ok
16:34:40.0634 0x1c8c ================ Scan generic autorun ======================
16:34:40.0700 0x1c8c [ 235F426670EC4117EADD24A6185A48B9, 609FEE1CE0BE381C81F2F943066FBFC0E8F5043FEDB25E6FBD3F0C174DA17F4F ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
16:34:40.0801 0x1c8c IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
16:34:40.0958 0x1c8c Detect skipped due to KSN trusted
16:34:40.0958 0x1c8c IAStorIcon - ok
16:34:41.0030 0x1c8c [ 42361B4BD80768E82B80285851037665, A555A6BF8016645B838FEA993AD273D1F472586F3600619DC243B1C33438FA07 ] C:\Program Files\Conexant\ForteConfig\fmapp.exe
16:34:41.0083 0x1c8c ForteConfig - ok
16:34:41.0284 0x1c8c [ 4F8B94EC4D4FFA0712CCADF8145F28D1, 6CED9332100CA71FB17930AAC4ED1798E6F3A83CEBEE0A3412EFA01F6F1A6F22 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
16:34:41.0386 0x1c8c SmartAudio - ok
16:34:41.0532 0x1c8c [ B58355B1B1C91433B4B119083C7F28B3, CE8272FB392C519D3F1921CE11AF12E0CEE3F96141DCCBF5C40110DA3F9B92BD ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
16:34:41.0600 0x1c8c cAudioFilterAgent - ok
16:34:41.0602 0x1c8c ETDCtrl - ok
16:34:41.0977 0x1c8c [ 0E2427CF7B8BFC002795159AB55564C1, F4DAEEC6CD7580621C3411ADC5EAA8BE1927924EC2FEDA05E223E6580D8FA9B7 ] C:\WINDOWS\RTFTrack.exe
16:34:42.0306 0x1c8c RtsFT - ok
16:34:44.0836 0x1c8c [ 6DB938E782F688C788441AB389B9FC78, 195875E58457FE5CD6E81AD48576186060D4B44FD415DAF881541199808C1BCE ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
16:34:46.0339 0x1c8c Energy Manager - ok
16:34:46.0636 0x1390 Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
16:34:46.0833 0x1390 Object send P2P result: true
16:34:47.0510 0x1c8c [ E3D9352D2EE0A4343FE2A4A99FCBCB06, 886D243B569BF11118D19B27DE39DE1E42D471B3DA0C9A397E301E17519C6C42 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
16:34:48.0202 0x1c8c Lenovo Utility - ok
16:34:48.0373 0x1c8c [ 8F83160C43C61FC6775391B46B7C16BF, 648588126B2CD0B9F50F478BF4F7474137D1285061A3B22B56C1CB5B4FD3C3BF ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
16:34:48.0397 0x1c8c UpdateP2GShortCut - ok
16:34:48.0484 0x1c8c [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
16:34:48.0523 0x1c8c SunJavaUpdateSched - ok
16:34:48.0599 0x1c8c [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
16:34:48.0832 0x1c8c Pokki - ok
16:34:49.0151 0x1c8c [ 7A60DCF0B0F2521A7F505F8A56E5AB68, 7F23D55D4BC55ACACA9E4F94DA2439539FD2AA96D1DCA6FF58C8469F7F9C622F ] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
16:34:49.0218 0x1c8c FreeAC - ok
|
|
27.01.2017, 16:37
| #18 |
| | nova.rambler.ru nicht entfernbar Und Teil 2:
__________________Code:
ATTFilter 16:34:49.0302 0x1c8c Skype - ok
16:34:52.0263 0x1c8c [ 1E53BE3B241C27D42F753EEE7E0751B7, 8237E8ECBB332AA0098024313F4452EFE66FECAC1878E07A46A6F817DC1AF453 ] C:\Program Files (x86)\ManyCam\ManyCam.exe
16:34:52.0866 0x1c8c ManyCam - ok
16:34:53.0078 0x1c8c Chromium - ok
16:34:53.0426 0x1c8c [ 0C2D8CBA28E12D170FC5343F03E6D20C, 73A66AEF5D89E69E6B19172328AC043542FD7628DD44A569B23625261A0B56FB ] C:\Users\Phil\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:34:53.0510 0x1c8c Spotify Web Helper - ok
16:34:54.0096 0x1c8c [ 309A0390822194B835DBBF1374718354, BE1021B9D5EA4C4180E752F21191BD21010298BB2545F3D725E71E913DB14808 ] C:\Users\Phil\AppData\Roaming\uTorrent\uTorrent.exe
16:34:54.0201 0x1c8c uTorrent - ok
16:34:55.0046 0x1c8c [ C654101E928F9C1EC19A3C3AA78D4482, 925C51A2B1DD082EA5F7035CDAD481F6017DD943B005042703CCE1D5F9572AF2 ] C:\Users\Phil\AppData\Roaming\Spotify\Spotify.exe
16:34:55.0544 0x1c8c Spotify - ok
16:34:55.0560 0x1c8c Waiting for KSN requests completion. In queue: 4
16:34:56.0763 0x1c8c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x61100 ( enabled : updated )
16:34:56.0775 0x1c8c Win FW state via NFP2: enabled ( trusted )
16:34:56.0856 0x1c8c ============================================================
16:34:56.0856 0x1c8c Scan finished
16:34:56.0856 0x1c8c ============================================================
16:34:56.0865 0x208c Detected object count: 1
16:34:56.0865 0x208c Actual detected object count: 1
16:35:21.0965 0x208c AdBlockerService ( UnsignedFile.Multi.Generic ) - skipped by user
16:35:21.0965 0x208c AdBlockerService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:35:27.0672 0x1dc4 Deinitialize success
|
|
29.01.2017, 12:37
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nova.rambler.ru nicht entfernbar Log von MBAR mit aktuellen Signaturen fehlt
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.01.2017, 06:16
| #20 |
| | nova.rambler.ru nicht entfernbar Hier MBAR mit aktuellen Einstellungen: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.01.31.01
rootkit: v2016.11.20.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18538
Phil :: SUPERPARCHITA [administrator]
31.01.2017 04:54:32
mbar-log-2017-01-31 (04-54-32).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 358165
Time elapsed: 1 hour(s), 2 minute(s), 39 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
31.01.2017, 09:19
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nova.rambler.ru nicht entfernbar Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ --> nova.rambler.ru nicht entfernbar |
|
16.02.2017, 16:56
| #22 |
| | nova.rambler.ru nicht entfernbar Hallo, cosinus. Entschuldige die späte Antwort, ich lag zwei Wochen mit Magen-Darm im Krankenhaus... Hier der Log für AdwCleaner: Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 15/02/2017 um 21:08:06
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Lokal]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : Phil - SUPERPARCHITA
# Gestartet von : C:\Users\Phil\Downloads\AdwCleaner_6.043 (1).exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Dienst Gefunden: rtop
Dienst Gefunden: AdBlockerService
Dienst Gefunden: ByteFenceService
***** [ Ordner ] *****
Ordner Gefunden: C:\ProgramData\8abbd5c4
Ordner Gefunden: C:\Users\Phil\AppData\Local\Pokki
Ordner Gefunden: C:\Program Files\ByteFence
Ordner Gefunden: C:\ProgramData\ByteFence
Ordner Gefunden: C:\ProgramData\Pokki
Ordner Gefunden: C:\ProgramData\Application Data\ByteFence
Ordner Gefunden: C:\ProgramData\Application Data\Pokki
Ordner Gefunden: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
Ordner Gefunden: C:\Program Files (x86)\adblocker
Ordner Gefunden: C:\Users\Public\Documents\dmp
Ordner Gefunden: C:\Users\Default User\AppData\Local\Pokki
Ordner Gefunden: C:\Users\Default\AppData\Local\Pokki
Ordner Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
Ordner Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
***** [ Dateien ] *****
Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
Datei Gefunden: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
Datei Gefunden: C:\END
Datei Gefunden: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Datei Gefunden: C:\ProgramData\Application Data\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Datei Gefunden: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Datei Gefunden: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
Datei Gefunden: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
Datei Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\bing-lavasoft.xml
Datei Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\Search Provided by Bing.xml
Datei Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\yahoo! powered.xml
Datei Gefunden: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\SEARCHPLUGINS\YAHOO! POWERED.XML
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Aufgabe Gefunden: {60DAB822-9A31-4A47-B237-1C9C7C366EB7}
Aufgabe Gefunden: Yahoo! Powered locel
Aufgabe Gefunden: ByteFence
Aufgabe Gefunden: ByteFence Scan
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService
Schlüssel Gefunden: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService
Schlüssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Classes\pokki
Schlüssel Gefunden: HKCU\Software\Classes\pokki
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel Gefunden: [x64] HKCU\Software\Classes\pokki
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Schlüssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Brothersoft
Schlüssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\ByteFence
Schlüssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Pokki
Schlüssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\PRODUCTSETUP
Schlüssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\yahooprovidedsearch
Schlüssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\csastats
Schlüssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gefunden: HKCU\Software\Brothersoft
Schlüssel Gefunden: HKCU\Software\ByteFence
Schlüssel Gefunden: HKCU\Software\Pokki
Schlüssel Gefunden: HKCU\Software\PRODUCTSETUP
Schlüssel Gefunden: HKCU\Software\yahooprovidedsearch
Schlüssel Gefunden: HKCU\Software\csastats
Schlüssel Gefunden: HKLM\SOFTWARE\ByteFence
Schlüssel Gefunden: HKLM\SOFTWARE\Lavasoft\Web Companion
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
Schlüssel Gefunden: [x64] HKCU\Software\Brothersoft
Schlüssel Gefunden: [x64] HKCU\Software\ByteFence
Schlüssel Gefunden: [x64] HKCU\Software\Pokki
Schlüssel Gefunden: [x64] HKCU\Software\PRODUCTSETUP
Schlüssel Gefunden: [x64] HKCU\Software\yahooprovidedsearch
Schlüssel Gefunden: [x64] HKCU\Software\csastats
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\ByteFence
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
Daten Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17
Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_06¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dd
Daten Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_06¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dd
Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_06¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3
Daten Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxps://de.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_06¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3
Schlüssel Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Daten Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Daten Gefunden: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}
Daten Gefunden: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Daten Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}
Daten Gefunden: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] -
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\coupontime.co
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.cmptch.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com
Schlüssel Gefunden: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\coupontime.co
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.cmptch.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com
Schlüssel Gefunden: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com
Wert Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Wert Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
Wert Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Wert Gefunden: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
Wert Gefunden: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [safe_urls768]
Schlüssel Gefunden: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan
Schlüssel Gefunden: HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan
***** [ Internetbrowser ] *****
Firefox pref Gefunden: [C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js] - "browser.newtabpage.url" - "hxxp://www.bing.com/?pc=COSP&ptag=D050116-AB747CC590BEC44CD91F&form=CONMHP&conlogo=CT33
Firefox pref Gefunden: [C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js] - "browser.search.defaultenginename" - "Yahoo! Powered"
Firefox pref Gefunden: [C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js] - "browser.search.hiddenOneOffs" - "Search Provided by Yahoo,Yahoo,Bing,DuckDuckGo,LEO Eng-Deu"
Firefox pref Gefunden: [C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js] - "browser.search.selectedEngine" - "Yahoo! Powered"
Firefox pref Gefunden: [C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js] - "extensions.cliqz_hpn.userPKTest" - "MIIEoQIBAAKCAQB73LMteefqj4Ff5t+CTmoaYRVu7LrrQoeQQgeGkrnQouH4pOimJTlp5gI4q769Uc
Chrome pref Gefunden: [C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://www.yoursearching.com/?type=hp&ts=1456397326&z=44e91fe23cbc1884022c220g9z5wcq5cct3m7c9ocz&from=brd&uid=ST1000LM
Chrome pref Gefunden: [C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - hxxp://yoursearching.com/wefavicon.ico
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [15159 Bytes] - [15/02/2017 20:56:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [14914 Bytes] - [15/02/2017 21:08:06]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14988 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 8.1 x64
Ran by Phil (Administrator) on 16.02.2017 at 16:49:50,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 8
Successfully deleted: C:\end (File)
Successfully deleted: C:\ProgramData\8abbd5c4 (Folder)
Successfully deleted: C:\ProgramData\pokki (Folder)
Successfully deleted: C:\Users\Phil\AppData\Local\{FA2E19ED-8733-4AB2-84A0-38F695DAAF4D} (Empty Folder)
Successfully deleted: C:\Users\Phil\AppData\Local\pokki (Folder)
Successfully deleted: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\extensions\staged (Folder)
Successfully deleted: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\staged (Folder)
Successfully deleted: C:\Program Files (x86)\Common Files\17FA6306-BE4D-DD02-4098-6CB5B72BDEC6 (Folder)
Deleted the following from C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js
user_pref(extensions.ich@maltegoetz.de.config, {\proxy\:\[proxy]\,\supportedsites\:[{\domain\:\www.youtube.com\,\displayName\:\YouTube (auto)\,\functionName\
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.02.2017 at 16:53:48,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
16.02.2017, 19:54
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nova.rambler.ru nicht entfernbar Anleitung bitte lesen; du hast die Funde mit dem adwCleaner nicht entfernt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.02.2017, 21:12
| #24 |
| | nova.rambler.ru nicht entfernbar Bin anscheinend echt zu dumm zum Lesen *augenroll* AdwCleaner - nach dem Löschen: Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 16/02/2017 um 20:30:33
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-02-13.1 [Lokal]
# Betriebssystem : Windows 8.1 (X64)
# Benutzername : Phil - SUPERPARCHITA
# Gestartet von : C:\Users\Phil\Downloads\AdwCleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Program Files\ByteFence
[-] Ordner gelöscht: C:\ProgramData\ByteFence
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\ByteFence
[-] Ordner gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware
[-] Ordner gelöscht: C:\Program Files (x86)\adblocker
[-] Ordner gelöscht: C:\Users\Public\Documents\dmp
[-] Ordner gelöscht: C:\Users\Default User\AppData\Local\Pokki
[#] Ordner mit Neustart gelöscht: C:\Users\Default\AppData\Local\Pokki
[-] Ordner gelöscht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F
[-] Ordner gelöscht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
***** [ Dateien ] *****
[-] Datei gelöscht: C:\WINDOWS\SysNative\LavasoftTcpService64.dll
[-] Datei gelöscht: C:\WINDOWS\SysNative\LavasoftTcpServiceOff.ini
[-] Datei gelöscht: C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[#] Datei gelöscht: C:\ProgramData\Application Data\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
[-] Datei gelöscht: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
[-] Datei gelöscht: C:\WINDOWS\SysWOW64\lavasofttcpservice.dll
[-] Datei gelöscht: C:\WINDOWS\SysWOW64\LavasoftTcpServiceOff.ini
[-] Datei gelöscht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\bing-lavasoft.xml
[-] Datei gelöscht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\Search Provided by Bing.xml
[-] Datei gelöscht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\searchplugins\yahoo! powered.xml
[#] Datei gelöscht: C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\SEARCHPLUGINS\YAHOO! POWERED.XML
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: {60DAB822-9A31-4A47-B237-1C9C7C366EB7}
[-] Aufgabe gelöscht: Yahoo! Powered locel
[-] Aufgabe gelöscht: ByteFence
[-] Aufgabe gelöscht: ByteFence Scan
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\ByteFenceService
[-] Schlüssel gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\pokki
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
[#] Schlüssel mit Neustart gelöscht: [x64] HKLM\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Schlüssel gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Brothersoft
[-] Schlüssel gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\ByteFence
[-] Schlüssel gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Pokki
[-] Schlüssel gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\PRODUCTSETUP
[-] Schlüssel gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\yahooprovidedsearch
[-] Schlüssel gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\csastats
[-] Schlüssel gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Brothersoft
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\ByteFence
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Pokki
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\yahooprovidedsearch
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\csastats
[-] Schlüssel gelöscht: HKLM\SOFTWARE\ByteFence
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Lavasoft\Web Companion
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Brothersoft
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\ByteFence
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Pokki
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\PRODUCTSETUP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\yahooprovidedsearch
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\csastats
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\ByteFence
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki
[-] Daten wiederhergestellt: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Daten wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Schlüssel gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten wiederhergestellt: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}
[-] Daten wiederhergestellt: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Daten wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{45199D14-1E6D-4B2F-8313-A1FAB8D25BCD}
[-] Daten wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\azlyrics.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.azlyrics.com
[-] Wert gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[-] Wert gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
[#] Wert mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[#] Wert mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Pokki]
[-] Wert gelöscht: HKU\S-1-5-21-18176717-516900863-2037645015-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [safe_urls768]
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Directory\shell\ByteFence Folder Scan
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\*\shell\ByteFence File Scan
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.newtabpage.url" - "hxxp://www.bing.com/?pc=COSP&ptag=D050116-AB747CC590BEC44CD91F&form=CONMHP&conlogo=CT3330962"
[-] Firefox Einstellungen bereinigt: "browser.search.defaultenginename" - "Yahoo! Powered"
[-] Firefox Einstellungen bereinigt: "browser.search.hiddenOneOffs" - "Search Provided by Yahoo,Yahoo,Bing,DuckDuckGo,LEO Eng-Deu"
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" - "Yahoo! Powered"
[-] Firefox Einstellungen bereinigt: "extensions.cliqz_hpn.userPKTest" - "MIIEoQIBAAKCAQB73LMteefqj4Ff5t+CTmoaYRVu7LrrQoeQQgeGkrnQouH4pOimJTlp5gI4q769Uce6Oz9isshSu0+DOrztNa7jZhR8K7YFR4Nq81VPeBJlB+zIyKcKnnvT87p5nuopehPi9/d29rYNQpRDt0DgnSYbg1vwGJCYZurnJ3bADSlzahdl/X1j6xmap+X8vAXpoz3Z2Og/Z23vjNbixPKuN0SI0xlHneQhlSM1Tasn9fhBVEr6/xDFwstwLsKamEFg4+2Fyq6UtNbK+vrI8vglEAYq2edRFZg/z5CwdGTziP9gniPAhOuJNBsnhqKAYjDZtYLfWfQJGo8j7JO6FFLVssePAgMBAAECggEAAl482sC662QlABVk7pPbOXfjtgQ2qqrR9rMce7kwbkm+8kcM36hUia7JGhZGhk4a+HeLhbKPW+2S3ppv5EUje9uGxrz7NOyiGZhfaC6Og3n8T/ZuIyjWiz3csdiU94gK+0rsY0ziPCyqswS86851XQ9M4bFGinNlSFgb0B4wTbGRtTc+xOSmeuYLySD65mYAanPAVhJnhRW+5FcqlonFKqFJ9yfJIIxq5K7JhsveDCmNg63S0YXed0ARvRtDLx/pkw5XeRr6/5bZLoMPXFVAF59u2cybHpFCcvbvoChsEg8D+F6IRMnPuRMSCKNejB030VOPVQQm4TBLJtpwRN/gmQKBgQDKqZPQtNkhvIJ6o+xmS7vfz1hzOOiLfB71ys0oUFrOXauDSw4+GVM8BKvx2xPdcPvWKkqYJ/bu+7AQC1/D6Mbh7Slsr3ZscG/tEP/fz7jMOVgGoUOdlnbxzs0PJcWYKwlShU/VecQExSTNKK1k9iJlSBzBU0EZA98EyAsv0WMeawKBgQCcde+AHbhng1M/yxFnw1ADB8/Fw4j6qez27+lMkn/4O2gGrLoWVZRamrvVK+isr1Q7W1y4fpnOve/jJjSMgk8potzOxx4dAhvAaneDhAC3alnwx6GTCoUoIbprcP84Hq5ZoasL+87IXH/YQzFjLwNLp01oh8fpfZdl2WXeTgl8bQKBgHZ+xnW+eEKYhTYOCJgbagNHqfDc8mM0NKoEZQZQTXfiHvmKdg5rIlayaJLmRGwytp0XZzwmCeTb9qq668iRn0/UKmdpBHYNG/Rh/youu191m/lsayuGIY/rGczkie8aIr5EQlSQeMNNPeJTCWdB3wSXMHD9K8/jio+yI5BW/nx3AoGAd0BQdkawyXzH0+ST9JFiB51JmINLgTpI2YHMQMecb/ffds7p2qIJu/EZ3wVjh1LvEXq2NgyQcIpGL8xr2vhrG+H9CEGtyxBTVJoRU5Ul8qZFvQZ7ORaYnRjv/HoYnI6N9tUJCM45Mm+GJbA5EU7A5UWz80sibO2DmmZThVfXVRUCgYAbVAOnkh3Plhw3DyZsLuGLQ67mL0meBh6l99cPcEPsRLridNS/ajm6/F17AMemjCIAQufsI2aMNAK7aFl9ohz4K82LWgEHmi24HJ6ENk2l+oMW0BZGROhTxBXm7V9zJdmHldQ2ZtswSVOHYUIBlymyDUvEo9rYMxg6f1cgsyoOFA=="
[-] [C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Gelöscht: hxxp://www.yoursearching.com/?type=hp&ts=1456397326&z=44e91fe23cbc1884022c220g9z5wcq5cct3m7c9ocz&from=brd&uid=ST1000LM024XHN-M101MBB_S30YJ9EG212330
[-] [C:\Users\Phil\AppData\Local\Google\Chrome\User Data\Default] [favicon_url] Gelöscht: hxxp://yoursearching.com/wefavicon.ico
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [16720 Bytes] - [16/02/2017 20:30:33]
C:\AdwCleaner\AdwCleaner[S0].txt - [15159 Bytes] - [15/02/2017 20:56:26]
C:\AdwCleaner\AdwCleaner[S1].txt - [15232 Bytes] - [15/02/2017 21:08:06]
C:\AdwCleaner\AdwCleaner[S2].txt - [15089 Bytes] - [16/02/2017 20:08:50]
C:\AdwCleaner\AdwCleaner[S3].txt - [15108 Bytes] - [16/02/2017 20:22:45]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [17090 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 8.1 x64
Ran by Phil (Administrator) on 16.02.2017 at 20:50:00,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Deleted the following from C:\Users\Phil\AppData\Roaming\Mozilla\Firefox\Profiles\6dhz67ax.default\prefs.js
user_pref(extensions.ich@maltegoetz.de.config, {\proxy\:\[proxy]\,\supportedsites\:[{\domain\:\www.youtube.com\,\displayName\:\YouTube (auto)\,\functionName\
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.02.2017 at 20:53:36,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
16.02.2017, 22:02
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | nova.rambler.ru nicht entfernbar Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu nova.rambler.ru nicht entfernbar |
| entfernbar, entfernen, festgestellt, gestellt, malware / adware / spyware etc, nicht, nicht entfernbar, nicht mehr, nova.rambler.ru, problem, tagen, virus ? |
Linear-Darstellung
