| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Dateien mit der Endung .cryptWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.03.2017, 19:50
| #1 |
| |  Dateien mit der Endung .crypt Hallo in die Runde. Ich habe in einem Ordner einige Dateien mit der Endung .crypt gefunden. Es handelt sich um ZIP Dateien in dem Ordner sind auch noch welche ohne diese Endung vorhanden. Es handelt sich um den Archiv Ordner meines Buchhaltungsprogrammes. Der Support dieses sagte mir ich hätte mir einen Trojaner eingefangen. Somit habe ich den PC über einen Rettungsstick gestartet, den ich mit Kaspersky Internet security erstellt habe. Das System komplett gescannt und nichts wurde gefunden. einzig die Anzeige das er auf einige Dateien aufgrund eines Lesefehlers nicht zugreifen konnte. Jetzt bin ich unsicher ob es wirklich ein Virus ist. Wie könnte ich weiter vorgehen? Erstelle jetzt erst einmal ein Image der Festplatte und wäre für Tipps super dankbar. hxxp://www.trojaner-board.de/images/smilies/dankeschoen.gif |
|
26.03.2017, 13:49
| #2 |
| /// TB-Ausbilder   | Dateien mit der Endung .crypt Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Sind alle privaten Daten verschlüsselt oder nur ein paar? Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
27.03.2017, 08:30
| #3 |
| | Dateien mit der Endung .crypt Hallo Matthias,
__________________danke schon mal für Deine Hilfe. Es sind nur einige Daten im Archiv Ordner mit dieser Endung versehen, keine privaten. Momentan läuft noch die Sicherung mit O&O Diskimmage Professional. Sobald die Sicherung fertig ist werde ich die Tools installieren und die LOG Dateien posten. Wird allerdings morgen werden, da noch etwa 6 Stunden für das Image vom Programm angegeben werden. Bis morgen dann. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von XXXX (Administrator) auf XXXXXX (27-03-2017 09:18:47)
Gestartet von F:\
Geladene Profile: XXXX (Verfügbare Profile: XXXX & UpdatusUser & testuser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
() C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
(TAIFUN Software AG) C:\MSE\TOS\TOSS.exe
() C:\OEM\USBDECTION\USBS3S4Detection.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Oracle Corporation) C:\MSE\TOS\jre\bin\java.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Synology Inc.) C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe
(Pervasive Software Inc.) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-16] (Kaspersky Lab ZAO)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-11-26] (Google Inc.)
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\...\Run: [winxj] => C:\Users\xxxx\AppData\Roaming\winxj.exe [0 1685-09-23] ()
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\...\Run: [Data Replicator 3] => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe [11605576 2015-11-12] (Synology Inc.)
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\...\MountPoints2: {8bebecae-36b0-11e1-9400-90fba649358b} - H:\AutoRun.exe
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\...\MountPoints2: {8bebecba-36b0-11e1-9400-90fba649358b} - H:\AutoRun.exe
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\...\MountPoints2: {9104c492-377a-11e1-885a-90fba649358b} - I:\AutoRun.exe
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\...\MountPoints2: {dc32803a-4e40-11e1-ad38-001e101f8ed0} - H:\setup_vmc_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-02-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-02-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-02-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll [2011-02-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll [2015-09-03] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-02-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-02-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [2011-02-18] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll [2009-09-10] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {dd230880-495a-11d1-b064-008048ec2fc5} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll [2015-09-03] (Kaspersky Lab ZAO)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start Pervasive PSQL Workgroup Engine.lnk [2010-06-30]
ShortcutTarget: Start Pervasive PSQL Workgroup Engine.lnk -> C:\Windows\Installer\{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}\WGE.14A03FCD_EA43_4130_A5C0_F02D38895A13.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3081066F-FFFA-49C2-8F34-637EFD35BA18}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{7179C16A-F704-4FE0-89FB-3AA4E1996508}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{726042BB-32C8-427F-A883-F441EC025F1C}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{E9062346-F029-4257-8A47-548313F07755}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=173606107407pe438v185w44j1u282
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3780525777-4292461857-2884816717-1001 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE385
SearchScopes: HKU\S-1-5-21-3780525777-4292461857-2884816717-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE385
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-02] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-02] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-02] (Kaspersky Lab ZAO)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-02] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-02] (Kaspersky Lab ZAO)
BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-02] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-02] (Kaspersky Lab ZAO)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10] (Sun Microsystems, Inc.)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-02] (Kaspersky Lab ZAO)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-3780525777-4292461857-2884816717-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\78kyjmfr.default-1483458056589 [2017-03-24]
FF Extension: (Firefox Hotfix) - C:\Users\xxxx\AppData\Roaming\Mozilla\Firefox\Profiles\78kyjmfr.default-1483458056589\Extensions\firefox-hotfix@mozilla.org.xpi [2017-03-10]
FF Extension: (Anti-Banner) - C:\Program Files (x86)\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak [2017-01-09] [ist nicht signiert]
FF Extension: (Modul zur Link-Untersuchung) - C:\Program Files (x86)\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak [2017-01-09] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com [2015-02-18] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: (Virtual Keyboard) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com [2015-02-18] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com
FF Extension: (Dangerous Websites Blocker) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com [2015-02-18] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com
FF Extension: (Anti-Banner) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com [2015-02-18] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com
FF Extension: (Safe Money) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com [2015-02-18] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-03-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-03-10] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-07-28] (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2011-11-10] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL [2007-03-22] (Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default [2016-12-22]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2015-10-19]
CHR Extension: (Sicherer Zahlungsverkehr) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh [2015-10-19]
CHR Extension: (Content Blocker) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2015-10-19]
CHR Extension: (Virtual Keyboard) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2015-10-19]
CHR Extension: (Kaspersky Protection) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh [2015-10-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-28]
CHR Extension: (Anti-Banner) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2015-10-19]
CHR Extension: (Chrome Media Router) - C:\Users\xxxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-22]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx [2012-12-28]
CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx [2012-12-28]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx [2012-12-28]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx [2012-12-28]
CHR HKLM-x32\...\Chrome\Extension: [lpoimibckejjdjcfbdnajaicnklhfplh] - hxxps://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx [2012-12-28]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avp; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-16] (Kaspersky Lab ZAO)
R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1648840 2016-08-05] (Foxit Software Inc.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [239968 2012-01-04] ()
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R2 SynoDrService; C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe [384072 2015-11-12] ()
R2 TAIFUN_SEARCH; C:\MSE\TOS\TOSS.EXE [16795096 2016-05-31] (TAIFUN Software AG)
R2 USBS3S4Detection; C:\OEM\USBDECTION\USBS3S4Detection.exe [76320 2009-12-09] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2010-05-25] (Devguru Co., Ltd)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-04-02] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [628288 2014-06-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2014-04-02] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-16] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-16] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-07-15] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [177864 2015-02-18] (Kaspersky Lab ZAO)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-27 09:18 - 2017-03-27 09:18 - 00000000 ____D C:\FRST
2017-03-27 09:15 - 2017-03-27 09:18 - 00209974 _____ C:\TDSSKiller.3.1.0.12_27.03.2017_09.15.42_log.txt
2017-03-25 14:57 - 2017-03-25 14:57 - 00193206 _____ C:\Windows\ntbtlog.txt
2017-03-25 10:43 - 2017-03-25 10:43 - 00000000 ____D C:\Program Files\HitmanPro
2017-03-25 10:42 - 2017-03-25 10:42 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-24 23:59 - 2017-03-24 23:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-24 23:58 - 2017-03-25 00:22 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-03-24 23:58 - 2017-03-24 23:58 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-24 23:58 - 2017-03-24 23:58 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-03-24 23:56 - 2017-03-24 23:56 - 00000598 _____ C:\Users\xxxx\Desktop\Install Kaspersky Internet Security version 17.0.0.611.lnk
2017-03-24 03:28 - 2017-03-27 08:54 - 00404068 ____H C:\Users\Heike\drlog.txt
2017-03-20 13:38 - 2017-03-20 13:38 - 00000055 _____ C:\TAIFUN.url
2017-03-17 17:28 - 2017-03-17 17:28 - 00055084 _____ C:\Users\xxxx\Desktop\Retourenschein El.Kunst.xlsx
2017-03-15 02:15 - 2017-03-04 19:24 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-03-15 02:15 - 2017-03-04 18:39 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-03-15 02:15 - 2017-03-04 10:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-03-15 02:15 - 2017-03-04 10:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-03-15 02:15 - 2017-03-04 10:02 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-03-15 02:15 - 2017-03-04 10:01 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-03-15 02:15 - 2017-03-04 10:01 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-03-15 02:15 - 2017-03-04 10:01 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-03-15 02:15 - 2017-03-04 10:01 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-03-15 02:15 - 2017-03-04 09:59 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-03-15 02:15 - 2017-03-04 09:52 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-03-15 02:15 - 2017-03-04 09:51 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-03-15 02:15 - 2017-03-04 09:48 - 25746944 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-03-15 02:15 - 2017-03-04 09:46 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-03-15 02:15 - 2017-03-04 09:45 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-03-15 02:15 - 2017-03-04 09:45 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-03-15 02:15 - 2017-03-04 09:45 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-03-15 02:15 - 2017-03-04 09:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-03-15 02:15 - 2017-03-04 09:36 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-03-15 02:15 - 2017-03-04 09:32 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-03-15 02:15 - 2017-03-04 09:31 - 06045696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-03-15 02:15 - 2017-03-04 09:23 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-03-15 02:15 - 2017-03-04 09:21 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-03-15 02:15 - 2017-03-04 09:16 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-03-15 02:15 - 2017-03-04 09:16 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-03-15 02:15 - 2017-03-04 09:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-03-15 02:15 - 2017-03-04 09:11 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-03-15 02:15 - 2017-03-04 08:57 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-03-15 02:15 - 2017-03-04 08:55 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-03-15 02:15 - 2017-03-04 08:54 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-03-15 02:15 - 2017-03-04 08:52 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-03-15 02:15 - 2017-03-04 08:52 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-03-15 02:15 - 2017-03-04 08:26 - 15259648 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-03-15 02:15 - 2017-03-04 08:25 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-03-15 02:15 - 2017-03-04 08:12 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-03-15 02:15 - 2017-03-04 08:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-03-15 02:15 - 2017-03-04 06:18 - 20281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-03-15 02:15 - 2017-03-02 20:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-03-15 02:15 - 2017-03-02 20:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-03-15 02:15 - 2017-03-02 20:01 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-03-15 02:15 - 2017-03-02 20:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-03-15 02:15 - 2017-03-02 20:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-03-15 02:15 - 2017-03-02 20:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-03-15 02:15 - 2017-03-02 19:55 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-03-15 02:15 - 2017-03-02 19:54 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-03-15 02:15 - 2017-03-02 19:53 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-03-15 02:15 - 2017-03-02 19:51 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-03-15 02:15 - 2017-03-02 19:50 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-03-15 02:15 - 2017-03-02 19:49 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-03-15 02:15 - 2017-03-02 19:49 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-03-15 02:15 - 2017-03-02 19:41 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-03-15 02:15 - 2017-03-02 19:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-03-15 02:15 - 2017-03-02 19:35 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-03-15 02:15 - 2017-03-02 19:32 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-03-15 02:15 - 2017-03-02 19:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-03-15 02:15 - 2017-03-02 19:29 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-03-15 02:15 - 2017-03-02 19:28 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-03-15 02:15 - 2017-03-02 19:22 - 04604416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-03-15 02:15 - 2017-03-02 19:21 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-03-15 02:15 - 2017-03-02 19:19 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-03-15 02:15 - 2017-03-02 19:17 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-03-15 02:15 - 2017-03-02 19:17 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-03-15 02:15 - 2017-03-02 19:11 - 13654528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-03-15 02:15 - 2017-03-02 18:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-03-15 02:15 - 2017-03-02 18:50 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-03-15 02:15 - 2017-03-02 18:50 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-03-15 02:15 - 2017-02-11 17:58 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-03-15 02:15 - 2017-02-11 17:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-03-15 02:15 - 2017-02-11 17:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-03-15 02:15 - 2017-02-10 18:32 - 00803328 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-03-15 02:15 - 2017-02-10 18:32 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-03-15 02:15 - 2017-02-10 18:17 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-03-15 02:15 - 2017-02-10 18:17 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-03-15 02:15 - 2017-02-10 16:33 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-03-15 02:15 - 2017-02-09 18:36 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-03-15 02:15 - 2017-02-09 18:35 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-03-15 02:15 - 2017-02-09 18:35 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-03-15 02:15 - 2017-02-09 18:35 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-03-15 02:15 - 2017-02-09 18:35 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-03-15 02:15 - 2017-02-09 18:33 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\WcsPlugInService.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-03-15 02:15 - 2017-02-09 18:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00625664 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00250880 _____ (Microsoft Corporation) C:\Windows\system32\icm32.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:19 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-03-15 02:15 - 2017-02-09 18:19 - 03945192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-03-15 02:15 - 2017-02-09 18:16 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00481792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icm32.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 18:03 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-03-15 02:15 - 2017-02-09 18:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-03-15 02:15 - 2017-02-09 18:03 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-03-15 02:15 - 2017-02-09 18:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-03-15 02:15 - 2017-02-09 18:00 - 03220480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-03-15 02:15 - 2017-02-09 17:59 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-03-15 02:15 - 2017-02-09 17:58 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-03-15 02:15 - 2017-02-09 17:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-03-15 02:15 - 2017-02-09 17:55 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-03-15 02:15 - 2017-02-09 17:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-03-15 02:15 - 2017-02-09 17:54 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-03-15 02:15 - 2017-02-09 17:54 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-03-15 02:15 - 2017-02-09 17:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-03-15 02:15 - 2017-02-09 17:51 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WcsPlugInService.dll
2017-03-15 02:15 - 2017-02-09 17:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-03-15 02:15 - 2017-02-09 17:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-03-15 02:15 - 2017-02-09 17:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-03-15 02:15 - 2017-02-09 17:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-03-15 02:15 - 2017-02-09 17:49 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-03-15 02:15 - 2017-02-09 17:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 17:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 17:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 17:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-03-15 02:15 - 2017-02-09 16:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-03-15 02:15 - 2017-02-09 16:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-03-15 02:15 - 2017-02-06 18:14 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-03-15 02:15 - 2017-01-13 20:00 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-03-15 02:15 - 2017-01-13 20:00 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2017-03-15 02:15 - 2017-01-13 19:45 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-03-15 02:15 - 2017-01-13 19:45 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2017-03-15 02:15 - 2017-01-11 20:01 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2017-03-15 02:15 - 2017-01-11 20:01 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2017-03-15 02:15 - 2017-01-11 19:43 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2017-03-15 02:15 - 2017-01-11 19:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2017-03-15 02:15 - 2017-01-06 20:00 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2017-03-15 02:15 - 2017-01-06 19:44 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2017-03-15 02:14 - 2017-02-23 01:42 - 00084712 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-03-15 02:14 - 2017-02-23 01:37 - 01285632 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-03-15 02:14 - 2017-02-18 16:05 - 01609216 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-03-15 02:14 - 2017-02-18 16:05 - 00646656 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-03-15 02:14 - 2016-12-31 17:36 - 00556544 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-03-15 02:14 - 2016-12-31 17:36 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-03-15 02:14 - 2016-12-31 17:36 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-03-15 02:14 - 2016-12-31 17:36 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-03-15 02:14 - 2016-12-31 17:36 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-03-13 18:32 - 2017-03-13 18:37 - 00000000 ____D C:\Users\xxxx\Desktop\Alfa
2017-03-10 13:09 - 2017-03-10 13:09 - 00002425 _____ C:\Users\xxxx\Desktop\Pricelist TAL EU 10.03.2017.xlsx - Verknüpfung.lnk
2017-03-07 13:11 - 2017-03-07 13:11 - 00002361 _____ C:\Users\xxxx\Desktop\xxxx - Verknüpfung (2).lnk
2017-03-06 11:35 - 2017-03-06 11:44 - 00000000 ____D C:\Users\TEMP
2017-03-06 11:35 - 2010-06-28 14:15 - 00000000 ____D C:\Users\TEMP\AppData\Local\Microsoft Help
2017-03-06 11:35 - 2009-07-14 09:44 - 00000000 ____D C:\Users\TEMP\AppData\Roaming\Media Center Programs
2017-03-02 17:10 - 2017-03-02 17:10 - 00021345 _____ C:\Users\xxxx\Downloads\PB_Auslandsüberweisung_ 02-03-2017_1606.pdf
2017-02-28 11:40 - 2017-02-28 11:40 - 00021285 _____ C:\Users\xxxx\Downloads\PB_Auslandsüberweisung_28-02-2017_1038.pdf
2017-02-27 20:03 - 2017-02-27 20:04 - 00522845 _____ C:\Users\xxxx\Downloads\5877e-00std.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-27 09:02 - 2009-07-14 06:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-27 09:02 - 2009-07-14 06:45 - 00018512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-27 08:59 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-27 08:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2017-03-27 08:59 - 2007-10-10 22:53 - 00699432 _____ C:\Windows\system32\perfh007.dat
2017-03-27 08:59 - 2007-10-10 22:53 - 00149572 _____ C:\Windows\system32\perfc007.dat
2017-03-27 08:56 - 2011-03-15 11:02 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-27 08:54 - 2017-02-10 15:52 - 00000000 ____D C:\ProgramData\Foxit Software
2017-03-27 08:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-27 08:54 - 2007-10-10 13:07 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-24 23:56 - 2011-03-15 10:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2017-03-24 23:54 - 2012-04-27 20:30 - 00000000 ____D C:\Windows\system32\Macromed
2017-03-24 23:00 - 2015-11-25 12:37 - 00000298 _____ C:\Windows\Tasks\Synology Data Replicator 3-xxxx-PC-xxxx.job
2017-03-24 15:05 - 2017-01-10 14:55 - 00000000 ____D C:\Users\xxxx\AppData\LocalLow\Mozilla
2017-03-24 13:35 - 2011-10-05 09:54 - 00000000 ____D C:\Users\xxxx\AppData\Roaming\TeamViewer
2017-03-24 03:28 - 2010-06-26 13:48 - 00000000 ____D C:\Users\xxxx
2017-03-22 20:45 - 2017-01-09 15:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-22 20:45 - 2014-01-23 17:50 - 00000704 _____ C:\Windows\wininit.ini
2017-03-20 13:43 - 2016-01-12 15:44 - 00000000 ____D C:\MSE
2017-03-20 13:43 - 2013-03-27 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAIFUN Software
2017-03-16 13:37 - 2016-11-21 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-16 13:37 - 2012-06-04 12:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-15 05:02 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2017-03-15 04:24 - 2009-07-14 06:45 - 00418360 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-15 04:23 - 2013-03-14 04:02 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-15 04:23 - 2013-03-14 04:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-15 04:21 - 2014-12-10 04:23 - 00000000 ____D C:\Windows\system32\appraiser
2017-03-15 04:21 - 2014-05-07 03:00 - 00000000 ___SD C:\Windows\system32\CompatTel
2017-03-15 04:21 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2017-03-15 04:05 - 2013-08-15 03:03 - 00000000 ____D C:\Windows\system32\MRT
2017-03-15 04:03 - 2010-07-01 08:33 - 138634176 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-03-15 04:02 - 2013-03-14 04:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-10 19:39 - 2012-04-27 20:30 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-03-10 19:39 - 2011-12-08 10:56 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-10 19:39 - 2009-11-26 19:56 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-03-10 19:38 - 2010-07-01 09:51 - 00000000 ____D C:\Users\xxxx\AppData\Local\Adobe
2017-03-06 22:46 - 2017-02-10 15:10 - 00000000 ____D C:\Users\testuser
2017-03-06 22:46 - 2012-11-18 04:03 - 00000000 ____D C:\Users\UpdatusUser
2017-03-06 22:45 - 2012-11-23 11:53 - 00000000 ___RD C:\Backup
2017-03-06 22:45 - 2009-11-26 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone
2017-03-06 22:45 - 2009-11-26 19:31 - 00000000 ____D C:\Program Files (x86)\Acer GameZone
2017-03-06 22:45 - 2009-07-14 09:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-03-06 22:45 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-03-06 22:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2017-03-01 11:18 - 2012-07-20 10:10 - 00000000 ____D C:\Users\xxxx\AppData\Local\Paint.NET
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2009-11-26 19:31 - 2009-02-10 22:23 - 0192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
1601-01-01 02:00 - 1685-09-23 02:50 - 0000000 _____ () C:\Users\xxxx\AppData\Roaming\winxj.exe
2011-04-28 09:48 - 2011-04-28 09:48 - 0004096 ____H () C:\Users\xxxx\AppData\Local\keyfile3.drm
2012-11-23 11:53 - 2012-11-23 11:53 - 0017408 _____ () C:\Users\xxxx\AppData\Local\WebpageIcons.db
2007-10-10 13:11 - 2007-10-10 13:13 - 0008463 _____ () C:\ProgramData\ArcadeDeluxe3.log
2009-11-26 19:31 - 2009-07-18 04:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe
Einige Dateien in TEMP:
====================
2016-11-18 18:17 - 2016-11-18 18:17 - 2612600 _____ (Microsoft Corporation) C:\Users\xxxx\AppData\Local\Temp\DefaultPack.EXE
2012-06-15 16:58 - 2012-06-15 16:54 - 0065536 _____ () C:\Users\xxxx\AppData\Local\Temp\Execute2App.exe
2013-03-01 20:52 - 2013-03-01 20:52 - 1004888 _____ (Solid State Networks) C:\Users\xxxx\AppData\Local\Temp\install_flashplayer11x32ax_aih.exe
2012-06-15 16:58 - 2012-06-15 16:54 - 0327680 _____ (TODO: <회사 이름>) C:\Users\xxxx\AppData\Local\Temp\Kies2RemoveAll.exe
2012-06-15 16:58 - 2012-06-15 16:54 - 0568832 _____ (Microsoft Corporation) C:\Users\xxxx\AppData\Local\Temp\msvcp90.dll
2012-06-15 16:58 - 2012-06-15 16:54 - 0655872 _____ (Microsoft Corporation) C:\Users\xxxx\AppData\Local\Temp\msvcr90.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-24 01:39
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von xxxx (27-03-2017 09:19:37)
Gestartet von F:\
Windows 7 Home Premium Service Pack 1 (X64) (2010-06-26 11:48:26)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3780525777-4292461857-2884816717-500 - Administrator - Disabled)
Gast (S-1-5-21-3780525777-4292461857-2884816717-501 - Limited - Disabled)
xxxx (S-1-5-21-3780525777-4292461857-2884816717-1001 - Administrator - Enabled) => C:\Users\xxxx
HomeGroupUser$ (S-1-5-21-3780525777-4292461857-2884816717-1002 - Limited - Enabled)
testuser (S-1-5-21-3780525777-4292461857-2884816717-1006 - Limited - Enabled) => C:\Users\testuser
UpdatusUser (S-1-5-21-3780525777-4292461857-2884816717-1004 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky PURE 3.0 (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky PURE 3.0 (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky PURE 3.0 (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.2.7110 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.2.7110 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.2.19 - NewTech Infosystems)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.2.0812 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
Backup Manager Advance (x32 Version: 2.0.2.19 - NewTech Infosystems) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version: - Oberon Media)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version: - Oberon Media)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\...\Dropbox) (Version: 1.2.52 - Dropbox, Inc.)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
EltakoFVS (remove only) (HKLM-x32\...\EltakoFVS64) (Version: - )
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version: - Oberon Media)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 8.0.6.909 - Foxit Software Inc.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Fujitsu Finder (HKLM-x32\...\FujitsuFinder) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Earth Plug-in (HKLM-x32\...\{A0DBDF40-559F-11E0-82E2-001D0926B1BF}) (Version: 6.0.2.2074 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPL Ghostscript 8.71 (HKLM-x32\...\GPL Ghostscript 8.71) (Version: - )
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version: - Oberon Media)
GRAPHISOFT BIMx Desktop Viewer (HKLM-x32\...\103FFFFFFF20FF00FF2801F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
Hardlock Gerätetreiber (HKLM-x32\...\Hardlock Gerätetreiber) (Version: - )
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 1.00.3004 - Acer Incorporated)
HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät (HKLM\...\{AF43C18E-693D-4126-B190-8F55E3623D5D}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Hilfe (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Kaspersky PURE 3.0 (HKLM-x32\...\InstallWIX_{D0702EE9-9DE4-419A-9C6C-4730B1C985BA}) (Version: 13.0.2.558 - Kaspersky Lab)
Kaspersky PURE 3.0 (x32 Version: 13.0.2.558 - Kaspersky Lab) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.382 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 52.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 de)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\...\MyFreeCodec) (Version: - )
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Nero 9 Essentials (HKLM-x32\...\{9d5299f9-f94e-43ed-9632-a5e045b51f7d}) (Version: - Nero AG)
Network ScanGear Ver.2.21 (HKLM-x32\...\InstallShield_{BBE3E502-F1D6-4FC9-9844-CC0850B7C516}) (Version: 2.21.0000 - Canon Inc)
Network ScanGear Ver.2.21 (x32 Version: 2.21.0000 - Canon Inc) Hidden
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pervasive PSQL v10.10 Workgroup (32-bit) (HKLM-x32\...\Pervasive PSQL v10.10 Workgroup (32-bit)) (Version: 10.10.126 - Pervasive Software)
Pervasive PSQL v10.10 Workgroup (32-bit) (x32 Version: 10.10.126 - Pervasive Software) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5930 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Synology Data Replicator 3 (HKLM-x32\...\{8E310838-457C-4269-B177-3EFB300CBDDC}) (Version: 1.0.0.0 - Synology Inc.)
TAIFUN DATEV-Datenaustausch v12.00 (HKLM-x32\...\TAIFUN DATEV-Datenaustausch_is1) (Version: - TAIFUN Software AG)
TAIFUN v16.01 (HKLM-x32\...\TAIFUN Handwerk_is1) (Version: - TAIFUN Software AG)
TAIFUN MailServer - Archiv v16.01 (HKLM-x32\...\TAIFUN MailServer - Archiv_is1) (Version: - TAIFUN Software AG)
TAIFUN MailServer - Import v16.00 (HKLM-x32\...\TAIFUN MailServer - Import_is1) (Version: - TAIFUN Software AG)
TAIFUN MailServer v16.01 (HKLM-x32\...\TAIFUN MailServer_is1) (Version: - TAIFUN Software AG)
TAIFUN openDocument - OCR v16.01 (HKLM-x32\...\TAIFUN openDocument - OCR_is1) (Version: - TAIFUN Software AG)
TAIFUN openDocument v16.01 (HKLM-x32\...\TAIFUN openDocument_is1) (Version: - TAIFUN Software AG)
TAIFUN openSearch v16.00 (HKLM\...\TAIFUN openSearch_is1) (Version: - TAIFUN Software AG)
TAIFUN Postleitzahlen v16.01 (HKLM-x32\...\TAIFUN Postleitzahlen_is1) (Version: - TAIFUN Software AG)
TAIFUN Rechtschreibprüfung v16.00 (HKLM-x32\...\TAIFUN Rechtschreibprüfung_is1) (Version: - TAIFUN Software AG)
TAIFUN Zahlungsverkehr v12.00 (HKLM-x32\...\TAIFUN Zahlungsverkehr_is1) (Version: - TAIFUN Software AG)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
Überwachungstool für die Intel® Turbo-Boost-Technologie (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3780525777-4292461857-2884816717-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3780525777-4292461857-2884816717-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3780525777-4292461857-2884816717-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3780525777-4292461857-2884816717-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\xxxx\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {32E8C02B-82F1-4359-AD38-495A5880227B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {75FE8DA0-1AE9-415E-A28D-8389806B98CD} - System32\Tasks\Synology Data Replicator 3-xxxx-PC-xxxx => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe [2015-11-12] (Synology Inc.)
Task: {B5E6ADD2-5686-4982-8AE0-30B2950F9C7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Synology Data Replicator 3-xxxx-PC-xxxx.job => C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Meine Websites auf MSN\target.lnk -> hxxp://www.msnusers.co
ShortcutWithArgument: C:\Users\Public\Desktop\Acer Zubehör Shop.lnk -> C:\Program Files\Acer Accessory Store\StartURL.exe () -> hxxp://store.acer-euro.com/de?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-11-18 04:03 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-07-14 14:59 - 2005-03-12 02:07 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-01-04 18:26 - 2012-01-04 18:25 - 00239968 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
2015-11-12 18:23 - 2015-11-12 18:23 - 00384072 _____ () C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
2009-12-14 04:19 - 2009-12-09 11:24 - 00076320 ____N () C:\OEM\USBDECTION\USBS3S4Detection.exe
2010-10-28 13:05 - 2010-03-15 11:28 - 00166400 _____ () C:\Program Files\WinRAR\rarext.dll
2017-02-10 16:26 - 2012-01-20 15:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 00479752 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\dblite.dll
2012-12-20 18:19 - 2012-12-20 18:19 - 01310728 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\kpcengine.2.2.dll
2012-01-04 18:26 - 2012-01-04 18:25 - 00011362 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\mingwm10.dll
2012-01-04 18:26 - 2012-01-04 18:25 - 00043008 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\libgcc_s_dw2-1.dll
2012-01-04 18:26 - 2012-01-04 18:25 - 02415104 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtCore4.dll
2012-01-04 18:26 - 2012-01-04 18:25 - 01148416 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtNetwork4.dll
2012-01-04 18:26 - 2012-01-04 18:25 - 00383488 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QueryStrategy.dll
2012-01-04 18:26 - 2012-01-04 18:25 - 00398336 _____ () C:\ProgramData\Mobile Partner\OnlineUpdate\QtXml4.dll
2009-02-03 03:33 - 2009-02-03 03:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 03:55 - 2008-09-29 03:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:CM_8051e3427dd428771a94b51c86b188cc60b138eae10009cb429b455b88c7bc8c [32]
AlternateDataStreams: C:\Windows:CM_85eca95e969bfbdfd882602b81042d3d7b98f3c24cf0a00eae2c0ef588b6a31d [66]
AlternateDataStreams: C:\Windows:CM_8d0501cf5b21b235063b25c454181f7af0580a71d0a0f011307d8160db8ca705 [32]
AlternateDataStreams: C:\Windows:CM_ede31905703d90af3abaa46f01fe6d5c687923705893175cca9411b21f56061e [32]
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54 [118]
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2 [147]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3780525777-4292461857-2884816717-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\xxxx\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\startupfolder: C:^Users^xxxx^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: EgisTecLiveUpdate => "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: IAAnotif => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
MSCONFIG\startupreg: KiesHelper => C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
MSCONFIG\startupreg: PlayMovie => "C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{2999B480-04BC-4CC7-A7D4-5073AD5AB579}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{CA7A3180-BF6A-448C-92D6-A85316D86215}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe
FirewallRules: [{B38B35B0-A397-4F36-AAC8-496AD5626955}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe
FirewallRules: [{D320EDC2-C727-4C57-88CD-23BD3D11E64B}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
FirewallRules: [{76DFFDC1-53E9-47FF-BEBB-5FC650A1D1CB}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe
FirewallRules: [{437FE356-B371-42FC-BB1F-2964194264E6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{AD307E6A-69C4-420B-8583-94C5A6FC66E5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{98A719B8-0A04-49DC-9ECC-C1433FC1D7B3}] => (Allow) svchost.exe
FirewallRules: [{1E97F814-F02C-4116-B6CA-2283C22C11AC}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{87A1C1E6-5FEB-4A0E-9481-2362AA3A8B7C}] => (Allow) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
FirewallRules: [{E85493BF-426F-472B-AE6B-EFD5810EBDD5}] => (Allow) C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe
FirewallRules: [TCP Query User{D948A3D0-649F-4AE9-B14A-609D651381AF}C:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe] => (Block) C:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe
FirewallRules: [UDP Query User{9F94635A-8F5B-415A-B094-DE550DCFD853}C:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe] => (Block) C:\program files (x86)\pervasive software\psql\bin\w3dbsmgr.exe
FirewallRules: [TCP Query User{63023E4F-110E-49BA-B959-2A4ABA2599D8}\\bremi-nas\public\von lw - t\mse\tfw\tfw.exe] => (Allow) \\bremi-nas\public\von lw - t\mse\tfw\tfw.exe
FirewallRules: [UDP Query User{752B711F-5BD6-494A-A838-7C57BA9344EC}\\bremi-nas\public\von lw - t\mse\tfw\tfw.exe] => (Allow) \\bremi-nas\public\von lw - t\mse\tfw\tfw.exe
FirewallRules: [TCP Query User{30A98C7A-4BDA-49C0-8415-33C310B5E2E0}C:\program files (x86)\fujitsu\finder\finder.exe] => (Allow) C:\program files (x86)\fujitsu\finder\finder.exe
FirewallRules: [UDP Query User{774D3C15-3AB8-4B2E-B84E-4137BC087179}C:\program files (x86)\fujitsu\finder\finder.exe] => (Allow) C:\program files (x86)\fujitsu\finder\finder.exe
FirewallRules: [{AF350C80-F115-4D71-B70A-A3974D874D1C}] => (Allow) C:\Users\Heike\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{94337BFC-9BF2-48FD-878E-361F557BC5CA}] => (Allow) C:\Users\Heike\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{8AB32FA8-0E26-4CA9-8B93-A018D40117C2}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{B2BA8EAA-AFE1-4BB2-8C0A-42D23F91E495}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{15FC7DBC-122B-4907-A371-24486358FF8C}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{6C578F9E-0134-446F-B2DF-18DE3064DD16}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{C2D9C0CE-5E80-4BA3-A6E9-948F124D3D9C}] => (Allow) C:\Program Files\Eltako\EltakoFVS\EltakoFVS64.exe
FirewallRules: [{0A5C2B16-2426-40C7-9278-3513D397A859}] => (Allow) C:\Program Files\Eltako\EltakoFVS\EltakoFVS64.exe
FirewallRules: [{8164DCDA-15DE-4738-ADDC-46649F2F6401}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{02E6BDE3-CFFB-4D26-91EA-2BC69E4A8F50}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{486BFE59-6195-4AC7-9A3C-2D83ABD49CC7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{B4BACA6C-8FAE-46F6-A397-796CDB2205D4}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{99D7F193-6B83-408A-96FA-59E88452A759}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{EE3BCDA6-4089-4019-A277-7CEF5FC6DCDC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B0B55183-6F87-4A28-8808-F3997A8D1842}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{2CFB8700-AAFA-4EC5-96E8-409E71374B87}\\bremi-nas\public\vonlw-t\mse\tfw\tfw.exe] => (Allow) \\bremi-nas\public\vonlw-t\mse\tfw\tfw.exe
FirewallRules: [UDP Query User{738CBE2F-5D57-4363-829A-1EB0C175FF69}\\bremi-nas\public\vonlw-t\mse\tfw\tfw.exe] => (Allow) \\bremi-nas\public\vonlw-t\mse\tfw\tfw.exe
FirewallRules: [TCP Query User{BE877EC9-DFBB-44A7-837C-7C64D56EE215}C:\users\heike\desktop\tfw.exe] => (Block) C:\users\heike\desktop\tfw.exe
FirewallRules: [UDP Query User{41286F33-AC10-4B9C-8611-A33FB1AAC92E}C:\users\heike\desktop\tfw.exe] => (Block) C:\users\heike\desktop\tfw.exe
FirewallRules: [TCP Query User{E69BEF04-79ED-43CE-BCFB-D9D972F91D20}C:\mse\tms\tms.exe] => (Block) C:\mse\tms\tms.exe
FirewallRules: [UDP Query User{DA54D0B3-1095-41C9-B8FD-37411FC7BA3C}C:\mse\tms\tms.exe] => (Block) C:\mse\tms\tms.exe
FirewallRules: [TCP Query User{5E56A317-3A46-407F-A6DC-8242257B0B2A}C:\mse\tfw\tfw.exe] => (Allow) C:\mse\tfw\tfw.exe
FirewallRules: [UDP Query User{ADEE03DC-E6B6-42B1-A2C6-DA269027ABEC}C:\mse\tfw\tfw.exe] => (Allow) C:\mse\tfw\tfw.exe
FirewallRules: [TCP Query User{664F61CA-BE63-4851-8E77-2742BC4CF676}\\bremi-nas\public\vonlw-t\mse\dms\dms.exe] => (Allow) \\bremi-nas\public\vonlw-t\mse\dms\dms.exe
FirewallRules: [UDP Query User{29187B52-EC41-4183-8279-D50E5C2AD544}\\bremi-nas\public\vonlw-t\mse\dms\dms.exe] => (Allow) \\bremi-nas\public\vonlw-t\mse\dms\dms.exe
FirewallRules: [TCP Query User{08241A2A-EE49-413D-BEB3-261653EC47EB}\\bremi-nas\public\von lw-x\mse\tfw\tfw.exe] => (Allow) \\bremi-nas\public\von lw-x\mse\tfw\tfw.exe
FirewallRules: [UDP Query User{E579040B-BC8D-4871-B36D-52FEB4A7B999}\\bremi-nas\public\von lw-x\mse\tfw\tfw.exe] => (Allow) \\bremi-nas\public\von lw-x\mse\tfw\tfw.exe
FirewallRules: [TCP Query User{C7A2BEEE-930F-4AE5-9D80-5BE5C2FD618C}\\bremi-nas\public\vonlw-t\mse_2009-04-20\tfw\tfw.exe] => (Allow) \\bremi-nas\public\vonlw-t\mse_2009-04-20\tfw\tfw.exe
FirewallRules: [UDP Query User{B3A62F29-BD33-419F-9D61-9D321073A50D}\\bremi-nas\public\vonlw-t\mse_2009-04-20\tfw\tfw.exe] => (Allow) \\bremi-nas\public\vonlw-t\mse_2009-04-20\tfw\tfw.exe
FirewallRules: [{A6D13A8E-9152-4730-A1FC-FE9FE695E7B1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C5618507-E51C-48B8-BFD2-FAB5BEBB113A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DC69135B-8392-4D6B-B36E-B0A87317729C}C:\program files (x86)\synology data replicator 3\backup.exe] => (Allow) C:\program files (x86)\synology data replicator 3\backup.exe
FirewallRules: [UDP Query User{3640A5FB-0D29-4623-971F-5EE5EC770A73}C:\program files (x86)\synology data replicator 3\backup.exe] => (Allow) C:\program files (x86)\synology data replicator 3\backup.exe
FirewallRules: [TCP Query User{8B4B1665-33A6-4AEB-A6C9-D52968EE71C8}\\nas-ds214\transfer-hgb\taifun\mse\tfw\tfw.exe] => (Allow) \\nas-ds214\transfer-hgb\taifun\mse\tfw\tfw.exe
FirewallRules: [UDP Query User{D4AA64FF-BA1D-4A6D-91B0-142247F27C55}\\nas-ds214\transfer-hgb\taifun\mse\tfw\tfw.exe] => (Allow) \\nas-ds214\transfer-hgb\taifun\mse\tfw\tfw.exe
FirewallRules: [TCP Query User{F2BF255A-55EA-4BC5-B08A-36C3B9764003}C:\mseneu\tfw\tfw.exe] => (Allow) C:\mseneu\tfw\tfw.exe
FirewallRules: [UDP Query User{5FC1E276-B44F-4D9D-A6BC-4E3F40700392}C:\mseneu\tfw\tfw.exe] => (Allow) C:\mseneu\tfw\tfw.exe
FirewallRules: [TCP Query User{012289CB-2222-4A19-8E76-2219FDDBBD83}C:\program files\eltako\eltakofvs\eltakofvs64.exe] => (Block) C:\program files\eltako\eltakofvs\eltakofvs64.exe
FirewallRules: [UDP Query User{6ED29DDE-A12D-48FE-B4B1-581A667F2374}C:\program files\eltako\eltakofvs\eltakofvs64.exe] => (Block) C:\program files\eltako\eltakofvs\eltakofvs64.exe
FirewallRules: [{5FE81AA7-BCB7-4ACB-8647-AA3CF30A4009}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{5AF4C4EB-EF62-4BF8-A844-76E6ECE496D3}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaUI.exe
FirewallRules: [{AA01C392-87E9-4EB0-86D6-AF7B5978D5B6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CF4A3C56-C699-4633-9A53-6224D93FD7C9}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{C7D5EB33-6E64-4CA8-BB8A-ED9541C856BA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{248256B6-F890-4580-8265-21C9CB44B038}C:\mse\dms\dms.exe] => (Allow) C:\mse\dms\dms.exe
FirewallRules: [UDP Query User{319B30CC-2338-450E-A93D-88D819A72E26}C:\mse\dms\dms.exe] => (Allow) C:\mse\dms\dms.exe
FirewallRules: [TCP Query User{F69055FA-3928-42A6-AB32-8456519D1D86}C:\mse\tfw\tfw.exe] => (Block) C:\mse\tfw\tfw.exe
FirewallRules: [UDP Query User{319E137A-D1C8-4FF5-A7D9-C303DF704AE0}C:\mse\tfw\tfw.exe] => (Block) C:\mse\tfw\tfw.exe
FirewallRules: [TCP Query User{87D27C05-3FEB-4DE1-B46E-83246A8A5177}C:\mse\tmsa\tmsa.exe] => (Allow) C:\mse\tmsa\tmsa.exe
FirewallRules: [UDP Query User{09E26F22-FED7-4245-B64C-140F972322BE}C:\mse\tmsa\tmsa.exe] => (Allow) C:\mse\tmsa\tmsa.exe
FirewallRules: [{2B4FB8D0-E10A-405D-B2DA-14F6E11F86B2}] => (Block) C:\mse\tmsa\tmsa.exe
FirewallRules: [{1B69E146-0A3C-46FB-9CFE-BAF1A9F54DF5}] => (Block) C:\mse\tmsa\tmsa.exe
FirewallRules: [TCP Query User{75D741F0-8B73-4C58-9675-18C5F702600E}C:\mse\tmsi\tmsi.exe] => (Allow) C:\mse\tmsi\tmsi.exe
FirewallRules: [UDP Query User{5FA2FD1C-D669-4D31-8DC9-67FADBBAEF75}C:\mse\tmsi\tmsi.exe] => (Allow) C:\mse\tmsi\tmsi.exe
FirewallRules: [{9CD7C5A8-008A-4FCB-9A01-B2A58B32ACC1}] => (Block) C:\mse\tmsi\tmsi.exe
FirewallRules: [{93BDAD52-C605-4758-8C36-0C8237150701}] => (Block) C:\mse\tmsi\tmsi.exe
==================== Wiederherstellungspunkte =========================
19-03-2017 01:00:44 Windows-Sicherung
21-03-2017 04:00:11 Windows Update
24-03-2017 08:22:03 Windows Update
26-03-2017 13:43:39 Windows-Sicherung
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Intel(R) Management Engine Interface
Description: Intel(R) Management Engine Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: HECIx64
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/27/2017 09:15:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.23537, Zeitstempel: 0x57c44efe
Name des fehlerhaften Moduls: psdprotect.dll, Version: 3.1.76.0, Zeitstempel: 0x4aa9003b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000012db
ID des fehlerhaften Prozesses: 0x414
Startzeit der fehlerhaften Anwendung: 0x01d2a6c8246151ed
Pfad der fehlerhaften Anwendung: C:\Windows\explorer.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll
Berichtskennung: 1dda0fcb-12bd-11e7-b582-90fba649358b
Error: (03/27/2017 09:02:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.23537, Zeitstempel: 0x57c44efe
Name des fehlerhaften Moduls: psdprotect.dll, Version: 3.1.76.0, Zeitstempel: 0x4aa9003b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000012db
ID des fehlerhaften Prozesses: 0x5d8
Startzeit der fehlerhaften Anwendung: 0x01d2a6c80e8174e0
Pfad der fehlerhaften Anwendung: C:\Windows\explorer.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll
Berichtskennung: 5fc6abaa-12bb-11e7-b582-90fba649358b
Error: (03/27/2017 09:02:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.23537, Zeitstempel: 0x57c44efe
Name des fehlerhaften Moduls: psdprotect.dll, Version: 3.1.76.0, Zeitstempel: 0x4aa9003b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000012db
ID des fehlerhaften Prozesses: 0x358
Startzeit der fehlerhaften Anwendung: 0x01d2a6c801ebd508
Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll
Berichtskennung: 4ad276d8-12bb-11e7-b582-90fba649358b
Error: (03/27/2017 09:01:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.23537, Zeitstempel: 0x57c44efe
Name des fehlerhaften Moduls: psdprotect.dll, Version: 3.1.76.0, Zeitstempel: 0x4aa9003b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000012db
ID des fehlerhaften Prozesses: 0x484
Startzeit der fehlerhaften Anwendung: 0x01d2a6c7f92ed421
Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll
Berichtskennung: 3da21d8e-12bb-11e7-b582-90fba649358b
Error: (03/27/2017 09:01:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.23537, Zeitstempel: 0x57c44efe
Name des fehlerhaften Moduls: psdprotect.dll, Version: 3.1.76.0, Zeitstempel: 0x4aa9003b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000012db
ID des fehlerhaften Prozesses: 0xcd0
Startzeit der fehlerhaften Anwendung: 0x01d2a6c6f9af7c82
Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll
Berichtskennung: 34244d31-12bb-11e7-b582-90fba649358b
Error: (03/26/2017 01:49:54 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"
Error: (03/25/2017 09:15:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.23537, Zeitstempel: 0x57c44efe
Name des fehlerhaften Moduls: bcryptprimitives.dll, Version: 6.1.7601.23451, Zeitstempel: 0x573365b4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000007a94
ID des fehlerhaften Prozesses: 0xd20
Startzeit der fehlerhaften Anwendung: 0x01d2a567da591acc
Pfad der fehlerhaften Anwendung: C:\Windows\Explorer.EXE
Pfad des fehlerhaften Moduls: C:\Windows\system32\bcryptprimitives.dll
Berichtskennung: 600b7fdb-118f-11e7-8628-90fba649358b
Error: (03/24/2017 04:16:06 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error: (03/24/2017 04:15:08 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei "C:\Program Files (x86)\Windows Live\Photo Gallery\WLMFDS.DLL" in Zeile 8.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (03/23/2017 04:39:22 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll" in Zeile 3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Systemfehler:
=============
Error: (03/27/2017 08:56:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
Error: (03/27/2017 08:56:39 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
Anmeldung fehlgeschlagen: Das angegebene Kennwort des Kontos ist abgelaufen.
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (03/27/2017 08:55:20 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (03/27/2017 08:54:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/27/2017 08:54:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Mobile Partner. OUC erreicht.
Error: (03/27/2017 08:54:05 AM) (Source: HECIx64) (EventID: 3) (User: )
Description: Intel(R) Management Engine Interface driver has failed to perform handshake with the Firmware.
Error: (03/26/2017 04:03:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.
Error: (03/26/2017 04:03:49 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
Anmeldung fehlgeschlagen: Das angegebene Kennwort des Kontos ist abgelaufen.
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (03/26/2017 04:02:08 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen (Anwendungsspezifisch) wird der SID (S-1-5-18) für Benutzer NT-AUTORITÄT\SYSTEM von Adresse LocalHost (unter Verwendung von LRPC) keine Berechtigung zum Start (Lokal) für die COM-Serveranwendung mit CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
und APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungsprogramm für Komponentendienste geändert werden.
Error: (03/26/2017 04:01:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile Partner. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
CodeIntegrity:
===================================
Date: 2014-10-15 00:33:23.788
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:33:23.773
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:33:23.773
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:33:23.757
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:33:23.757
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-15 00:33:23.742
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 00:18:32.605
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 00:18:32.590
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 00:18:32.590
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-10-12 00:18:32.574
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU 650 @ 3.20GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 3959.09 MB
Verfügbarer physikalischer RAM: 2043.43 MB
Summe virtueller Speicher: 7916.37 MB
Verfügbarer virtueller Speicher: 5634.77 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:458.87 GB) (Free:259.26 GB) NTFS
Drive d: (Data) (Fixed) (Total:458.87 GB) (Free:151.92 GB) NTFS
Drive f: (OODI) (Removable) (Total:1.86 GB) (Free:1.5 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E2B1C79)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=458.9 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1.9 GB) (Disk ID: 26A66696)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
27.03.2017, 08:31
| #4 |
| | Dateien mit der Endung .cryptCode:
ATTFilter 09:31:36.0168 0x12dc TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
09:31:38.0258 0x12dc ============================================================
09:31:38.0258 0x12dc Current date / time: 2017/03/27 09:31:38.0258
09:31:38.0258 0x12dc SystemInfo:
09:31:38.0258 0x12dc
09:31:38.0258 0x12dc OS Version: 6.1.7601 ServicePack: 1.0
09:31:38.0258 0x12dc Product type: Workstation
09:31:38.0258 0x12dc ComputerName: xxxx-PC
09:31:38.0258 0x12dc UserName: xxxx
09:31:38.0258 0x12dc Windows directory: C:\Windows
09:31:38.0258 0x12dc System windows directory: C:\Windows
09:31:38.0258 0x12dc Running under WOW64
09:31:38.0258 0x12dc Processor architecture: Intel x64
09:31:38.0258 0x12dc Number of processors: 4
09:31:38.0258 0x12dc Page size: 0x1000
09:31:38.0258 0x12dc Boot type: Normal boot
09:31:38.0258 0x12dc CodeIntegrityOptions = 0x00000001
09:31:38.0258 0x12dc ============================================================
09:31:38.0352 0x12dc KLMD registered as C:\Windows\system32\drivers\36536589.sys
09:31:38.0352 0x12dc KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23677, osProperties = 0x1
09:31:38.0851 0x12dc System UUID: {81628B67-490C-07C0-6AF8-4079A4DECE39}
09:31:39.0366 0x12dc Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:31:39.0366 0x12dc Drive \Device\Harddisk1\DR1 - Size: 0x772EFE00 ( 1.86 Gb ), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:31:39.0381 0x12dc ============================================================
09:31:39.0381 0x12dc \Device\Harddisk0\DR0:
09:31:39.0381 0x12dc MBR partitions:
09:31:39.0381 0x12dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B58800, BlocksNum 0x32000
09:31:39.0381 0x12dc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1B8A800, BlocksNum 0x395BE000
09:31:39.0381 0x12dc \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B148800, BlocksNum 0x395BDDB0
09:31:39.0381 0x12dc \Device\Harddisk1\DR1:
09:31:39.0381 0x12dc MBR partitions:
09:31:39.0381 0x12dc \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x80, BlocksNum 0x3B9680
09:31:39.0381 0x12dc ============================================================
09:31:39.0428 0x12dc C: <-> \Device\Harddisk0\DR0\Partition2
09:31:39.0475 0x12dc D: <-> \Device\Harddisk0\DR0\Partition3
09:31:39.0475 0x12dc ============================================================
09:31:39.0475 0x12dc Initialize success
09:31:39.0475 0x12dc ============================================================
09:31:58.0304 0x134c ============================================================
09:31:58.0304 0x134c Scan started
09:31:58.0304 0x134c Mode: Manual; SigCheck; TDLFS;
09:31:58.0304 0x134c ============================================================
09:31:58.0304 0x134c KSN ping started
09:31:58.0336 0x134c KSN ping finished: false
09:31:58.0882 0x134c ================ Scan system memory ========================
09:31:58.0882 0x134c System memory - ok
09:31:58.0882 0x134c ================ Scan services =============================
09:31:59.0100 0x134c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:31:59.0162 0x134c 1394ohci - ok
09:31:59.0225 0x134c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:31:59.0272 0x134c ACPI - ok
09:31:59.0303 0x134c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:31:59.0318 0x134c AcpiPmi - ok
09:31:59.0365 0x134c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:31:59.0412 0x134c adp94xx - ok
09:31:59.0490 0x134c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:31:59.0521 0x134c adpahci - ok
09:31:59.0537 0x134c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:31:59.0552 0x134c adpu320 - ok
09:31:59.0584 0x134c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:31:59.0615 0x134c AeLookupSvc - ok
09:31:59.0708 0x134c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
09:31:59.0740 0x134c AFD - ok
09:31:59.0786 0x134c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
09:31:59.0802 0x134c agp440 - ok
09:31:59.0833 0x134c [ 95BC4330FA44240CA00C641A73C7E62D, 5D90D9B7D03E15B1A358582834B03A043187CDF6790EE7D3E4CCA03CE77010CA ] aksdf C:\Windows\system32\DRIVERS\aksdf.sys
09:31:59.0849 0x134c aksdf - ok
09:31:59.0849 0x134c [ A56F1B0F967AEF8A82D7771E6D166DEF, 498B2C9AFC8298C0D06FD6278DEA698C2AFEEC419200C1EF8C150ED7CB6FA1E8 ] akshasp C:\Windows\system32\DRIVERS\akshasp.sys
09:31:59.0864 0x134c akshasp - ok
09:31:59.0880 0x134c [ A9A09BC526E614CE9F29BB23C2A76CED, 260027677635E6333ABD499D5F80B7C82109208D298432946DE60C0956193BA2 ] aksusb C:\Windows\system32\DRIVERS\aksusb.sys
09:31:59.0880 0x134c aksusb - ok
09:31:59.0911 0x134c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
09:31:59.0927 0x134c ALG - ok
09:31:59.0942 0x134c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
09:31:59.0958 0x134c aliide - ok
09:31:59.0974 0x134c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
09:31:59.0989 0x134c amdide - ok
09:32:00.0005 0x134c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:32:00.0020 0x134c AmdK8 - ok
09:32:00.0036 0x134c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:32:00.0036 0x134c AmdPPM - ok
09:32:00.0067 0x134c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:32:00.0083 0x134c amdsata - ok
09:32:00.0083 0x134c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:32:00.0098 0x134c amdsbs - ok
09:32:00.0114 0x134c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:32:00.0130 0x134c amdxata - ok
09:32:00.0176 0x134c [ B84DDCCB03A9CEDC1E90A88EDA5306DB, 1E51A7336C7E3F6402ED90AB0B3E98FD3827E2DC51B133E7F8BB37140B315192 ] AppID C:\Windows\system32\drivers\appid.sys
09:32:00.0192 0x134c AppID - ok
09:32:00.0239 0x134c [ 02B60F8FA4BAB8DC3B14782A7E60564B, D7EB27CB202573734D7A4EB4667B9BCEC1598AA9EBD154F2C9266AF230F51A52 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:32:00.0254 0x134c AppIDSvc - ok
09:32:00.0286 0x134c [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo C:\Windows\System32\appinfo.dll
09:32:00.0301 0x134c Appinfo - ok
09:32:00.0301 0x134c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:32:00.0317 0x134c arc - ok
09:32:00.0348 0x134c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:32:00.0364 0x134c arcsas - ok
09:32:00.0473 0x134c [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:32:00.0504 0x134c aspnet_state - ok
09:32:00.0520 0x134c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:32:00.0551 0x134c AsyncMac - ok
09:32:00.0582 0x134c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
09:32:00.0598 0x134c atapi - ok
09:32:00.0644 0x134c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:32:00.0660 0x134c AudioEndpointBuilder - ok
09:32:00.0676 0x134c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:32:00.0707 0x134c AudioSrv - ok
09:32:00.0816 0x134c avp - ok
09:32:00.0863 0x134c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:32:00.0894 0x134c AxInstSV - ok
09:32:00.0925 0x134c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:32:00.0956 0x134c b06bdrv - ok
09:32:00.0988 0x134c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:32:00.0988 0x134c b57nd60a - ok
09:32:01.0034 0x134c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
09:32:01.0034 0x134c BDESVC - ok
09:32:01.0050 0x134c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
09:32:01.0081 0x134c Beep - ok
09:32:01.0190 0x134c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
09:32:01.0222 0x134c BFE - ok
09:32:01.0315 0x134c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
09:32:01.0362 0x134c BITS - ok
09:32:01.0378 0x134c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:32:01.0393 0x134c blbdrive - ok
09:32:01.0424 0x134c [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:32:01.0424 0x134c bowser - ok
09:32:01.0440 0x134c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:32:01.0456 0x134c BrFiltLo - ok
09:32:01.0456 0x134c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:32:01.0471 0x134c BrFiltUp - ok
09:32:01.0502 0x134c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
09:32:01.0518 0x134c Browser - ok
09:32:01.0549 0x134c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:32:01.0565 0x134c Brserid - ok
09:32:01.0565 0x134c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:32:01.0580 0x134c BrSerWdm - ok
09:32:01.0596 0x134c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:32:01.0612 0x134c BrUsbMdm - ok
09:32:01.0627 0x134c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:32:01.0627 0x134c BrUsbSer - ok
09:32:01.0705 0x134c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
09:32:01.0721 0x134c BthEnum - ok
09:32:01.0736 0x134c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:32:01.0752 0x134c BTHMODEM - ok
09:32:01.0814 0x134c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:32:01.0846 0x134c BthPan - ok
09:32:01.0924 0x134c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
09:32:01.0955 0x134c BTHPORT - ok
09:32:01.0986 0x134c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
09:32:02.0017 0x134c bthserv - ok
09:32:02.0080 0x134c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
09:32:02.0095 0x134c BTHUSB - ok
09:32:02.0126 0x134c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:32:02.0173 0x134c cdfs - ok
09:32:02.0267 0x134c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:32:02.0298 0x134c cdrom - ok
09:32:02.0376 0x134c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
09:32:02.0423 0x134c CertPropSvc - ok
09:32:02.0454 0x134c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:32:02.0470 0x134c circlass - ok
09:32:02.0532 0x134c [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS C:\Windows\system32\CLFS.sys
09:32:02.0563 0x134c CLFS - ok
09:32:02.0641 0x134c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:32:02.0657 0x134c clr_optimization_v2.0.50727_32 - ok
09:32:02.0704 0x134c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:32:02.0704 0x134c clr_optimization_v2.0.50727_64 - ok
09:32:02.0782 0x134c [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:32:02.0782 0x134c clr_optimization_v4.0.30319_32 - ok
09:32:02.0844 0x134c [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:32:02.0844 0x134c clr_optimization_v4.0.30319_64 - ok
09:32:02.0860 0x134c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:32:02.0875 0x134c CmBatt - ok
09:32:02.0891 0x134c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:32:02.0906 0x134c cmdide - ok
09:32:02.0922 0x134c [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG C:\Windows\system32\Drivers\cng.sys
09:32:02.0969 0x134c CNG - ok
09:32:02.0969 0x134c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:32:02.0984 0x134c Compbatt - ok
09:32:02.0984 0x134c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:32:03.0000 0x134c CompositeBus - ok
09:32:03.0016 0x134c COMSysApp - ok
09:32:03.0031 0x134c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:32:03.0031 0x134c crcdisk - ok
09:32:03.0078 0x134c [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:32:03.0094 0x134c CryptSvc - ok
09:32:03.0156 0x134c [ 04199CA5C4A6F6E935906A74EAFCA8E7, F02E807E04DA16117E9E4D183186DF9425E9E1AD7CBC34AEED63A38F7D1E75E6 ] CSCrySec C:\Windows\system32\DRIVERS\CSCrySec.sys
09:32:03.0172 0x134c CSCrySec - ok
09:32:03.0328 0x134c [ 0F9FE82E229C039F0AC1996E44059653, BE925C118A7620259724B0750681C83DC14BC78620FB217025F46E4441C55F3A ] CSObjectsSrv C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
09:32:03.0359 0x134c CSObjectsSrv - ok
09:32:03.0374 0x134c [ 7D7F90460F1309B5205BF8CDFAD63E42, 885B9EA530E7B6D51DC24A5009F37A2D4CCACAFCA0A7CB693F4320E110AFFA4F ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
09:32:03.0374 0x134c CSVirtualDiskDrv - ok
09:32:03.0452 0x134c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
09:32:03.0468 0x134c DcomLaunch - ok
09:32:03.0499 0x134c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
09:32:03.0530 0x134c defragsvc - ok
09:32:03.0577 0x134c [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:32:03.0577 0x134c DfsC - ok
09:32:03.0640 0x134c [ 867FA8B9E9E3078F68C4089904BBF4B0, 323BDA5AE0952A61B863C22B86E5C70272E9AFD478DA61904F4998809B89F2B3 ] dgderdrv C:\Windows\system32\drivers\dgderdrv.sys
09:32:03.0655 0x134c dgderdrv - ok
09:32:03.0702 0x134c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:32:03.0718 0x134c Dhcp - ok
09:32:03.0842 0x134c [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
09:32:03.0874 0x134c DiagTrack - ok
09:32:03.0889 0x134c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
09:32:03.0920 0x134c discache - ok
09:32:03.0967 0x134c [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
09:32:03.0967 0x134c Disk - ok
09:32:04.0045 0x134c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:32:04.0076 0x134c Dnscache - ok
09:32:04.0123 0x134c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
09:32:04.0154 0x134c dot3svc - ok
09:32:04.0186 0x134c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
09:32:04.0217 0x134c DPS - ok
09:32:04.0248 0x134c [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:32:04.0264 0x134c drmkaud - ok
09:32:04.0326 0x134c [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:32:04.0357 0x134c DXGKrnl - ok
09:32:04.0435 0x134c [ 52A482DC61F24B498C8268866B90BB44, C3D01124E4544B54474BCEF4971D1AEE64F6AEA4BE65B9C4916047FB1F948D2F ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
09:32:04.0466 0x134c e1kexpress - ok
09:32:04.0498 0x134c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
09:32:04.0544 0x134c EapHost - ok
09:32:04.0654 0x134c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:32:04.0732 0x134c ebdrv - ok
09:32:04.0763 0x134c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] EFS C:\Windows\System32\lsass.exe
09:32:04.0778 0x134c EFS - ok
09:32:04.0888 0x134c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:32:04.0919 0x134c ehRecvr - ok
09:32:04.0950 0x134c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
09:32:04.0950 0x134c ehSched - ok
09:32:04.0981 0x134c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:32:04.0997 0x134c elxstor - ok
09:32:05.0044 0x134c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:32:05.0044 0x134c ErrDev - ok
09:32:05.0059 0x134c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
09:32:05.0090 0x134c EventSystem - ok
09:32:05.0200 0x134c [ 334C907536E815E56CD13108A6D5FB9D, 0CEA0A330607B44A4CF0F0D5C92E91C7E2157404410F651CC4F8BA14A74523AE ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys
09:32:05.0215 0x134c ewusbmbb - ok
09:32:05.0262 0x134c [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
09:32:05.0262 0x134c ew_hwusbdev - ok
09:32:05.0293 0x134c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
09:32:05.0324 0x134c exfat - ok
09:32:05.0356 0x134c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:32:05.0387 0x134c fastfat - ok
09:32:05.0434 0x134c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
09:32:05.0465 0x134c Fax - ok
09:32:05.0480 0x134c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:32:05.0496 0x134c fdc - ok
09:32:05.0512 0x134c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
09:32:05.0543 0x134c fdPHost - ok
09:32:05.0558 0x134c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
09:32:05.0590 0x134c FDResPub - ok
09:32:05.0605 0x134c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:32:05.0621 0x134c FileInfo - ok
09:32:05.0621 0x134c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:32:05.0652 0x134c Filetrace - ok
09:32:05.0668 0x134c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:32:05.0683 0x134c flpydisk - ok
09:32:05.0699 0x134c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:32:05.0714 0x134c FltMgr - ok
09:32:05.0792 0x134c [ CF0108CBA6D1860563BA20E3D74C6646, 737B5E89A858D7E3AEC8BF660AA4FCC56501A69468EA143531286016AF7C0B33 ] FontCache C:\Windows\system32\FntCache.dll
09:32:05.0824 0x134c FontCache - ok
09:32:05.0886 0x134c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:32:05.0902 0x134c FontCache3.0.0.0 - ok
09:32:06.0042 0x134c [ C13043DD1AACD759A36BA31CF084D38F, 93FE2E26EA517B3F87CC06F32A1ABA92082237F8A16FB0745955F6F76A217154 ] FoxitReaderService C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
09:32:06.0073 0x134c FoxitReaderService - ok
09:32:06.0089 0x134c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:32:06.0089 0x134c FsDepends - ok
09:32:06.0167 0x134c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:32:06.0182 0x134c Fs_Rec - ok
09:32:06.0292 0x134c [ FA169871D8FADCC6539C4E8726610286, 14BF1C5225BD736C686FAC6393050BCFC5C43BC9557A78901CC98BC446A3894D ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
09:32:06.0307 0x134c FTDIBUS - ok
09:32:06.0370 0x134c [ 24237091348D1EFB5635A1CF9649E311, 23C66EEC336770E035825EEBABEB02258FFB1436A5CC0E26C267C470EA5B0D07 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
09:32:06.0370 0x134c FTSER2K - ok
09:32:06.0416 0x134c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:32:06.0448 0x134c fvevol - ok
09:32:06.0479 0x134c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:32:06.0479 0x134c gagp30kx - ok
09:32:06.0541 0x134c [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
09:32:06.0557 0x134c gpsvc - ok
09:32:06.0619 0x134c [ 816FD5A6F3C2F3D600900096632FC60E, D92401C4B56663F8A12B6390562608A125713408B00266C53844129679E48E9C ] Greg_Service C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
09:32:06.0650 0x134c Greg_Service - ok
09:32:06.0744 0x134c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:32:06.0775 0x134c gupdate - ok
09:32:06.0791 0x134c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:32:06.0806 0x134c gupdatem - ok
09:32:06.0838 0x134c [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:32:06.0853 0x134c gusvc - ok
09:32:06.0916 0x134c [ 78FAD9117E4527F2CA82259DA10F40BD, 9CE5102C681B8147BFC189897C19852D2BF82A9B95DE6301EBBCD13A604A41F3 ] Hardlock C:\Windows\system32\drivers\hardlock.sys
09:32:06.0931 0x134c Hardlock - ok
09:32:06.0962 0x134c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:32:06.0978 0x134c hcw85cir - ok
09:32:07.0040 0x134c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:32:07.0072 0x134c HdAudAddService - ok
09:32:07.0118 0x134c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:32:07.0134 0x134c HDAudBus - ok
09:32:07.0150 0x134c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
09:32:07.0165 0x134c HECIx64 - ok
09:32:07.0181 0x134c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:32:07.0181 0x134c HidBatt - ok
09:32:07.0196 0x134c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:32:07.0212 0x134c HidBth - ok
09:32:07.0228 0x134c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:32:07.0243 0x134c HidIr - ok
09:32:07.0259 0x134c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
09:32:07.0274 0x134c hidserv - ok
09:32:07.0306 0x134c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:32:07.0321 0x134c HidUsb - ok
09:32:07.0352 0x134c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:32:07.0368 0x134c hkmsvc - ok
09:32:07.0399 0x134c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:32:07.0415 0x134c HomeGroupListener - ok
09:32:07.0446 0x134c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:32:07.0462 0x134c HomeGroupProvider - ok
09:32:07.0508 0x134c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:32:07.0508 0x134c HpSAMD - ok
09:32:07.0571 0x134c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:32:07.0618 0x134c HTTP - ok
09:32:07.0649 0x134c [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
09:32:07.0664 0x134c huawei_enumerator - ok
09:32:07.0727 0x134c [ 04D1DE1E8ACE40CA396502C90524E945, C579D0C9D08617E91EAC4EE0D74BBE2911E1D76BF10D7120CCEEB0C23A9EF8E6 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
09:32:07.0742 0x134c hwdatacard - ok
09:32:07.0820 0x134c [ E90DA42B87D684DEBFB73B38A718A006, BB18C63C1982F5CB99C9B65D2B801E8C1909AD7CD0171326DC0015D6B781B451 ] HWDeviceService64.exe C:\ProgramData\DatacardService\HWDeviceService64.exe
09:32:07.0852 0x134c HWDeviceService64.exe - ok
09:32:07.0867 0x134c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:32:07.0883 0x134c hwpolicy - ok
09:32:07.0930 0x134c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:32:07.0930 0x134c i8042prt - ok
09:32:08.0023 0x134c [ 660BF3255A1EB18ED803FD2FBA6AE400, 74A77E9828D62F2821D398EAA84BB15BF093EAD1BD5A7824362ED3D1A063C509 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
09:32:08.0039 0x134c IAANTMON - ok
09:32:08.0070 0x134c [ BE7D72FCF442C26975942007E0831241, A0FD29B3D1A1278787F8B3FBE7EC3216AAF328467974A6D90752639BB44DCD84 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
09:32:08.0101 0x134c iaStor - ok
09:32:08.0148 0x134c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:32:08.0164 0x134c iaStorV - ok
09:32:08.0210 0x134c [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:32:08.0226 0x134c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
09:32:08.0288 0x134c IDriverT ( UnsignedFile.Multi.Generic ) - warning
09:32:08.0335 0x134c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:32:08.0351 0x134c idsvc - ok
09:32:08.0382 0x134c IEEtwCollectorService - ok
09:32:08.0756 0x134c [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:32:09.0006 0x134c igfx - ok
09:32:09.0037 0x134c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:32:09.0053 0x134c iirsp - ok
09:32:09.0115 0x134c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
09:32:09.0146 0x134c IKEEXT - ok
09:32:09.0209 0x134c [ D2356EBE25781B2FB61687E4D07ED188, 3950A09D4DD97CD777A22B572D1E79CBAB4072DB3CC70268FFB6EFC678A77D73 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:32:09.0271 0x134c IntcAzAudAddService - ok
09:32:09.0302 0x134c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
09:32:09.0302 0x134c intelide - ok
09:32:09.0349 0x134c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:32:09.0365 0x134c intelppm - ok
09:32:09.0396 0x134c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:32:09.0427 0x134c IPBusEnum - ok
09:32:09.0474 0x134c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:32:09.0536 0x134c IpFilterDriver - ok
09:32:09.0599 0x134c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:32:09.0614 0x134c iphlpsvc - ok
09:32:09.0646 0x134c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:32:09.0661 0x134c IPMIDRV - ok
09:32:09.0677 0x134c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:32:09.0708 0x134c IPNAT - ok
09:32:09.0724 0x134c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:32:09.0739 0x134c IRENUM - ok
09:32:09.0770 0x134c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:32:09.0786 0x134c isapnp - ok
09:32:09.0833 0x134c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:32:09.0864 0x134c iScsiPrt - ok
09:32:09.0864 0x134c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:32:09.0880 0x134c kbdclass - ok
09:32:09.0926 0x134c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:32:09.0942 0x134c kbdhid - ok
09:32:09.0973 0x134c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] KeyIso C:\Windows\system32\lsass.exe
09:32:09.0973 0x134c KeyIso - ok
09:32:10.0051 0x134c [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] KL1 C:\Windows\system32\DRIVERS\kl1.sys
09:32:10.0067 0x134c KL1 - ok
09:32:10.0160 0x134c [ 70D959CB6DC1F2AC6AFF3AC20891939D, 22EECAD6C8DD9C2691D707950FFCD5DBA929942450B7E2E69F5DDE9DD4E7DBFE ] KLIF C:\Windows\system32\DRIVERS\klif.sys
09:32:10.0192 0x134c KLIF - ok
09:32:10.0238 0x134c [ 31B69BFF28348503E4BD10C2A4F66D05, 891318C2DDF85E43DFCEE73717AEFCE79BC3DCD83FCD58E6F794AB6BF1739688 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
09:32:10.0254 0x134c KLIM6 - ok
09:32:10.0301 0x134c [ AEB50941C6D67128B14F88DB9917C4E0, 2ACE46665DE298CC197660A442A3172B1FB460A40BD18AECEA786ACB011FDA43 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
09:32:10.0316 0x134c klkbdflt - ok
09:32:10.0363 0x134c [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
09:32:10.0394 0x134c klmouflt - ok
09:32:10.0441 0x134c [ 45ECF097BC6330C2054D7D43B7AD822B, 41684ED54E75FE6BEEA322E7CE888DFDD53EE1F45016E01CE10B84ABB02CBDA8 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
09:32:10.0441 0x134c kltdi - ok
09:32:10.0488 0x134c [ 0E71FAED99892750DFE1C5237A6F8FE6, 786FEEEF637BC89FDED3DDEA2563144C7128E7C9582261B23F16B98D69149088 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
09:32:10.0504 0x134c kneps - ok
09:32:10.0535 0x134c [ 3AAA10BAF3F194F7CD34F4C78F8222EE, 25AE0B764748B13C7F093966E228D506072E270379A5E751F1ED619DEFB40814 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:32:10.0535 0x134c KSecDD - ok
09:32:10.0566 0x134c [ 7B7C28D4E71E4A4365F2B7528DA619F8, 0A507468C6A49870F794F28FF274643FE8FD238A3A9BE86C8656882F237DE77B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:32:10.0582 0x134c KSecPkg - ok
09:32:10.0597 0x134c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:32:10.0628 0x134c ksthunk - ok
09:32:10.0660 0x134c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
09:32:10.0691 0x134c KtmRm - ok
09:32:10.0769 0x134c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:32:10.0816 0x134c LanmanServer - ok
09:32:10.0878 0x134c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:32:10.0925 0x134c LanmanWorkstation - ok
09:32:10.0956 0x134c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:32:10.0987 0x134c lltdio - ok
09:32:11.0034 0x134c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:32:11.0081 0x134c lltdsvc - ok
09:32:11.0096 0x134c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:32:11.0112 0x134c lmhosts - ok
09:32:11.0190 0x134c [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:32:11.0221 0x134c LMS - ok
09:32:11.0252 0x134c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:32:11.0252 0x134c LSI_FC - ok
09:32:11.0268 0x134c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:32:11.0284 0x134c LSI_SAS - ok
09:32:11.0299 0x134c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:32:11.0299 0x134c LSI_SAS2 - ok
09:32:11.0315 0x134c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:32:11.0330 0x134c LSI_SCSI - ok
09:32:11.0346 0x134c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
09:32:11.0377 0x134c luafv - ok
09:32:11.0424 0x134c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:32:11.0440 0x134c Mcx2Svc - ok
09:32:11.0533 0x134c [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
09:32:11.0549 0x134c MDM - ok
09:32:11.0564 0x134c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:32:11.0580 0x134c megasas - ok
09:32:11.0596 0x134c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:32:11.0611 0x134c MegaSR - ok
09:32:11.0627 0x134c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
09:32:11.0658 0x134c MMCSS - ok
09:32:11.0767 0x134c [ 60AC73EB57682F361E07AE26A62DFD6A, 0BC231132F5CAC023E50E8273FC746972F237A1EABC19AA360FE6EFC08636899 ] Mobile Partner. RunOuc C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
09:32:11.0783 0x134c Mobile Partner. RunOuc - ok
09:32:11.0798 0x134c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
09:32:11.0830 0x134c Modem - ok
09:32:11.0845 0x134c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:32:11.0861 0x134c monitor - ok
09:32:11.0861 0x134c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:32:11.0861 0x134c mouclass - ok
09:32:11.0892 0x134c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:32:11.0892 0x134c mouhid - ok
09:32:11.0923 0x134c [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:32:11.0939 0x134c mountmgr - ok
09:32:12.0032 0x134c [ 40134FB7F20C2591A3C7FC9541980E3A, B42D542D9008078DDDCFF8ED0A88E2EAB46C01E270F04C9569D630670D734879 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:32:12.0064 0x134c MozillaMaintenance - ok
09:32:12.0126 0x134c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
09:32:12.0157 0x134c mpio - ok
09:32:12.0188 0x134c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:32:12.0220 0x134c mpsdrv - ok
09:32:12.0313 0x134c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:32:12.0407 0x134c MpsSvc - ok
09:32:12.0438 0x134c [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:32:12.0454 0x134c MRxDAV - ok
09:32:12.0485 0x134c [ 819426D736BCBD31CC7CA27221954E04, 0C4AADEFE282D89EA4A523BDA7B6BB948247F50253D7D0B90C8FC46C4DEEF835 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:32:12.0516 0x134c mrxsmb - ok
09:32:12.0547 0x134c [ 85CB449B319AF69A3538BB1B97EEA2E5, DB75D56A7E631F57D31957105422811C738E96E5B84480C3346B827ACF280E12 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:32:12.0578 0x134c mrxsmb10 - ok
09:32:12.0625 0x134c [ C0B2DC34587FE163997055AA38EB883A, A0BFD0CF873CCEF266606ADE1A4DA69DF757A67D8AD28330272AFEABD7F481D5 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:32:12.0656 0x134c mrxsmb20 - ok
09:32:12.0719 0x134c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
09:32:12.0734 0x134c msahci - ok
09:32:12.0797 0x134c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:32:12.0812 0x134c msdsm - ok
09:32:12.0844 0x134c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
09:32:12.0844 0x134c MSDTC - ok
09:32:12.0890 0x134c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:32:12.0922 0x134c Msfs - ok
09:32:12.0922 0x134c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:32:12.0953 0x134c mshidkmdf - ok
09:32:12.0984 0x134c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:32:12.0984 0x134c msisadrv - ok
09:32:13.0062 0x134c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:32:13.0124 0x134c MSiSCSI - ok
09:32:13.0124 0x134c msiserver - ok
09:32:13.0171 0x134c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:32:13.0218 0x134c MSKSSRV - ok
09:32:13.0234 0x134c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:32:13.0265 0x134c MSPCLOCK - ok
09:32:13.0280 0x134c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:32:13.0312 0x134c MSPQM - ok
09:32:13.0343 0x134c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:32:13.0358 0x134c MsRPC - ok
09:32:13.0374 0x134c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:32:13.0390 0x134c mssmbios - ok
09:32:13.0405 0x134c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:32:13.0421 0x134c MSTEE - ok
09:32:13.0436 0x134c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:32:13.0452 0x134c MTConfig - ok
09:32:13.0452 0x134c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
09:32:13.0468 0x134c Mup - ok
09:32:13.0499 0x134c [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
09:32:13.0499 0x134c mwlPSDFilter - ok
09:32:13.0530 0x134c [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
09:32:13.0546 0x134c mwlPSDNServ - ok
09:32:13.0546 0x134c [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
09:32:13.0561 0x134c mwlPSDVDisk - ok
09:32:13.0608 0x134c [ 2F139207F618EC2933830227EEFFDDB4, 2942452EC631BF11CCCDA397C756CBBC0337F58B215A3F02DA263818CB3BE9A9 ] MWLService C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
09:32:13.0624 0x134c MWLService - ok
09:32:13.0686 0x134c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
09:32:13.0717 0x134c napagent - ok
09:32:13.0795 0x134c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:32:13.0826 0x134c NativeWifiP - ok
09:32:13.0873 0x134c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:32:13.0904 0x134c NDIS - ok
09:32:13.0904 0x134c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:32:13.0936 0x134c NdisCap - ok
09:32:13.0951 0x134c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:32:13.0982 0x134c NdisTapi - ok
09:32:14.0029 0x134c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:32:14.0076 0x134c Ndisuio - ok
09:32:14.0107 0x134c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:32:14.0138 0x134c NdisWan - ok
09:32:14.0138 0x134c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:32:14.0170 0x134c NDProxy - ok
09:32:14.0310 0x134c [ 7D2633295EB6FF2B938185874884059D, B3A4E52ABCB2E2720D8ADB0B68C222D4AB98E838D40B6A731D15EB1D6C9DEA15 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
09:32:14.0326 0x134c Nero BackItUp Scheduler 4.0 - ok
09:32:14.0341 0x134c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:32:14.0357 0x134c NetBIOS - ok
09:32:14.0388 0x134c [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:32:14.0404 0x134c NetBT - ok
09:32:14.0419 0x134c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] Netlogon C:\Windows\system32\lsass.exe
09:32:14.0419 0x134c Netlogon - ok
09:32:14.0450 0x134c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
09:32:14.0497 0x134c Netman - ok
09:32:14.0560 0x134c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:32:14.0591 0x134c NetMsmqActivator - ok
09:32:14.0653 0x134c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:32:14.0684 0x134c NetPipeActivator - ok
09:32:14.0716 0x134c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
09:32:14.0747 0x134c netprofm - ok
09:32:14.0903 0x134c [ 01DB854B267CBDAB411C089558D7F57A, 93119247D3F1D4CBF0B2543AFC3B785BF375AE4AF4C8727335CF4165024A0013 ] netr28ux C:\Windows\system32\DRIVERS\netr28ux.sys
09:32:14.0950 0x134c netr28ux - ok
09:32:14.0965 0x134c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:32:14.0965 0x134c NetTcpActivator - ok
09:32:14.0981 0x134c [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:32:14.0996 0x134c NetTcpPortSharing - ok
09:32:15.0012 0x134c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:32:15.0012 0x134c nfrd960 - ok
09:32:15.0059 0x134c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
09:32:15.0090 0x134c NlaSvc - ok
09:32:15.0121 0x134c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:32:15.0152 0x134c Npfs - ok
09:32:15.0152 0x134c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
09:32:15.0184 0x134c nsi - ok
09:32:15.0199 0x134c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:32:15.0230 0x134c nsiproxy - ok
09:32:15.0308 0x134c [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:32:15.0340 0x134c Ntfs - ok
09:32:15.0402 0x134c [ BD691091AC7D9713D8F0B07C6B099E6C, 4A69ED227CCBBCB76F78078CEE42506A875759FFB519CB9C40173EF8ACD6D6D2 ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
09:32:15.0418 0x134c NTI IScheduleSvc - ok
09:32:15.0433 0x134c [ 64DDD0DEE976302F4BD93E5EFCC2F013, 19F54B4549999EF96FAE1B2B97973F281304843ADE0CF5823574453AB41E3E9C ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
09:32:15.0449 0x134c NTIDrvr - ok
09:32:15.0464 0x134c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
09:32:15.0496 0x134c Null - ok
09:32:15.0558 0x134c [ 181E7FE39211E04128A30708906627D8, 275BD5FE5A7CEC7C0AE37A779FBF016EDD048E98B0A06D05051672632D7826B4 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:32:15.0574 0x134c NVHDA - ok
09:32:15.0932 0x134c [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:32:16.0166 0x134c nvlddmkm - ok
09:32:16.0198 0x134c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:32:16.0213 0x134c nvraid - ok
09:32:16.0244 0x134c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:32:16.0260 0x134c nvstor - ok
09:32:16.0307 0x134c [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:32:16.0322 0x134c nvsvc - ok
09:32:16.0447 0x134c [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:32:16.0478 0x134c nvUpdatusService - ok
09:32:16.0510 0x134c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:32:16.0525 0x134c nv_agp - ok
09:32:16.0541 0x134c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:32:16.0541 0x134c ohci1394 - ok
09:32:16.0572 0x134c [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:32:16.0588 0x134c ose - ok
09:32:16.0634 0x134c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:32:16.0650 0x134c p2pimsvc - ok
09:32:16.0666 0x134c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
09:32:16.0681 0x134c p2psvc - ok
09:32:16.0744 0x134c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:32:16.0775 0x134c Parport - ok
09:32:16.0822 0x134c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:32:16.0837 0x134c partmgr - ok
09:32:16.0868 0x134c [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
09:32:16.0884 0x134c PcaSvc - ok
09:32:16.0900 0x134c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
09:32:16.0915 0x134c pci - ok
09:32:16.0946 0x134c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
09:32:16.0946 0x134c pciide - ok
09:32:17.0056 0x134c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:32:17.0087 0x134c pcmcia - ok
09:32:17.0118 0x134c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
09:32:17.0118 0x134c pcw - ok
09:32:17.0149 0x134c [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:32:17.0180 0x134c PEAUTH - ok
09:32:17.0227 0x134c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:32:17.0258 0x134c PerfHost - ok
09:32:17.0336 0x134c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
09:32:17.0414 0x134c pla - ok
09:32:17.0477 0x134c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:32:17.0492 0x134c PlugPlay - ok
09:32:17.0524 0x134c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:32:17.0539 0x134c PNRPAutoReg - ok
09:32:17.0555 0x134c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:32:17.0570 0x134c PNRPsvc - ok
09:32:17.0617 0x134c [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:32:17.0633 0x134c PolicyAgent - ok
09:32:17.0680 0x134c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
09:32:17.0711 0x134c Power - ok
09:32:17.0742 0x134c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:32:17.0773 0x134c PptpMiniport - ok
09:32:17.0789 0x134c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:32:17.0804 0x134c Processor - ok
09:32:17.0836 0x134c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
09:32:17.0882 0x134c ProfSvc - ok
09:32:17.0898 0x134c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:32:17.0914 0x134c ProtectedStorage - ok
09:32:17.0945 0x134c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:32:17.0976 0x134c Psched - ok
09:32:18.0023 0x134c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:32:18.0054 0x134c ql2300 - ok
09:32:18.0070 0x134c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:32:18.0085 0x134c ql40xx - ok
09:32:18.0116 0x134c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
09:32:18.0132 0x134c QWAVE - ok
09:32:18.0148 0x134c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:32:18.0163 0x134c QWAVEdrv - ok
09:32:18.0163 0x134c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:32:18.0194 0x134c RasAcd - ok
09:32:18.0210 0x134c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:32:18.0241 0x134c RasAgileVpn - ok
09:32:18.0257 0x134c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
09:32:18.0288 0x134c RasAuto - ok
09:32:18.0319 0x134c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:32:18.0350 0x134c Rasl2tp - ok
09:32:18.0397 0x134c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
09:32:18.0428 0x134c RasMan - ok
09:32:18.0444 0x134c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:32:18.0475 0x134c RasPppoe - ok
09:32:18.0506 0x134c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:32:18.0538 0x134c RasSstp - ok
09:32:18.0569 0x134c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:32:18.0600 0x134c rdbss - ok
09:32:18.0616 0x134c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:32:18.0631 0x134c rdpbus - ok
09:32:18.0678 0x134c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:32:18.0725 0x134c RDPCDD - ok
09:32:18.0740 0x134c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:32:18.0772 0x134c RDPENCDD - ok
09:32:18.0787 0x134c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:32:18.0818 0x134c RDPREFMP - ok
09:32:18.0850 0x134c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:32:18.0865 0x134c RDPWD - ok
09:32:18.0912 0x134c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:32:18.0912 0x134c rdyboost - ok
09:32:18.0943 0x134c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:32:18.0974 0x134c RemoteAccess - ok
09:32:18.0990 0x134c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:32:19.0021 0x134c RemoteRegistry - ok
09:32:19.0084 0x134c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:32:19.0099 0x134c RFCOMM - ok
09:32:19.0146 0x134c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:32:19.0193 0x134c RpcEptMapper - ok
09:32:19.0208 0x134c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
09:32:19.0208 0x134c RpcLocator - ok
09:32:19.0302 0x134c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
09:32:19.0333 0x134c RpcSs - ok
09:32:19.0349 0x134c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:32:19.0380 0x134c rspndr - ok
09:32:19.0396 0x134c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] SamSs C:\Windows\system32\lsass.exe
09:32:19.0396 0x134c SamSs - ok
09:32:19.0442 0x134c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:32:19.0458 0x134c sbp2port - ok
09:32:19.0474 0x134c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:32:19.0505 0x134c SCardSvr - ok
09:32:19.0536 0x134c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:32:19.0598 0x134c scfilter - ok
09:32:19.0676 0x134c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
09:32:19.0708 0x134c Schedule - ok
09:32:19.0739 0x134c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:32:19.0770 0x134c SCPolicySvc - ok
09:32:19.0801 0x134c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:32:19.0817 0x134c SDRSVC - ok
09:32:19.0832 0x134c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:32:19.0848 0x134c secdrv - ok
09:32:19.0879 0x134c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
09:32:19.0895 0x134c seclogon - ok
09:32:19.0895 0x134c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
09:32:19.0926 0x134c SENS - ok
09:32:19.0942 0x134c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:32:19.0942 0x134c SensrSvc - ok
09:32:19.0957 0x134c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:32:19.0973 0x134c Serenum - ok
09:32:19.0988 0x134c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:32:20.0004 0x134c Serial - ok
09:32:20.0020 0x134c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:32:20.0035 0x134c sermouse - ok
09:32:20.0066 0x134c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
09:32:20.0098 0x134c SessionEnv - ok
09:32:20.0129 0x134c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:32:20.0144 0x134c sffdisk - ok
09:32:20.0160 0x134c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:32:20.0160 0x134c sffp_mmc - ok
09:32:20.0160 0x134c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:32:20.0176 0x134c sffp_sd - ok
09:32:20.0191 0x134c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:32:20.0191 0x134c sfloppy - ok
09:32:20.0238 0x134c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:32:20.0285 0x134c SharedAccess - ok
09:32:20.0316 0x134c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:32:20.0347 0x134c ShellHWDetection - ok
09:32:20.0363 0x134c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:32:20.0378 0x134c SiSRaid2 - ok
09:32:20.0378 0x134c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:32:20.0394 0x134c SiSRaid4 - ok
09:32:20.0410 0x134c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:32:20.0441 0x134c Smb - ok
09:32:20.0519 0x134c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:32:20.0534 0x134c SNMPTRAP - ok
09:32:20.0550 0x134c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
09:32:20.0566 0x134c spldr - ok
09:32:20.0644 0x134c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
09:32:20.0675 0x134c Spooler - ok
09:32:20.0846 0x134c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
09:32:20.0940 0x134c sppsvc - ok
09:32:20.0971 0x134c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:32:21.0002 0x134c sppuinotify - ok
09:32:21.0034 0x134c [ EB15C46477EB84B6B520871ED5936CCF, 7366FD2E1315109B9A2F47DA08959CF0CBEEB1F20B2E2DEF449D39B508107D29 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:32:21.0065 0x134c srv - ok
09:32:21.0143 0x134c [ 7F4FDC9528BCE6FB919615B6A77D5724, C4843381504E0F50D4B8E4F8886C83112018CE5F64467B875F2809508EA2B182 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:32:21.0174 0x134c srv2 - ok
09:32:21.0190 0x134c [ 3F20CD2A11872284BD667DAD6D4801CC, 917EAA680CD10D3EA59EEF4B77BB3813D5718E7D1CB0846431255EE73035D834 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:32:21.0205 0x134c srvnet - ok
09:32:21.0221 0x134c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:32:21.0252 0x134c SSDPSRV - ok
09:32:21.0268 0x134c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:32:21.0299 0x134c SstpSvc - ok
09:32:21.0377 0x134c [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:32:21.0408 0x134c Stereo Service - ok
09:32:21.0424 0x134c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:32:21.0439 0x134c stexstor - ok
09:32:21.0486 0x134c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
09:32:21.0486 0x134c StillCam - ok
09:32:21.0533 0x134c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
09:32:21.0548 0x134c stisvc - ok
09:32:21.0595 0x134c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
09:32:21.0611 0x134c swenum - ok
09:32:21.0642 0x134c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
09:32:21.0689 0x134c swprv - ok
09:32:21.0782 0x134c [ 1001FE2D332F7D82CBB62ABAF014948F, 3A9A5A9255DF876732D33126AF4579566C0CAF9BA2C5684E7D1D1F5F4F85A989 ] SynoDrService C:\Program Files (x86)\Synology Data Replicator 3\SynoDrServicex64.exe
09:32:21.0798 0x134c SynoDrService - ok
09:32:21.0923 0x134c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
09:32:21.0954 0x134c SysMain - ok
09:32:22.0001 0x134c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:32:22.0016 0x134c TabletInputService - ok
09:32:22.0609 0x134c [ 4F0DD46F373D1C9CBB7A173DEC3B1D3C, 2AF83B0A15B417CE3B67D60EBB869E272B9ECAB7C9789DBB2DCBC8D07387D224 ] TAIFUN_SEARCH C:\MSE\TOS\TOSS.EXE
09:32:22.0952 0x134c TAIFUN_SEARCH - ok
09:32:22.0999 0x134c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
09:32:23.0030 0x134c TapiSrv - ok
09:32:23.0171 0x134c [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:32:23.0218 0x134c Tcpip - ok
09:32:23.0327 0x134c [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:32:23.0374 0x134c TCPIP6 - ok
09:32:23.0389 0x134c [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:32:23.0405 0x134c tcpipreg - ok
09:32:23.0436 0x134c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:32:23.0436 0x134c TDPIPE - ok
09:32:23.0452 0x134c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:32:23.0467 0x134c TDTCP - ok
09:32:23.0498 0x134c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:32:23.0514 0x134c tdx - ok
09:32:23.0545 0x134c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
09:32:23.0545 0x134c TermDD - ok
09:32:23.0592 0x134c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
09:32:23.0623 0x134c TermService - ok
09:32:23.0670 0x134c [ CE4B6956E4E12492715A53076E58761F, 0D12934B8F7D18F5785A3EAEDEC2CBD1C3627F7D73C73E9329C73A3B99990D36 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
09:32:23.0686 0x134c TFsExDisk - ok
09:32:23.0717 0x134c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
09:32:23.0732 0x134c Themes - ok
09:32:23.0748 0x134c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
09:32:23.0779 0x134c THREADORDER - ok
09:32:23.0795 0x134c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
09:32:23.0826 0x134c TrkWks - ok
09:32:23.0904 0x134c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:32:23.0951 0x134c TrustedInstaller - ok
09:32:23.0998 0x134c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:32:24.0013 0x134c tssecsrv - ok
09:32:24.0044 0x134c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:32:24.0076 0x134c TsUsbFlt - ok
09:32:24.0138 0x134c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:32:24.0200 0x134c tunnel - ok
09:32:24.0232 0x134c [ C45A3E051C65106A28982CAED125F855, 9164708ABC6B1BA804B8297AA4EEBC65C4BDD4D399AD6CBAB9C66BB7AA9020E8 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
09:32:24.0247 0x134c TurboB - ok
09:32:24.0341 0x134c [ BAEF86EBEAECE76573FA822DEA256F6C, B845AB0AACCCF4C2D4A8DD152C57C52416C5938FB3FEB670DB5434FA95620F3B ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
09:32:24.0356 0x134c TurboBoost - ok
09:32:24.0403 0x134c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:32:24.0419 0x134c uagp35 - ok
09:32:24.0434 0x134c [ 2E22C1FD397A5A9FFEF55E9D1FC96C00, 4646712B3F3AF6188DBCE1A95D92261E8B15E9583FE5DD538EC884F48B51759D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
09:32:24.0450 0x134c UBHelper - ok
09:32:24.0481 0x134c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:32:24.0512 0x134c udfs - ok
09:32:24.0559 0x134c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:32:24.0575 0x134c UI0Detect - ok
09:32:24.0606 0x134c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:32:24.0622 0x134c uliagpkx - ok
09:32:24.0668 0x134c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:32:24.0684 0x134c umbus - ok
09:32:24.0700 0x134c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:32:24.0715 0x134c UmPass - ok
09:32:24.0856 0x134c [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:32:24.0902 0x134c UNS - ok
09:32:24.0934 0x134c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
09:32:24.0965 0x134c upnphost - ok
09:32:24.0996 0x134c [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:32:25.0027 0x134c usbccgp - ok
09:32:25.0058 0x134c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:32:25.0074 0x134c usbcir - ok
09:32:25.0090 0x134c [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci C:\Windows\system32\drivers\usbehci.sys
09:32:25.0105 0x134c usbehci - ok
09:32:25.0152 0x134c [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub C:\Windows\system32\drivers\usbhub.sys
09:32:25.0183 0x134c usbhub - ok
09:32:25.0199 0x134c [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:32:25.0199 0x134c usbohci - ok
09:32:25.0214 0x134c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:32:25.0230 0x134c usbprint - ok
09:32:25.0308 0x134c [ B5E6C4F280EBF0B16F74A5B415F2E0DF, 4B1F7C95F267A29FC8AE4F285E2B19200C7E3F8505B1E75797A7A9EDE4CD1EDE ] USBS3S4Detection C:\OEM\USBDECTION\USBS3S4Detection.exe
09:32:25.0324 0x134c USBS3S4Detection - ok
09:32:25.0386 0x134c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys
09:32:25.0402 0x134c usbscan - ok
09:32:25.0433 0x134c [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:32:25.0448 0x134c USBSTOR - ok
09:32:25.0464 0x134c [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:32:25.0480 0x134c usbuhci - ok
09:32:25.0495 0x134c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
09:32:25.0542 0x134c UxSms - ok
09:32:25.0558 0x134c [ CA69E856332E2D85294665F6B7E97254, A9693F836907FB0154DC1090D9476F1E9242ABE922D932D74D0385772D2EAB65 ] VaultSvc C:\Windows\system32\lsass.exe
09:32:25.0558 0x134c VaultSvc - ok
09:32:25.0589 0x134c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:32:25.0604 0x134c vdrvroot - ok
09:32:25.0667 0x134c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
09:32:25.0714 0x134c vds - ok
09:32:25.0729 0x134c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:32:25.0729 0x134c vga - ok
09:32:25.0760 0x134c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:32:25.0792 0x134c VgaSave - ok
09:32:25.0823 0x134c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:32:25.0854 0x134c vhdmp - ok
09:32:25.0870 0x134c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
09:32:25.0885 0x134c viaide - ok
09:32:25.0901 0x134c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:32:25.0916 0x134c volmgr - ok
09:32:25.0963 0x134c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:32:25.0979 0x134c volmgrx - ok
09:32:26.0026 0x134c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:32:26.0057 0x134c volsnap - ok
09:32:26.0072 0x134c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:32:26.0088 0x134c vsmraid - ok
09:32:26.0182 0x134c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
09:32:26.0244 0x134c VSS - ok
09:32:26.0260 0x134c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:32:26.0275 0x134c vwifibus - ok
09:32:26.0291 0x134c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:32:26.0306 0x134c vwififlt - ok
09:32:26.0322 0x134c [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:32:26.0322 0x134c vwifimp - ok
09:32:26.0369 0x134c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
09:32:26.0416 0x134c W32Time - ok
09:32:26.0447 0x134c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:32:26.0447 0x134c WacomPen - ok
09:32:26.0478 0x134c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:32:26.0525 0x134c WANARP - ok
09:32:26.0540 0x134c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:32:26.0556 0x134c Wanarpv6 - ok
09:32:26.0650 0x134c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
09:32:26.0696 0x134c wbengine - ok
09:32:26.0712 0x134c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:32:26.0743 0x134c WbioSrvc - ok
09:32:26.0759 0x134c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:32:26.0774 0x134c wcncsvc - ok
09:32:26.0821 0x134c [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:32:26.0837 0x134c WcsPlugInService - ok
09:32:26.0868 0x134c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:32:26.0884 0x134c Wd - ok
09:32:26.0930 0x134c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:32:26.0962 0x134c Wdf01000 - ok
09:32:27.0008 0x134c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:32:27.0024 0x134c WdiServiceHost - ok
09:32:27.0040 0x134c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:32:27.0055 0x134c WdiSystemHost - ok
09:32:27.0086 0x134c [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
09:32:27.0102 0x134c WebClient - ok
09:32:27.0118 0x134c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:32:27.0149 0x134c Wecsvc - ok
09:32:27.0164 0x134c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:32:27.0196 0x134c wercplsupport - ok
09:32:27.0227 0x134c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
09:32:27.0258 0x134c WerSvc - ok
09:32:27.0305 0x134c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:32:27.0320 0x134c WfpLwf - ok
09:32:27.0336 0x134c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:32:27.0352 0x134c WIMMount - ok
09:32:27.0367 0x134c WinDefend - ok
09:32:27.0383 0x134c WinHttpAutoProxySvc - ok
09:32:27.0430 0x134c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:32:27.0461 0x134c Winmgmt - ok
09:32:27.0586 0x134c [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
09:32:27.0648 0x134c WinRM - ok
09:32:27.0695 0x134c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:32:27.0710 0x134c WinUsb - ok
09:32:27.0773 0x134c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:32:27.0804 0x134c Wlansvc - ok
09:32:27.0835 0x134c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:32:27.0851 0x134c WmiAcpi - ok
09:32:27.0882 0x134c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:32:27.0882 0x134c wmiApSrv - ok
09:32:27.0898 0x134c WMPNetworkSvc - ok
09:32:27.0913 0x134c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:32:27.0913 0x134c WPCSvc - ok
09:32:27.0960 0x134c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:32:27.0991 0x134c WPDBusEnum - ok
09:32:28.0007 0x134c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:32:28.0054 0x134c ws2ifsl - ok
09:32:28.0054 0x134c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
09:32:28.0069 0x134c wscsvc - ok
09:32:28.0132 0x134c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
09:32:28.0147 0x134c WSDPrintDevice - ok
09:32:28.0163 0x134c WSearch - ok
09:32:28.0288 0x134c [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
09:32:28.0334 0x134c wuauserv - ok
09:32:28.0381 0x134c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:32:28.0397 0x134c WudfPf - ok
09:32:28.0428 0x134c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:32:28.0444 0x134c WUDFRd - ok
09:32:28.0475 0x134c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:32:28.0490 0x134c wudfsvc - ok
09:32:28.0522 0x134c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
09:32:28.0537 0x134c WwanSvc - ok
09:32:28.0584 0x134c ================ Scan global ===============================
09:32:28.0615 0x134c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
09:32:28.0646 0x134c [ B68AD91370FA58C1296DE9086BB4BA0A, 3B6B8170990B3B3B321752539A54D8EAB6E6241A25092682FDEE1A46BD39DBF6 ] C:\Windows\system32\winsrv.dll
09:32:28.0678 0x134c [ B68AD91370FA58C1296DE9086BB4BA0A, 3B6B8170990B3B3B321752539A54D8EAB6E6241A25092682FDEE1A46BD39DBF6 ] C:\Windows\system32\winsrv.dll
09:32:28.0693 0x134c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:32:28.0740 0x134c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
09:32:28.0756 0x134c [ Global ] - ok
09:32:28.0756 0x134c ================ Scan MBR ==================================
09:32:28.0756 0x134c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:32:29.0114 0x134c \Device\Harddisk0\DR0 - ok
09:32:29.0114 0x134c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:32:29.0224 0x134c \Device\Harddisk1\DR1 - ok
09:32:29.0224 0x134c ================ Scan VBR ==================================
09:32:29.0239 0x134c [ B57F793D31CCF623B804A8D8D8DA0EDC ] \Device\Harddisk0\DR0\Partition1
09:32:29.0239 0x134c \Device\Harddisk0\DR0\Partition1 - ok
09:32:29.0239 0x134c [ D8A5FFBB6B9C792BDB678195C1233B38 ] \Device\Harddisk0\DR0\Partition2
09:32:29.0239 0x134c \Device\Harddisk0\DR0\Partition2 - ok
09:32:29.0255 0x134c [ B281B2A38BD2DD746CC6AB8B00A5E417 ] \Device\Harddisk0\DR0\Partition3
09:32:29.0255 0x134c \Device\Harddisk0\DR0\Partition3 - ok
09:32:29.0255 0x134c [ 5949F0D63171B21F7E6B62DEC6477EBF ] \Device\Harddisk1\DR1\Partition1
09:32:29.0255 0x134c \Device\Harddisk1\DR1\Partition1 - ok
09:32:29.0255 0x134c ================ Scan generic autorun ======================
09:32:29.0302 0x134c [ 810A5F70CEB063CEC85360394BEC2C56, FCC289B23B2347AD7C34B48E6EFB1914B5ED8D9DD397B0816D94747B168DFD64 ] C:\Windows\system32\igfxtray.exe
09:32:29.0333 0x134c IgfxTray - ok
09:32:29.0348 0x134c [ 2FE8F6A30802B69A3F501607F346DEEA, CD603DB6055861E9EAD397234120FBE0D3CACEFADB0D6001099CF0DA9DF1CC34 ] C:\Windows\system32\hkcmd.exe
09:32:29.0364 0x134c HotKeysCmds - ok
09:32:29.0395 0x134c [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\Windows\system32\igfxpers.exe
09:32:29.0411 0x134c Persistence - ok
09:32:29.0426 0x134c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
09:32:29.0426 0x134c Logitech Download Assistant - ok
09:32:29.0473 0x134c [ 2819C34E9764437E9496E8B3B16C9547, 5BD387CA0621FEC5A44176207587EB4FC4046A5127E11541280E6ACA7374880B ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
09:32:29.0473 0x134c FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
09:32:29.0473 0x134c FreePDF Assistant ( UnsignedFile.Multi.Generic ) - warning
09:32:29.0567 0x134c [ D658AB1B55127D18DCFBCAC8CAAEA522, 9FB818F3899542CB7F1B979644423A66842D98D1762B1C38AE04AEE23320DA8E ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
09:32:29.0582 0x134c HP Software Update - ok
09:32:29.0692 0x134c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:32:29.0723 0x134c Sidebar - ok
09:32:29.0754 0x134c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:32:29.0770 0x134c mctadmin - ok
09:32:29.0816 0x134c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:32:29.0848 0x134c Sidebar - ok
09:32:29.0848 0x134c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:32:29.0863 0x134c mctadmin - ok
09:32:29.0910 0x134c [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
09:32:29.0926 0x134c swg - ok
09:32:29.0988 0x134c winxj - ok
09:32:30.0331 0x134c [ D0EB7306BA8F95FBAC3945F1B0D8F3E6, 29691C048FD1D2619C40CD515FFCEC1CCD37100A5009A8EFDCB7A0AB4D671CAC ] C:\Program Files (x86)\Synology Data Replicator 3\Backup.exe
09:32:30.0550 0x134c Data Replicator 3 - ok
09:32:30.0581 0x134c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:32:30.0612 0x134c Sidebar - ok
09:32:30.0628 0x134c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:32:30.0643 0x134c mctadmin - ok
09:32:30.0706 0x134c [ B54B12B37A61F93CBBA38C00A4EBF838, 1352E439BEB9CED023818EE694EAE8257C725EF066A94E17DB54CCB39D5CE4F8 ] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe
09:32:30.0737 0x134c ScrSav - ok
09:32:30.0752 0x134c AV detected via SS2: Kaspersky PURE 3.0, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\wmiav.exe ( 13.0.2.558 ), 0x41000 ( enabled : updated )
09:32:30.0752 0x134c FW detected via SS2: Kaspersky PURE 3.0, C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\wmifw.exe ( 13.0.2.558 ), 0x41010 ( enabled )
09:32:30.0752 0x134c ============================================================
09:32:30.0752 0x134c Scan finished
09:32:30.0752 0x134c ============================================================
09:32:30.0768 0x0b58 Detected object count: 2
09:32:30.0768 0x0b58 Actual detected object count: 2
09:33:10.0345 0x0b58 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
09:33:10.0345 0x0b58 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:33:10.0345 0x0b58 FreePDF Assistant ( UnsignedFile.Multi.Generic ) - skipped by user
09:33:10.0345 0x0b58 FreePDF Assistant ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
27.03.2017, 20:58
| #5 |
| /// TB-Ausbilder | Dateien mit der Endung .crypt Hinweis 6. bitte beachten und dann FRST bitte nochmal. |
|
30.03.2017, 20:08
| #6 |
| /// TB-Ausbilder | Dateien mit der Endung .crypt Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Dateien mit der Endung .crypt |
| anzeige, archiv, dateien, erstell, erstellt, festplatte, gescannt, gestartet, image, interne, internet, kaspersky, komplett, nichts, ordner, platte, security, super, support, system, tipps, trojaner, virus, vorgehen, wirklich, zugreifen |
Linear-Darstellung
