| |
| |||||||
Log-Analyse und Auswertung: Raiffeisen E-Banking Probleme - infizierten RechnerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.04.2018, 18:55
| #1 |
 |  Raiffeisen E-Banking Probleme - infizierten Rechner Hallo Ihr Lieben, Ich habe mir etwas geholt was den folgenden Beiträge sehr ähnlich ist:
 ^Die Bank hat mir bestätigt, dass es an einem Virus liegt und ich kriege diese Meldung auch nicht von anderen Rechner aus. Obwohl es im Nachhinein wahrscheinlich nicht sehr schlau war, habe ich verschiedene Sachen aus den oben genannten Beiträge ausprobiert. In folgender Reihenfolge:
Der erste Malwarebytes Scan hat einen FireFox Installer als Trojan.Malpack erkannt. Ansonsten waren die Scans eher unerfolgreich. Ich habe alle Berichte der Scans angehängt sowie die Resultate vom FRST scan. Ich bin sehr dankbar um Eure Hilfe, falls Ihr sonst welche Informationen braucht kann ich diese gerne nachliefern. Beste Grüsse, Nathan ESET Endpoint Antivirus Full Scan Code:
ATTFilter Zeit;Geprfte Ordner;Geprft;Infiziert;Ges„ubert;Status
15.04.2018 09:57:48;Arbeitsspeicher;C:\Bootsektor;D:\Bootsektor;E:\Bootsektor;C:\;D:\;E:\;944030;0;0;Abgeschlossen
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 4/16/18
Scan Time: 3:49 PM
Log File: f0e7d27a-417c-11e8-9823-3c528247f0f3.json
Administrator: Yes
-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.4754
License: Trial
-System Information-
OS: Windows 10 (Build 16299.371)
CPU: x64
File System: NTFS
User: System
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 525767
Threats Detected: 1
Threats Quarantined: 1
Time Elapsed: 4 min, 10 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 1
Trojan.MalPack, C:\USERS\JCH\DESKTOP\FIREFOX_SETUP_STUB_58.0.EXE, Quarantined, [3882], [508707],1.0.4754
Physical Sector: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2018.04.16.05
rootkit: v2018.04.05.01
Windows 10 x64 NTFS
Internet Explorer 11.371.16299.0
jch :: NBJCH [administrator]
16.04.2018 16:16:44
mbar-log-2018-04-16 (16-16-44).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 424600
Time elapsed: 36 minute(s), 10 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
(den habe ich gerade nochmals gemacht, ich hatte den Report nicht gespeichert aber es hatte auch nichts gemeldet) Code:
ATTFilter 19:39:10.0527 0x348c TDSS rootkit removing tool 3.1.0.16 Jan 24 2018 17:27:43
19:39:10.0527 0x348c UEFI system
19:39:13.0320 0x348c ============================================================
19:39:13.0320 0x348c Current date / time: 2018/04/16 19:39:13.0320
19:39:13.0324 0x348c SystemInfo:
19:39:13.0324 0x348c
19:39:13.0324 0x348c OS Version: 10.0.16299 ServicePack: 0.0
19:39:13.0324 0x348c Product type: Workstation
19:39:13.0324 0x348c ComputerName: NBJCH
19:39:13.0324 0x348c UserName: jch
19:39:13.0324 0x348c Windows directory: C:\WINDOWS
19:39:13.0324 0x348c System windows directory: C:\WINDOWS
19:39:13.0324 0x348c Running under WOW64
19:39:13.0324 0x348c Processor architecture: Intel x64
19:39:13.0324 0x348c Number of processors: 4
19:39:13.0324 0x348c Page size: 0x1000
19:39:13.0324 0x348c Boot type: Normal boot
19:39:13.0324 0x348c CodeIntegrityOptions = 0x00000001
19:39:13.0324 0x348c ============================================================
19:39:13.0482 0x348c KLMD registered as C:\WINDOWS\system32\drivers\65258553.sys
19:39:13.0482 0x348c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 16299.15, osProperties = 0x19
19:39:13.0671 0x348c System UUID: {64BCF57E-A033-FB7E-1E4E-B702CEAEC104}
19:39:14.0058 0x348c Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:39:14.0065 0x348c ============================================================
19:39:14.0065 0x348c \Device\Harddisk0\DR0:
19:39:14.0065 0x348c GPT partitions:
19:39:14.0066 0x348c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {19840438-2F25-483E-A6F6-19CA01F35A14}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xB4000
19:39:14.0066 0x348c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {CF318979-A264-4E12-A8F1-BDF9BD617B65}, Name: Microsoft reserved partition, StartLBA 0xB4800, BlocksNum 0x40000
19:39:14.0066 0x348c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {51B2A672-FDBC-492E-9353-A6E623A3C3FA}, Name: Basic data partition, StartLBA 0xF4800, BlocksNum 0x1B18D000
19:39:14.0066 0x348c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4E2A5558-DCB9-4625-B08D-B1C473C34809}, Name: Basic data partition, StartLBA 0x1B281800, BlocksNum 0x1EA000
19:39:14.0066 0x348c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B32A5987-011B-4902-8980-A1EFE4A7D78C}, Name: Basic data partition, StartLBA 0x1B46B800, BlocksNum 0x2485000
19:39:14.0066 0x348c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D28A8FD6-16D4-40BF-808E-0BD0439BA57A}, Name: Basic data partition, StartLBA 0x1D8F0800, BlocksNum 0x400000
19:39:14.0066 0x348c MBR partitions:
19:39:14.0066 0x348c ============================================================
19:39:14.0068 0x348c C: <-> \Device\Harddisk0\DR0\Partition3
19:39:14.0070 0x348c D: <-> \Device\Harddisk0\DR0\Partition5
19:39:14.0070 0x348c E: <-> \Device\Harddisk0\DR0\Partition6
19:39:14.0070 0x348c ============================================================
19:39:14.0070 0x348c Initialize success
19:39:14.0070 0x348c ============================================================
19:39:22.0653 0x2234 ============================================================
19:39:22.0653 0x2234 Scan started
19:39:22.0653 0x2234 Mode: Manual; SigCheck; TDLFS;
19:39:22.0653 0x2234 ============================================================
19:39:22.0653 0x2234 KSN ping started
19:39:22.0798 0x2234 KSN ping finished: true
19:39:23.0236 0x2234 ================ Scan system memory ========================
19:39:23.0236 0x2234 System memory - ok
19:39:23.0237 0x2234 ================ Scan services =============================
19:39:23.0279 0x2234 [ 08312DEEF0D3F8647AA53AD90A69094E, E32620323E7EDD3CAB5B04B9E37DDE7CA87B45C2CB17520D69D03C17E1D5F65A ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:39:23.0339 0x2234 1394ohci - ok
19:39:23.0355 0x2234 [ 645009E711BBF117CCEE917A03FB0CDD, B531951443D961C08428CB0F77F57D9F33C37C0637F919A9DA9DB5DA18479F70 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:39:23.0368 0x2234 3ware - ok
19:39:23.0372 0x2234 [ 4014DBD09673A53A523D8AF26C301E05, 80B133C26697C06649AA1C0005EADAADA377A7423AF532FEEE15B02400CB9B6A ] Accelerometer C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
19:39:23.0385 0x2234 Accelerometer - ok
19:39:23.0402 0x2234 [ 334BAC25FE297342B119730E699B826C, 7ADC9240BFC835C48609BFCED422C4653BC2CA23F4474CD57A25D15EE44736B0 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:39:23.0428 0x2234 ACPI - ok
19:39:23.0433 0x2234 [ 44EA35A4B397898A83BF1B9B4B8DAE35, 023E3BC5CE47518269A812F156EFF1BD4CB14F1F5DD3FCC317DE046A519E20CE ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
19:39:23.0449 0x2234 AcpiDev - ok
19:39:23.0454 0x2234 [ 91D113A1532B8AB1E25B7DE5AB3C2F83, 43134DB92D522FCF537FFA8E829021F43BDD90006D7F096BA483DA1DAD3D1CC3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:39:23.0468 0x2234 acpiex - ok
19:39:23.0472 0x2234 [ 620BB2682BA625DF037072D89F44F6EE, A1A72F663C75DC65B1BA278CD7F43FAE6D1BDAE2F3F1D8269F508DECB555FFF9 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:39:23.0487 0x2234 acpipagr - ok
19:39:23.0491 0x2234 [ B9805A3C479390CEAEA5AEF5E4A90A2E, D9256734BC46EA43133873BDDE56B9A3597F74CFE82500FFB374A8EE6293ADD3 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:39:23.0506 0x2234 AcpiPmi - ok
19:39:23.0510 0x2234 [ ABD4EB55C661143B015BD0B9B47B235C, 5F109BA04010E634D547E86AF67659EA06BD05FCF78A493DB190790C4D7E13EA ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:39:23.0524 0x2234 acpitime - ok
19:39:23.0531 0x2234 [ AAA8E68E685DB1B68747E3DF68F96368, 1A5BE239B2D0C6F727303A98CFFC91070B6A05ECD6B9CD05AB326AC1910ECEBF ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
19:39:23.0554 0x2234 acsock - ok
19:39:23.0561 0x2234 [ CA805DA983594B01F3554464B2E5158F, AC311C5D59AA1FA2B1B3CDB9CCEABEC85878BF6CA6106253186909AA9EB3C1BA ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:39:23.0571 0x2234 AdobeARMservice - ok
19:39:23.0597 0x2234 [ 8C58BD711FAD5F11E8CFDBC5CED973A5, 340FCD2C492009D5D7732FBF94198C4767125A77E0C71BB20E5CB2BDA5AB57CF ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:39:23.0633 0x2234 ADP80XX - ok
19:39:23.0654 0x2234 [ 9619C0D7DB55CC3A636A24A7D82B0C8E, 12FA6F3CCABDC707F1ED1D48F9C53B84773D8E68719256192C64DE40D5DB909E ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:39:23.0677 0x2234 AFD - ok
19:39:23.0688 0x2234 [ DCE606F0E15E0FB75ECC02EBB3DEFA9C, CC851775136EC09CD41BF7EE1582BC6BE41086A807F5EBF3F97C60B57D5ADBC5 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:39:23.0707 0x2234 ahcache - ok
19:39:23.0714 0x2234 [ 84FFB4AC2BA923364DF13F73751E05D1, EBD054282D93F290408A2343C0CBF98CEF7619A8252DC04E15322E51505D45AF ] AJRouter C:\WINDOWS\System32\AJRouter.dll
19:39:23.0730 0x2234 AJRouter - ok
19:39:23.0735 0x2234 [ 084101AB03969D8ED00D5FFBE5F4C3DF, 6425FA16F0CBF5F3008780095364830EBF1F073BD5109764FE9E88245AFB9367 ] ALG C:\WINDOWS\System32\alg.exe
19:39:23.0760 0x2234 ALG - ok
19:39:23.0768 0x2234 [ 654824DF0CE32C9D274C1943DEB19AEA, 298D21026D503CBCE7A5385E8466905C62EDC89EE7AAD824127A213A9662ED73 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:39:23.0788 0x2234 AmdK8 - ok
19:39:23.0795 0x2234 [ 12C4246CE1B769B720BE0848F75AB4C1, EDB6C085FB1291FE5436360FFE227E9885C5698B2076C6C326316A4E672AE8AE ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:39:23.0815 0x2234 AmdPPM - ok
19:39:23.0819 0x2234 [ F1C16AABA27E9E153AEC7BD2AB853F30, 7CFDBD218E6C161747A21BBACC78BF1061F2427ED1247F1AE0879BE155C504E7 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:39:23.0832 0x2234 amdsata - ok
19:39:23.0839 0x2234 [ C834D0F1ECB8473E9E6D18EE1BCEECB2, C9B7B9279F96DE4DA1EE096B6463591B3A718F87CD75E544C5A07C3639D1F188 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:39:23.0855 0x2234 amdsbs - ok
19:39:23.0859 0x2234 [ 49203D2FFE30CBB36BE66A0E70F3D954, E5B5A3B3B4A8FF03B5C902642C776CECD554CA1DB25419111EDA83602986CCCE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:39:23.0870 0x2234 amdxata - ok
19:39:23.0877 0x2234 [ 38DC4D8B1BD5DA43179EEA726BD05249, 4BCACD6A6EDCBC76F3132142E70E9BE828BAA2C2D91F634A322FADD330C7ACC0 ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:39:23.0891 0x2234 AppID - ok
19:39:23.0899 0x2234 [ A78F24AF599EA536C6028D80E4037664, 0FE73CAFAE336D8831225BDCC0158BEEEED2E9E6086109974BE7F1982A79C9CA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:39:23.0922 0x2234 AppIDSvc - ok
19:39:23.0928 0x2234 [ 9D01D0608E39FCDE57969B0AA0191A56, E9D7F44A87D87F56CD3AA9D22C5466C04F2B9515124872BFA7FDE3FD81659DD4 ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:39:23.0947 0x2234 Appinfo - ok
19:39:23.0955 0x2234 [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:39:23.0966 0x2234 Apple Mobile Device Service - ok
19:39:23.0971 0x2234 [ 1E085E2302D568F0CE041732B3E887B0, 0D2A3675FDD04C800B302C84A43F233F0217EB4B1AD44B11AADDB0D5D8FA0DB2 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
19:39:23.0988 0x2234 applockerfltr - ok
19:39:23.0995 0x2234 [ 043786FF3A1B6A066613E0B166F28F07, CB248FA46D3798487A543344095F8EC5ACD8A4A5B9FCC7C374CAFE9DB04C6281 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:39:24.0017 0x2234 AppMgmt - ok
19:39:24.0033 0x2234 [ 1D123729F547EEDFBE3F510346848C38, B170860348FBAC054203A7B858866A12944D7046C01BA3A14AC0860D8C288770 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:39:24.0067 0x2234 AppReadiness - ok
19:39:24.0087 0x2234 [ FBC6C10A81DB0319A8AB2B14801922C2, 9E667CFBF81FDBBD4DA7086BA1682F3384BE4A99FD3E8546D381385F95431FB3 ] AppVClient C:\WINDOWS\system32\AppVClient.exe
19:39:24.0114 0x2234 AppVClient - ok
19:39:24.0120 0x2234 [ 05B19AD776D80FF0FADB44608896C16F, B7DDDF06C0E525774DA3AE3EA718E0CCC2D6C27F7430103B578859FAAAF2941F ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
19:39:24.0132 0x2234 AppvStrm - ok
19:39:24.0138 0x2234 [ 3EA678F2C70083FB1588772FE7FAFFE1, 8B236563E285352DE9DC056DC87872412D3A756E82DA9D0191931A19714B4078 ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
19:39:24.0151 0x2234 AppvVemgr - ok
19:39:24.0157 0x2234 [ ADD72B1FFE20B37A13A5A861724ECA05, D48515E1CF9B6317031B1151AEB8C7042D5FD63ABAD755749FE4660979F4E20B ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
19:39:24.0171 0x2234 AppvVfs - ok
19:39:24.0225 0x2234 [ 9D25C64C3567B3918EF2389398E72FA7, 20C2687A81599954F77D0AC82180ADCA3800FE49D19FF36C2E8B9A0BAEFC6A8B ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:39:24.0320 0x2234 AppXSvc - ok
19:39:24.0335 0x2234 [ B42C83DE28776B80DBA1310C56DD4F74, 8E017B73D5AD644EC1D46BC1DC2CAF465A6793E2AD6DC35A2E3AB907E7719C40 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:39:24.0348 0x2234 arcsas - ok
19:39:24.0365 0x2234 [ 0D51FFDAE7C906C308369EAB87358304, 684E0405D82C67285FA1586426EA6792BBE796524C10DD24C2AF48FEF4E3D92E ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
19:39:24.0391 0x2234 AssignedAccessManagerSvc - ok
19:39:24.0398 0x2234 [ C2151380227CD1F7DDA2401C1F151367, 0E76DCD69CAB960DC65942269081436A9DDA255E908E71A29E72DFCFC5CDCC7C ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
19:39:24.0416 0x2234 AsyncMac - ok
19:39:24.0420 0x2234 [ 6191B9B2EE0E8CB957C683B9B341CC86, E60ACC6E9C6E90F2E1DA0DE220C890B50887FD97E7884F8F4301FF2C9A2F408A ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:39:24.0431 0x2234 atapi - ok
19:39:24.0446 0x2234 [ 0A414BE36FFA16E9F20F94008E366AD6, FE254DDDEB22FFFBBFCC87FE035AE5C6F44F08C6FF0EDFBC0C584C0C47E6FF55 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:39:24.0478 0x2234 AudioEndpointBuilder - ok
19:39:24.0509 0x2234 [ 57D7504862058467BA8FB8D988E6D372, B0993D1040C91FFB9B5EDBFCBF9885887C90A01E9A7DD4218FA0D09A05C42097 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:39:24.0564 0x2234 Audiosrv - ok
19:39:24.0574 0x2234 [ 947FF5992E26AFD4CAA34506678B70BC, 0B125EDBD6E740375E45AAA465DC83740F5CD43A55CDA404F7A81F37EE3BC57C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:39:24.0595 0x2234 AxInstSV - ok
19:39:24.0609 0x2234 [ A921805C1ED3253DF48FCA4D724173EB, 7DB6A13228812550F066C76273ECA6B3FC12E7CC98C245D16B5A13FBCF6A509D ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:39:24.0631 0x2234 b06bdrv - ok
19:39:24.0636 0x2234 [ 3CC12A09AE7293F4CD1688117B46B9BB, 377B7FB7704BEA894801956756EF0EF2E8C938ABAA047F4729CDE91B44357CFB ] bam C:\WINDOWS\system32\drivers\bam.sys
19:39:24.0648 0x2234 bam - ok
19:39:24.0652 0x2234 [ 2A7267AA15E508F6D05A5B562F1FD1CE, 7070123619A3F08864844FF89C9DEA1D4ED48D05D2B93E305774BE715583DD51 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:39:24.0668 0x2234 BasicDisplay - ok
19:39:24.0672 0x2234 [ FAFAEDFC7CAFD8B8FADA6A81BAF92E3A, 11EA3C361DFE5CC177E7D8FD002DC6542E05D1C74977A4716BC1B3DA5CAE963F ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
19:39:24.0688 0x2234 BasicRender - ok
19:39:24.0693 0x2234 [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:39:24.0707 0x2234 bcmfn2 - ok
19:39:24.0719 0x2234 [ 72963E0676003016B431306A6F4951BF, 3442A7C1AC1EE8E68F15C78CEBAC237D7535F834AA13F8BB602645DD183A73D3 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:39:24.0741 0x2234 BDESVC - ok
19:39:24.0747 0x2234 [ 355D162E52819C19396FB01A8E005A1F, F7911703B51832806F9A88ECD7912A66A02A7798931F27757046D62895FCA0BD ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:39:24.0761 0x2234 Beep - ok
19:39:24.0781 0x2234 [ 7384D8967C8AF3D46DA2FD722168F222, FDC66CBBD041B35B726686F7593119D29C65D568BCA40B13918E57A25AB840CF ] BFE C:\WINDOWS\System32\bfe.dll
19:39:24.0817 0x2234 BFE - ok
19:39:24.0847 0x2234 [ A0D1BF71E828CEFD7F9DC726AEAD80CE, 742F245105412476A8713ADFBBA5E6498B3B1A03DCF3EE58C15F5AC06C686B44 ] BITS C:\WINDOWS\System32\qmgr.dll
19:39:24.0896 0x2234 BITS - ok
19:39:24.0914 0x2234 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:39:24.0932 0x2234 Bonjour Service - ok
19:39:24.0937 0x2234 [ 8843185CC8F60801C06812799584F6EB, 35D893B9C53215548C95143377F8DDC98A45F2269839BA498F2FA22B409F13C0 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:39:24.0953 0x2234 bowser - ok
19:39:24.0971 0x2234 [ FA2702519B710C40E6E55F85F7F87BBC, 95EE006E89FDC78F17BD68DE9977030A0FD47343FDF8308A68742F9E3D13CDF2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:39:25.0007 0x2234 BrokerInfrastructure - ok
19:39:25.0013 0x2234 [ A4863B7B1F0DB513D6E34547BACC211A, 41E74A60721CCBE0A4D487B3EE01BAC3108D9BA819BF58A64E963478C43828E9 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:39:25.0034 0x2234 BthAvrcpTg - ok
19:39:25.0040 0x2234 [ 82BD96D56574231AD0E9BBF293EA2E7F, EFC7121D6EC425F89BF10078F3716A63753303B6DAB6CC3EF90730E6CBED4630 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
19:39:25.0058 0x2234 BthEnum - ok
19:39:25.0066 0x2234 [ 9C9EE272C11252C651C5DE6A1AC1EDAA, DED378E894FA07B75F2E93490075879A50879CACACCF09F3F9EF37EDFA159233 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:39:25.0085 0x2234 BthHFEnum - ok
19:39:25.0089 0x2234 [ 69734E386826ED857C889330F35B4D9C, F0804D41D4BA6C9022B70D5092C4F14128D33F66C5D85DE10115A37C36927B70 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
19:39:25.0107 0x2234 bthhfhid - ok
19:39:25.0120 0x2234 [ BC58294295CBAD6637A526470305B5EA, FAA1A1C85D418B063D8A6E93558BA74D766081268354D63E28D372BD55D523DD ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
19:39:25.0149 0x2234 BthHFSrv - ok
19:39:25.0154 0x2234 [ 338B8D45C7DFB03DB7957188E16C9661, C634A32E6C945760BD85E3862B88BDA3E63A33DAD69523FD14523C3D301E675C ] bthl2cap C:\WINDOWS\system32\DRIVERS\bthl2cap.sys
19:39:25.0174 0x2234 bthl2cap - ok
19:39:25.0181 0x2234 [ 47BF82E2A6D11279C8501E08518AB835, 2B8D770AC694F31844A39BAC3B49C36523C9586D4B22C390009B057D4DA9D0F0 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
19:39:25.0198 0x2234 BthLEEnum - ok
19:39:25.0202 0x2234 [ A94AFAEA86F5F792BB4ECA095B231464, 588256D53CD50B8299FCABF624E8EF29761B16DE1999896DC647FBF8E2BAEA68 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:39:25.0219 0x2234 BTHMODEM - ok
19:39:25.0225 0x2234 [ 4F58D8C265FFA943878CF7F922432847, 5A98E89770E94DC729E04831BD186296F549C56771FA5ED60A56585502E70ACB ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
19:39:25.0247 0x2234 BthPan - ok
19:39:25.0268 0x2234 [ CC98DC94BB904EEADD22242535DF83DB, 8F638CF720C9EEAE57DE10277C26D343D9EE08B61A3F4871822537ED089008EC ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
19:39:25.0306 0x2234 BTHPORT - ok
19:39:25.0319 0x2234 [ 572BCA61B7E026E057AF7DF456AC7E0B, CA35DCC02BFE2D34C40449E47F0C8BA4AD709F01A952B9354332560CE72A1E4F ] bthserv C:\WINDOWS\system32\bthserv.dll
19:39:25.0342 0x2234 bthserv - ok
19:39:25.0349 0x2234 [ 55C836530A9602255BFB4F5D9DA2B737, DB82CB1FB657955AE80A144CC30D5112CF90FBEFCE9E89CF7CEF2929EBE56B28 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
19:39:25.0366 0x2234 BTHUSB - ok
19:39:25.0370 0x2234 [ 39E7437FC59CDD7A303ABD514E462E8B, 9DCACFC12090BA03E3DD8E0EFE02382E3D42B528BDF6DD77318CAFACBA9EBA09 ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys
19:39:25.0382 0x2234 bttflt - ok
19:39:25.0386 0x2234 [ 522888590B0C19BC8128119060AE7901, 9C979FD442E7B189FD156BD5E5E4A3D10FDABB3C38094B9C67A702103D39B00F ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:39:25.0403 0x2234 buttonconverter - ok
19:39:25.0408 0x2234 [ 2AB01CE5E233A6FBA3E91BD57772AA4B, DC241810B774BCE651B525885480F05D15AE0E623D53E4CB02562A8424C067E2 ] CAD C:\WINDOWS\System32\drivers\CAD.sys
19:39:25.0420 0x2234 CAD - ok
19:39:25.0427 0x2234 [ E2C8EE32C053892E685A989071AAE333, 842228C315BBD5FA802A81833BB0158774969FED4C5A706F9B904F7C70DB80A3 ] camsvc C:\WINDOWS\system32\CapabilityAccessManager.dll
19:39:25.0449 0x2234 camsvc - ok
19:39:25.0455 0x2234 [ F6F97879F53AD57194C6BC8272FD73EA, C11CB040CC64ABC0A6EAD6D6985659896FBB5911D2E10B6584E0F90FE6813C57 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
19:39:25.0473 0x2234 CapImg - ok
19:39:25.0477 0x2234 [ 9E82A95D77AC78C84BA75FF896B060BF, 87905E55724ADE5149D3BBC2DB76A7275580DE204BB561B8E1FCD631DEF3D9F9 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:39:25.0499 0x2234 cdfs - ok
19:39:25.0515 0x2234 [ 147CEBE0C5F7A80135C54715521AD9E1, 99ACF25165C0C17822B0FC06F662848CA0DFAD51B3E3B440005C2E033BFE4840 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
19:39:25.0551 0x2234 CDPSvc - ok
19:39:25.0564 0x2234 [ 6F9F9FA8976D9A45D3C75E7A49AC9995, 7350C4A0A1FEF73203F4AFF2689D59A34728F4F71849110235B1CA5FE0F5AF3D ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
19:39:25.0589 0x2234 CDPUserSvc - ok
19:39:25.0601 0x2234 [ 6D83565C1652E80447EDEA6947FA89D7, A84A3EA45304A9E3F53DA9F4CB9F2D9FF8A2AD69A36AEA366D35A2F5C9FDF851 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:39:25.0621 0x2234 cdrom - ok
19:39:25.0628 0x2234 [ 6286CBE87B64AB7D1F59E3375A2FF3F4, 92C276A18F99D2A423BC3A99EBDA1239F3B335C1EB6EBAF2F2800A23188B26F2 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:39:25.0648 0x2234 CertPropSvc - ok
19:39:25.0657 0x2234 [ D81954CE5E016FD716EDDB2B2FD9BA58, C47FF6D6527605238EF46E9BDF4544E2B2F4F9C5BCE13881F569F996541D7FF7 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
19:39:25.0674 0x2234 cht4iscsi - ok
19:39:25.0708 0x2234 [ F9A8570805807FFD66488F0A858E1308, 5D8363C5EEB7B92CFA219C466D04D8C625CACAFBDEA5857C5C9FA0C391AC2FEB ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
19:39:25.0752 0x2234 cht4vbd - ok
19:39:25.0762 0x2234 [ 9798D58461706930190F1F2F6BF21D80, BD7552297A636E19F5D544BDBF3490DA544E76002F62B227FA5BDA7A11760040 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:39:25.0779 0x2234 circlass - ok
19:39:25.0790 0x2234 [ 6AF3865AEF65623814209794409AA15F, F95A18B08329A5A794AE7B59AE9193B479E9AF6904E2656701AFFE32C6658840 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
19:39:25.0813 0x2234 CldFlt - ok
19:39:25.0823 0x2234 [ 33609EDF8062E8FE79DD5F9079E4D3CE, 3170634F63C66961BE3E98025FC735D8A61A98CA631430A448AE3243208C1C0C ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:39:25.0840 0x2234 CLFS - ok
19:39:25.0985 0x2234 [ F7DF7FE901C3096F7E248C6DC6B3CB7C, 7B12C682D578D1D361D6067FCEC555E01933006AD97EEC85DD477AD227BFA14C ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
19:39:26.0137 0x2234 ClickToRunSvc - ok
19:39:26.0171 0x2234 [ 0EFD85AB09099246CDF8DB63978CC00A, 1E402747B03E0B17D7AE76D52B9E1BE8DA7D29A92B8301DC9FC7A02C0E78757C ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
19:39:26.0199 0x2234 ClipSVC - ok
19:39:26.0208 0x2234 [ 2BA3BA38B5A6A667B0EAEC477276707B, 80AD05C5C7E0398EB7320A82878700C6588B7411F3DEA02E5784CA599CB548C2 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:39:26.0223 0x2234 CmBatt - ok
19:39:26.0238 0x2234 [ 5FD7E04967054728203265A310ED8D4A, 676C1A8D9DF8BBDC8BBEA3DD921736AF80FA7D5EFF5C0E6F2DE1C0010162800B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:39:26.0261 0x2234 CNG - ok
19:39:26.0267 0x2234 [ C65AF00EF12A1755E7CA370B0C71935D, C03315A5B999EB9AA5B5F1F000BD8A1C68DFC151B23AA2F29F69F7129407AA11 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:39:26.0278 0x2234 cnghwassist - ok
19:39:26.0311 0x2234 [ 7B1B881A90A0DEB704CB088459D4E60B, 4A5F032CCC3F1B9E04A130F7E15EDD1005DF4570C8D7BD939D0772F156E4DA5E ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64ISST.sys
19:39:26.0348 0x2234 CnxtHdAudService - ok
19:39:26.0369 0x2234 [ A50300498D56B2448F3593D25478D508, 841D66D4AB9749EE64802611157A9AAED1117B6B2C411B3DA272CE439E69AE45 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys
19:39:26.0382 0x2234 CompositeBus - ok
19:39:26.0386 0x2234 COMSysApp - ok
19:39:26.0390 0x2234 [ 65602B0DB49199647FECB2D1212147BE, DC25D2DED7C31B4691B61FC69BB12E50CA5EDA9705339CCC82BE145EFD6D47C5 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:39:26.0401 0x2234 condrv - ok
19:39:26.0421 0x2234 [ AB638EA8ECDBDC692C64F4FF4F940D1D, FE873A86E951C8886CF546E193814807DD356C20308655D4128B3DFCE16BF0BC ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:39:26.0450 0x2234 CoreMessagingRegistrar - ok
19:39:26.0473 0x2234 [ E13D3DD8CC5F8EB3BAD2A4727BAB4B43, 8D9ADB9F9F3B2444A3F357BEB47707B91DD11C13724C2AEF4B28E6E67F9F952B ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:39:26.0490 0x2234 cphs - ok
19:39:26.0512 0x2234 [ 30F0252493A2CFA6A7A123875A77025A, 84623474FFE238DD9FB6E3C467C22BEDE76608E249555E87EE18D56922821B53 ] cplspcon C:\WINDOWS\system32\IntelCpHDCPSvc.exe
19:39:26.0533 0x2234 cplspcon - ok
19:39:26.0540 0x2234 [ D64EF74FC6DA47EC2E460076F299E77D, 1F77E9F777FA6996222DE45B3AB2C01CD94C80A4A7F5CA092DDF1F18D74F93AA ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:39:26.0561 0x2234 CryptSvc - ok
19:39:26.0577 0x2234 [ 0AAC6E3138AB83C466281642D1A48F15, 31AEBAE422BFDC9EBE0B8CBAEE5ABAA27E8EA47387D4A24C91A3CE92EF7E0C92 ] CSC C:\WINDOWS\system32\drivers\csc.sys
19:39:26.0605 0x2234 CSC - ok
19:39:26.0622 0x2234 [ 9D4FA712339A09110809A4CC270AF4F0, 6403633EB0061CE3E4665E7A757EB697FD47DEE540EEDEC035CC13184FC62947 ] CscService C:\WINDOWS\System32\cscsvc.dll
19:39:26.0655 0x2234 CscService - ok
19:39:26.0659 0x2234 [ E61D58DE5AADFE98EE47DCFAD63B50C6, 004170DF82EC1650C7FEEF181E9E7F587FB5DA90D54771EAC8C0958451B2F247 ] CxMonSvc C:\WINDOWS\CxSvc\CxMonSvc.exe
19:39:26.0670 0x2234 CxMonSvc - ok
19:39:26.0675 0x2234 [ CEFC169946825C5F329545279FEC823B, 155848D7887E00863540542122A16BFD65DEEDC1B8B64F7E92D64D2C74CB5C1D ] CxUtilSvc C:\WINDOWS\CxSvc\CxUtilSvc.exe
19:39:26.0686 0x2234 CxUtilSvc - ok
19:39:26.0690 0x2234 [ 72BE43ABD786E86AAE7EA2193201E100, A013CF10AA4158082B5D0D7F885969C5C92710A6084E57E9DDBDA84420D97367 ] dam C:\WINDOWS\system32\drivers\dam.sys
19:39:26.0702 0x2234 dam - ok
19:39:26.0725 0x2234 [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:39:26.0774 0x2234 DcomLaunch - ok
19:39:26.0796 0x2234 [ F7FB921F438C3566CEC55657EA4E7D9C, 17FA956E3B89F9B6C154975E7E1AAFB204F5EDEACC14A8424827DE13440A9299 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:39:26.0825 0x2234 defragsvc - ok
19:39:26.0840 0x2234 [ B5F9123D6537856EA698386ABA27A232, C60DD499254B4A3741ECE71AF1685763BD6A6F828F879D54E175A6198C89ABF0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:39:26.0868 0x2234 DeviceAssociationService - ok
19:39:26.0873 0x2234 [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:39:26.0893 0x2234 DeviceInstall - ok
19:39:26.0915 0x2234 [ A19F51A044B62C994144ED87A7A5A887, 91ECE0E067E138817CD46A876B2D28CB47A2CCBE9C924EA91A1966FDF69AF7DF ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
19:39:26.0950 0x2234 DevicesFlowUserSvc - ok
19:39:26.0957 0x2234 [ 0D2A4CA81D1F7B5E5FBFE1E4F60246B8, EF425C2FB1191720F9B53EB26EC904F53851D296B222E20B0733615575D4B7E5 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
19:39:26.0975 0x2234 DevQueryBroker - ok
19:39:26.0983 0x2234 [ FAEC08F583CAD06D4F057DBB733A03A1, 3FB5FDB9B7B4B55916F102E6AA2FE387F2D552229FB1E6852E5DAC9A49B214A3 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:39:26.0999 0x2234 Dfsc - ok
19:39:27.0009 0x2234 [ FDB38FF469568190277A694D1BF599F5, 5512DB70C942FBFD78DBAE3DF379A2DDB9249B45BF5CE2CB305605C14CD1F25F ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:39:27.0035 0x2234 Dhcp - ok
19:39:27.0040 0x2234 [ 8C46ADC4354DDE94CA459CB4BA822073, 8B0597866B6BAD22641B70836B29FC01433A00AFDABF31E5672DD5DF6ADCC3BB ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:39:27.0061 0x2234 diagnosticshub.standardcollector.service - ok
19:39:27.0070 0x2234 [ E2BF09B816393AF73EDCB8ECF9BBDB2D, DBDFFC2450E4EC684DD59383799ACF1D207B0882C301B8D562FB76307AFCC553 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
19:39:27.0091 0x2234 diagsvc - ok
19:39:27.0139 0x2234 [ 3DEAA6E6626AF9E84DB66124C1679AC8, B5277B71244FDBBE2C7D351CD519B01BDF26D8605E88F480B17B2E85B35A9B5A ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:39:27.0221 0x2234 DiagTrack - ok
19:39:27.0231 0x2234 [ 8C7FF86607E367E6319F7F637115D665, D49EAA69A880A566558ED58F60B378AB9E2F950DC951741908DD0914121D6099 ] Disk C:\WINDOWS\system32\drivers\disk.sys
19:39:27.0241 0x2234 Disk - ok
19:39:27.0260 0x2234 [ 133E5277C2A50770EADFAC4AF2232D69, E24933DD2440BA8DBDFD3A583301A9BE56A4ED699134242DB52E1AB5721C53D4 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:39:27.0297 0x2234 DmEnrollmentSvc - ok
19:39:27.0302 0x2234 [ 64009621AAF4BC6626BC1A623A26FAD1, C94E63FB12AC58022C0C7F7721C7A38E9411DE94BFB12416091DC1A1F8C90414 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:39:27.0317 0x2234 dmvsc - ok
19:39:27.0322 0x2234 [ 10E72E3315305461D3F0C7560AE98CA5, 702B5C056DB6B4E337231BBEA48E106FA95F26B48CDE91857305E4C6E4EE6A12 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:39:27.0340 0x2234 dmwappushservice - ok
19:39:27.0350 0x2234 [ B307EE2CEF643264DF3DAAF5DD2D08E2, 4A362C947852C076B53AD4655DD4EDE7D6106AABAFAD6ED1D874DA4F33EC0F8B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:39:27.0371 0x2234 Dnscache - ok
19:39:27.0382 0x2234 [ E1C233826ECA1E52672052C49BD42485, 20B573BD6C5C760C21863F7E8B5AA544661C38E240C41ABA1C69B61C68A8FDD0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:39:27.0403 0x2234 dot3svc - ok
19:39:27.0410 0x2234 [ 6D8971C942FEE43A0AB6B3192534AFB4, 44D437DD32E1FDD7922B352CA6C19C83C1ADD825FB704B8E07BEF01E866E2B99 ] DPS C:\WINDOWS\system32\dps.dll
19:39:27.0431 0x2234 DPS - ok
19:39:27.0435 0x2234 [ F4800922F4ABA619585CE320A72E6389, CA83BCAA8B37F303E89598F8C93B201A3F000A09F4A9963E370D7E59BD79D448 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
19:39:27.0447 0x2234 drmkaud - ok
19:39:27.0454 0x2234 [ BB73FD1329739982C2915AB827A01362, 70E69942AE14D5012D9A8B1C799B5B4B4FCC2E456D8940CB4C104D6AB7C4997B ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:39:27.0475 0x2234 DsmSvc - ok
19:39:27.0483 0x2234 [ 280297274D162AD79ED767D8CB22DE9C, E344797EDD9EC2ED3D1D07FF1B94DFB8BA318DDE8CD6CECA937A27B4B2E22A0E ] DsSvc C:\WINDOWS\System32\DsSvc.dll
19:39:27.0500 0x2234 DsSvc - ok
19:39:27.0510 0x2234 [ A05724426389EBC1351E3D6F95CF3EAC, E638F97043274515F9A8A46B55C9478E886683580F33A0E90A3BDFBA6A4F6C26 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
19:39:27.0533 0x2234 DusmSvc - ok
19:39:27.0578 0x2234 [ EAC1B96AF31F554FC2ED24CEF8AB42D8, 8DBB1C204C5FC7AAEB23CDFF4E01442356CBC3DE78AFC4A82783B2123DA6BEB8 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:39:27.0639 0x2234 DXGKrnl - ok
19:39:27.0662 0x2234 [ 2AAC97A2DDFE3149851A9F8E002F2721, 7CDCB2BA56A6417C49A94D45BC674678073EB6B999FB0665EC329A26C5E9BCA7 ] e1dexpress C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
19:39:27.0682 0x2234 e1dexpress - ok
19:39:27.0691 0x2234 [ 15F9203D87BC8BB2F2607D4DED0450BF, 9B800856BF34430FF58B64BA410070E78114706D74F757416EC162A30E7AC441 ] eamonm C:\WINDOWS\system32\DRIVERS\eamonm.sys
19:39:27.0704 0x2234 eamonm - ok
19:39:27.0710 0x2234 [ FA94398748930D840FE35A44F1D225A7, E2D48460413904AAFB50E18A24471157D2A235F5CCDF89EE49BB139D1CA3B9F6 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
19:39:27.0730 0x2234 Eaphost - ok
19:39:27.0793 0x2234 [ C99D40C97841E0A7F0F90B8629593A97, 2DE7FB6E3CD7B06079C2B05D8C10AD0EDF187684ED1DE5BEE98FAB9A4B331824 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:39:27.0872 0x2234 ebdrv - ok
19:39:27.0888 0x2234 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] EFS C:\WINDOWS\System32\lsass.exe
19:39:27.0904 0x2234 EFS - ok
19:39:27.0912 0x2234 [ 31D3933AFFF4A58819F76EDE58339F73, 9A4543974DA844DFFC5BFE8D26AE32AA899779095BE1F53D931FC6E3E0378E33 ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys
19:39:27.0924 0x2234 ehdrv - ok
19:39:27.0931 0x2234 [ 260BBD6B1ED06298E509B452354EDB91, CF794D5AC62C6DBF356BC717910FD2B106A8BD90C3C03BA43859FD876F8820BC ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:39:27.0941 0x2234 EhStorClass - ok
19:39:27.0949 0x2234 [ F3BEBDC1B9DBA32F183079EAE6244837, 5DE0DA8D2A13BFA852355619C6DE5AC2FDFAB314A619A4F209842581E4D82DE1 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:39:27.0962 0x2234 EhStorTcgDrv - ok
19:39:27.0968 0x2234 [ 199711EC0A2808F65DD7DFDBE312F0FD, FAA30232AC9357696DA8D1348B07E556BE4ECF99259128922A44DF7D5FBF4D4A ] EHttpSrv C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe
19:39:27.0977 0x2234 EHttpSrv - ok
19:39:28.0014 0x2234 [ 02E1DEC17CA6AEEF2D5B4945BC29D57B, A55AF1FD06BFB7D9D3B8B2B4D150B5E220BB5BB846C5B4237B92C04882E98783 ] ekrn C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
19:39:28.0059 0x2234 ekrn - ok
19:39:28.0072 0x2234 [ A75880A9192B9DA69F46867B06276746, 53856262A5BD4BE93CB45D1F43B87F45CB01C02B7D94231CF05346B9BDF1F18D ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
19:39:28.0096 0x2234 embeddedmode - ok
19:39:28.0105 0x2234 [ 3BC17ABD52295C64A8BEE3CF4B244B12, 9153DF82C10B314983DB78AB88B468C39E213AE3C504AD865C54213F76F120D6 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:39:28.0127 0x2234 EntAppSvc - ok
19:39:28.0133 0x2234 [ 8804798548EC2B65BE92FEB72467BF20, 01560545A1BB9FE1364BBE5804421425C7914B3BF9E69628B468CC798DFD9977 ] epfwwfpr C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys
19:39:28.0142 0x2234 epfwwfpr - ok
19:39:28.0176 0x2234 [ CF0F703C073ED190CFED90793C3CA007, 46B5DE34296B438477894EB8456EF2AB9E8A20E592A7D9DFCED12DFF03C3BA84 ] EraAgentSvc C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
19:39:28.0214 0x2234 EraAgentSvc - ok
19:39:28.0223 0x2234 [ 1B63CA857FD03FD0A5A1379F2996784F, 9EE5205DCFADAFC62D36528087FA4E023F7E48FF0D2A8333D8A6111AE09D21B8 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:39:28.0238 0x2234 ErrDev - ok
19:39:28.0245 0x2234 [ 007BDB97251D74B7A453AE37725E7F86, 6FABA43BA89F5889103C388B2176ED06AD1D95784B5FD2EC9D09632FDC905466 ] eshasrv C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe
19:39:28.0256 0x2234 eshasrv - ok
19:39:28.0262 0x2234 [ 0AE7DAAA8524C8D1A4C2414296EF329E, 6A5CAA0819BA177A510F9DEEB94BE5BC699C088769781FB512D7327FF700DBD1 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
19:39:28.0271 0x2234 ESProtectionDriver - ok
19:39:28.0284 0x2234 [ 6A5FA501A2D96001391FF3CBA32935AB, 018DB01ADE957A1A1FF5B168A2EC0EFEF8BFBE036079791FDF0C6AA6C12295BA ] EventSystem C:\WINDOWS\system32\es.dll
19:39:28.0311 0x2234 EventSystem - ok
19:39:28.0328 0x2234 [ DDA34282ADCD44D120FF98F07D527DD4, 7C88181A63739E2093574B4972E40AB9DCF811580334D439C8AFC0C72E4EE571 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:39:28.0350 0x2234 EvtEng - ok
19:39:28.0360 0x2234 [ F1ACA42D448E3986565EA54275EEEA65, C85101D6E7A2204FD73AAACD972F610B6A4BCF7EB7512412FD34660DCB5E8C5C ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:39:28.0383 0x2234 exfat - ok
19:39:28.0396 0x2234 [ 0AF4B36754A6EAE794EE4398E219A9E1, A818763D7AE6E7F4BC57294BB4D80FE9E04387BB3EBE8A6088D2AF746FF548A6 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:39:28.0413 0x2234 fastfat - ok
19:39:28.0428 0x2234 [ B1A38C0D977D8738779CA3EFEBDFCA8C, EDD852EF89AFBDDBBBE002E6675EAFCC46742B6136EB22428C84D737C6229FEA ] Fax C:\WINDOWS\system32\fxssvc.exe
19:39:28.0459 0x2234 Fax - ok
19:39:28.0465 0x2234 [ 7CD8426A33F06EB72BFEC51F7C264AF8, 4FDD5F6A8BDF25D965CE52132DD0EA77D335C1C5F77A7758F3F6E22DFC12BDF5 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:39:28.0481 0x2234 fdc - ok
19:39:28.0485 0x2234 [ 21EB16C5DDFBC19DEBE9EEC10EA423FB, 514327DA987793AFE1DFB4F2C0F033C349432E6F1F6AACBAE23E24E63EFA51B9 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:39:28.0501 0x2234 fdPHost - ok
19:39:28.0505 0x2234 [ 57F98EFE6CB82AE5400BA99C705AF45C, 7AB83C7AF4CA49BFC2976FB707B251C181279B7E16EBDD43AD0E1A4AB8C4DFC9 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:39:28.0522 0x2234 FDResPub - ok
19:39:28.0528 0x2234 [ 02F93E4B9EC2821B6670208044FF5332, 2D947C8AE51E749029B3180751E4486E27A19471A7A98087076103D307B5CE64 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:39:28.0548 0x2234 fhsvc - ok
19:39:28.0551 0x2234 [ DE51BBBCF358188F9736F031546F9908, E2B80DF63C039663085FA9D63F3F30736EC20C49BC678CBD7D7C7231107C3635 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
19:39:28.0568 0x2234 FileCrypt - ok
19:39:28.0573 0x2234 [ 822F664952B0F8D11BB6BD2F11779602, B7E9908A305942194E64E834819186CBBF9DD4469B300DCC8D31E1E5674D6600 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:39:28.0585 0x2234 FileInfo - ok
19:39:28.0589 0x2234 [ 5A4935682A0D47A4EAC4BE3C2ACF74D6, 0DCF2E7928D11F49EBF906233894E81CFFE938ADFCA802CE0207CA58B4A02AAD ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:39:28.0606 0x2234 Filetrace - ok
19:39:28.0610 0x2234 [ 60641F22D1D38EAD197C25F0339C9712, 110ACEADAE92C384C80356C9DE88E3A94141881E8544DB65736875FFA2716F68 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:39:28.0624 0x2234 flpydisk - ok
19:39:28.0636 0x2234 [ D38A250AE8335BC74808897B3C404F4D, 6626EB79A2A936406DEC81318ED2B0E18862277AC30D16F0BD2ACA012516E25B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:39:28.0653 0x2234 FltMgr - ok
19:39:28.0691 0x2234 [ D9E18DDDC08B77E634F2AFEF0CC551FF, 701BFDFAD6E86C48E02612E54F3F8819632FC13526893AD2BBAA51348F5E24FF ] FontCache C:\WINDOWS\system32\FntCache.dll
19:39:28.0755 0x2234 FontCache - ok
19:39:28.0766 0x2234 [ A7C6894FFF261C0FEFDCB41BE83CF430, C3DB55140E4848873BC0004030933402CD396112C14F432258D875DB1608700E ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:39:28.0775 0x2234 FontCache3.0.0.0 - ok
19:39:28.0793 0x2234 [ 95F8BF9B335A0BE8920BE160F95B2503, 596B02CFF111C2610E73FA2EBDBB7E6C5C190A9DD9E2FE4CAC6ED475691B7A43 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
19:39:28.0831 0x2234 FrameServer - ok
19:39:28.0836 0x2234 [ 0425D9D2A679060CC9755449779FBA54, F0BFEE92081BDF82AAD58AD1B21659F465DCE6F9F9F16ABBE9A84C17978AA3A0 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:39:28.0848 0x2234 FsDepends - ok
19:39:28.0852 0x2234 [ B962036CAADC05E466FEB165E0974587, EAA88EBBAAFF31A5E35B3B23B12E94EE3C659399CDDAADBF4B6146AE091CA5AA ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:39:28.0864 0x2234 Fs_Rec - ok
19:39:28.0884 0x2234 [ 2C8891C306C8F43A273BDB7C490E1C92, DD8D905956652D276796F5638980E3219EF2D8C2B65A8DE537D549BF5C306BE4 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:39:28.0913 0x2234 fvevol - ok
19:39:28.0920 0x2234 [ DFAB4D8FE39C64EAD3A4DCBA25AAFEE0, BABCAE227CD2E87E37C708539C2232251B37F35EFFE2B927914D72517F161E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:39:28.0935 0x2234 gencounter - ok
19:39:28.0939 0x2234 [ 8B34E3F794F652082D7E8AF112F71681, C6CFA239BDF46827BFC89DC9A9BF45B0EBCE3EF1BB7DCA33980A632E549B37F5 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
19:39:28.0956 0x2234 genericusbfn - ok
19:39:28.0963 0x2234 [ 127C23F4720C8902A3AB0FEE12205317, E3BF55D81B04572D11B41CDA2DB4509FD252561EB29ED22CC6F616E856E3D86E ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:39:28.0977 0x2234 GPIOClx0101 - ok
19:39:29.0003 0x2234 [ 846347C05DBC7C49143D9723EC3714E9, DCC888F1262CA50DA3109D132A9C04F83A961720647E9882D3EFCBF8E3D703B5 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:39:29.0052 0x2234 gpsvc - ok
19:39:29.0057 0x2234 [ 582578F031109BE65C15E1D8A45BA547, 4BB1E20A2BDF8F504FF787EF338B6180DD537F53A0DC843B96AEFD8BBE970653 ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:39:29.0073 0x2234 GpuEnergyDrv - ok
19:39:29.0081 0x2234 [ 141904F0581468B39B579EA33CA57549, 1D947A6079CED7840B0FF4720C36D873F5A69EA6C94E4C15ADF1A7C0CD0CD0EA ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
19:39:29.0099 0x2234 GraphicsPerfSvc - ok
19:39:29.0105 0x2234 [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:39:29.0117 0x2234 gupdate - ok
19:39:29.0122 0x2234 [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:39:29.0133 0x2234 gupdatem - ok
19:39:29.0138 0x2234 [ 99A34FD1F6431A10D8C3BB50E170D0F2, 14BFF99BBF9ED53D3A157B096CDE0394824260021BA96E1F2C7B1CFB598DD850 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:39:29.0155 0x2234 HDAudBus - ok
19:39:29.0159 0x2234 [ 2443FC6EEB9CF092B62127D867901B02, ABD5E907FF066B95C5697C4E470B4EA19976DEC90C8159B963A82EDA218AB114 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:39:29.0172 0x2234 HidBatt - ok
19:39:29.0177 0x2234 [ 205043CDC16ADE85E252DD54AE925161, F377F046EFEE53C7786AF15C0BB5BADE36511427575A712B0098A883F3715DB3 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:39:29.0197 0x2234 HidBth - ok
19:39:29.0201 0x2234 [ 4A4A22FD851B1764D2A9D8F268A1431B, 36135071DA69CC671FDA16859DB7E11E518BE3E5005E3D619B28D0FCE3C80A34 ] hidemi C:\WINDOWS\System32\drivers\hidemi.sys
19:39:29.0210 0x2234 hidemi - ok
19:39:29.0216 0x2234 [ B521DDDC9038C066B1B957BF063A531A, C5FE68FB22C28C4D06A0792FD5AC9A1F0EC01EF26E1D37B9DF05F22D8B7DFF8C ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:39:29.0233 0x2234 hidi2c - ok
19:39:29.0237 0x2234 [ 5AC0EBFA76E93273A806176D3178E986, 679BFEFF9F4172EBB14A6C2E8381F54FBDC9E8705E8B0F306723DDF48B6E5143 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:39:29.0248 0x2234 hidinterrupt - ok
19:39:29.0253 0x2234 [ 366AC0E05EBF5D5C375F65CD8BC7F0DF, A6B751864E33EBB5DE2E09403A8C26E72DD5510F3A380FA502393FC11A14A433 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:39:29.0268 0x2234 HidIr - ok
19:39:29.0272 0x2234 [ 75F4CCB7FF03603E91DD0C7FF83DAABF, 10508A6C36163C9D40C16A47AB4CA8C03C89BB7795690818E5C562E3FF828D5B ] hidserv C:\WINDOWS\system32\hidserv.dll
19:39:29.0291 0x2234 hidserv - ok
19:39:29.0298 0x2234 [ 7CB54D02746024648FCE184FC3F941FF, 6C7B8E6AD3C05D66868D0268C9C8183021AB241E576184FAD0BD50ED4E18E9ED ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:39:29.0313 0x2234 HidUsb - ok
19:39:29.0322 0x2234 [ 459EC4290CF0D8269DB28FBFD6284C58, F1C34F11E18F6D48C8378F77DE167AD208E9E7C3022DCA714FF0403AEFF80857 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:39:29.0344 0x2234 HomeGroupListener - ok
19:39:29.0357 0x2234 [ 24C900B7296AA9867FB761A5801AFBD1, 4A765E905D0F7C4B450A28FB85F413F4EAD2B53240E804FA531626ABB0518381 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:39:29.0384 0x2234 HomeGroupProvider - ok
19:39:29.0390 0x2234 [ E5AEAB81548F0060001938831C6252B4, 0746C990293A7583629883989E97B6C03B6CF017816410750F13CD00570762FA ] hp3ddgsrv C:\WINDOWS\system32\HP3DDGService.exe
19:39:29.0402 0x2234 hp3ddgsrv - ok
19:39:29.0406 0x2234 [ 8ECD68506AF6E9F3188F1F822F780FDB, 6A3ABF527A9C4495197F22CC7AA0F1483F0D722CA93FB6ADEA835D2AE8FF5EB4 ] hpdskflt C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
19:39:29.0417 0x2234 hpdskflt - ok
19:39:29.0422 0x2234 [ 835FB95D85D362057A72D21A48C2C7F8, 06A57F9E459E52DAA7B27F232DBC1E0ED0E04759D34AF3E15A645D11DFDD6A58 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:39:29.0435 0x2234 HpSAMD - ok
19:39:29.0439 0x2234 [ 5E5445D0A23626EF004479D4370DF13C, B7CE61FA3AA4929F549667FE7581721C039A7393E644C7530D0DFE73A5C32422 ] hpsrv C:\WINDOWS\system32\Hpservice.exe
19:39:29.0453 0x2234 hpsrv - ok
19:39:29.0462 0x2234 [ 517DF0B5228DBA34D8A81DE3B14F5EBA, 9AB289EB8D128D55D75D66C72F7FE614BF63B33B17003CFC7F03C0C1FDEF078A ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
19:39:29.0479 0x2234 HPSupportSolutionsFrameworkService - ok
19:39:29.0502 0x2234 [ E2F4638649D2157D8A863ADBEF99C2E5, 9EF44666F3CEAC729828F733C816BD72A52C4477A0573AE048392CB2C65B90FD ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:39:29.0535 0x2234 HTTP - ok
19:39:29.0541 0x2234 [ 8B8395999252DE3BA4EBC1A5F28827F3, 95B9B330C43438C6203FD08A441C3CC269CFBA812FC804805786F0243BA1949C ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
19:39:29.0553 0x2234 HvHost - ok
19:39:29.0557 0x2234 [ 71E673C20651C2530A359F0D8B3B3E57, B936598732BEC2D5A4E644F721EF258A754D4D6A5A2C84C96310CFAA21B1B2BC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
19:39:29.0569 0x2234 hvservice - ok
19:39:29.0573 0x2234 [ 3737FE486929AFC48F1D10677B698E52, 9E8792F3A494AE3E7CDA65E93B561B6FFFB9C781606F5863D524DDD24CFEB9C3 ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
19:39:29.0590 0x2234 HwNClx0101 - ok
19:39:29.0596 0x2234 [ 3C65EBF7F1BFD98426C355D66876ECEE, CA1DC462C4D96176C81EF3448238B76B4CDA3C521533973B281359D7F436B8A5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:39:29.0605 0x2234 hwpolicy - ok
19:39:29.0609 0x2234 [ E3BDE6C567ED5CD7B15B2E522C120D02, 954EC837636D0F08A3596E4270F37E03C99F8D1A7E80D0D323E0CB793324D776 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:39:29.0623 0x2234 hyperkbd - ok
19:39:29.0629 0x2234 [ 1D7BBC4C6F33A4A6189AEA1509615DF9, 66D6E64353CE80949082E594061BCA077849840B175F18F0743285B389F57250 ] HyperVideo C:\WINDOWS\System32\drivers\HyperVideo.sys
19:39:29.0642 0x2234 HyperVideo - ok
19:39:29.0650 0x2234 [ 56FF074E50F9042FD2856AB3418F4B18, 239C9BF23DE2E36FD7112C425CDF18F29B751D75EF3551AEFB048FAD2B0A55E2 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:39:29.0670 0x2234 i8042prt - ok
19:39:29.0674 0x2234 [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
19:39:29.0691 0x2234 iagpio - ok
19:39:29.0698 0x2234 [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
19:39:29.0713 0x2234 iai2c - ok
19:39:29.0719 0x2234 [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
19:39:29.0734 0x2234 iaLPSS2i_GPIO2 - ok
19:39:29.0739 0x2234 [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
19:39:29.0754 0x2234 iaLPSS2i_GPIO2_BXT_P - ok
19:39:29.0760 0x2234 [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:39:29.0779 0x2234 iaLPSS2i_I2C - ok
19:39:29.0786 0x2234 [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
19:39:29.0805 0x2234 iaLPSS2i_I2C_BXT_P - ok
19:39:29.0810 0x2234 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:39:29.0820 0x2234 iaLPSSi_GPIO - ok
19:39:29.0825 0x2234 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:39:29.0847 0x2234 iaLPSSi_I2C - ok
19:39:29.0874 0x2234 [ 0609694A9C4D6C71319732FA82C6E5C5, 5507D20AB9C86B11564C953C6F535976A0D201295C642EA0CABF435DAD908251 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
19:39:29.0910 0x2234 iaStorA - ok
19:39:29.0934 0x2234 [ 435883A27A376B125BD4DF888417C85F, 091F9285FCF1D5605D03CB68C062A2DE6FF2D705FF43E983A8A7B5DFA0872A96 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
19:39:29.0958 0x2234 iaStorAV - ok
19:39:29.0965 0x2234 [ E091D765D9292E56C493D609A53C38DF, 4CC5B97F3CCA51BB803D199936B3C5E9754E0639BDE8CC6480E2874BAF84A925 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:39:29.0974 0x2234 IAStorDataMgrSvc - ok
19:39:29.0987 0x2234 [ 7118E4390C4ACDE61E280CE52BCAF44E, 11123C1555344A191283187BF1F4A8D731E29EE27C7A7A7916873E8D2E95D978 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:39:30.0006 0x2234 iaStorV - ok
19:39:30.0020 0x2234 [ 9DBE8C359ABACE1BE1BBAB687D114506, D2E5CB2BFC42627C1BB38A68F925DD534AEFFF9354AFD184005EC338E8E6B232 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
19:39:30.0041 0x2234 ibbus - ok
19:39:30.0047 0x2234 ibtsiva - ok
19:39:30.0053 0x2234 [ 1606B6C6CFC27C75381B7DF7460A43C6, 9D221D70191F0D17DF614B3A12C4DE5DDF1966FA8B6A49651CEA9CADBF696E41 ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
19:39:30.0065 0x2234 ibtusb - ok
19:39:30.0072 0x2234 [ 0CF99D60588AF7F198C135BABCA287F2, C72235865426659957909E8465B7D208EB5CAA21B529F07BB055D33028326D9C ] icssvc C:\WINDOWS\System32\tetheringservice.dll
19:39:30.0092 0x2234 icssvc - ok
19:39:30.0296 0x2234 [ A0FF4D57C13ECD0745BD840C37ABD4C0, 83723E896FF58616C7A0AB7A35BBACC912E4E322D7FA657A3C38FC41728C140F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:39:30.0513 0x2234 igfx - ok
19:39:30.0543 0x2234 [ 70F2F68DB668251F00FF7F44E83A8D29, A6A40123B2FE3FA8D877D6F0E2B77209219186D7A469877F9940C7C41211B38F ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
19:39:30.0560 0x2234 igfxCUIService2.0.0.0 - ok
19:39:30.0583 0x2234 [ 4D8123F7262C87B3CAE5A62AF74F7939, 8F003562F50218307ECC48A7BF43BE1DA88352D2749902A029081804B71C85DB ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:39:30.0623 0x2234 IKEEXT - ok
19:39:30.0635 0x2234 [ 42CAF6216A6E516DC56BA319ACC7EEC5, DF60FF41F06D1101E4A81F7416DB5A34D7BA885CBA874BC15AD43FB4080F2958 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
19:39:30.0652 0x2234 IndirectKmd - ok
19:39:30.0680 0x2234 [ 02D6C68057FDED7E08FD3CAEE564B6C8, 8DF7C7D6C5970DE16ABE32FAFEDEB467A243283C227FAFF25D7258875A2F459C ] InstallService C:\WINDOWS\system32\InstallService.dll
19:39:30.0725 0x2234 InstallService - ok
19:39:30.0740 0x2234 [ C1129E1C1E8747444C32F9070A1F3C95, 2AE0130F202EBE57B05721A8F65816A59517DB6E5AB8BC64E27E6EF3AC9A6946 ] IntcAudioBus C:\WINDOWS\System32\drivers\IntcAudioBus.sys
19:39:30.0754 0x2234 IntcAudioBus - ok
19:39:30.0772 0x2234 [ EE79946320DA8E6222F39C0775E32E4D, 6FF66D2DFF558FC35DECE77C94AF9031635F1C793B05F204AA31AAE3C26407B8 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:39:30.0798 0x2234 IntcDAud - ok
19:39:30.0816 0x2234 [ EEE4AB06BE1AF0651D566361D5AC8293, 75FAEC3ED94F059338B593BBF7BD926638151D850E6352F15DFF422C73199331 ] IntcOED C:\WINDOWS\System32\drivers\IntcOED.sys
19:39:30.0841 0x2234 IntcOED - ok
19:39:30.0867 0x2234 [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
19:39:30.0890 0x2234 Intel(R) Capability Licensing Service TCP IP Interface - ok
19:39:30.0903 0x2234 [ 252D2362BEADF2045A8660AD08BDD21A, 848527FE8E85A2D333072470D1833F53DE7984D1DB7A873F3F9BEB1E1588AD2C ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
19:39:30.0922 0x2234 Intel(R) Security Assist - detected UnsignedFile.Multi.Generic ( 1 )
19:39:31.0086 0x2234 Detect skipped due to KSN trusted
19:39:31.0086 0x2234 Intel(R) Security Assist - ok
19:39:31.0094 0x2234 [ 40943C1CD031ACE06A8374AD56B9E5EA, 05E5AD4330F272C421A8726E9E6555115D8717DC5AFDE3CC1DB53A3D7518BF62 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:39:31.0105 0x2234 intelide - ok
19:39:31.0111 0x2234 [ 327D9CCF5492543AEF3979F9EEAD02BE, 1C6CD9ECB785D022A38DF683FACCA737469BF72E42365CD6DB8C2675F2ED1F1C ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:39:31.0123 0x2234 intelpep - ok
19:39:31.0132 0x2234 [ 7344528DFD4484CF86F36E24E7CB59B1, 821947C152E7A2B4782199E033EAEE8D3F43A5EC4CC369334A6C0793C62DA069 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:39:31.0150 0x2234 intelppm - ok
19:39:31.0154 0x2234 [ 8387E90B551B9B7F32EDC69909591E9E, 7086B6F2B728D7C46F0A1E7E4F81B3D33C25BD5F8A2A4ECEBA55F8C68F164500 ] invdimm C:\WINDOWS\System32\drivers\invdimm.sys
19:39:31.0171 0x2234 invdimm - ok
19:39:31.0175 0x2234 [ E207078E0E1BB3524277DB9077E4148E, 309320950095AF83DCBE08BFDD4BFE4EBADBF48CA255871A6B37BAAA7B4A5B38 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
19:39:31.0187 0x2234 iorate - ok
19:39:31.0192 0x2234 [ FD8F64B7B345E539F2EA7F72846F83B4, 95F232BC2454D68F1A154C9BD8FCCF60D36F5424B798661D6F1DD8E052ED0D04 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:39:31.0210 0x2234 IpFilterDriver - ok
19:39:31.0231 0x2234 [ 1C5867DC4091C2E23329AB984BF95604, 56FA9888A7A969539833644AD50730BBA5E770AC6097AFB490E34196596C55E0 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:39:31.0269 0x2234 iphlpsvc - ok
19:39:31.0279 0x2234 [ 8AAB863E72A4F9C578FED2EE3541545B, B3278B790DF9F77F8FDDBECAD22E0D2E080D74B8E61EFF112055478B3B0B2329 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:39:31.0289 0x2234 IPMIDRV - ok
19:39:31.0298 0x2234 [ 7BEC2AF23F586EFF0DB4DBF4331B0C70, D02506CAB19AD1D3ABBB35FCC569ED613EB9D6828E9BC0389EC8A8DFC548334B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:39:31.0320 0x2234 IPNAT - ok
19:39:31.0324 0x2234 [ 35A54F19E703D4FE5919F812F6CC5D0A, B0AC1C97D115F57390BD2B4F9114429CF1729EB8D658B3EAEC8ECF28A24369F7 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
19:39:31.0339 0x2234 IPT - ok
19:39:31.0345 0x2234 [ F6C47021C41F721B628161B64D7DECB9, 625227F18518098C00AF2C6F4EE5D96711D26080459AD2C9F7CF2A5778DEF191 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
19:39:31.0364 0x2234 IpxlatCfgSvc - ok
19:39:31.0370 0x2234 [ BF933330256DEDAFA939BEBC46D060C7, F9B47A83945DF2A043384626A2EB47AE9F915048636334D9768A0B4901C84E08 ] irda C:\WINDOWS\system32\drivers\irda.sys
19:39:31.0387 0x2234 irda - ok
19:39:31.0392 0x2234 [ F88664A2A82DDA456180FFF95A771765, 004BBC715FE6EC0D4D2CAE978EA64C6CEA130EE10C356B7FACF0C98B51E8AECB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
19:39:31.0409 0x2234 IRENUM - ok
19:39:31.0416 0x2234 [ 4F500A0171606B0E37964694140FCA16, 6E29A7348395EE3EB85E2BA97E581FBF605CE1BA4651F5848976AD293CC797E3 ] irmon C:\WINDOWS\System32\irmon.dll
19:39:31.0432 0x2234 irmon - ok
19:39:31.0436 0x2234 [ B4174F9A73B9263B5B5C0DD8A00DE87D, 390C4848F22CC8049473CC76A2FF4BF2A3C870E075413236D6A30B204FBD7D53 ] isaHelperSvc C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
19:39:31.0442 0x2234 isaHelperSvc - detected UnsignedFile.Multi.Generic ( 1 )
19:39:31.0602 0x2234 Detect skipped due to KSN trusted
19:39:31.0602 0x2234 isaHelperSvc - ok
19:39:31.0610 0x2234 [ A3B7A93F32E110949CA01DDE7C6B991B, 5F38B882DBAB4BDFCAB289721D6D5A0D85675BA580AC96FB74ED826A4800C998 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:39:31.0622 0x2234 isapnp - ok
19:39:31.0632 0x2234 [ 68B971E7200EC9013BF90BC72B66110A, CC2324A16B5C39A2431D9B26B40881496338F7D7D532510CCA94452F19A990C8 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:39:31.0647 0x2234 iScsiPrt - ok
19:39:31.0655 0x2234 [ 0D77396A923B08754208622B044EE597, 27503A57C452C01F335C06A30EDBBBCBA69A95E2BE7E3BE111F9D71013B3BDA4 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:39:31.0668 0x2234 jhi_service - ok
19:39:31.0675 0x2234 [ E320F986BBE0CD9324EA0A193EBF29B1, 9B4C7F1493377CE532361F88A0C88798F24E7EFB093DA2F0A6CB1575B9E3535C ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:39:31.0687 0x2234 kbdclass - ok
19:39:31.0692 0x2234 [ AFF5DDCC1A79217C9526FF5E01A69E89, 2BCD49DD8DD977B97521465B981332CA8FA8D16AB45B45993C87647FA3E9DAF0 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:39:31.0711 0x2234 kbdhid - ok
19:39:31.0715 0x2234 [ 916E62AF3386F7A74603E5C545F6FF2D, C5CA784F60B8CA3DE0672A816DCE14F1AD6B6783A5E6B556ED7C91337F65144F ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
19:39:31.0732 0x2234 kdnic - ok
19:39:31.0737 0x2234 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] KeyIso C:\WINDOWS\system32\lsass.exe
19:39:31.0750 0x2234 KeyIso - ok
19:39:31.0755 0x2234 [ BE46CEF0F176D215B3FDF1C664B3D6A7, 4989CE6CC5803A1E26AC197CDA234B91BC3A33E5C456E2FCE6E7744000BF0987 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:39:31.0770 0x2234 KSecDD - ok
19:39:31.0778 0x2234 [ 5F0A90AC0AA8C772B20AD71B87422838, 176F7C6E322098DF5033CFF0BAA267BA9D7AF7E635F3D28BC0E5F11DFECD8015 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:39:31.0790 0x2234 KSecPkg - ok
19:39:31.0798 0x2234 [ DD8C4726127CFE313233372D70787C37, 2420616FEEFC08A3F47420193A3A592D4AC5D2C817D27E5B7E4FD64153751AFB ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:39:31.0814 0x2234 ksthunk - ok
19:39:31.0826 0x2234 [ 6EAF246BC12DB548AC65A4CEFB14B547, F1487051FE459DB5A751DA2A6FF1E552F92226933AF8C037FA7D660B049896A3 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:39:31.0853 0x2234 KtmRm - ok
19:39:31.0862 0x2234 [ 2EC02DFC530560D0C01C7428E4CC9D27, 74EABA6EEEE771F19D75D9B64972B94C5308EEA5D51C0C2DB360570F1CB36F69 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:39:31.0884 0x2234 LanmanServer - ok
19:39:31.0892 0x2234 [ F8097F90811E9BB10F5B96262399F3C7, 1BDFB850ACE73E8882BBC3B18A5A7BCEE68696917D8462A159CE2763133DC516 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:39:31.0922 0x2234 LanmanWorkstation - ok
19:39:31.0930 0x2234 [ D81931EF9914A135F9ECF409DC826266, 8BA15C12B374DE555CB7D3CDFDDC42FE583625A9C29BCCDDEB432223E4DEEB2D ] lfsvc C:\WINDOWS\System32\lfsvc.dll
19:39:31.0950 0x2234 lfsvc - ok
19:39:31.0955 0x2234 [ 6A361ED0DE59D58CC633F7BB40AB950D, AF5315AFAAE41AAB55BB7243FD9EA2949C7F114C0ED24073751733B5A11142BA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
19:39:31.0972 0x2234 LicenseManager - ok
19:39:31.0976 0x2234 [ 56B6326B15A14043C82ED9EA3B817E2C, F3F99397B12529FAF4B77E11A3279B882F9BF986D0DDB3F1847B8EE96C6E40FF ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
19:39:31.0991 0x2234 lltdio - ok
19:39:32.0002 0x2234 [ 48199253D7F6119F88294F8845F0808D, 85C014250C14425BEFF2D8B2CCF6A29D9A5DA329ECD00F1E6D4F8DB809194FAC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:39:32.0026 0x2234 lltdsvc - ok
19:39:32.0033 0x2234 [ DCF6F1AA7A51CC08FED089363F83316E, C80FB26A6172510F3AD5E4D636AA49AD5D931FB47BECD9E8507F781D88917710 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:39:32.0049 0x2234 lmhosts - ok
19:39:32.0058 0x2234 [ A67ADE6FC8203E1CDF74482F6C078E2F, 7919D8C45DD55D9EFD7779AA934B498F5AFE908DD35F572A7F82E25536BD34C3 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:39:32.0074 0x2234 LMS - ok
19:39:32.0084 0x2234 [ 20048BEE892138A745B1C23EBB0E069F, B526035CE839BADA6ABC0A0CBFFDFA5267F4EB668AE201871E61E0011518843E ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:39:32.0097 0x2234 LSI_SAS - ok
19:39:32.0102 0x2234 [ 9EAB16572B576979D585DDEDB12417CD, 97C37DFEA309E27E4AC50D1F4C7C3D1FB9661E0DEBB442D620D8E460F9FC9966 ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:39:32.0114 0x2234 LSI_SAS2i - ok
19:39:32.0119 0x2234 [ 3B7B359C0870317106DF3438D4FF491D, 5EDF767D79EF49210DD3BCC00D7629600DD522B29A2B9A9D7805076ECDCBFD1D ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:39:32.0131 0x2234 LSI_SAS3i - ok
19:39:32.0137 0x2234 [ 2DE03BA338A4B0ACDB416A30F1C7D56F, CF2218EA8C67CC13893B286B0904F28FBFE5AA818CC3AD1C77120B7B6E80031F ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:39:32.0150 0x2234 LSI_SSS - ok
19:39:32.0167 0x2234 [ A4ADC59A58724CDA67A7AB93457EEE43, C5CEFD57A31A7C377ACF3F5A071646DA358079F9BEB602B96C14392FC2D57539 ] LSM C:\WINDOWS\System32\lsm.dll
19:39:32.0202 0x2234 LSM - ok
19:39:32.0211 0x2234 [ 9A497169E145FCE2D8AA7DBC67377F64, 3FA4CE7455ACBB32DECA8BC7EAD0EC1A0E123CBCBF8781FBB16453455AB9F0FE ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:39:32.0228 0x2234 luafv - ok
19:39:32.0233 0x2234 [ 3520DE00ABC5EFF0DBAFD41129AD970F, 821F9D9AAA6D8B08BEBFB76DAE5A8CCFB598789510A93D3DD4F149A39EE5D6B5 ] MapsBroker C:\WINDOWS\System32\moshost.dll
19:39:32.0250 0x2234 MapsBroker - ok
19:39:32.0264 0x2234 [ BF56CB9D02DEE8CA9CBA50220BE16F15, C6380ED59AD7B9CC9451A24808E193454CF15D90A2C1DAF22FBD3380B150F96F ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
19:39:32.0285 0x2234 mausbhost - ok
19:39:32.0290 0x2234 [ 01BDEE1FFF6D2216797DFEE4ABD937D9, ED247E6F87ECA39A7D479CA7E386D85CE8B2978164E4E9876196176F393E1235 ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
19:39:32.0301 0x2234 mausbip - ok
19:39:32.0308 0x2234 [ A276E01963EB0D8685AE56C40FFC0E86, 10DC7B634D91AD8E0678559E23CB86451085BFDF53166DB06CA35F6B8893FC51 ] MBAMChameleon C:\WINDOWS\System32\Drivers\MbamChameleon.sys
19:39:32.0320 0x2234 MBAMChameleon - ok
19:39:32.0327 0x2234 [ 556F12926B94D36821D4ABFC6F02EB1D, 514C3EC048024220B4B37E46C57DAEC7BE8AD94E7C53206677DE77A736AC46C8 ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
19:39:32.0336 0x2234 MBAMFarflt - ok
19:39:32.0341 0x2234 [ 84DED95846466C5BB53407288B074F52, 27FEE2C428EC184FF22229394DC328BC9E2AA41B3C08005AFC3C1158C107D322 ] MBAMProtection C:\WINDOWS\system32\DRIVERS\mbam.sys
19:39:32.0351 0x2234 MBAMProtection - ok
19:39:32.0457 0x2234 [ 96FA5B38DD94C8D49289CE75150D97C3, 31D2435E026B0425D47B479E7E58CAF7BEF5C2D23F9D164A59FF2BF27D49489F ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
19:39:32.0571 0x2234 MBAMService - ok
19:39:32.0591 0x2234 [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
19:39:32.0604 0x2234 MBAMSwissArmy - ok
19:39:32.0612 0x2234 [ AAEEB331DDE8596F4522316E4420ACB6, 4C404123312EE3F9795F57C4A42E2E203A16E04D577C75EFE095C9284D3EFB31 ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
19:39:32.0622 0x2234 MBAMWebProtection - ok
19:39:32.0626 0x2234 [ 56A0A21000EBEE7E7283929B6B4BA479, 80481A97DB0E3FAF957DF12BC657EA4E01B95B37F8EFB24C23B09AC8ED8AD45C ] mchpemi C:\WINDOWS\System32\drivers\mchpemi.sys
19:39:32.0635 0x2234 mchpemi - ok
19:39:32.0639 0x2234 [ C7B8B5053D646CBD30BE1BA6B487D396, E3864D4CE619D67E284C64A4EAA8843FB49BC2B8CC8659F4C4B89DB6701468CB ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:39:32.0652 0x2234 megasas - ok
19:39:32.0656 0x2234 [ EB8ED3204499DDB2D3BA094A4563EE3E, A5D0095D575B241CA66CAD86280170803E7042F51D3654FCB03D7EA2347E261B ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
19:39:32.0668 0x2234 megasas2i - ok
19:39:32.0684 0x2234 [ F1C1D4E752DE1D58295040E5BE8813AF, 4DE17C5FCE63AFD545B16FA16A38F7395F29155FE165E7B21BC028CCD2A4B18E ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:39:32.0705 0x2234 megasr - ok
19:39:32.0714 0x2234 [ 86F565B0D41EBCCE7256B812F3A0442B, BACB5753D4501679B0C3D5D6B2D2D5233EC6B5BF76D0C2BD616EC460D5B9918F ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
19:39:32.0726 0x2234 MEIx64 - ok
19:39:32.0732 0x2234 [ 4965456A1B4B3039E4B9AB233F5E9B1E, 3C303FE2BF9B38D73D005EA673C9500731125D793F4C77130F9BA8D745579591 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:39:32.0748 0x2234 MessagingService - ok
19:39:32.0769 0x2234 [ 16B078D1089FEA98710C9D07C152DCEE, A42C28E12F1BB21E907C1308447AD63DDF8FA5B2734A199A6EBE3824F3D1235C ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:39:32.0798 0x2234 mlx4_bus - ok
19:39:32.0802 0x2234 [ 20C57CE47B1A877C48A4B68E9A4E21FA, 35F98286F0665C5E06914F04F174476FBB41823564EDC55E351FCE211E2C765F ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
19:39:32.0818 0x2234 MMCSS - ok
19:39:32.0823 0x2234 [ A4467A5C080318F0CCCF5ED463821F8B, C8ECD63245B19807BAA92C3F3F87643A2F6B178395ABB15BD54D9DE68CC1A09B ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:39:32.0840 0x2234 Modem - ok
19:39:32.0844 0x2234 MongoDB - ok
19:39:32.0851 0x2234 [ 78BE85C1F1C7F3AF6C87BCE127007D5A, 5D5229FBCDC855BFF9BA3247BF4EF8E22764CFC1EC974FD5AB2D9E6293EF15A1 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:39:32.0867 0x2234 monitor - ok
19:39:32.0872 0x2234 [ 8E262B34A8BD184B4B3025AA8C396B00, B48AB637A92894318DC0A33CE55519D8FBD7B31177FA3C4CA33D8609D4FC0058 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:39:32.0885 0x2234 mouclass - ok
19:39:32.0889 0x2234 [ C094A555F148495EA130D3BBC5232D5E, 32E823C20FED94DB23F72F67DF1A2C043CA6179A543F3BD24FCB5500BA00A37C ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:39:32.0910 0x2234 mouhid - ok
19:39:32.0918 0x2234 [ 8209AC7D3F8AF41E3A14D022CD1F2040, D5B325AB8E7B354BCA3550ACD03FF5AC27B5C04A1D10C9FA4686EEA34D7293FE ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:39:32.0930 0x2234 mountmgr - ok
19:39:32.0937 0x2234 [ 9ED85AE9682DE81A22B3FDA490766303, D5998EC9F47F805B70E1667CAF1D52210F7DA565BF944411E455C0AA2F83147F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:39:32.0949 0x2234 MozillaMaintenance - ok
19:39:32.0954 0x2234 [ F36E4074C66DD31855A8D79EF0AE8066, 01C01B3EAEFADBCDACA5BE7CB2AA199667786C1AD637CF6792BF715242BEFEAD ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:39:32.0972 0x2234 mpsdrv - ok
19:39:32.0993 0x2234 [ 4ABF7D7C44354807174EC36965B49C76, 3F57C8794F2CBFFE098B614418BBA8FC051E8DD798313228B4E03E101FCD9791 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
19:39:33.0036 0x2234 MpsSvc - ok
19:39:33.0050 0x2234 [ 215D672CB71987CD98EB2298EFB84DDC, 7E23C36DBB7C80556560E1DECE5E8F5D3D422F3D1FFE9CEA511A0BCD9D69D304 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:39:33.0070 0x2234 MRxDAV - ok
19:39:33.0083 0x2234 [ 71729B1EE949E1B092CB5CB75CC63715, BEA57BD3C2BEF261021DE706E67FF2836F52A7B21B2B3B2F0F5D76D20685614F ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:39:33.0102 0x2234 mrxsmb - ok
19:39:33.0111 0x2234 [ 87FF93E7420C9068C0D5B2F3109809F4, E07BF924C0D57EDA6193D8FD149EBD8FD8CB0C9375AC7998517AD0804FBBCA23 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:39:33.0124 0x2234 mrxsmb20 - ok
19:39:33.0132 0x2234 [ 167408B38458ECAE545C57527BC99024, CB699B6C6F5B6DCDE85F8F0E40DD31B8066600A0833E5CD99ADE31DEC516B34F ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
19:39:33.0150 0x2234 MsBridge - ok
19:39:33.0156 0x2234 [ D5778559A0F34EE0BF0457293C6B5F4F, 73C0829F641F62CBFC0523ED54D94121E3A694ECCF148DBF4A5743631BADB714 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:39:33.0177 0x2234 MSDTC - ok
19:39:33.0185 0x2234 [ DC23D3D24C64BF3A314E34887AD86732, 5CF60E096CF13976759CBBBAEA1DBBE189A77843C6B32828C77F7BFB6506CCAD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:39:33.0199 0x2234 Msfs - ok
19:39:33.0203 0x2234 [ 6DDDFCAB646BBBCFC583135C4430E10F, 5EFD3F4F84EBEEC58914D5CC89622D69F2DBDFB7EB9AD8D9A0868127187FD673 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:39:33.0215 0x2234 msgpiowin32 - ok
19:39:33.0218 0x2234 [ 01C6A86BEA8279E557A5056148F068BF, 42983A61654F51515AC6DD64A68D319883FD02B3EC575F7EA7A907576866F0AF ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:39:33.0234 0x2234 mshidkmdf - ok
19:39:33.0238 0x2234 [ F65ABC7DE945047147F17330F79732CB, 050C64D7284D767C951E94EFBA579D0E066C36CA1899A2C64CEA41A34B8E9EF2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:39:33.0253 0x2234 mshidumdf - ok
19:39:33.0257 0x2234 [ 05B23012427801E710BDD12720B9020B, 48FB22CFDF61AAE4221B3B23E539C08083289FB0CB5ABF249700DDF968C7250A ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:39:33.0268 0x2234 msisadrv - ok
19:39:33.0275 0x2234 [ 21B88DF67507BD4DFF8A5487074BB31F, 5F2E1FB6227873DCA97D1BE6271E900AFA6BCE54D765C9BDBA07B74FC87B147B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:39:33.0297 0x2234 MSiSCSI - ok
19:39:33.0300 0x2234 msiserver - ok
19:39:33.0304 0x2234 [ 021C34C1968B78ACFBF30553EE78A1D3, 035C8D6F06A3697F0A902FB14F10091D026DB0A7492FAECD12D5A7F683C48A20 ] MSKSSRV C:\WINDOWS\System32\drivers\MSKSSRV.sys
19:39:33.0320 0x2234 MSKSSRV - ok
19:39:33.0325 0x2234 [ C3F5EA6B9041A30B4F11BE2E7863E487, 07324A9D81D30A173D3F369AA1A304AD7713C7CCF9909C6427718F0F90CE49C9 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
19:39:33.0341 0x2234 MsLldp - ok
19:39:33.0348 0x2234 [ 601D666820F0408B896791D19BE6D258, DD6BA3962A6D387D9F06B6D7006DBB2BF46D84A8FA91C628DA9D96117F14F4F0 ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys
19:39:33.0364 0x2234 MSPCLOCK - ok
19:39:33.0369 0x2234 [ 46E61FBA0097E48E5628C74A3F72233A, 21BD64041781085A7873ADA34C3648FBBBED386A071C69F21D98F2A0C3120DC6 ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys
19:39:33.0384 0x2234 MSPQM - ok
19:39:33.0395 0x2234 [ 3B6127DB162A2B1B0DA2F35BA77F12F1, 76465FB9A18538FBF8A62D317ACEE93AA5DF2B4D84E74A2AB3FFEE5C94F7992B ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:39:33.0412 0x2234 MsRPC - ok
19:39:33.0423 0x2234 [ 29DC5DFDF305E73A40AB13D102736EEA, 3F17F1841E5BD266962D106342CE811497E46C3EBCD9A6CDF5B4FB4B8D64DE21 ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
19:39:33.0439 0x2234 MsSecFlt - ok
19:39:33.0444 0x2234 [ CBD56E0B55FB3672BA80382EC2F8835C, 1956E9B20A363B715C2111138D2085AA28FEDA7A82228CB4D8CE7ACC578E4DDB ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:39:33.0454 0x2234 mssmbios - ok
19:39:33.0458 0x2234 [ 5734B2A36D3BB13A638E5305EEEC582D, 613D559ED892EC4ABDF80F2435892895677F97902E699BE30283C150ABA49877 ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys
19:39:33.0475 0x2234 MSTEE - ok
19:39:33.0481 0x2234 [ 85270E0DC6907C6B99F72A36F17AED34, 58C0BBF9CC9E42266C8AF9AB9FEC77442F96C7C6D0DFCFAAB763DAD30B1B7939 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:39:33.0496 0x2234 MTConfig - ok
19:39:33.0501 0x2234 [ DD673D9422457EFCCDEE45C73C0DF241, 7FDE57422416F4339344F765A1A4A9D1D59D66D74121F6082ECA562F91E71445 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:39:33.0514 0x2234 Mup - ok
19:39:33.0519 0x2234 [ 3C57FF3BCF496D24C39C2198158864BB, 8671DF39AE5DD83033EC70BF8A502ED027B33B90FFC28AC2C79EC8F2F9128C14 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:39:33.0531 0x2234 mvumis - ok
19:39:33.0537 0x2234 [ E0C3F5D83B8C78CFB58CB858573141C3, C8378584FD478CB00CE833DB257AAE7226064343E2DFB9453BF0270626022357 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:39:33.0550 0x2234 MyWiFiDHCPDNS - ok
19:39:33.0566 0x2234 [ FD916B66910494DFF70C944FC38A2623, 134E9309DA253E5512F8EFE525ECB701E82CB64003DD8DC20E8395A29BDC9324 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:39:33.0595 0x2234 NativeWifiP - ok
19:39:33.0614 0x2234 [ 870B3D0E1A8F6F01356BD75F2E47E0C1, 88EC0AA1144F1523B7DDD6BCAF8771CB246153B14E950AA6F4859FB8287D6634 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
19:39:33.0648 0x2234 NaturalAuthentication - ok
19:39:33.0655 0x2234 [ FBA9F5B9F59A665F248F70B905EDCE14, D2C1795192809F6413E080A9ADC949A4D99D0FC6BE668870127161474FF40596 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:39:33.0679 0x2234 NcaSvc - ok
19:39:33.0689 0x2234 [ 2A265F3FE5F77F22CEA9D2785E0399C1, 24FF1D06A2A05DC7A2D7552E0B45CF6F689A4FC9A135474B587FA7649BCFED3D ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:39:33.0714 0x2234 NcbService - ok
19:39:33.0720 0x2234 [ 3C7E074AE41D8DFB41A9E65904D8BF43, 34890591FDCEC035D3BB021DB035A4728C415A70F55D88F21E39073040C912AB ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:39:33.0738 0x2234 NcdAutoSetup - ok
19:39:33.0743 0x2234 [ 77B047B109CE758A017F58FAE5038D0D, 8E9E4ED5128C506B696FD5F0E8AD0D11FF53B5DD2F88860FF8F60307A7E08DEA ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
19:39:33.0755 0x2234 ndfltr - ok
19:39:33.0782 0x2234 [ 25D126EFFEC0B117DA4C81F7AE6C99FC, 86B7472B4C4B7564FD921FD48125D3692249B269BEE0DEF55097123309EF2306 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:39:33.0818 0x2234 NDIS - ok
19:39:33.0829 0x2234 [ 067AE5BA349CC35AF8975D22DC483DDF, FEC185ECDA27041506DF74528AA65B32FEBB06E32A55C8F7BA161A755C6659CF ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
19:39:33.0846 0x2234 NdisCap - ok
19:39:33.0852 0x2234 [ 6FC4D7EB5D38CFB7966405036116F065, B3E9083ABE7AD797FA54FB1308AA57D49C9B7BA662B09607666B23777F6167C8 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:39:33.0871 0x2234 NdisImPlatform - ok
19:39:33.0875 0x2234 [ ED7CC4E16B76B2603C9F827188EA63B4, A6E739D219F50866051A08867844BDA878D6FEA33E91DEAC1948A55CDC5BEB9F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:39:33.0896 0x2234 NdisTapi - ok
19:39:33.0901 0x2234 [ E9676E94DEA144259344A15D68785B17, 8FFF34D44E4E7E2EBE9C9337BA8E713ACD6344551C709A5537900290C51B66B3 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
19:39:33.0922 0x2234 Ndisuio - ok
19:39:33.0928 0x2234 [ DC1D26D62F40B7552BCF49D92774F0C5, 3DD7CE2AD578101EFF8C1448800A1317F01893AF6E559C4DCCD9F6ACE4B027E4 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:39:33.0945 0x2234 NdisVirtualBus - ok
19:39:33.0952 0x2234 [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
19:39:33.0975 0x2234 NdisWan - ok
19:39:33.0983 0x2234 [ 66F56AC744101DB870934D0EB31C2426, 932013EE8542E6770657A904B09E2BD2052E8C04216289EB5F011770A46CA6F9 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:39:34.0006 0x2234 ndiswanlegacy - ok
19:39:34.0013 0x2234 [ 8ABF5B8D5839F8DAE2E0D3165AE732F6, CD382FFF8A71FD85B92EEE76647481AC45BD2A5815C012520A89A18EEE6E01AC ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:39:34.0030 0x2234 ndproxy - ok
19:39:34.0038 0x2234 [ A791792DC412CCD83DA0AF6871682552, FE1A30A6D1501463CF8AAC3AD8CE114ACFEDD38CF9BD6B2247B84E41D74A9E6B ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:39:34.0056 0x2234 Ndu - ok
19:39:34.0065 0x2234 [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
19:39:34.0073 0x2234 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
19:39:34.0218 0x2234 Detect skipped due to KSN trusted
19:39:34.0218 0x2234 Net Driver HPZ12 - ok
19:39:34.0229 0x2234 [ BE79982A50AC88BC0765F3AFECFCB596, 1E7CACB1095C3F1D10766E15B31DEE195C1E6954D4E7ADA141CA4C15EE3DA445 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
19:39:34.0249 0x2234 NetAdapterCx - ok
19:39:34.0254 0x2234 [ 80475A12D4AA90937CE69265BAFA993F, 8100BF2A621D43C5E79C58183F9F7E882076BEA2D524D3AED87C8D0790F0F154 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
19:39:34.0265 0x2234 NetBIOS - ok
19:39:34.0278 0x2234 [ E5C5E6ED3949546E2ACA79B6A3817202, 16D21CC0E65906ECFE17F4FD1D8A5FAE4CC7A3BD5B96E704835961DF2A131726 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:39:34.0299 0x2234 NetBT - ok
19:39:34.0304 0x2234 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] Netlogon C:\WINDOWS\system32\lsass.exe
19:39:34.0316 0x2234 Netlogon - ok
19:39:34.0324 0x2234 [ 94BC40F88309B0B7DFE68B2C2BB15EB6, 7E485F6A3F0B1C34C59D1F36EDE05ED9724E23FF63EA273910A02D8177905D9B ] Netman C:\WINDOWS\System32\netman.dll
19:39:34.0348 0x2234 Netman - ok
19:39:34.0363 0x2234 [ 79ED54CA41486399361778D533E55A99, 17467C0C0D4D099DC7BF2BDE46086AF4AFC28895C62A35AA6A3906C19418AA32 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:39:34.0391 0x2234 netprofm - ok
19:39:34.0404 0x2234 [ B368E739AF3F577EA8D1B256F91036AD, 48BF739A0448F57B2BB0DA891D478D284A5C7F44C61D6E4F8131EED4DF7CFFDA ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
19:39:34.0431 0x2234 NetSetupSvc - ok
19:39:34.0437 0x2234 [ 97FF2186BBAA215727300404862D297B, 1D4F3475252C2315EF51B7B76206776BFF4462C0B31328E266BF5F4ACC2475D1 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:39:34.0451 0x2234 NetTcpPortSharing - ok
19:39:34.0459 0x2234 [ 8AED8AF4CBF661E82CF74CBF198B0C56, 7208216C9E6A938E2CCB2F510D4A6F00F35E1AAF3FE0E6D7272F5543B843EBFC ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
19:39:34.0481 0x2234 netvsc - ok
19:39:34.0609 0x2234 [ A878A444B442606F3669D78D1E58A4FC, 74F13DDC325A465678E0DE62EF5E32A53F5FF8CA24297E7CAA44F9B58EB7FECC ] Netwtw04 C:\WINDOWS\system32\DRIVERS\Netwtw04.sys
19:39:34.0757 0x2234 Netwtw04 - ok
19:39:34.0919 0x2234 [ 8F9E99E7EC1151EC2AAC45F1169F54D6, BDE7D70271DD84993FB76338FA492A3C0848C127EA7DAC1CB013009147614709 ] Netwtw06 C:\WINDOWS\system32\DRIVERS\Netwtw06.sys
19:39:35.0086 0x2234 Netwtw06 - ok
19:39:35.0115 0x2234 [ E27ACE78CA1BDF4FBBF3323D6E9AFCDB, 7930C172AD493E39712A0F4B1AF4ADFB4ABD499B00FEEA2E1D5C9E5A26105EFC ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
19:39:35.0148 0x2234 NgcCtnrSvc - ok
19:39:35.0170 0x2234 [ A557C92583E81CA97D2C0F2467E7C2F9, F78B07DB33253142C6CB2DE1BFA1C54EB7CB5D64C94C9B73182C7D49314061EF ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
19:39:35.0216 0x2234 NgcSvc - ok
19:39:35.0232 0x2234 [ 7F609310AC1EC8D66D912438AC792392, C61FAD8431F3E627E9D81DFF95A37C057ED4EB3F3F78A598D5BD236D194EB612 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:39:35.0254 0x2234 NlaSvc - ok
19:39:35.0260 0x2234 [ EFF488F6DA45224965B30CE1AB464C08, AC1D0C3175958CD3F9E311C545044B9A847D6F8C89907CAB2CD3C73EC6E1836B ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:39:35.0274 0x2234 Npfs - ok
19:39:35.0279 0x2234 [ 5CB8082E51DE7D19042F0FF8C517CB0D, C0C5389E097D520018C346ECBF8AF9928FB44D9AD7B0EFD2D44E910214580A1A ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:39:35.0300 0x2234 npsvctrig - ok
19:39:35.0305 0x2234 [ 54407F4E774AE8AD37885BBCC0FFDB3E, 7A22A15A5EC874682FF04B35A69867A476FE88A97E27AA3A9C3F32E4B31D160F ] nsi C:\WINDOWS\system32\nsisvc.dll
19:39:35.0321 0x2234 nsi - ok
19:39:35.0326 0x2234 [ 201F3764A379001168DFB2B90F7C1E57, BC5662D43B073B41E3810938FAE511E82AD3F69DDE8B73C23D7EDBB3E6364B5B ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:39:35.0342 0x2234 nsiproxy - ok
19:39:35.0388 0x2234 [ ADF52C1A5831EA1009382B3BE3A204B3, 9A8355FBB4BCEE45388C8D187203EBEF999A5B5C6E0D05A327AC9CD739FB0560 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
19:39:35.0448 0x2234 NTFS - ok
19:39:35.0474 0x2234 [ 6D8A287B88F76EB47ACC6BF8E318E1FD, 73A8A8AD677D9BC432159B0099C2BF3928C14D2E5C88E5BCC8B96FCDFA3ED691 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:39:35.0499 0x2234 Null - ok
19:39:35.0504 0x2234 [ 532F27A2B62D70C327E763F035AED6C1, 9FB6C8040D48384BC72A2021EAD7D48B5E876731849FBA68338EC3562E7CB659 ] nvdimmn C:\WINDOWS\System32\drivers\nvdimmn.sys
19:39:35.0519 0x2234 nvdimmn - ok
19:39:35.0526 0x2234 [ 7E04652EB1A476BC0A72ECDC613AF0C5, F356C5F7B1C30253F4F8A3E45AAA8C82940DBE1F208D81043D7D89EE54355890 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:39:35.0539 0x2234 nvraid - ok
19:39:35.0546 0x2234 [ 880B3E874914DAEF97119876543AE117, E41A633F5C2519438FCA0A85F134061224C39AB82EE61F3B80043E21985A80D7 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:39:35.0559 0x2234 nvstor - ok
19:39:35.0571 0x2234 [ 54EFF5C0838ABFCBBF1F47B5B9B5031F, 0895649806196B2C75013585F9C93397AB3F64817CDC4CCD17ACDE6B01F3DC38 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
19:39:35.0594 0x2234 OneSyncSvc - ok
19:39:35.0604 0x2234 [ D2D448DB69352A6B3177C38D47E6041D, 5CDFBC71041F442305BBA6E64B082011F5DC65CDAA2C64B6CF23D199F7BFF4A9 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:39:35.0616 0x2234 ose - ok
19:39:35.0627 0x2234 [ 3C899D21CE920195CA987756769B1820, B2FACDF82CF8E2EA263CB6B2FDB3CF66B41D01D014F2BE1A683513971D050C3C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:39:35.0652 0x2234 p2pimsvc - ok
19:39:35.0664 0x2234 [ 35E6495236E917BDFD9659F62EFE2E33, 4B4AE686C7D2A9B7D496E62162E984CCCE79D6E42223F5B3D2EBBC7E526EA85C ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:39:35.0693 0x2234 p2psvc - ok
19:39:35.0699 0x2234 [ 2E07EC2C1622F5E7B535D62DCD61F3AB, 5FECA3CD9AF531E59B1A0FE04AE8BA22F3C929EB6AA5B2171C88A788AFAA8115 ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:39:35.0714 0x2234 Parport - ok
19:39:35.0721 0x2234 [ 681E8A68C13253D23B93953FDE569120, 77B06B881999600DA85C6EB28BAE707D06B1D2BA0CFF2957689FDEBFD4BEEE10 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:39:35.0734 0x2234 partmgr - ok
19:39:35.0749 0x2234 [ 251EA87EC2CC9555A211551F1E063E4B, 795BC1DCAE1E97084B98E0DFD5B2D57F4BD054FA7D99B1DA04D2EEDA01D8A619 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:39:35.0770 0x2234 PcaSvc - ok
19:39:35.0783 0x2234 [ 38FABAC2072FC9E6459F7B7ECF3F6C47, 2100746F9BB00AF439C94DDD22B7EA4F77C61C0424F4961E5EB31C32F3FBF1B4 ] pci C:\WINDOWS\system32\drivers\pci.sys
19:39:35.0800 0x2234 pci - ok
19:39:35.0804 0x2234 [ E5AF806815ED797086629741F29E4156, 1AD39A8DD564807EE11775C1C69129184A28B7AC4ED66E47CBE657C9215986C4 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:39:35.0815 0x2234 pciide - ok
19:39:35.0820 0x2234 [ 2A631D447B988AFBE847CBAA8E5CC298, 65D52E0E7F16EFFF8926E4FF97B42ABB2C5F1125FB13F521143712E3F9028FE7 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:39:35.0834 0x2234 pcmcia - ok
19:39:35.0840 0x2234 [ 6F55F5AD830F8EA1D37ED23A0CBD7112, 40E7BE7CA194F5742BE24E1E391A5B833B0E7243DDDF05B332C5D26FB3086D13 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:39:35.0852 0x2234 pcw - ok
19:39:35.0858 0x2234 [ 1796112EB89559910BC18865A29C8894, 3EDACF3FDFB4164C1F07BAE7ABCA4E8DC5DBADE11C73F18546E5FE2A10CCDEA8 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:39:35.0870 0x2234 pdc - ok
19:39:35.0885 0x2234 [ 7D9F4EB1450CFB32D708BF943C170475, D94EA6B775414031273D0C55BBAAEC07D780B7226859F22A26772B104BA302BD ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:39:35.0929 0x2234 PEAUTH - ok
19:39:35.0967 0x2234 [ 57B89D5EAA6A2422C70CF158B9D5F21D, 6D2149CD16B01B323120DC5FA5B9A102B3069877D5A6E8F5370F718643F6383E ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
19:39:36.0035 0x2234 PeerDistSvc - ok
19:39:36.0046 0x2234 [ 35FD028E4323018202C0B7D115FD3AEF, CA0CA9EF7A6496EBD35C775D0BD9CC814B07391B69C83938C90926D316A336FD ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
19:39:36.0056 0x2234 percsas2i - ok
19:39:36.0061 0x2234 [ F9F3D8BE9BC9241CC726197261362AC4, 0AF0EBD551B3C079C7A5EA568A171B43F822C4AD0177A8135FBF315813108535 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
19:39:36.0071 0x2234 percsas3i - ok
19:39:36.0091 0x2234 [ 8C0C30BDD3CE3FC34A59B4B101162ED3, 9A89007DBBD936F985D562B3C686ADE49ED947289500A2D776BFCF9B4DF478BF ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:39:36.0108 0x2234 PerfHost - ok
19:39:36.0132 0x2234 [ C811E13F01FB77570B727337BBCF64B8, B37FA2DF1607F1B4443BDB94C5AC95A66A498A0FF51C2C9C2F4E1D5C7400B949 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
19:39:36.0169 0x2234 PhoneSvc - ok
19:39:36.0177 0x2234 [ D59CD92CE3784678C09B8DF518A8E1A6, 7D5B05D50EA66BAB6B8436A5989F5CA17DC35DB02E445CDEFDADEE0BEB3DE2C8 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:39:36.0198 0x2234 PimIndexMaintenanceSvc - ok
19:39:36.0231 0x2234 [ 73B5A132EBF3A8075A7C68DFBB4DE719, 847FC2A2B4C1C65BFEFBBF90C2EB99378E2FDE469425F141BC75D1874F94658C ] pla C:\WINDOWS\system32\pla.dll
19:39:36.0283 0x2234 pla - ok
19:39:36.0294 0x2234 [ 64A80A746FC460126FA4124AA2D93848, 851ECA69489FF9A834B6A5ACF9D51283FD3796E21316D8A22E57DED2F415782C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:39:36.0314 0x2234 PlugPlay - ok
19:39:36.0319 0x2234 [ 36D43EA5517F3F4AAAC8EE061C957EF1, 970CBE8F689C26C384B8F4E6D0C68BB07434C4776B497E310A603A896AED05E0 ] pmem C:\WINDOWS\System32\drivers\pmem.sys
19:39:36.0336 0x2234 pmem - ok
19:39:36.0342 0x2234 [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
19:39:36.0352 0x2234 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
19:39:36.0587 0x2234 Detect skipped due to KSN trusted
19:39:36.0587 0x2234 Pml Driver HPZ12 - ok
19:39:36.0596 0x2234 [ 59048555B59FD69287CFAB6022B5CC86, 733D3F1DBF75D6A5A015E6F849216E1954813F86E5D3B05B4AF0E9FD523FC646 ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
19:39:36.0608 0x2234 PNPMEM - ok
19:39:36.0614 0x2234 [ 7815D5EEE3624640150B1365EB2E98C5, 2E45B211F40510554E5BDA876E53497FA4A8465A152F77CF38CAD38CC6F47C8A ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:39:36.0630 0x2234 PNRPAutoReg - ok
19:39:36.0640 0x2234 [ 3C899D21CE920195CA987756769B1820, B2FACDF82CF8E2EA263CB6B2FDB3CF66B41D01D014F2BE1A683513971D050C3C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:39:36.0665 0x2234 PNRPsvc - ok
19:39:36.0678 0x2234 [ E1BCA08929D806A087D90BC11C6020E8, F9FE2E761F0F00C4A0C221D25069348185C75CA350DDD1407A6401220227A9F6 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:39:36.0705 0x2234 PolicyAgent - ok
19:39:36.0716 0x2234 [ A3CCFB8A5BD48F56EF2ACB4A427A1AC7, 03A6F53C44A90D2FAE1F0C212606C484AE0DFBFDF6675497FF0FBAB46D17B268 ] Power C:\WINDOWS\system32\umpo.dll
19:39:36.0736 0x2234 Power - ok
19:39:36.0742 0x2234 [ AACA74DEF7BE3DED322411787494878B, 86BAF7E855077A03F4B8C0778304CFDB9D0CF245F82B87CD60CAB666D1D17D9D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
19:39:36.0759 0x2234 PptpMiniport - ok
19:39:36.0811 0x2234 [ FAA5FBD37C00DE72573F9BF6B6E64BAD, AEF599C9D47ED197FAC54326E99114AD7EAA107A0248C77997D353A7B5C06FBB ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:39:36.0901 0x2234 PrintNotify - ok
19:39:36.0918 0x2234 [ 8803D4F36F1CB2E2203F5EB59571E89C, 0C83A8706CDB7400CCAB145211793B8C6153D30CA50843A5E3980536F2A38C11 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
19:39:36.0940 0x2234 PrintWorkflowUserSvc - ok
19:39:36.0951 0x2234 [ C009BE61D95CAD5F999D0F4785AEFB7B, E834AEB963E4FA8DBE9A9E69BD2212C001EF9F5461719EFB80C55C87450AFD73 ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:39:36.0969 0x2234 Processor - ok
19:39:36.0981 0x2234 [ A2CA8830BF77FAB39D6E5C45A404FB78, F78511C80FFE1B2BB8A3B51811AFB22CEE4038D4D23AEBFD7768C32E61CEB77D ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:39:37.0007 0x2234 ProfSvc - ok
19:39:37.0018 0x2234 [ 5818FE76C3C6AE0CA723EBE483BF447F, 613E1FE02FA52A6EF4B1E5C56F0108D493B1E97F799CF409A6697A5D5112C8B3 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
19:39:37.0032 0x2234 Psched - ok
19:39:37.0040 0x2234 [ FC1CEF0CC00E2C405ABFEF07B8CD1375, 259E366C87DC8BB4AA3562CF3E731EC5938D3936CA12D4120A9E85183BDF990C ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
19:39:37.0063 0x2234 PushToInstall - ok
19:39:37.0072 0x2234 [ 034BA34ADFA10F9D7E4989273DDABA33, 8763D28817A64F0D82B61EBA1FA54D7E0C97E66FA3F359C1A681740E1AF680C2 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:39:37.0096 0x2234 QWAVE - ok
19:39:37.0101 0x2234 [ 16F9A6B593B52EB18F7ECB9D251BDF7A, 5DD26B91DF51A07097A893F3537F94FE2CD1F9D132B0994451E922CE1359516B ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:39:37.0116 0x2234 QWAVEdrv - ok
19:39:37.0121 0x2234 [ 13600C467512147E99052806F2C1307A, 705257F42FA3502113958A295E0E0FED9C6A35DB6214099360606E792F69B1C6 ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys
19:39:37.0132 0x2234 Ramdisk - ok
19:39:37.0136 0x2234 [ BD6EF1748DC3DBACEC97B87B6252AAC7, D5D8FF60403BC0B1B315B3413D15E47FE64C63D8F1AC28225DDC21E41BD8A7E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
...
Geändert von RSLB (16.04.2018 um 19:16 Uhr) |
|
16.04.2018, 18:57
| #2 |
| | Raiffeisen E-Banking Probleme - infizierten RechnerCode:
ATTFilter ...
19:39:37.0150 0x2234 RasAcd - ok
19:39:37.0156 0x2234 [ ED0EE10911C16AD8B21B9003C90E968F, CFB280D14F629E87BBBDA83841E4B3DD8866FB8382FF17D3E807BBFBBC3BAC1A ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
19:39:37.0174 0x2234 RasAgileVpn - ok
19:39:37.0181 0x2234 [ 54D8A771A5C32C293288E64ABE07FE50, 073F65F1F910C4887C7F60992F5C50629EEA5F4AA8182206D73F2FECE56AB6BC ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:39:37.0199 0x2234 RasAuto - ok
19:39:37.0204 0x2234 [ E0220BB6580D34001D4D1D133052DAA4, F350A34E7592673B7B77F907E7D7ACFC50C6099A4874C1D870BD0E089D8EF668 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
19:39:37.0223 0x2234 Rasl2tp - ok
19:39:37.0246 0x2234 [ DDC95170F61986C1226FC575D404298B, 326DB48EAB266BAF18D69AC49504985D495121FE5090D5A11EB55CFC3D85AFA6 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:39:37.0287 0x2234 RasMan - ok
19:39:37.0296 0x2234 [ 12EE1D92F4E5FAE4B6F65195A2016CE5, C62E9EBD4FE642248C36BB2C9BD7B1C1C09E8A33D4B4AA39DD32F9FD1FE86081 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:39:37.0314 0x2234 RasPppoe - ok
19:39:37.0320 0x2234 [ 91CE469015979E5B3C3DBC2C41A476E8, 45D7EA66311126E370B4E082F7E8507399AC594AB6F7CD5A45C9F09658FD7E19 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
19:39:37.0339 0x2234 RasSstp - ok
19:39:37.0352 0x2234 [ BC808F726164F2EBF18E79B9AC7B70AF, B551D5DE08DC91675D2B92CBB3F2FBC16D1C5260B240B36532EAEA011F296B17 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:39:37.0370 0x2234 rdbss - ok
19:39:37.0378 0x2234 [ 9D7E65A15478944836C353B556F9CB87, F2D2D73EBF3A866B0511135D60C5C6CE397F41366A2D33D0B045A4A08066CF72 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:39:37.0391 0x2234 rdpbus - ok
19:39:37.0400 0x2234 [ 39886C19FB466BBF8AEC31E3E77C034C, 58817B7941377DD5C972131EAF8FD472992F912ED48E6CB770410D359675D3B9 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:39:37.0418 0x2234 RDPDR - ok
19:39:37.0428 0x2234 [ 4D1A63ACEC42A88E52AFC4E84A8CE9EE, 37789428D78273EB09F3613BC72DF5D5E9210D4650CC4D9F9DD413DB4A20B6F2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:39:37.0439 0x2234 RdpVideoMiniport - ok
19:39:37.0450 0x2234 [ A4C3DC6530752AF3C78DAAC8B2B23EA7, 8CE953800256FD75FA608530B9570E42A838DCE7E82DE5F396432BC320590C00 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:39:37.0465 0x2234 rdyboost - ok
19:39:37.0499 0x2234 [ FB0577F6BC9E07549CEACF5224327499, 7AD01A641C3A8735C05C7EFDF3730D7A385A241306E3AD01B088D7329FF319E0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
19:39:37.0543 0x2234 ReFS - ok
19:39:37.0569 0x2234 [ 4136BCA61BCDCC79DCE145F9CB639CD6, 58D49C41532A31F6F2112317BB60D80D34A4D29CAABBF11BAD9C45FD8B812F93 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
19:39:37.0598 0x2234 ReFSv1 - ok
19:39:37.0606 0x2234 [ 2C07420FA14E4F10AEA3B9184C53FA49, 4221812D97F2E8BFE76D04A53226AEC9D87E947D86B44AEFE22785BD79AE818E ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:39:37.0617 0x2234 RegSrvc - ok
19:39:37.0631 0x2234 [ 16884710EB4898CB49B18609EEE34C6C, CEC4850825D81969BE269A4DC23DF54F6E2346AADE40D95E91B512412D4BD358 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:39:37.0657 0x2234 RemoteAccess - ok
19:39:37.0665 0x2234 [ 9D82CD53B622A85A10B4DA8F4724A8E4, 0D4DDDF7C8D90CB19A86EA531205BAF19BA2335DBD10CD9F006C969CE9735223 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:39:37.0686 0x2234 RemoteRegistry - ok
19:39:37.0701 0x2234 [ 24C716C6A5AA3BEC3180BB15050C75C5, 15BC70E932C4AB0609231098F8C3EC56840BB20099C74C008EF23DBFC556A43E ] RetailDemo C:\WINDOWS\system32\RDXService.dll
19:39:37.0736 0x2234 RetailDemo - ok
19:39:37.0744 0x2234 [ 5BF7698021DB13B55753FD921BEBE318, E8FA328F4070765EE0BFE0D55E8E9CF7AF2D4F3233A1578FF58A7B2782AD9174 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
19:39:37.0765 0x2234 RFCOMM - ok
19:39:37.0770 0x2234 [ BBC228CA2F96B784B01FE7F1C5E3CFBB, AF24D0B4093F9CCE88C5BCB94944BCD6D36B890AD8544AF0CD7814B8D4F73A7A ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
19:39:37.0786 0x2234 rhproxy - ok
19:39:37.0792 0x2234 [ 665A51DE515A2E8B0BDB3D6917D47DD9, F5BF28900F55CB17016E64775B9A5B64D16E2A5898F4D5A7ABE26639932B2C63 ] RmSvc C:\WINDOWS\System32\RMapi.dll
19:39:37.0813 0x2234 RmSvc - ok
19:39:37.0818 0x2234 [ D0F6698E56F0157EA72F2D754C6FD555, A93DEECB1D84E5AC2C1E2D3D54BA118774E6F77996BEC7BCB6C758B6D04D1920 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:39:37.0840 0x2234 RpcEptMapper - ok
19:39:37.0847 0x2234 [ EB65907BD63871669C54D5E5BAE4DD34, 9A429C4B416913D65728A40890FC3C69465C4C77C2D313007BDF24EA5F4E1400 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:39:37.0862 0x2234 RpcLocator - ok
19:39:37.0885 0x2234 [ 79BDBB684629A526CCD958F06B9D6FAD, 489A85A5F63E5F012740B538878D6DAEBBB474D64F27A6847D3E387A704E5297 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:39:37.0938 0x2234 RpcSs - ok
19:39:37.0950 0x2234 [ 27B80E5766B114621980F82FB78E912A, D7986FB32AFA2F376FBAA5EFAC18F5E699BAF97AD0C92A0B787E1CAF77465CFD ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
19:39:37.0965 0x2234 rspndr - ok
19:39:37.0983 0x2234 [ 1AD7DCCDACD8C48CD68CFA51AE805156, 2E6B7B52C7E137B35C149B9835115468A7B94CFA470CA92446F123D2F99E04CF ] RTSPER C:\WINDOWS\system32\DRIVERS\RtsPer.sys
19:39:38.0003 0x2234 RTSPER - ok
19:39:38.0016 0x2234 [ AE4607D7C7AA83A863BFA214483E8EE4, 828CC9F40BAB2F65AF75608D37ED17EF608E73E911132DD085F0685F163EFEC6 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
19:39:38.0032 0x2234 RTSUER - ok
19:39:38.0090 0x2234 [ D13E0883770F9A11F53DCE930B00FAD1, 6C5C2689DC0C692C27EA7162BD12F39B11E7C7D3A033B11327BAF857E3D2A484 ] rtsuvc C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
19:39:38.0152 0x2234 rtsuvc - ok
19:39:38.0165 0x2234 [ 96C14A080CE15E4D8A9C7AE526F7B804, F8753CB05393EDDAC5FF99C5DAAFCF955C4CE8D14E065E9A7B4ED156BF9503D3 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:39:38.0179 0x2234 s3cap - ok
19:39:38.0185 0x2234 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] SamSs C:\WINDOWS\system32\lsass.exe
19:39:38.0199 0x2234 SamSs - ok
19:39:38.0204 0x2234 [ 324FA3C337EB54B43448F7B08444DC8D, 6AC6E84EBE169400D5CE140C7DC7F527D1A8F5B642593870AD7D1B193C21C7A3 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:39:38.0216 0x2234 sbp2port - ok
19:39:38.0225 0x2234 [ 93B12AC7CEAF6BA742DC13AEA349217A, BFDFF3779827B1FF39C5834D9248FFF162B9362F2F7FD8EF8750FD83F35E23D3 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:39:38.0248 0x2234 SCardSvr - ok
19:39:38.0256 0x2234 [ 3396A6A892987E8B81289583FC416360, E002C70A34C01B0F5EEA3D53A150DFB3693D1ABA63D61E7EEF3C5B6D5AC86215 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:39:38.0276 0x2234 ScDeviceEnum - ok
19:39:38.0282 0x2234 [ 62A33CE69DB508BCEC63F4D3BFF400CE, 914FF18959025C71923558898F95B8113EE49930144A0B19FC06C5C043A171B4 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:39:38.0297 0x2234 scfilter - ok
19:39:38.0317 0x2234 [ B6F0D0C90C052BDB4E3EA7DAC982D72F, B34DFEC3565B8F33D919A6A6BBEC9315466E525E1B2F069968CBC9969EB9E05B ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:39:38.0353 0x2234 Schedule - ok
19:39:38.0364 0x2234 [ 7B057373146CC4E5A1F1DA665EA55DC7, 48F1C276F99D4E135A261DDEFE2D813430DEFF6BA30FCBFFB102EA40EAD9434A ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
19:39:38.0376 0x2234 scmbus - ok
19:39:38.0384 0x2234 [ 6286CBE87B64AB7D1F59E3375A2FF3F4, 92C276A18F99D2A423BC3A99EBDA1239F3B335C1EB6EBAF2F2800A23188B26F2 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:39:38.0402 0x2234 SCPolicySvc - ok
19:39:38.0411 0x2234 [ 1F58E6D5C1F211DE8BF5131BF12077D1, 76816B302DB4D0B91FC8DEE6643C9839A48812DF1EE7D34100134550184AA2CB ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:39:38.0427 0x2234 sdbus - ok
19:39:38.0433 0x2234 [ 6D3853838864886B4F10B074282772E0, 50855299C5D7FBE0E45EE6288EA1B824215D3E3693F24F1AD2BB2F2E27F6150D ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
19:39:38.0444 0x2234 SDFRd - ok
19:39:38.0452 0x2234 [ 368180051766E4289E3D47AF21F2668C, AD1E675A990684F131F09E61988525102CDEDA0817A20F188FE9D2A428216BC2 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
19:39:38.0470 0x2234 SDRSVC - ok
19:39:38.0476 0x2234 [ 80E9563F0B75E98482ECB7D5CBA56BBA, D1121951117253CBA45DF3D4A9A50374F2FCF750CA6661299B8EBF78904245EA ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:39:38.0487 0x2234 sdstor - ok
19:39:38.0492 0x2234 [ 0356C85312D78F4C7F33C74B6000BB93, 378018A0ABDF65506B471F091DEF6A8E1D2E719BEBA843595C550E3151C9E6D6 ] seclogon C:\WINDOWS\system32\seclogon.dll
19:39:38.0510 0x2234 seclogon - ok
19:39:38.0523 0x2234 [ 2BBC2F0C8DF38DD72AF7EC97298101C0, 58A5226321CCB28FBC259C1D0DA1D3469DDA2C81BBE516F3ECC6C10BA2DD166B ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
19:39:38.0547 0x2234 SecurityHealthService - ok
19:39:38.0572 0x2234 [ A8A23102301BCB047B269C59167D4B8F, 9851F4E693FE6BAC39ABF14A1469300D718019ABCAC39049A07E7809F7C253C0 ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
19:39:38.0618 0x2234 SEMgrSvc - ok
19:39:38.0628 0x2234 [ 62EDAD383010E037C4D3846C7C021A00, CF2C5D97B4B8C472242A1DCC1CB97A081BFDA41F5708CA78DC9B5041C9B747D9 ] SENS C:\WINDOWS\System32\sens.dll
19:39:38.0649 0x2234 SENS - ok
19:39:38.0653 0x2234 Sense - ok
19:39:38.0682 0x2234 [ DDBBE9A08C79D3BB50D6053507F7777D, CA67D6FFCF63F38AAA320276F0AB96F87F6431907D2BC138E7EEE4530BE88AF1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:39:38.0733 0x2234 SensorDataService - ok
19:39:38.0752 0x2234 [ 109A90EF5B1E771DA47C371BA9485960, 37BAECE685E79F37889CD0603F086341A5CA349E943D26CB991A7EFBD2998FAF ] SensorService C:\WINDOWS\system32\SensorService.dll
19:39:38.0782 0x2234 SensorService - ok
19:39:38.0790 0x2234 [ 3C7280B0BB401D6645128A9D5B076D35, 75EEAA870D027FAB9406AACE969D386DAA1C3A8933895424AB70350BD5F30227 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:39:38.0810 0x2234 SensrSvc - ok
19:39:38.0817 0x2234 [ 75A27472AFD009255DBDE52038E3BDB5, 95C31B86D77D73B340901D3BD9798A9E3171D4D3F3D4632FBE3F6AE2B49A17C7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:39:38.0828 0x2234 SerCx - ok
19:39:38.0836 0x2234 [ 84005F54308109A022413D628E966412, 6828A10DF28053C159E93BDD7A62A5517E7037DC302D0EEED55BF07B48E0A202 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:39:38.0850 0x2234 SerCx2 - ok
19:39:38.0854 0x2234 [ 40384793F74CFFA45BCC38DF65E978EC, FA68F18573CA92703A3442BB4BC5135C42520BA7D2C3E4B872115C02EE0A719E ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:39:38.0869 0x2234 Serenum - ok
19:39:38.0874 0x2234 [ 699470AD24D67908991A777716A352FD, 6155D9785DF9A9346B715798A2C4A0F9B90D2AF725E710F127E06155272B406E ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:39:38.0889 0x2234 Serial - ok
19:39:38.0895 0x2234 [ 92453F065F52A8EF0328A926B2C9502F, 11CF98993B00B4850C30528F0922BF392B8DE085AD84D17721964D543A41D64D ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:39:38.0916 0x2234 sermouse - ok
19:39:38.0934 0x2234 [ 846F99625DB02B06E0581715D0C4D0C9, EC72C2C860921A4234079D29C29D6F80F73B1D87610C6A4F0B1ABC948E532756 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:39:38.0961 0x2234 SessionEnv - ok
19:39:38.0968 0x2234 [ 1D8920C40F19B5FBA5F4897779840AD1, 9B1DAFD92963118ACEA411224AA65C841D57D29F6F1EB69A58AB32BC5FEB1592 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:39:38.0982 0x2234 sfloppy - ok
19:39:38.0999 0x2234 [ F74C32575862D3F32B21A1A52E7763CA, A60DA54A99D489804575E271B57388F61A3C03A2B4F1798699E5385C12A85575 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:39:39.0033 0x2234 SharedAccess - ok
19:39:39.0047 0x2234 [ 63377493508564288721EF5421A216F5, 8D8F2CAD3608AE47AFEAA60C51E288EA622EC85B1CAA330CD226CA7A49F0F8E3 ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
19:39:39.0072 0x2234 SharedRealitySvc - ok
19:39:39.0088 0x2234 [ 887458A234108B5B69038299BE7FAD88, B25780E36FCA373141EC129EC878AC0C2D560DFF62FEE3DFE332256C1FCDF579 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:39:39.0122 0x2234 ShellHWDetection - ok
19:39:39.0131 0x2234 [ 5ED18BE9FE76540A0596BB41C91719C6, 54B52E6EC059F48D2A4FEDC9D2B7B391A605F63CFC29C46A9FC5BA936EF3A72D ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
19:39:39.0153 0x2234 shpamsvc - ok
19:39:39.0161 0x2234 [ A871F9CC9CF388DC7193D22EF8D8C8DF, D9E915F85E4FD993B04162B7D30BE6F230DD5464BBD75AE173255E59BA777067 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:39:39.0171 0x2234 SiSRaid2 - ok
19:39:39.0179 0x2234 [ D30FC341550CC364880950152AE8B1C5, BCCEB920C8DBCE061A62B0B7C91DA2981312DE9A8EC2D7398AE6009148603C77 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:39:39.0189 0x2234 SiSRaid4 - ok
19:39:39.0201 0x2234 [ 22CC2A61BC77C5972B58756049AA254E, 4DF554A1C2FF8C2D9AD8633231961DE95171A17295DAA7779E607AFD7BD8FE03 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:39:39.0219 0x2234 SkypeUpdate - ok
19:39:39.0226 0x2234 [ 7118C7E6E197CE545043485C3DC5FBD7, 8FE4D621BA603515C9E789E89C054BCC8E886B6778851492ABEB12407CA496F3 ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
19:39:39.0236 0x2234 SmbDrv - ok
19:39:39.0240 0x2234 [ 7D5AC54B39E647568BA2878EA1C5EF43, A57F4B48E3ABAC641415C94D13D67B398E22F46D4E5A61D2218A61CB12D7A8F7 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
19:39:39.0250 0x2234 SmbDrvI - ok
19:39:39.0255 0x2234 [ 9CA6E573757C76A515EFD6DD795A3A1E, E7F87EF70545ABA33171A5783439E6E7874A2CAEE0C7ECF384023FBDCD967743 ] smphost C:\WINDOWS\System32\smphost.dll
19:39:39.0273 0x2234 smphost - ok
19:39:39.0288 0x2234 [ F4B4E405BCDE95D748F8429FCC30E668, 72E675166B3E90D3FC23FD1AF1A3B201416294C962E0800707DCBA71DB9D7736 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
19:39:39.0318 0x2234 SmsRouter - ok
19:39:39.0329 0x2234 [ FDADDEC855034107E5FAD708B4E2424D, 1E3A07E0F67E23F32E046F516608D78299BA66BC647F6A6A240C77245FE3A7FF ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:39:39.0347 0x2234 SNMPTRAP - ok
19:39:39.0361 0x2234 [ DA0AECA8222682F90C325E483E8115D4, 20CB647C132F20A3466C7C429057F01C4AC7A3D0E49B6C40206E61231EA05A54 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:39:39.0383 0x2234 spaceport - ok
19:39:39.0388 0x2234 [ CCECE7E96B4F7B0E9F0FC82F6DADA917, 4C20D74971C7A822C51429BE960F85016B03166E05D43B29F5D290F413006C18 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
19:39:39.0400 0x2234 SpatialGraphFilter - ok
19:39:39.0405 0x2234 [ 545507AF670BC88B89200A118513ED9A, 1450D29E678F26B317D55BBF41E603296C5FBA54F956801D3E796808FFDCC0AD ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:39:39.0417 0x2234 SpbCx - ok
19:39:39.0438 0x2234 [ FAEF35589C86C448F732926716956087, 6D370EA797617A3138FB15F285F08373299BE77B5C8CCD28BF559F17437E8A48 ] spectrum C:\WINDOWS\system32\spectrum.exe
19:39:39.0480 0x2234 spectrum - ok
19:39:39.0501 0x2234 [ 153F12DE99760ACC89F53848DED45679, 6C55023782082B4E5CB5E653C530A6CF0AF86D5D38566AA4C3A332534BE0EA7B ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:39:39.0536 0x2234 Spooler - ok
19:39:39.0612 0x2234 [ CED434DA6E043B450141932D974FF8C1, 48704C2461D1019522F2F0F931B663EEE2E5E200949F63DA41ADA965B3612669 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:39:39.0710 0x2234 sppsvc - ok
19:39:39.0734 0x2234 [ CD568BE7C01EF3BA7CDA1CF36C37513C, 7B443D0619BB166CF6021E9352817590AA35093FDD9A0C79CFC76DC49DC632EA ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:39:39.0766 0x2234 srv2 - ok
19:39:39.0776 0x2234 [ 43480B3EE4D23F5AA8EE7C6D83B09487, BDBF48060ECAE1CD5AB40DFF41C8E2499185BA690A19BCB87AE1D2A0613E33FD ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:39:39.0797 0x2234 srvnet - ok
19:39:39.0805 0x2234 [ 7B5E955BB63726AB625F79AA7AF7FA11, A5ED49F465BCB26C61F390018520BE97392BA9D85CC6A7C040BAA2D0EFF983FF ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:39:39.0827 0x2234 SSDPSRV - ok
19:39:39.0836 0x2234 [ 3BEF5FAC7F3DA3E25B80CC41B5060616, CAAB3CAF150F564964471F494F583014E5EF842BC4761A64B708842C4425753B ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:39:39.0861 0x2234 SstpSvc - ok
19:39:39.0941 0x2234 [ 0A86D5AF20A4EF70F7DE0FC9B6DE4D0E, 143CF06504FCD04D74D36642F9071D3EAE7B5B65CEB82C328F9EBBB898D90C49 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:39:40.0048 0x2234 StateRepository - ok
19:39:40.0060 0x2234 [ 162A805E13B3C0DD06AE8B6FC1900156, 43782D9136596365B87E7DF2046CC28C2AF9EC014308E1458E0315F7F6463B44 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:39:40.0070 0x2234 stexstor - ok
19:39:40.0085 0x2234 [ 3B3F5D6BB8A6A6F3630194A471989069, 0A5D586A1866113B94F5F11571506E133F64640DB38BEEDBE5489ED10314FA31 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:39:40.0117 0x2234 stisvc - ok
19:39:40.0124 0x2234 [ D218EA2F4126629BEAC03555216CB506, B2CDE7FAFD74E1EDFE213BCA84F84F081FF3718D70E3E614A8304A92FDEDEAEF ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:39:40.0138 0x2234 storahci - ok
19:39:40.0145 0x2234 [ 03B1F66AB47618A6123EB0631B57A31B, C06BD9D1648E56703067D5724B8AF898048A5D604B2560A69CF6B5CCF3651A66 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:39:40.0156 0x2234 storflt - ok
19:39:40.0164 0x2234 [ 15EA6F1F6BA9A0E2C8D32A6EB77129F8, 05E414CDCA79D97DA03F61BB268CC599DBD16F35FDA6D6628EB9FBD0170FF176 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:39:40.0177 0x2234 stornvme - ok
19:39:40.0183 0x2234 [ 15599E47C28DC511F0CA3B664A257728, 2ED213F392D4C2B848187F0583C7AEE2A41A2AA1E4DE8AC85D45EFEB0A430593 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
19:39:40.0200 0x2234 storqosflt - ok
19:39:40.0221 0x2234 [ BA9471C7B5B02F2EDF5055CC1A1476F3, D9BF3D2C5127E469BB037308114287686A9C3927396D64013007927C9A9716AB ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:39:40.0261 0x2234 StorSvc - ok
19:39:40.0271 0x2234 [ 4D6FF8DDBF9CC61EC95A4BF4096D52FF, B78EDD3FB711412140C541EDF9468AB6DC1A82AEE207F22976E9C6B9722F7891 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
19:39:40.0282 0x2234 storufs - ok
19:39:40.0287 0x2234 [ 6FD2D01E4AD9494874A3A8BA74A8FA64, AFEDB991465631F68F035B968345C4B700360F2F66543A48C75458D952E50B08 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:39:40.0298 0x2234 storvsc - ok
19:39:40.0304 0x2234 [ 587854AF01CABE83A62D81FFEEBCD6AA, 99103FCCFE18DA0EA0121A10BCB7DEB833DE2A5C4CB8BD70E4983C2274D469E6 ] svsvc C:\WINDOWS\system32\svsvc.dll
19:39:40.0323 0x2234 svsvc - ok
19:39:40.0329 0x2234 [ 027B27E4B9DB3931D64159B81BD915A0, B30BD828748205642529B6E528D12B16F86CA4F06F60C2C2E89AD7A97EB06B49 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
19:39:40.0339 0x2234 swenum - ok
19:39:40.0355 0x2234 [ E0915F9B3C154FEF700C34A8E613B945, 172205D9DF0ABCC1F2B9484BA75A637BC0899CB42BFA5F0352B9C8E0CD6DDDA3 ] swprv C:\WINDOWS\System32\swprv.dll
19:39:40.0384 0x2234 swprv - ok
19:39:40.0389 0x2234 [ 3D63A58A9DD3F984A7E3C2F2CB357E06, F520333AFF9F8D37707A6B50A33B712B5AF114D12C8092D2DFB04F05F241B03E ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:39:40.0405 0x2234 Synth3dVsc - ok
19:39:40.0421 0x2234 [ 42285B7866943D0C9E7F00601FB2DEC2, 80861C8AE5708006E82F852858E108F30CBD9948839F73678FA1CE8FD0C36E43 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
19:39:40.0440 0x2234 SynTP - ok
19:39:40.0452 0x2234 [ 954FC33E315830260B43BD6F08913669, E4CE320CE5D847F2FEB6D1C818F2F2589303077840D25C264AE934183BF72E7E ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
19:39:40.0474 0x2234 SynTPEnhService - ok
19:39:40.0497 0x2234 [ EE6CEBDB3C9AAD1C80AE32878FCD17C4, F172BE926BBDD8B11F641687FC5F9C062F322C43D08A5E1F189BCCB44CE3C4E4 ] SysMain C:\WINDOWS\system32\sysmain.dll
19:39:40.0536 0x2234 SysMain - ok
19:39:40.0551 0x2234 [ 74FFACDE32B58CCB74B9EF990C7757C0, 69AF6FF98C5793441CC46136AD99B05392974E2C0189C76066EA0DDEE8B5CF31 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:39:40.0574 0x2234 SystemEventsBroker - ok
19:39:40.0583 0x2234 [ 73F6476EE9F5448838B2883E0B710CD7, 0C2362C92A5CF8EBE428FC7C0399A8B6812CA42DD11D8669CB23FB10AC7B52AA ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:39:40.0604 0x2234 TabletInputService - ok
19:39:40.0611 0x2234 [ D412C98F4E8ED0653D7A2B4D9A6E4592, E18BBD48287EC6B6A946BFE6DDE646C4A22FEB9C9B4488E923E9E19FF64708AE ] tap0901_zyxel C:\WINDOWS\System32\drivers\tap0901_zyxel.sys
19:39:40.0621 0x2234 tap0901_zyxel - ok
19:39:40.0631 0x2234 [ AC1AA61B04116E540C5AFD18F11F2697, D5ACC296853911E2C9A5E7B0B6F36AC4FA6B49417CB456D153427BCFD944C195 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:39:40.0655 0x2234 TapiSrv - ok
19:39:40.0706 0x2234 [ AE5CA8D3D81DCC76C5FFF1CD60E48606, 6FF9E019DF170CC44217BBB168E291C6F1EF4B73B154A125A89A0E2DD1721C3D ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:39:40.0770 0x2234 Tcpip - ok
19:39:40.0825 0x2234 [ AE5CA8D3D81DCC76C5FFF1CD60E48606, 6FF9E019DF170CC44217BBB168E291C6F1EF4B73B154A125A89A0E2DD1721C3D ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
19:39:40.0888 0x2234 Tcpip6 - ok
19:39:40.0904 0x2234 [ 74A1BF4093FA7B7D6C9366A39911A78E, E60694303A608EBFEAA5C581B312A212BC7081A4D67234F003917FA6E6A05F84 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:39:40.0922 0x2234 tcpipreg - ok
19:39:40.0933 0x2234 [ 09125A12CAB5F8D5EAE9C83C25792FDD, D3116D8F3CD5897F90126BF3847A2B301367D4698CA8AD30A313B39F804D3D4E ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:39:40.0946 0x2234 tdx - ok
19:39:41.0121 0x2234 [ A2F0401D1BBD2B647CCC637ABFC80D79, 2B3456E9A2950EA2BC0C258C14C7493B069B4432554C5A15AA3BF32C9C15D83C ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
19:39:41.0304 0x2234 TeamViewer - ok
19:39:41.0326 0x2234 [ B4B68E1DB59456419D9E49645729502A, A741EDEBCF5E8141BCC8867D5A62024425656432B6E6B0A0131B1B4AB878744E ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:39:41.0338 0x2234 terminpt - ok
19:39:41.0362 0x2234 [ 96037700AEE1B4D5A6FFC62861E4FF8C, E2E4D23525389C13126401215541F5625258DA18372CB5C98D0B95123A86ACFB ] TermService C:\WINDOWS\System32\termsrv.dll
19:39:41.0404 0x2234 TermService - ok
19:39:41.0414 0x2234 [ E0F78207F33D6C10CBFB23E873837C87, 55D4411A4070AFE81E576989D67DC411BAE39D9B90697E7646F07716EABE8EC1 ] Themes C:\WINDOWS\system32\themeservice.dll
19:39:41.0435 0x2234 Themes - ok
19:39:41.0445 0x2234 [ B52BA61AB8E4BAA83EA86BAB312EE6ED, D9A9D17FD222A67CA1906A422055718269929F0B33C7417F7D1F9447FD424683 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:39:41.0470 0x2234 TieringEngineService - ok
19:39:41.0484 0x2234 [ BC834B233125DBB321B809972F2E270E, 7085FAF5BC5E37E81E30345E984887E2D3F7657F87A23C0C1C0A4DFCD558BA55 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:39:41.0516 0x2234 tiledatamodelsvc - ok
19:39:41.0523 0x2234 [ EA80B2C811A7F6B1C9EED312F06F26FB, 7DC0A5C2F56C0FD0C4BE84EA09900DF20275A2FD63ADB9D8EE4CBF39E1E2A4F4 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
19:39:41.0545 0x2234 TimeBrokerSvc - ok
19:39:41.0568 0x2234 [ 5AC485259DA784EDBF63E6D6CFA62D6B, 453B9BB1E62D708E535A0D41B78B71ECBBA051248BF2ADBCDA885B918417BA79 ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
19:39:41.0615 0x2234 TokenBroker - ok
19:39:41.0628 0x2234 [ F54728E32D67537C5A13454E23449C7A, F2FF6A36693EFE86B441134DF43327D2768D00A867059646F6CA93E10A682019 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
19:39:41.0642 0x2234 TPM - ok
19:39:41.0650 0x2234 [ 39187852984778424A0EFD6B01FAB272, 2E7F7AEE8BAB1C6D8B880C28222EFFB721CFDA3B39215BB065088E396581ADA9 ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:39:41.0671 0x2234 TrkWks - ok
19:39:41.0677 0x2234 [ 6E39B63A16B33827B861C56F0E58E021, 6A6C4387CB213FBD2BF2952BE5175F98116C671FB0046426ACA293BD5EBB59A0 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:39:41.0694 0x2234 TrustedInstaller - ok
19:39:41.0701 0x2234 [ 8D811209E34358EAD3FD8E40F657E59C, 1A40ED03C03C4FD87EBD166C0D87356F5036F04FBC1F9A600E92E2125B117DFE ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:39:41.0717 0x2234 tsusbflt - ok
19:39:41.0721 0x2234 [ 68DE1735FB020AE8948BD7B60F2EBD3B, 198EFA09C3FB57CD7C11F1AB91491E8FB8093F12DACE1B1AF1BDE50EBCD8EB43 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:39:41.0736 0x2234 TsUsbGD - ok
19:39:41.0743 0x2234 [ 32230D3F06B0874DFB727028CA4F6348, 8F50B556C38F736AAB8160912F0A3917BCA6396555D0DCB7A65B7FF0A8225416 ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
19:39:41.0761 0x2234 tsusbhub - ok
19:39:41.0767 0x2234 [ ACD39B0E5CFDA7B1AB7DF33FC5CC0E46, 89FE50DE5037770D568BA025A7EB06B5FAEA39A1EB97910319B942B02EFD14E5 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
19:39:41.0786 0x2234 tunnel - ok
19:39:41.0793 0x2234 [ D5E68FCEDE15214BDB5D986D5B50E0BF, D2FA040B4BF4424928ABFB0B8CCA768C8DC9BE3DA86A3C61B1CEE1A2C543FADC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
19:39:41.0814 0x2234 tzautoupdate - ok
19:39:41.0821 0x2234 [ 04FC2C7F73AE58BF0DD674164E28A6DF, 513E98D6838008B6F97E895BCD639679276AD6A7F7E789A6F3D4E9F9781CA78A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:39:41.0833 0x2234 UASPStor - ok
19:39:41.0840 0x2234 [ E437FC4B1833F6B745184F78C4921FB8, 171605C7BF95FE1F342B314A969ECBE0B0D04E67D1306F470B3424AB6DE1478D ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
19:39:41.0856 0x2234 UcmCx0101 - ok
19:39:41.0864 0x2234 [ 950A3E42167904CAB9AA64863C31CEB5, FC31C3177EDA9FFD2CE51EB2B1E696E50FFB378973C3C001EE29265FED249353 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
19:39:41.0884 0x2234 UcmTcpciCx0101 - ok
19:39:41.0889 0x2234 [ F520EF2D24C1B43A2151DCA271865271, 5F9F4D82C5E6DBA8E0232DA05B30AE69BB43B66AA870584D2F9D740D61118A02 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:39:41.0912 0x2234 UcmUcsi - ok
19:39:41.0922 0x2234 [ E6E91B3980A495D2A9D28A09580EA993, B4987D875A8AA176818C115844388EE64054411689B014ADEAC18164D02F6AE8 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
19:39:41.0937 0x2234 Ucx01000 - ok
19:39:41.0942 0x2234 [ DACA289DFFA7658C04FEF6DCFA2AA9CE, 7BD32B5F395A8675D4B2BDCA75530F2FFA64ED87B2B67FDA08EF709A4EA15553 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
19:39:41.0961 0x2234 UdeCx - ok
19:39:41.0971 0x2234 [ 12383D410AEF99AD6979A8EFD3D61888, 376929794A2A8B05DDB2EE93E58A3C3DA19855F5CBC8B29E208E28BF95970355 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:39:41.0994 0x2234 udfs - ok
19:39:42.0000 0x2234 [ AB7FE51D818B6059C2F56FA62268CCAC, D8412F13BFE0B96E0A9CCB5E25A567A66AE24983564D76954AA76DAF0A52726E ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
19:39:42.0012 0x2234 UEFI - ok
19:39:42.0019 0x2234 [ A6134CA92B545353EEB0420F36D39F1C, 2F100FC25ACF16948C9B95A7FAA5336B7C8E3CB571196B04D5DB8308D8C6C491 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
19:39:42.0031 0x2234 UevAgentDriver - ok
19:39:42.0055 0x2234 [ 8899E490269C7634368B4FE6E77CFE8D, ADDA7FD2DE1C94F9F91DA9C248DEF1D253B807FB07549EF14774C5D0001C5B3D ] UevAgentService C:\WINDOWS\system32\AgentService.exe
19:39:42.0099 0x2234 UevAgentService - ok
19:39:42.0113 0x2234 [ 58447F28E697A93521DD20530A8D50ED, BC166B829BA28DAEB8B113D5575D6A11BF81716B38797396496F4D2C2E537F23 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
19:39:42.0129 0x2234 Ufx01000 - ok
19:39:42.0135 0x2234 [ 69ED2D00A7787D9D84E6C90CE0B02B2D, 55B137766D72BF5FFF645E8E76248FD15367DFDF7FFDABB9A9ECC27FD7555DD3 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:39:42.0147 0x2234 UfxChipidea - ok
19:39:42.0154 0x2234 [ F061EC57330FBC597A4E7298BE667780, 0C32162782BAE9912373CA40A67567BAEF185173E033579C4833A91C11D83E2E ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:39:42.0168 0x2234 ufxsynopsys - ok
19:39:42.0178 0x2234 [ B26729B378282F72241859C13326E3E8, 859398D02E301B8C79078DB43E3BF9691EBA52DD0717868E27D2D6EF918098DD ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
19:39:42.0197 0x2234 UI0Detect - ok
19:39:42.0201 0x2234 UIUService2 - ok
19:39:42.0206 0x2234 [ D40BCED160D332005AF612E1228825E6, 72B7B89A3ED1D6846D004D9BDCAAF8F1D488C21A93A926FE158217B529B55157 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
19:39:42.0222 0x2234 umbus - ok
19:39:42.0234 0x2234 [ 64CF24D7B1FA4975C52A31BF4C82EB73, 2F803884A417F2DD39A155D20EAA4D61D494E41B0F98760810EC5193B84DD425 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:39:42.0249 0x2234 UmPass - ok
19:39:42.0259 0x2234 [ E6B6BDA0412D3C56275E662A5A1937FD, CB971073A34CF3FA184B8E41308A14CFD5E22F48B01109E7531DF013EB5E05E7 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:39:42.0282 0x2234 UmRdpService - ok
19:39:42.0306 0x2234 [ F0A388AA51F0DE22AA38A4BA9B04AD9E, 1B325D1BF2B041C33BF0336D9651A744AC0A9529085F898A3D90158784F26DC2 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
19:39:42.0354 0x2234 UnistoreSvc - ok
19:39:42.0375 0x2234 [ D2931E3F67A990328DE5CE7E43F4467C, 06BA872FB07CFDD14813963A06E01F225EFDF58A63D6B0A5AEF7872C7126DF54 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:39:42.0404 0x2234 upnphost - ok
19:39:42.0409 0x2234 [ ACE4C3B4C7D17B154FFC5BBE5F7A9835, C330123EE9BF90518CCB7DA923ED32C0CFA9319C886D9ECA65E3B84E743CB145 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
19:39:42.0418 0x2234 UrsChipidea - ok
19:39:42.0423 0x2234 [ ECE40EB976A5ACB366808AECF6B235BA, FA00D0A8EF1BCA0349DCA961F4093DF790E5031F91586050372029AA9A7726C5 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
19:39:42.0435 0x2234 UrsCx01000 - ok
19:39:42.0439 0x2234 [ EB738F830D3E7EA62A218F101EF91FD4, 35B05845497448C0721377F0EDD7624A4043D0C6E91C5C1CB96853F2D3B16457 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
19:39:42.0451 0x2234 UrsSynopsys - ok
19:39:42.0458 0x2234 [ B43E28E5CF868517EEC0923AB2BC366B, 01817474AFBC2199387F30F708DDD9458FB156EA4AECC8C3E2EBBCBF7A2BA857 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:39:42.0472 0x2234 usbccgp - ok
19:39:42.0479 0x2234 [ 1080D80B5F6D249F23BAE1C0C36233A4, 8EB810282DACCE101D4B5F70FEB450204359537098215DED1DBFF9E14B6F86D0 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:39:42.0496 0x2234 usbcir - ok
19:39:42.0502 0x2234 [ EE162DA2C92026A5B96ED89737975AA8, A26E58C7BEE9B6F0F692A2649F258384E55523A64889E3B7D8EFD6D77753E243 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:39:42.0514 0x2234 usbehci - ok
19:39:42.0527 0x2234 [ C27FEE9758E3BEDE4D48B5EDBE1122CF, 64F7215ADCA3DC1E2D8EF3E6C3579529605DF8F7A2161FB04B19182C828E54D6 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:39:42.0547 0x2234 usbhub - ok
19:39:42.0562 0x2234 [ DAB1695B400DE19A9DEA686022FD1544, 0D95745883C5D5828294D67297C4B7F5AA7DCF6D3DE412506EB6C0957F605F75 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:39:42.0584 0x2234 USBHUB3 - ok
19:39:42.0589 0x2234 [ 44B954306BB2B311E070EDA276FECAB1, 8F3C1FC07E2B8059E41AF3BD1CC03C67770B4FB403D79171CA075874721BBCAB ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:39:42.0607 0x2234 usbohci - ok
19:39:42.0613 0x2234 [ EEF26F9034F0608B93D4D239534BB0BA, 6B047603D4F86C12CF0B22F4260E8BC6A6FF0BEEC50C74E31CA3A4E86567F90D ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:39:42.0628 0x2234 usbprint - ok
19:39:42.0634 0x2234 [ 446F2908C891A583BEA930226E37036E, 830A0E9170B1BD58447EB12AAF7FA8B97B15F3D35DE53553CFC4A67620DA4619 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
19:39:42.0650 0x2234 usbser - ok
19:39:42.0656 0x2234 [ 441CAE778B6A1FF6E618E37814A7A52A, 61DF48D662421F2149FA63187B2C8556A991BDA47EA75798BA86C572C432C1EB ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:39:42.0669 0x2234 USBSTOR - ok
19:39:42.0673 0x2234 [ 2D6BB2157B37B2D9DABF8C218F2A805B, 5FCA03DCAE81F6B7A6EB63F13A361ED915D82635697DAA085A31D447C21C1B65 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:39:42.0690 0x2234 usbuhci - ok
19:39:42.0704 0x2234 [ D4AF6826A473562C169B0916BFE3486C, 5295EDBEFBA27DCC1DAA4C456713CFE5D857A6BD18EB4B05C977CAF19990141F ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:39:42.0722 0x2234 USBXHCI - ok
19:39:42.0756 0x2234 [ DBB8DA23D912E799683A34BFBAE3EF70, FE7EAB44503C72EC3CD722617D04C0BF01EDFD2F5834C3D501538800E43C6B74 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
19:39:42.0811 0x2234 UserDataSvc - ok
19:39:42.0843 0x2234 [ 29D52BDF7605DBD39C2D6D089E72C6F4, 500CBB6AD5B097525CD5DD70F127ED66BDE8E5608DAAC5067FA0F04DC1F00D06 ] UserManager C:\WINDOWS\System32\usermgr.dll
19:39:42.0886 0x2234 UserManager - ok
19:39:42.0919 0x2234 [ 1EC6FE430906F4B4935F51DD079406B4, 5DD497FD9A97FA6E5C94E04E75C23D5CC2C5A0BEE252277F67A6FC00D11A3C33 ] UsoSvc C:\WINDOWS\system32\usocore.dll
19:39:42.0968 0x2234 UsoSvc - ok
19:39:42.0978 0x2234 [ 94E06D509D50807774F35BEE3163E806, ADADFA0D533944579BA0E5FE31A68D4D1395E7B9DB75E58D47E0ADC0DA5AD16C ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:39:42.0989 0x2234 VaultSvc - ok
19:39:43.0017 0x2234 [ AA98700D973A174D92AC515BDAA54477, 7432137FE52629E0C161291D5F7B3AEF6EDEA6115689AB270F42AD9C17C7CB36 ] VBoxDrv C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
19:39:43.0044 0x2234 VBoxDrv - ok
19:39:43.0053 0x2234 [ CAA008A6627553A2A043968F29D9E6C5, 3688327611D5BA4A970A16E421BF7989BB33C306982B4F4EC99463EE0A60EA96 ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
19:39:43.0065 0x2234 VBoxNetAdp - ok
19:39:43.0073 0x2234 [ BFFB5CC74E529157265937EA9D39194B, FE5BB02B697AD91E3EC5C1B7CD76365E0BF9D3BDAFFD24FAF97B829567B17DEA ] VBoxNetLwf C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys
19:39:43.0085 0x2234 VBoxNetLwf - ok
19:39:43.0092 0x2234 [ D6DB5EDDD1E003EBD0099A85D83F97B7, D3143BE8C8C7F5F1CDBBE69C541DE62FDE313CBFDA32850F37F2A164F7B253AA ] VBoxUSBMon C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
19:39:43.0103 0x2234 VBoxUSBMon - ok
19:39:43.0109 0x2234 [ BF13071600C1A0B090BEEC159A75B133, 78B239E5189B090D11A6C2CE19D8428CCCB03740CA22D00561E1BC9B5D609046 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:39:43.0120 0x2234 vdrvroot - ok
19:39:43.0137 0x2234 [ 07C192BEEA76B1BD9D0310ED20551D54, 0E8A90B2A228CEE94DBD193E7C6775A64C8BBEF70E318F2ECE935B6ED5B26638 ] vds C:\WINDOWS\System32\vds.exe
19:39:43.0175 0x2234 vds - ok
19:39:43.0184 0x2234 [ 9D4EEE333603F3675685F644053499D5, 545A21F86C8CD64B556DE688B31DDB157863766D53E52DE443B881D267223578 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:39:43.0200 0x2234 VerifierExt - ok
19:39:43.0217 0x2234 [ 274D49BBF0F3C7F193BFC13434F2F08C, B8F56DDBE61D1A6EC0967C5543A1772BEA6E7E9D4923F6DE5A09CD43AC7CDBE3 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:39:43.0243 0x2234 vhdmp - ok
19:39:43.0249 0x2234 [ E10FEBB566E1F0A3936AB304F338637E, 01B344061F2A8802EE88F584CF583DCECA478823A0D37C41D90340E4E2FBC43F ] vhf C:\WINDOWS\System32\drivers\vhf.sys
19:39:43.0264 0x2234 vhf - ok
19:39:43.0270 0x2234 [ 3093314480D83FB733A6069AB12D3DA1, 9056C57A56D151E3AF456FDD843F9BD7727E12B59EB09C423196F23609EA7F42 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:39:43.0282 0x2234 vmbus - ok
19:39:43.0287 0x2234 [ 12723C0F54432B4A98702110B344B030, DFAA6FC88F6EC7A540B5AAE930A591DD59E844630A6B03DEEA31126EAAEA256E ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:39:43.0302 0x2234 VMBusHID - ok
19:39:43.0306 0x2234 [ BCD144BFA4E13E0F74D852ADF283626E, 7423E69CECC2791DF814ECA6464C522BB914F7F6B0178C1A9881CBF56A1F8E1C ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
19:39:43.0321 0x2234 vmgid - ok
19:39:43.0331 0x2234 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
19:39:43.0353 0x2234 vmicguestinterface - ok
19:39:43.0362 0x2234 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
19:39:43.0383 0x2234 vmicheartbeat - ok
19:39:43.0391 0x2234 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
19:39:43.0412 0x2234 vmickvpexchange - ok
19:39:43.0423 0x2234 [ F03A5454EAE669167639CA3F2EDF73B1, 03D9A033B694BF95AC04355EB54B72030372880E0EF63C4A6D6A2A10F571AFEA ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
19:39:43.0447 0x2234 vmicrdv - ok
19:39:43.0457 0x2234 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
19:39:43.0479 0x2234 vmicshutdown - ok
19:39:43.0487 0x2234 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmictimesync C:\WINDOWS\System32\icsvc.dll
19:39:43.0508 0x2234 vmictimesync - ok
19:39:43.0517 0x2234 [ 16071A66A9313085B54037B5D7D1C353, 613FAB4F93FA1C33D6303C5712B516AAFB1DACDAB712F7F52A34D7CD558183BE ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
19:39:43.0538 0x2234 vmicvmsession - ok
19:39:43.0549 0x2234 [ F03A5454EAE669167639CA3F2EDF73B1, 03D9A033B694BF95AC04355EB54B72030372880E0EF63C4A6D6A2A10F571AFEA ] vmicvss C:\WINDOWS\System32\icsvcext.dll
19:39:43.0569 0x2234 vmicvss - ok
19:39:43.0575 0x2234 [ D81F6B790519A60F3D1788B45D04B749, 7607DBA77412127C4968D3B6C4FD25F8C286A22DDDD9C78BDC54DF3A4C98AA8E ] vnvdimm C:\WINDOWS\System32\drivers\vnvdimm.sys
19:39:43.0589 0x2234 vnvdimm - ok
19:39:43.0597 0x2234 [ 4F91CD6C36DF2FDB91390082A116E602, 47AD91A097B1A6769A3EBB53EF1DE861420BC3E208F148CDAA04E3B4276F0C92 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:39:43.0608 0x2234 volmgr - ok
19:39:43.0619 0x2234 [ 6D6CACED512C1EF1FEAC215E37E3A9BC, 11B26DA5AB0C3736E2B8ADF3E06BFF3FD7853F9D6A948EA15ADC8B7D230062D4 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:39:43.0637 0x2234 volmgrx - ok
19:39:43.0649 0x2234 [ 5B27846CF4B1C21AFB3A35A8336BA02F, 0481F605776B638CCE855525DF605288AB4ECA87FCB4B6E668B60E3DFD120EF2 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:39:43.0667 0x2234 volsnap - ok
19:39:43.0671 0x2234 [ 72A95A844D6BAF2924A4C15BEDFD6BCA, AB9F8C77A077C9E95061D562F516793E547BC276926E1895A186A39317F21BA1 ] volume C:\WINDOWS\system32\drivers\volume.sys
19:39:43.0682 0x2234 volume - ok
19:39:43.0688 0x2234 [ 9198C53EE69D942217E2ACC29A01D605, 4F4742EC69DEF6485FECD60F0EB3C7DBBCB78E706C85319CAC8FFC40D3C27780 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:39:43.0699 0x2234 vpci - ok
19:39:43.0715 0x2234 [ 05F1897706AA0C9F7336C0DC20E46B5B, 6F567997EC2C97922DB69F3A02F7A5443614312C37BC9F689FAB5B4661A9A29C ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
19:39:43.0733 0x2234 vpnagent - ok
19:39:43.0738 0x2234 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\WINDOWS\System32\drivers\vpnva64-6.sys
19:39:43.0749 0x2234 vpnva - ok
19:39:43.0756 0x2234 [ 075CE3C9E77D2666AFA888951E5F07A9, 264EDD6301851A41FB2233DC9BFC357EE5B60BEC1A04578FD7A576BA145E2A31 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:39:43.0770 0x2234 vsmraid - ok
19:39:43.0802 0x2234 [ 53B56525785DDBBF34956948A08F6491, 799759ACDF514F195A6C9DACBA966866E9012AA862B45D2E27D345D5901B7924 ] VSS C:\WINDOWS\system32\vssvc.exe
19:39:43.0858 0x2234 VSS - ok
19:39:43.0873 0x2234 [ 26D00E85BE4726B114335250FCDEDA89, BA1E3EC92786A17B99BF6544FD76F0458DAC2810D2A3B0785AC2B066079D5B09 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:39:43.0888 0x2234 VSTXRAID - ok
19:39:43.0896 0x2234 [ 3DFDB573E4D49EA8F416B573525B7A86, 9951D34FF0B98CA562EC0D81E23DA81BF5E5E6B4F5C274BC8E258BAE5E69DF8D ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:39:43.0913 0x2234 vwifibus - ok
19:39:43.0920 0x2234 [ A40FA64655AB5B8773A96A821616C5FC, 221063771A70CD6238D5DD816EC99BFFE31418EDA08E2270D864554234271087 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
19:39:43.0936 0x2234 vwififlt - ok
19:39:43.0942 0x2234 [ 0D34F98DBDF09D239533AC345C360F03, 503F6826443560C65FC281E41E91C5EBBEFFC937C975FA4CBBF5F5FC34EC3E4B ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
19:39:43.0956 0x2234 vwifimp - ok
19:39:43.0973 0x2234 [ A17A4F2823C5424C9B8B990644817DC0, D8CE6FC8B6B5BB89968D83AC3DC054C35BD16880D0B321B64799DA1830C2B626 ] W32Time C:\WINDOWS\system32\w32time.dll
19:39:44.0004 0x2234 W32Time - ok
19:39:44.0012 0x2234 [ 5B5430522E0BDF2A753D758710BE7C5E, 1476C664EFCE7A2FEE738BB767D3E2EABBEF19F1037D383140BC01F92E154039 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:39:44.0029 0x2234 WacomPen - ok
19:39:44.0042 0x2234 [ 451D40C28E7D1CF51A980B83FDEFF498, E6CEEB222A1C0D97E53DCFC2E22084FD4547A8CE3C16A54DD49622F524BF48CE ] WalletService C:\WINDOWS\system32\WalletService.dll
19:39:44.0071 0x2234 WalletService - ok
19:39:44.0079 0x2234 [ E77B19FF6C2FFA5B19CDF62DA4953BC9, 2D93403BCB2A44F9CF110C1EF99C1C79D2BBB8068CCCA7C30B6606C1190F6C98 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:39:44.0095 0x2234 wanarp - ok
19:39:44.0100 0x2234 [ E77B19FF6C2FFA5B19CDF62DA4953BC9, 2D93403BCB2A44F9CF110C1EF99C1C79D2BBB8068CCCA7C30B6606C1190F6C98 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:39:44.0114 0x2234 wanarpv6 - ok
19:39:44.0119 0x2234 [ E3B4C37F1F3D8078AA2AFBEE7F5468CF, E620DC9F5AAAE9652E3B742BBF4D671F04D623F657959C98F2230CEF26086CDE ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
19:39:44.0137 0x2234 WarpJITSvc - ok
19:39:44.0168 0x2234 [ 1C1EB9C4DAF428B3BFDD58572768182C, 99F429EB8C2DEC185124B8811AF96D30E963E2F71CC7184AF8650805818B52E4 ] wbengine C:\WINDOWS\system32\wbengine.exe
19:39:44.0224 0x2234 wbengine - ok
19:39:44.0252 0x2234 [ A0B4836C489C2535795C4E71E378AD07, 39A511EE1FFFD956496768A1D1453E503C911DE512EBCAECFCDFC0B8E3A8544D ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:39:44.0293 0x2234 WbioSrvc - ok
19:39:44.0305 0x2234 [ 0610F02EC87DBF6BA319CB1D6B8771AE, CCD9E8A028F091907BC30619ACA126F9FBA448A69124E53EF905978E3B5734F8 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
19:39:44.0318 0x2234 wcifs - ok
19:39:44.0340 0x2234 [ A616F82723F181A850C9E22E5D1AF2EB, 5A439FCADBB277EF497F6B590192C6AAB361D1D013D4C461D3A5620FCD263174 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:39:44.0381 0x2234 Wcmsvc - ok
19:39:44.0395 0x2234 [ 505E50A4819CF28DCE8176DB15952D49, 6003C93FB0997A9FFD5CBE9BD18C86B08594AD56D70AD93F72FB67C5F6D7666A ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:39:44.0422 0x2234 wcncsvc - ok
19:39:44.0429 0x2234 [ 87F462C7D37F380187BE12F079F73216, 4025B95FAF4751633E9DD9BA9312274E99778EEBADC8EA37D5E179A41C1EE344 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
19:39:44.0445 0x2234 wcnfs - ok
19:39:44.0450 0x2234 [ 6FD8F1FBED780A7F3DF329C834E52AC5, 3AD265AF0E955A78102BFF7048C08C3D250694EBB47B9E603090EC0FE5BD522E ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
19:39:44.0462 0x2234 WdBoot - ok
19:39:44.0483 0x2234 [ FCC960498E3CD899F0A429F7CF9E77AD, 91FB3B6AF1522754E6ECF5D0CD146B1D06F657D06E6D9D917F55A3789A92D8EB ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:39:44.0508 0x2234 Wdf01000 - ok
19:39:44.0519 0x2234 [ 7D182F0F227FC141C5D2085175BE05F6, 58F3F00521DBD7D33E5383FBFE264777B8403C16F52C887FA4C5F391CB1E0250 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
19:39:44.0536 0x2234 WdFilter - ok
19:39:44.0544 0x2234 [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:39:44.0565 0x2234 WdiServiceHost - ok
19:39:44.0570 0x2234 [ AB406F30BE98CDB7AA7171336EF031BA, 912137DE2DF4BE3B9D777E6F19B99FC233D0CE2CCE97B98AF885CC728AC78721 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:39:44.0592 0x2234 WdiSystemHost - ok
19:39:44.0612 0x2234 [ 394CCCA2A8C04BA14327636F20AB9DAD, E14C82C255517CCA4DECEF1A1DA3B1115D5E7AA98838D2B9848E150ADCDCEC34 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:39:44.0645 0x2234 wdiwifi - ok
19:39:44.0656 0x2234 [ 0D38C257A7B34A818726BA2F323B196E, B136076CFDD0FB9B78E0BFF2873F4F3477808E12EB897ED0D883481EB92A24DE ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:39:44.0668 0x2234 WdNisDrv - ok
19:39:44.0672 0x2234 WdNisSvc - ok
19:39:44.0680 0x2234 [ DF58AA71FBA55E15F572C93447696DEC, F20C93140A44C1E61B5544FC8B3A1145E9ED57B2F09881719F4B2853B4900891 ] wdnsfltr C:\WINDOWS\system32\drivers\wdnsfltr.sys
19:39:44.0695 0x2234 wdnsfltr - ok
19:39:44.0704 0x2234 [ 36947722152A5C5CE9CAA33AD84ACCB5, 8B6E7D7BC091DDCA6AF90ED100AAEDACCE9110179BAD5E444D6788E52C68F461 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:39:44.0726 0x2234 WebClient - ok
19:39:44.0736 0x2234 [ 7997BC2386A9976C0645A28FA8A6E7EA, ABE47A6132B7651EA2055F97E7BD9D596906086BCD726147449D4378C7E4F9B9 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:39:44.0757 0x2234 Wecsvc - ok
19:39:44.0765 0x2234 [ CEA146E0D096A491B265CD2340C2E31D, 285BA0D58E6E93FEB0D8F33738C6A223D7269378B3E77A7760D7131E43DEBE7C ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:39:44.0782 0x2234 WEPHOSTSVC - ok
19:39:44.0789 0x2234 [ 40610BA98D5830FB14C3695B3BCA647A, 6E047D04DDD9DCB142572CEAB5E73585062205BABE510C5B0D63800B2A9D251A ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:39:44.0809 0x2234 wercplsupport - ok
19:39:44.0818 0x2234 [ AA2B3154D12ABE34640C866AC3472E33, 32EBA0B999FDA77E6828274FE49A7619B97471BF828B18BF55BDAE19FB10DC6A ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:39:44.0846 0x2234 WerSvc - ok
19:39:44.0863 0x2234 [ 86B816E9D24625287BDE9784953A5E86, BCA73B320100D7C1052751D7FA42990579B6BA5908E31B2212BFE75681B32D3F ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
19:39:44.0898 0x2234 WFDSConMgrSvc - ok
19:39:44.0910 0x2234 [ C82198D3B33854D9578F9B09025E4293, E4CEEC078B2EE56186D75AE762D6511F3AF88C41C52039710D06CB2945C1B397 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
19:39:44.0926 0x2234 WFPLWFS - ok
19:39:44.0933 0x2234 [ F78A2731EC972312C4C998174A9BB325, 72CCA57EB6383F65683C276337F53AB38BC398CEA69E53D6E2867D5EE8B4B007 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:39:44.0952 0x2234 WiaRpc - ok
19:39:44.0958 0x2234 [ C8D3FC38426E990E2787771678B19C6D, FB6CA9A5BF3935793CD8B2F288FAC0C675B333D4F7393FA02244E3BCC2E25625 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:39:44.0970 0x2234 WIMMount - ok
19:39:44.0973 0x2234 WinDefend - ok
19:39:44.0988 0x2234 [ 4499AB24236526E5CFCE817CD02EC034, 5D8666B2EEBAD0CDD70E43F83540C738333CFC5124C74432E7AB677504A48688 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:39:45.0000 0x2234 WindowsTrustedRT - ok
19:39:45.0004 0x2234 [ 813EE0F4D4B8D599DB1968682D080732, A3EF1BBB866F5A7C1B5303BBF6E805B35739602CA7F244C076A8BF90F1CB2952 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:39:45.0017 0x2234 WindowsTrustedRTProxy - ok
19:39:45.0044 0x2234 [ A6779AAAFCCF789782A78622B1076DD2, DF8EE65AA04DB4CC500945B7C26BA8C2F063B4E3B46F8F5FA207C72D0C0EB505 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:39:45.0077 0x2234 WinHttpAutoProxySvc - ok
19:39:45.0087 0x2234 [ E23475E9150E6A50B12DB176EA5CDD56, 25699796948D4679D0C1633C726C3CDF052F877AAA18CD7D069F95A88701CB73 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
19:39:45.0098 0x2234 WinMad - ok
19:39:45.0108 0x2234 [ 0FBD5D358094E254A1508832D4042FF7, 4EC4DB3B03BE1518BB38D4F3BF79A77D1BCA5A2DE9BA5F9C9312606E4E2A14E9 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:39:45.0132 0x2234 Winmgmt - ok
19:39:45.0140 0x2234 [ 90DBE4DB3A8266C6E078EF6682E26B91, 432AAEDE3628EAD3F844D3CBBA0AAA6AFDD04CAB04EA7871689D7FD394F25EC1 ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
19:39:45.0160 0x2234 WinNat - ok
19:39:45.0211 0x2234 [ C2A88E382CD48E4772A5570D66BF1A90, F1BFB1873FB1E37DAADE923FC30265C72018CF2003B0A5E0E5896167D1680D01 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:39:45.0302 0x2234 WinRM - ok
19:39:45.0321 0x2234 [ E92F3539C4758F6A9F4B80CBAC75B3E6, 9CF9069B9A738E86181FB02904720B2A88353574F35BDC298A2EB697D22B7723 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
19:39:45.0341 0x2234 WINUSB - ok
19:39:45.0349 0x2234 [ 59126AFCC64270747B5CC9B44A4A48F4, C0C1E6B248E725FE02B58151838AAC8841FB70B673A2B6EFB49EEA96E7F1C1DA ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
19:39:45.0360 0x2234 WinVerbs - ok
19:39:45.0366 0x2234 [ 569FB3D619213F226CBB60F9CB8FE1BD, 1BFFC248FB43948EE4E5C19A45CF2DB89BEA14F67CA50BF58C5C4D2C7A2B8EFA ] WirelessButtonDriver64 C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
19:39:45.0377 0x2234 WirelessButtonDriver64 - ok
19:39:45.0396 0x2234 [ 0A3ADAA0EFAFA26CA8570E24A13CE484, 2B7FA1ADD904962F296111F555F4BB45A3BA77B6961DABC502B6DDC4E9324CEB ] wisvc C:\WINDOWS\system32\flightsettings.dll
19:39:45.0434 0x2234 wisvc - ok
19:39:45.0487 0x2234 [ AA11D9AEF05DE5BF7371005E6C03798C, 32003C63D3EB60D9B3F2F249873047C6C510E9195FAFE145B1CDB5C9F0358026 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:39:45.0566 0x2234 WlanSvc - ok
19:39:45.0612 0x2234 [ 6573EE8E98779F26C79A62CF15CB61D2, DAC8A01E17B0AF6C4EFE0E3BFA3C18D7B5EECD6EB7FA8A63AFEE4C0FCB353927 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:39:45.0685 0x2234 wlidsvc - ok
19:39:45.0720 0x2234 [ 56E1A46DD1C5D28B10F02E21D077EBF6, CC9AADBBBA03E162948EE39CCAAFD0A43253C86F5B875765748B73A084DC4B25 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
19:39:45.0773 0x2234 wlpasvc - ok
19:39:45.0782 0x2234 [ E8C793ED028E132771988760819E3754, 7BC02774EEDF4B884181854BEADF2DCAC615BA3ED7F1551C0863B79E009E3043 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:39:45.0795 0x2234 WmiAcpi - ok
19:39:45.0806 0x2234 [ 7112092A3C6F41EDBE83636791C774D9, D7697F75EB9CAA5924CF7227A46BC5A0F1BDD3FA14D384ED5B669C1FB512B31D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:39:45.0826 0x2234 wmiApSrv - ok
19:39:45.0832 0x2234 WMPNetworkSvc - ok
19:39:45.0841 0x2234 [ 8D6E6F6C233AF450C50FA615530B44D2, 1BF6CD93B97920500F5FD0E9D8395ACCAAA2D126FD9C256148797B292D5F9A6C ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:39:45.0855 0x2234 Wof - ok
19:39:45.0897 0x2234 [ 1431D184691F7FA9AAC2064EB0EC6C96, 6185E5AB281327563DC4E87526B37792A9B4B86C65D5BADDBB1DBA6A50FC9134 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:39:45.0961 0x2234 workfolderssvc - ok
19:39:45.0974 0x2234 [ AE9793230B219113DE1163138645E5AE, 9CBC10269D847E4EFCF8B412D34B9551594396390BF5BFDEED03DBFB84D7174F ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:39:45.0991 0x2234 WPDBusEnum - ok
19:39:45.0999 0x2234 [ 9EAE1EF282864674355B4B81DF6AE935, 781CED5AE95D365BB59769517FA9462EFC6472ED4EB08C98EC66CE3E17C66D69 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:39:46.0008 0x2234 WpdUpFltr - ok
19:39:46.0019 0x2234 [ C75B59E441206A572CC64BBB60EE54B3, C43A3109EAB89B6A23E033C127F1B5586651A1A3A1C4D45ECFBF0ABE472FEBA1 ] WpnService C:\WINDOWS\system32\WpnService.dll
19:39:46.0046 0x2234 WpnService - ok
19:39:46.0053 0x2234 [ 07F4AF1730D55567EACE7ADDEA28FE48, 256671C52C350E42662DC590AE36BAFD06E9507551C39575BCD894D8FD040129 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
19:39:46.0072 0x2234 WpnUserService - ok
19:39:46.0082 0x2234 [ 367B3ED0C688AFE28C376B0230814567, 1E7419254852A70AEAA30DF0F85C4E489591E5A0E90256C40676F712D45960CA ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:39:46.0099 0x2234 ws2ifsl - ok
19:39:46.0109 0x2234 [ 95E6DA58562C14947935B1C5D393A7F0, B9F0F8B2F50B48125B89BF61B3229317E918619B6A9D47FF0B368A87EE0CE734 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:39:46.0131 0x2234 wscsvc - ok
19:39:46.0136 0x2234 [ 7B44553610A89F2011CF69BEA9AFD4CB, A7DE907114570F8CC248F4996045D33C0FB0159B8E6F0A4127F1C205183DDF35 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
19:39:46.0151 0x2234 WSDPrintDevice - ok
19:39:46.0157 0x2234 [ 8068DC839C3729FFC70821FBEF05D5ED, FAD4FDC8DD9CD119B93C8B8889796E9766952C032D70ACD8FA97D29A4BDFE29F ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
19:39:46.0173 0x2234 WSDScan - ok
19:39:46.0178 0x2234 WSearch - ok
19:39:46.0235 0x2234 [ 868520F90F9DA2AA4160BA5A5F412D82, 251CDC32E1A9CBB1FF7FE5259EE11BE43A4EC5C801911D94B9F35F1814701EE1 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:39:46.0318 0x2234 wuauserv - ok
19:39:46.0332 0x2234 [ BD5E68B369DF3453A0A87663C6C5476D, 17B766ADB299D247EF9D4554F86015B38A89AE5C0310A36E1FCB0AC28462CE96 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:39:46.0350 0x2234 WudfPf - ok
19:39:46.0360 0x2234 [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
19:39:46.0383 0x2234 WUDFRd - ok
19:39:46.0392 0x2234 [ A86A249314FD0A780214028B0C31A386, 71D0A346DA228EFD44F2D63765A01B59B305EC753C172730096F143F3A4D62F0 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:39:46.0412 0x2234 WUDFWpdFs - ok
19:39:46.0442 0x2234 [ 02DCDAE63AB343418D7420D481FE839C, DBFD3C9EF34645EB3A11107760C8298590368A2E815695B857CCF653910265A7 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:39:46.0496 0x2234 WwanSvc - ok
19:39:46.0507 0x2234 [ 42C738ED1552FE168F6EE1BAE8ACFCAC, 01E9CD1FA7935DD442A2EBFC93E4BDDF204F995379FCAFFEADAF0BF6638AB925 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe
19:39:46.0520 0x2234 xbgm - ok
19:39:46.0545 0x2234 [ A03C4D4D71304087820A0EF18FCF7582, F92737321A5082A72F20491810A09D249F0676F0F12478A2C81ADF9B2F79BAB0 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
19:39:46.0593 0x2234 XblAuthManager - ok
19:39:46.0623 0x2234 [ 77ADC2F5DBE303EF8B8D2D08AEE3F3DB, 65128FB8561EF1BE4E3CAA3B0D873FEA3A218E3CF90527068C43F6E549ECB188 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
19:39:46.0672 0x2234 XblGameSave - ok
19:39:46.0688 0x2234 [ 2244A4CEFE8F9C74091369ACE2E9EBC6, 48F59F36EBA0434BED00B53321107C0BDFF20131683D5E6BC7A9F5DA0B8B6929 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
19:39:46.0712 0x2234 xboxgip - ok
19:39:46.0718 0x2234 [ 1A9550D746B8604D37A90436EF686777, 3DBF305C228D28A3C4FC48F65CC38BDBFEE6B7995CEE8319E680E073978CA58B ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
19:39:46.0738 0x2234 XboxGipSvc - ok
19:39:46.0764 0x2234 [ 4951DD543AA2710760D90A58261ED665, 37D08FA58147A6606E69DB39405898D82BC40420F8FFB0BD097694A53E60AD1D ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
19:39:46.0812 0x2234 XboxNetApiSvc - ok
19:39:46.0819 0x2234 [ 4A91B49C6B1E41151D47CB919ADF013A, 4DA1E3F50B2D63AFD2F7A014E3C0420C1E7DEDE96A48EEC33C53023D88F9AAFF ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
19:39:46.0838 0x2234 xinputhid - ok
19:39:46.0848 0x2234 [ DCF1C283860C3CAB0BF0A71528A0136C, DFC44E5337A8B37C54CA57D53F74E41BE2C0495AF2A566FE1E9A37C045BF4C84 ] XtuAcpiDriver C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys
19:39:46.0864 0x2234 XtuAcpiDriver - ok
19:39:46.0935 0x2234 [ EB62D8843FB1669B30D28046E63932F8, 0317419FC6F719670D6095109EA461DE39DA4284082F533A398E05F64E5CCDC9 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
19:39:47.0006 0x2234 ZeroConfigService - ok
19:39:47.0022 0x2234 [ 19EBAAB0F84B3492223C82A5043CDE65, 6F2F0839C1D8CA5F85B6382ACDD680BFE62163F425F4B316F5D74FF5828B75CF ] ZyWALL SecuExtender Helper C:\Program Files (x86)\Zyxel\ZyWALL SecuExtender\SecuExtenderHelper.exe
19:39:47.0033 0x2234 ZyWALL SecuExtender Helper - ok
19:39:47.0066 0x2234 ================ Scan global ===============================
19:39:47.0071 0x2234 [ EB45383BE9D7ECB36D55B262E0D8EB46, DC975066C426B5FBBFA3A4254D1D97DBF889B6BFD062D9FF1892F66C0CFF2DE3 ] C:\WINDOWS\system32\basesrv.dll
19:39:47.0079 0x2234 [ B7147831151D5519E5A80CC71CA1F73D, 2862ACE7D2672399B4E0CD0D0275301BD63BFE16E4680A09F5DFDFCFBB7187BF ] C:\WINDOWS\system32\winsrv.dll
19:39:47.0086 0x2234 [ 9451BA31B1DC19CED2608D82863C6486, 888F8676086DD8338445C35A64106E01122881FD08858D3996470EBF0DF30648 ] C:\WINDOWS\system32\sxssrv.dll
19:39:47.0102 0x2234 [ AB75687641C9ADBE22336EC3C496909C, 5ACB7665BFF5024E3B244EC733F612FA257B886BC84ADD6F61246B5F6BC37B9E ] C:\WINDOWS\system32\services.exe
19:39:47.0112 0x2234 [ Global ] - ok
19:39:47.0112 0x2234 ================ Scan MBR ==================================
19:39:47.0114 0x2234 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:39:47.0138 0x2234 \Device\Harddisk0\DR0 - ok
19:39:47.0138 0x2234 ================ Scan VBR ==================================
19:39:47.0141 0x2234 [ DAA04F19D9453B0A819EFD4FF7CE837C ] \Device\Harddisk0\DR0\Partition1
19:39:47.0142 0x2234 \Device\Harddisk0\DR0\Partition1 - ok
19:39:47.0146 0x2234 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
19:39:47.0146 0x2234 \Device\Harddisk0\DR0\Partition2 - ok
19:39:47.0149 0x2234 [ EB04032D6EC91229E55674C19C1F6F83 ] \Device\Harddisk0\DR0\Partition3
19:39:47.0150 0x2234 \Device\Harddisk0\DR0\Partition3 - ok
19:39:47.0152 0x2234 [ 646AABB8C57B5B173CE125E2636C8440 ] \Device\Harddisk0\DR0\Partition4
19:39:47.0153 0x2234 \Device\Harddisk0\DR0\Partition4 - ok
19:39:47.0156 0x2234 [ EC24FC72FEC25F6246786611241F8CD4 ] \Device\Harddisk0\DR0\Partition5
19:39:47.0158 0x2234 \Device\Harddisk0\DR0\Partition5 - ok
19:39:47.0162 0x2234 [ 0D99BD8A08CEFAB267B3AD04377AF878 ] \Device\Harddisk0\DR0\Partition6
19:39:47.0163 0x2234 \Device\Harddisk0\DR0\Partition6 - ok
19:39:47.0164 0x2234 ================ Scan generic autorun ======================
19:39:47.0164 0x2234 SecurityHealth - ok
19:39:47.0172 0x2234 [ 12CDD943B34BEF2A7A6AECA08D445D85, CEE4E1602F2F4776CA785E077114C35CF417179597651477A15FD0FF5DD06D02 ] C:\WINDOWS\RTSCM64.EXE
19:39:47.0184 0x2234 RtsCM - ok
19:39:47.0188 0x2234 [ DC6806FF8FEEADEC6ACCD2565E5FFC30, 30E5064E112B5AA49246F283E6AD55041C341564763BC410AB3C174AAB48DF48 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
19:39:47.0197 0x2234 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
19:39:47.0278 0x2234 Detect skipped due to KSN trusted
19:39:47.0278 0x2234 IAStorIcon - ok
19:39:47.0284 0x2234 [ 95880B82FB3ED223AB272269555170F2, 74887CA87B48B709C062413358522A87FBAFD5E718B8A31919B679D2B5C56142 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
19:39:47.0297 0x2234 IMSS - ok
19:39:47.0318 0x2234 [ 68F1419721354EC1F78A71E10B54FCA8, 5BB4814BD28EE8ABB15BE6B8E723F6960F37EC17A619F5D93EFBCC6FC59502F6 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
19:39:47.0340 0x2234 Cisco AnyConnect Secure Mobility Agent for Windows - ok
19:39:47.0356 0x2234 [ 9CE467BFF974344FB989F83D600B0A80, 40AEBDFEB9380ED5F3A6995F108C9D8D3D1433778C835B75FAE3B1A3534794DF ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:39:47.0373 0x2234 SunJavaUpdateSched - ok
19:39:47.0711 0x2234 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:48.0062 0x2234 OneDriveSetup - ok
19:39:48.0412 0x2234 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:48.0754 0x2234 OneDriveSetup - ok
19:39:48.0788 0x2234 [ 2D7841420EF0ADE2C17CB65CF1A136C5, 99E2D99154767084507C394FDDC6E1CF6999D896665AC9EC05CE9E2578434237 ] C:\Users\jch\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe
19:39:48.0804 0x2234 OffCAT - ok
19:39:49.0151 0x2234 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:49.0494 0x2234 OneDriveSetup - ok
19:39:49.0550 0x2234 [ 41205572066FA2F02036BAD3C6D0916A, 987B26F8FD0AC83CE309D119D284836F8AF16A6DDE2537B62798F2BB5FF0D420 ] C:\Users\jgr\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:39:49.0587 0x2234 OneDrive - ok
19:39:49.0603 0x2234 [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:39:49.0632 0x2234 WAB Migrate - ok
19:39:49.0968 0x2234 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:50.0320 0x2234 OneDriveSetup - ok
19:39:50.0356 0x2234 [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:39:50.0384 0x2234 WAB Migrate - ok
19:39:50.0699 0x2234 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:51.0051 0x2234 OneDriveSetup - ok
19:39:51.0083 0x2234 [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:39:51.0112 0x2234 WAB Migrate - ok
19:39:51.0430 0x2234 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:39:51.0772 0x2234 OneDriveSetup - ok
19:39:51.0812 0x2234 [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:39:51.0831 0x2234 OneDrive - ok
19:39:51.0845 0x2234 [ 93690F7205E1A337E94682E612F8AD22, F1B3798A2A1E5B9D616F743E5FBA9FA23A9FFCED40F35A7FCF0BD2D99E022CB8 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:39:51.0872 0x2234 WAB Migrate - ok
19:39:51.0873 0x2234 Waiting for KSN requests completion. In queue: 317
19:39:52.0899 0x2234 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.167 ), 0x61000 ( enabled : updated )
19:39:52.0899 0x2234 AV detected via SS2: ESET Endpoint Antivirus, C:\Program Files\ESET\ESET Endpoint Antivirus\ecmd.exe ( 6.5.2107.0 ), 0x41000 ( enabled : updated )
19:39:52.0919 0x2234 Win FW state via NFP2: enabled ( trusted )
19:39:53.0076 0x2234 ============================================================
19:39:53.0076 0x2234 Scan finished
19:39:53.0076 0x2234 ============================================================
19:39:53.0084 0x1168 Detected object count: 0
19:39:53.0084 0x1168 Actual detected object count: 0
Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build: 04-12-2018
# Database: 2018-04-16.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-16-2018
# Duration: 00:00:11
# OS: Windows 10 Pro
# Scanned: 40655
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.1.0.0
# -------------------------------
# Build: 04-12-2018
# Database: 2018-04-16.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-16-2018
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
|
|
16.04.2018, 18:58
| #3 |
| | Raiffeisen E-Banking Probleme - infizierten Rechner FRST Logfile:
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.04.2018
Ran by jch (administrator) on NBJCH (16-04-2018 17:49:49)
Running from C:\Users\jch\Downloads
Loaded Profiles: jch (Available Profiles: jch & defaultuser0 & admin)
Platform: Windows 10 Pro Version 1709 16299.371 (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(HP) C:\Windows\System32\hpservice.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\IntelCpHDCPSvc.exe
(Conexant Systems, Inc) C:\Windows\CxSvc\CxMonSvc.exe
(Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(ESET) C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\UIUSrv2.exe
(Zyxel Communications Corp.) C:\Program Files (x86)\Zyxel\ZyWALL SecuExtender\SecuExtenderHelper.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(Conexant) C:\Windows\System32\MicTray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe
(Microsoft Corp.) C:\Users\jch\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
====================
--- --- --- Code:
ATTFilter --- --- ---
Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [225280 2017-03-09] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-03-08] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178400 2016-01-07] (Intel Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [975248 2015-07-24] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\Run: [OffCAT] => C:\Users\jch\AppData\Local\Microsoft\OffCAT\OffCAT_RTS.exe [365440 2016-08-01] (Microsoft Corp.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{0d75236d-370b-4915-9fbb-45703da4bba0}: [NameServer] 172.16.184.11
Tcpip\..\Interfaces\{4f39b35d-ab95-43b8-8c2f-5b5dd1e075f7}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ef65dd54-1889-4265-a847-bc3d941ad46f}: [DhcpNameServer] 172.16.184.11
Internet Explorer:
==================
HKU\S-1-5-21-4260820389-203242751-2565199900-1108\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-ch/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-04-15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2018-04-15] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-03-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-08-17] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-04-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-17] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-31] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-03-31] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: kivccjt3.default-1522316322991
FF ProfilePath: C:\Users\jch\AppData\Roaming\Mozilla\Firefox\Profiles\kivccjt3.default-1522316322991 [2018-04-16]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default [2018-04-16]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-21]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-21]
CHR Extension: (Adblock Plus) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-27]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-25]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-04-14]
CHR Extension: (XPath Helper) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgimnogjllphhhkhlmebbmlgjoejdpjl [2017-10-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (No Name) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\jch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-27]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522416 2018-04-06] (Microsoft Corporation)
R2 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [613360 2017-09-07] (Intel Corporation)
R2 CxMonSvc; C:\WINDOWS\CxSvc\CxMonSvc.exe [22648 2016-06-07] (Conexant Systems, Inc)
R2 CxUtilSvc; C:\WINDOWS\CxSvc\CxUtilSvc.exe [141432 2016-07-30] (Conexant Systems, Inc.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [52864 2017-06-09] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [2002480 2017-06-09] (ESET)
R2 EraAgentSvc; C:\Program Files\ESET\RemoteAdministrator\Agent\ERAAgent.exe [1708192 2016-07-01] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [194688 2017-06-09] (ESET)
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 hpsrv; C:\WINDOWS\system32\Hpservice.exe [38728 2016-10-12] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18488 2016-03-08] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [542320 2017-12-06] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [415208 2017-09-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-07-06] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-07-06] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2016-01-07] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268928 2017-12-20] ()
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-18] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [256168 2017-12-14] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
R2 UIUService2; C:\WINDOWS\SysWOW64\UIUSrv2.exe [108544 2018-02-13] (Conexant Systems, Inc.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3758720 2017-12-20] (Intel® Corporation)
R2 ZyWALL SecuExtender Helper; C:\Program Files (x86)\Zyxel\ZyWALL SecuExtender\SecuExtenderHelper.exe [85648 2016-12-22] (Zyxel Communications Corp.)
S2 MongoDB; "C:\Program Files\MongoDB\Server\3.4\bin\mongod.exe" --directoryperdb --dbpath "C:\Program Files\MongoDB\Server\3.4\data\db" --logpath "C:\Program Files\MongoDB\Server\3.4\log\mongo.log" --logappend --rest --service
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [53760 2017-12-18] (HP)
R3 CnxtHdAudService; C:\WINDOWS\system32\drivers\CHDRT64ISST.sys [1656824 2017-07-17] (Conexant Systems Inc.)
R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [531424 2015-08-14] (Intel Corporation)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [272496 2017-04-06] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [202928 2017-04-06] (ESET)
R1 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [77168 2017-04-06] (ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [76192 2018-03-19] ()
S3 hidemi; C:\WINDOWS\System32\drivers\hidemi.sys [30544 2015-08-21] (Microchip)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [39936 2017-12-18] (HP)
S3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193768 2018-04-16] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-04-16] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-04-16] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-04-16] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [102112 2018-04-16] (Malwarebytes)
S3 mchpemi; C:\WINDOWS\System32\drivers\mchpemi.sys [37728 2015-08-21] (Microchip)
S3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [7932160 2017-01-24] (Intel Corporation)
R3 Netwtw06; C:\WINDOWS\system32\DRIVERS\Netwtw06.sys [8623512 2018-01-25] (Intel Corporation)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3222016 2017-03-09] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [42088 2016-08-18] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51880 2017-12-14] (Synaptics Incorporated)
R3 tap0901_zyxel; C:\WINDOWS\System32\drivers\tap0901_zyxel.sys [49736 2016-12-21] (The OpenVPN Project)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [200832 2018-01-15] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [211704 2018-01-15] (Oracle Corporation)
S3 vpnva; C:\WINDOWS\System32\drivers\vpnva64-6.sys [52592 2015-07-24] (Cisco Systems, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30368 2017-06-21] (HP)
R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
U3 aspnet_state; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-16 17:49 - 2018-04-16 17:50 - 000020182 _____ C:\Users\jch\Downloads\FRST.txt
2018-04-16 17:49 - 2018-04-16 17:49 - 002403328 _____ (Farbar) C:\Users\jch\Downloads\FRST64.exe
2018-04-16 17:49 - 2018-04-16 17:49 - 000000000 ____D C:\FRST
2018-04-16 17:42 - 2018-04-16 17:44 - 000000000 ____D C:\AdwCleaner
2018-04-16 17:42 - 2018-04-16 17:42 - 007256272 _____ (Malwarebytes) C:\Users\jch\Downloads\adwcleaner_7.1.0.0.exe
2018-04-16 17:39 - 2018-04-16 17:41 - 000305780 _____ C:\TDSSKiller.3.1.0.16_16.04.2018_17.39.56_log.txt
2018-04-16 17:39 - 2018-04-16 17:39 - 004944584 _____ (AO Kaspersky Lab) C:\Users\jch\Downloads\tdsskiller.exe
2018-04-16 16:16 - 2018-04-16 17:11 - 000000000 ____D C:\Users\jch\Desktop\mbar
2018-04-16 16:16 - 2018-04-16 17:11 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-04-16 16:16 - 2018-04-16 16:16 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3444052F.sys
2018-04-16 16:15 - 2018-04-16 16:15 - 014178840 _____ (Malwarebytes Corp.) C:\Users\jch\Downloads\mbar-1.10.3.1001.exe
2018-04-16 15:59 - 2018-01-31 19:14 - 000000000 ____D C:\Users\jch\VirtualBox VMs
2018-04-16 15:48 - 2018-04-16 17:46 - 000112864 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-04-16 15:48 - 2018-04-16 17:46 - 000102112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-04-16 15:48 - 2018-04-16 17:46 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-04-16 15:48 - 2018-04-16 15:48 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-04-16 15:48 - 2018-04-16 15:48 - 000193768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-04-16 15:47 - 2018-04-16 16:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-04-16 15:47 - 2018-04-16 15:47 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-04-16 15:47 - 2018-04-16 15:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-04-16 15:47 - 2018-04-16 15:47 - 000000000 ____D C:\Program Files\Malwarebytes
2018-04-16 15:47 - 2018-03-19 12:57 - 000076192 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-04-16 15:46 - 2018-04-16 15:46 - 073208032 _____ (Malwarebytes ) C:\Users\jch\Desktop\mb3-setup-consumer-3.4.5.2467-1.0.342-1.0.4720.exe
2018-04-16 12:16 - 2018-04-16 16:56 - 001388448 _____ C:\Users\Public\VOIP.dat
2018-04-16 12:16 - 2018-04-16 12:16 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-04-14 15:02 - 2018-04-14 15:02 - 001740938 _____ C:\Users\jch\Documents\Application.pdf
2018-04-11 12:43 - 2018-03-30 14:34 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-04-11 12:43 - 2018-03-30 07:18 - 001092008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-04-11 12:43 - 2018-03-30 07:14 - 000423320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-04-11 12:43 - 2018-03-30 07:12 - 000599448 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-04-11 12:43 - 2018-03-30 07:12 - 000270208 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2018-04-11 12:43 - 2018-03-30 07:12 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-04-11 12:43 - 2018-03-30 07:10 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-04-11 12:43 - 2018-03-30 07:08 - 002513920 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-04-11 12:43 - 2018-03-30 07:08 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-04-11 12:43 - 2018-03-30 07:08 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-04-11 12:43 - 2018-03-30 07:08 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-04-11 12:43 - 2018-03-30 07:07 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-04-11 12:43 - 2018-03-30 07:07 - 000069528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-04-11 12:43 - 2018-03-30 07:06 - 000166304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-04-11 12:43 - 2018-03-30 07:06 - 000053152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pcw.sys
2018-04-11 12:43 - 2018-03-30 07:05 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-04-11 12:43 - 2018-03-30 07:05 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-04-11 12:43 - 2018-03-30 07:05 - 000748448 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000191824 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000073120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-04-11 12:43 - 2018-03-30 07:05 - 000066720 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumcrypt.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000059808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvhostsvc.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000035744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDFHost.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000022800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumbase.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000022208 _____ (Microsoft Corporation) C:\WINDOWS\system32\IumSdk.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000020888 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2018-04-11 12:43 - 2018-03-30 07:05 - 000015632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iumdll.dll
2018-04-11 12:43 - 2018-03-30 07:04 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-04-11 12:43 - 2018-03-30 07:04 - 000608160 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-04-11 12:43 - 2018-03-30 07:04 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-04-11 12:43 - 2018-03-30 07:03 - 001277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-04-11 12:43 - 2018-03-30 07:03 - 000664992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000508272 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-04-11 12:43 - 2018-03-30 07:03 - 000479920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000460704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000319864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000292384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000139680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-04-11 12:43 - 2018-03-30 07:03 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-04-11 12:43 - 2018-03-30 07:03 - 000059808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2018-04-11 12:43 - 2018-03-30 07:03 - 000022400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-04-11 12:43 - 2018-03-30 07:02 - 000128416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-04-11 12:43 - 2018-03-30 07:01 - 008600480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-04-11 12:43 - 2018-03-30 07:01 - 001209760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-04-11 12:43 - 2018-03-30 07:01 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-04-11 12:43 - 2018-03-30 07:01 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-04-11 12:43 - 2018-03-30 07:01 - 000471968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-04-11 12:43 - 2018-03-30 07:01 - 000034208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fs_rec.sys
2018-04-11 12:43 - 2018-03-30 07:00 - 002395040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-04-11 12:43 - 2018-03-30 07:00 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2018-04-11 12:43 - 2018-03-30 07:00 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2018-04-11 12:43 - 2018-03-30 06:59 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2018-04-11 12:43 - 2018-03-30 06:59 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-04-11 12:43 - 2018-03-30 06:58 - 000898216 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-04-11 12:43 - 2018-03-30 06:58 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-04-11 12:43 - 2018-03-30 06:58 - 000039328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storvsc.sys
2018-04-11 12:43 - 2018-03-30 06:57 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-04-11 12:43 - 2018-03-30 06:57 - 000711944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-04-11 12:43 - 2018-03-30 06:57 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-04-11 12:43 - 2018-03-30 06:57 - 000121248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2018-04-11 12:43 - 2018-03-30 06:57 - 000109976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-04-11 12:43 - 2018-03-30 06:57 - 000081304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2018-04-11 12:43 - 2018-03-30 06:57 - 000031640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-04-11 12:43 - 2018-03-30 06:56 - 000018680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshhyperv.dll
2018-04-11 12:43 - 2018-03-30 06:55 - 000367344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-04-11 12:43 - 2018-03-30 06:55 - 000062880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2018-04-11 12:43 - 2018-03-30 06:54 - 002574240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-04-11 12:43 - 2018-03-30 06:54 - 000749984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-04-11 12:43 - 2018-03-30 06:54 - 000670112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-04-11 12:43 - 2018-03-30 06:54 - 000645536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-04-11 12:43 - 2018-03-30 06:54 - 000461728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-04-11 12:43 - 2018-03-30 06:54 - 000408992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-04-11 12:43 - 2018-03-30 06:53 - 007676304 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000831392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-04-11 12:43 - 2018-03-30 06:53 - 000549552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000495008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000246176 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000163744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-04-11 12:43 - 2018-03-30 06:53 - 000094080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2018-04-11 12:43 - 2018-03-30 06:53 - 000040352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClientPS.dll
2018-04-11 12:43 - 2018-03-30 06:52 - 021351632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-04-11 12:43 - 2018-03-30 06:52 - 002457504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-04-11 12:43 - 2018-03-30 06:52 - 000727456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000428960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000282528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000247480 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2018-04-11 12:43 - 2018-03-30 06:52 - 000192416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000054688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vdrvroot.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000047512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmstorfl.sys
2018-04-11 12:43 - 2018-03-30 06:52 - 000028520 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmbuspipe.dll
2018-04-11 12:43 - 2018-03-30 06:51 - 000902928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-04-11 12:43 - 2018-03-30 06:51 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-04-11 12:43 - 2018-03-30 06:51 - 000125568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-04-11 12:43 - 2018-03-30 06:51 - 000123800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2018-04-11 12:43 - 2018-03-30 06:51 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-04-11 12:43 - 2018-03-30 06:50 - 001336344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-04-11 12:43 - 2018-03-30 06:50 - 000057760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbios.sys
2018-04-11 12:43 - 2018-03-30 06:49 - 000204184 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 001628064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 001101728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-04-11 12:43 - 2018-03-30 06:48 - 000819104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2018-04-11 12:43 - 2018-03-30 06:48 - 000813984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 000614304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2018-04-11 12:43 - 2018-03-30 06:48 - 000586800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp110_win.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 000397720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-04-11 12:43 - 2018-03-30 06:48 - 000231328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-04-11 12:43 - 2018-03-30 06:28 - 001929712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-04-11 12:43 - 2018-03-30 06:28 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-04-11 12:43 - 2018-03-30 06:27 - 000481464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-04-11 12:43 - 2018-03-30 06:24 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-04-11 12:43 - 2018-03-30 06:23 - 000566664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-04-11 12:43 - 2018-03-30 06:19 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-04-11 12:43 - 2018-03-30 06:18 - 000016600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshhyperv.dll
2018-04-11 12:43 - 2018-03-30 06:16 - 000289824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-04-11 12:43 - 2018-03-30 06:13 - 002193176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-04-11 12:43 - 2018-03-30 06:13 - 000450936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2018-04-11 12:43 - 2018-03-30 06:13 - 000073896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2018-04-11 12:43 - 2018-03-30 06:12 - 000186520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2018-04-11 12:43 - 2018-03-30 06:10 - 000704080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-04-11 12:43 - 2018-03-30 06:10 - 000099240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-04-11 12:43 - 2018-03-30 06:09 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-04-11 12:43 - 2018-03-30 06:07 - 001003160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-04-11 12:43 - 2018-03-30 06:06 - 000180632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-04-11 12:43 - 2018-03-30 06:05 - 001491360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-04-11 12:43 - 2018-03-30 06:05 - 000027040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVClientPS.dll
2018-04-11 12:43 - 2018-03-30 06:04 - 000417368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp110_win.dll
2018-04-11 12:43 - 2018-03-30 05:55 - 025253888 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-04-11 12:43 - 2018-03-30 05:46 - 018925056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-04-11 12:43 - 2018-03-30 05:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-04-11 12:43 - 2018-03-30 05:46 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2018-04-11 12:43 - 2018-03-30 05:46 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-04-11 12:43 - 2018-03-30 05:45 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-04-11 12:43 - 2018-03-30 05:45 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-04-11 12:43 - 2018-03-30 05:45 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-04-11 12:43 - 2018-03-30 05:44 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2018-04-11 12:43 - 2018-03-30 05:44 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2018-04-11 12:43 - 2018-03-30 05:44 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 019355136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 006576128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2018-04-11 12:43 - 2018-03-30 05:43 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2018-04-11 12:43 - 2018-03-30 05:43 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2018-04-11 12:43 - 2018-03-30 05:43 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsnmp32.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2018-04-11 12:43 - 2018-03-30 05:43 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2018-04-11 12:43 - 2018-03-30 05:43 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2018-04-11 12:43 - 2018-03-30 05:43 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000397824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2018-04-11 12:43 - 2018-03-30 05:42 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2018-04-11 12:43 - 2018-03-30 05:42 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2018-04-11 12:43 - 2018-03-30 05:42 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2018-04-11 12:43 - 2018-03-30 05:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2018-04-11 12:43 - 2018-03-30 05:41 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000314880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2018-04-11 12:43 - 2018-03-30 05:40 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2018-04-11 12:43 - 2018-03-30 05:39 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-04-11 12:43 - 2018-03-30 05:39 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-04-11 12:43 - 2018-03-30 05:39 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000966656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000956928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-04-11 12:43 - 2018-03-30 05:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-04-11 12:43 - 2018-03-30 05:37 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-04-11 12:43 - 2018-03-30 05:37 - 001298944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-04-11 12:43 - 2018-03-30 05:36 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-04-11 12:43 - 2018-03-30 05:36 - 001560064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 000897024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-04-11 12:43 - 2018-03-30 05:36 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe
2018-04-11 12:43 - 2018-03-30 05:35 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-04-11 12:43 - 2018-03-30 05:35 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-04-11 12:43 - 2018-03-30 05:35 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\convertvhd.exe
2018-04-11 12:43 - 2018-03-30 05:35 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2018-04-11 12:43 - 2018-03-30 05:35 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-04-11 12:43 - 2018-03-30 05:35 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2018-04-11 12:43 - 2018-03-30 05:34 - 000339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 008031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000707584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-04-11 12:43 - 2018-03-30 05:33 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\irda.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2018-04-11 12:43 - 2018-03-30 05:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2018-04-11 12:43 - 2018-03-30 05:33 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmictimeprovider.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dmvsc.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapPeerProxy.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnEapAuthProxy.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HyperVideo.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\VMBusHID.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysntfy.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidtel.exe
2018-04-11 12:43 - 2018-03-30 05:33 - 000018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\nrpsrv.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasacd.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hyperkbd.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgencounter.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2018-04-11 12:43 - 2018-03-30 05:33 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vms3cap.sys
2018-04-11 12:43 - 2018-03-30 05:33 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 023674880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2018-04-11 12:43 - 2018-03-30 05:32 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2018-04-11 12:43 - 2018-03-30 05:32 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\efslsaext.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndisuio.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\lltdio.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsnmp32.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\efssvc.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdPnp.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-04-11 12:43 - 2018-03-30 05:32 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmiprop.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWNet.dll
2018-04-11 12:43 - 2018-03-30 05:32 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfhost.exe
2018-04-11 12:43 - 2018-03-30 05:32 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2018-04-11 12:43 - 2018-03-30 05:32 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2018-04-11 12:43 - 2018-03-30 05:32 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2018-04-11 12:43 - 2018-03-30 05:31 - 000795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalAuth.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2018-04-11 12:43 - 2018-03-30 05:31 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-04-11 12:43 - 2018-03-30 05:31 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2018-04-11 12:43 - 2018-03-30 05:31 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2018-04-11 12:43 - 2018-03-30 05:31 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-04-11 12:43 - 2018-03-30 05:31 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2018-04-11 12:43 - 2018-03-30 05:31 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\nsisvc.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 012833280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000748032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcncsvc.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmrdvcore.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-04-11 12:43 - 2018-03-30 05:30 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2018-04-11 12:43 - 2018-03-30 05:29 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2018-04-11 12:43 - 2018-03-30 05:29 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-04-11 12:43 - 2018-03-30 05:28 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 001245184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-04-11 12:43 - 2018-03-30 05:28 - 000970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2018-04-11 12:43 - 2018-03-30 05:28 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 008104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 003170816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 001097728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 001002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000889856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000813568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-04-11 12:43 - 2018-03-30 05:27 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 004747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 002209280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-04-11 12:43 - 2018-03-30 05:26 - 001955328 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 001816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 001573376 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 001343488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2018-04-11 12:43 - 2018-03-30 05:26 - 000765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2018-04-11 12:43 - 2018-03-30 05:26 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-04-11 12:43 - 2018-03-30 05:25 - 002628608 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 002528256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-04-11 12:43 - 2018-03-30 05:25 - 001822720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 001055744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-04-11 12:43 - 2018-03-30 05:25 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-04-11 12:43 - 2018-03-30 05:25 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2018-04-11 12:43 - 2018-03-30 05:24 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-04-11 12:43 - 2018-03-30 05:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-04-11 12:43 - 2018-03-30 05:23 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-04-11 12:43 - 2018-03-30 05:23 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-04-11 12:43 - 2018-03-30 05:23 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2018-04-11 12:43 - 2018-03-30 05:23 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2018-04-11 12:43 - 2018-03-30 05:23 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2018-04-11 12:43 - 2018-03-30 05:23 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-04-11 12:43 - 2018-03-30 05:22 - 000826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2018-04-11 12:43 - 2018-03-30 05:22 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpbus.sys
2018-04-11 12:43 - 2018-03-30 05:22 - 000010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\beep.sys
2018-04-11 12:43 - 2018-03-30 05:21 - 002511360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-04-11 12:43 - 2018-03-30 05:21 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-04-11 12:43 - 2018-03-30 05:20 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdPnp.dll
2018-04-11 12:43 - 2018-03-30 05:20 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2018-04-11 12:43 - 2018-03-30 05:20 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmiprop.dll
2018-04-11 12:43 - 2018-03-30 05:20 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWNet.dll
2018-04-11 12:43 - 2018-03-30 05:20 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\null.sys
2018-04-11 12:43 - 2018-03-28 21:54 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-04-11 12:43 - 2018-03-13 09:03 - 005907288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-04-11 12:43 - 2018-03-13 09:03 - 000779960 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-04-11 12:43 - 2018-03-13 09:03 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2018-04-11 12:43 - 2018-03-13 09:03 - 000382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-04-11 12:43 - 2018-03-13 09:03 - 000279960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-04-11 12:43 - 2018-03-13 09:02 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-04-11 12:43 - 2018-03-13 08:59 - 000535968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-04-11 12:43 - 2018-03-13 08:58 - 000441248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2018-04-11 12:43 - 2018-03-13 08:58 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-04-11 12:43 - 2018-03-13 08:58 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-04-11 12:43 - 2018-03-13 08:55 - 001778360 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-04-11 12:43 - 2018-03-13 08:55 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-04-11 12:43 - 2018-03-13 08:55 - 000417440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2018-04-11 12:43 - 2018-03-13 08:55 - 000334240 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-04-11 12:43 - 2018-03-13 08:54 - 000555936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-04-11 12:43 - 2018-03-13 08:54 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-04-11 12:43 - 2018-03-13 08:53 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-04-11 12:43 - 2018-03-13 08:53 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2018-04-11 12:43 - 2018-03-13 08:53 - 000143264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2018-04-11 12:43 - 2018-03-13 08:53 - 000113568 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2018-04-11 12:43 - 2018-03-13 08:53 - 000091152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2018-04-11 12:43 - 2018-03-13 08:52 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-04-11 12:43 - 2018-03-13 08:52 - 000172112 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2018-04-11 12:43 - 2018-03-13 08:52 - 000127136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2018-04-11 12:43 - 2018-03-13 08:51 - 002773408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-04-11 12:43 - 2018-03-13 08:50 - 000617312 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-04-11 12:43 - 2018-03-13 07:41 - 003995136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-04-11 12:43 - 2018-03-13 07:40 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-04-11 12:43 - 2018-03-13 07:40 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-04-11 12:43 - 2018-03-13 07:38 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2018-04-11 12:43 - 2018-03-13 07:38 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-04-11 12:43 - 2018-03-13 07:38 - 000040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2018-04-11 12:43 - 2018-03-13 07:37 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetDriverInstall.dll
2018-04-11 12:43 - 2018-03-13 07:37 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2018-04-11 12:43 - 2018-03-13 07:37 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2018-04-11 12:43 - 2018-03-13 07:36 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2018-04-11 12:43 - 2018-03-13 07:36 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsAuth.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsCfg.dll
2018-04-11 12:43 - 2018-03-13 07:35 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlgpclnt.dll
2018-04-11 12:43 - 2018-03-13 07:34 - 008727552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-04-11 12:43 - 2018-03-13 07:34 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2018-04-11 12:43 - 2018-03-13 07:34 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TtlsExt.dll
2018-04-11 12:43 - 2018-03-13 07:34 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2018-04-11 12:43 - 2018-03-13 07:34 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 007544832 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 001574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-04-11 12:43 - 2018-03-13 07:33 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2018-04-11 12:43 - 2018-03-13 07:33 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-04-11 12:43 - 2018-03-13 07:33 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 000286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2018-04-11 12:43 - 2018-03-13 07:32 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2018-04-11 12:43 - 2018-03-13 07:31 - 002849792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-04-11 12:43 - 2018-03-13 07:31 - 001263104 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-04-11 12:43 - 2018-03-13 07:31 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-04-11 12:43 - 2018-03-13 07:31 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2018-04-11 12:43 - 2018-03-13 07:31 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2018-04-11 12:43 - 2018-03-13 07:30 - 007145472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-04-11 12:43 - 2018-03-13 07:30 - 003400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-04-11 12:43 - 2018-03-13 07:30 - 000893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-04-11 12:43 - 2018-03-13 07:30 - 000863744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-04-11 12:43 - 2018-03-13 07:30 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2018-04-11 12:43 - 2018-03-13 07:30 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2018-04-11 12:43 - 2018-03-13 07:29 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 003160576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 001967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 001157632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 000939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 000837120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-04-11 12:43 - 2018-03-13 07:28 - 000508928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2018-04-11 12:43 - 2018-03-13 07:27 - 003125760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-04-11 12:43 - 2018-03-13 07:27 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-04-11 12:43 - 2018-03-13 07:27 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2018-04-11 12:43 - 2018-03-13 07:26 - 001737728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-04-11 12:43 - 2018-03-13 07:26 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-04-11 12:43 - 2018-03-13 07:25 - 001346560 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2018-04-11 12:43 - 2018-03-13 07:25 - 000083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2018-04-11 12:43 - 2018-03-13 07:24 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2018-04-11 12:43 - 2018-03-13 07:24 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2018-04-11 12:43 - 2018-03-13 07:24 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sensrsvc.dll
2018-04-11 12:43 - 2018-03-13 07:23 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-04-11 12:43 - 2018-03-13 07:23 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2018-04-11 12:43 - 2018-03-13 07:23 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2018-04-11 12:43 - 2018-03-13 07:22 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-04-11 12:43 - 2018-03-13 07:22 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2018-04-11 12:43 - 2018-03-13 07:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-04-11 12:43 - 2018-03-13 07:22 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-04-11 12:43 - 2018-03-13 07:19 - 001615712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-04-11 12:43 - 2018-03-13 07:19 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-04-11 12:43 - 2018-03-13 07:19 - 000311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2018-04-11 12:43 - 2018-03-13 07:15 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2018-04-11 12:43 - 2018-03-13 07:08 - 001555784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-04-11 12:43 - 2018-03-13 07:08 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-04-11 12:43 - 2018-03-13 07:07 - 000115104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-04-11 12:43 - 2018-03-13 07:06 - 000564640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2018-04-11 12:43 - 2018-03-13 07:04 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-04-11 12:43 - 2018-03-13 07:04 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-04-11 12:43 - 2018-03-13 07:04 - 000140592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2018-04-11 12:43 - 2018-03-13 06:44 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-04-11 12:43 - 2018-03-13 06:44 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2018-04-11 12:43 - 2018-03-13 06:43 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-04-11 12:43 - 2018-03-13 06:40 - 006118400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-04-11 12:43 - 2018-03-13 06:40 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\compstui.dll
2018-04-11 12:43 - 2018-03-13 06:40 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2018-04-11 12:43 - 2018-03-13 06:39 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2018-04-11 12:43 - 2018-03-13 06:39 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-04-11 12:43 - 2018-03-13 06:39 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-04-11 12:43 - 2018-03-13 06:39 - 000164352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TtlsCfg.dll
2018-04-11 12:43 - 2018-03-13 06:38 - 006466560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-04-11 12:43 - 2018-03-13 06:38 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlgpclnt.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000537088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000381440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2018-04-11 12:43 - 2018-03-13 06:37 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2018-04-11 12:43 - 2018-03-13 06:37 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2018-04-11 12:43 - 2018-03-13 06:36 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2018-04-11 12:43 - 2018-03-13 06:36 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2018-04-11 12:43 - 2018-03-13 06:36 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2018-04-11 12:43 - 2018-03-13 06:35 - 006204416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-04-11 12:43 - 2018-03-13 06:34 - 002409984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-04-11 12:43 - 2018-03-13 06:34 - 000706048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2018-04-11 12:43 - 2018-03-13 06:33 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-04-11 12:43 - 2018-03-13 06:33 - 000981504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-04-11 12:43 - 2018-03-13 06:32 - 002577408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-04-11 12:43 - 2018-03-13 06:32 - 001948672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-04-11 12:43 - 2018-03-13 06:31 - 001348608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-04-11 12:43 - 2018-03-13 06:31 - 000862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-04-11 12:43 - 2018-03-13 06:31 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2018-04-11 12:43 - 2018-03-13 06:31 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2018-04-11 12:43 - 2018-03-13 06:30 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-04-11 12:43 - 2018-03-13 06:30 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-04-11 12:43 - 2018-03-13 06:28 - 000328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2018-04-11 12:43 - 2018-03-13 06:27 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2018-04-11 12:43 - 2018-03-13 06:27 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2018-04-11 12:43 - 2018-03-13 06:26 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2018-04-11 12:43 - 2017-11-26 15:32 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-04-11 12:43 - 2017-11-26 14:36 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-04-11 12:43 - 2017-11-26 13:12 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-04-09 17:27 - 2018-04-09 17:27 - 000053063 _____ C:\Users\jch\Downloads\Formular_Arbeitsplaetze_MasterArbeit_ger.PDF
2018-04-09 17:22 - 2018-04-09 17:22 - 000122549 _____ C:\Users\jch\Downloads\PhD position.pdf
2018-04-09 17:02 - 2018-04-09 17:02 - 000043444 _____ C:\Users\jch\Downloads\Ausschreibung PostDoc- 2015.pdf
2018-04-09 14:41 - 2018-04-09 14:41 - 000106947 _____ C:\Users\jch\Downloads\bill-2018-03-14.pdf
2018-04-08 14:09 - 2018-04-08 14:09 - 000000000 ____D C:\Program Files\Sublime Text 3
2018-03-29 11:40 - 2018-03-29 11:40 - 003401446 _____ C:\Users\jch\Desktop\geckodriver-v0.20.0-win64.zip
2018-03-29 11:38 - 2018-04-16 16:09 - 000000000 ____D C:\Users\jch\AppData\LocalLow\Mozilla
2018-03-29 11:38 - 2018-04-16 15:46 - 000000000 ____D C:\Users\jch\AppData\Local\Mozilla
2018-03-29 11:38 - 2018-03-29 11:38 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-03-29 11:38 - 2018-03-29 11:38 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-03-29 11:38 - 2018-03-29 11:38 - 000000000 ____D C:\Users\jch\AppData\Roaming\Mozilla
2018-03-29 11:38 - 2018-03-29 11:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-03-29 11:38 - 2018-03-29 11:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-21 12:24 - 2018-04-16 16:56 - 001388448 _____ C:\Users\Public\ASR.dat
2018-03-18 18:40 - 2018-03-11 22:48 - 000131132 _____ C:\Users\jch\Desktop\Programmauszug V4.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-16 17:46 - 2017-04-21 16:41 - 000000000 __SHD C:\Users\jch\IntelGraphicsProfiles
2018-04-16 17:45 - 2017-12-19 11:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-04-16 17:45 - 2017-09-29 10:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-04-16 17:37 - 2017-12-19 11:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-04-16 16:02 - 2017-04-21 16:41 - 000000128 _____ C:\WINDOWS\system32\config\netlogon.ftl
2018-04-16 15:59 - 2017-12-19 11:29 - 000000000 ____D C:\Users\jch
2018-04-16 15:58 - 2017-12-19 11:29 - 001718084 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-04-16 13:30 - 2017-12-19 11:30 - 000000000 ____D C:\Users\jch\AppData\Local\Packages
2018-04-16 12:19 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-04-16 12:18 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-04-16 10:02 - 2017-04-27 12:24 - 000000000 ____D C:\Work
2018-04-15 10:00 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-04-15 09:59 - 2016-07-30 23:10 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-04-14 23:50 - 2017-05-17 16:12 - 000001073 _____ C:\Users\jch\.bash_history
2018-04-14 12:34 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-04-14 11:23 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-04-12 13:24 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-04-11 13:44 - 2016-07-30 23:05 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-04-11 13:43 - 2017-12-19 11:23 - 000466024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-04-11 13:42 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-04-11 13:01 - 2017-07-29 17:31 - 000000000 ____D C:\Private
2018-04-11 12:52 - 2017-04-26 13:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-04-11 12:48 - 2017-10-11 11:28 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-04-11 12:48 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-04-11 12:48 - 2017-04-26 13:41 - 136971704 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-04-08 14:36 - 2017-05-18 16:39 - 000007620 _____ C:\Users\jch\AppData\Local\Resmon.ResmonCfg
2018-04-08 14:09 - 2017-06-05 17:32 - 000000000 ____D C:\Users\jch\AppData\Local\Sublime Text 3
2018-04-04 17:28 - 2017-07-27 17:43 - 000000000 ____D C:\Users\jch\AppData\Local\RStudio-Desktop
2018-04-04 08:29 - 2017-07-27 17:43 - 000147456 _____ C:\Users\jch\AppData\Local\WebpageIcons.db
2018-04-03 21:37 - 2018-03-16 22:08 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-04-03 21:37 - 2018-03-16 22:08 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-03 08:21 - 2017-08-17 13:23 - 000014059 _____ C:\Users\jch\Documents\.Rhistory
2018-03-31 16:20 - 2017-03-31 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strumenti di Microsoft Office 2016
2018-03-28 12:27 - 2017-12-22 12:55 - 000000204 ___SH C:\Users\jch\ntuser.ini
2018-03-28 12:25 - 2018-03-16 20:29 - 000000000 ____D C:\Users\jch\.credentials
2018-03-28 12:25 - 2018-01-07 08:53 - 000000000 ____D C:\Users\jch\.conda
2018-03-23 14:12 - 2017-04-21 16:43 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-21 08:55 - 2017-12-19 11:40 - 000000000 ___RD C:\Users\jch\OneDrive
2018-03-21 08:55 - 2017-12-19 11:35 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4260820389-203242751-2565199900-1108
2018-03-21 08:55 - 2017-05-25 09:45 - 000002364 _____ C:\Users\jch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Files in the root of some directories =======
2017-10-09 20:38 - 2017-10-09 20:38 - 000000000 _____ () C:\Users\jch\.mongorc.js
2018-03-21 12:24 - 2018-04-16 16:56 - 001388448 _____ () C:\Users\Public\ASR.dat
2018-04-16 12:16 - 2018-04-16 16:56 - 001388448 _____ () C:\Users\Public\VOIP.dat
2017-09-13 17:48 - 2017-09-13 18:11 - 000000468 _____ () C:\Users\jch\AppData\Roaming\Data-Check.launch.pyw.log
2017-05-23 07:10 - 2017-05-23 07:10 - 000000337 _____ () C:\Users\jch\AppData\Local\Perfmon.PerfmonCfg
2018-01-31 19:57 - 2018-01-31 19:57 - 000000600 _____ () C:\Users\jch\AppData\Local\PUTTY.RND
2017-05-18 16:39 - 2018-04-08 14:36 - 000007620 _____ () C:\Users\jch\AppData\Local\Resmon.ResmonCfg
2017-07-27 17:43 - 2018-04-04 08:29 - 000147456 _____ () C:\Users\jch\AppData\Local\WebpageIcons.db
Some files in TEMP:
====================
2018-04-16 09:46 - 2018-04-16 09:46 - 058834376 _____ (Skype Technologies S.A.) C:\Users\jch\AppData\Local\Temp\SkypeSetup.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-04-14 11:23
==================== End of FRST.txt ============================
Geändert von RSLB (16.04.2018 um 19:05 Uhr) |
|
16.04.2018, 19:12
| #4 |
| | Raiffeisen E-Banking Probleme - infizierten Rechner FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2018
Ran by jch (16-04-2018 17:50:32)
Running from C:\Users\jch\Downloads
Windows 10 Pro Version 1709 16299.371 (X64) (2017-12-19 09:36:35)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
admin (S-1-5-21-795514730-4054122176-1461915740-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-795514730-4054122176-1461915740-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-795514730-4054122176-1461915740-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-795514730-4054122176-1461915740-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-795514730-4054122176-1461915740-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-795514730-4054122176-1461915740-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Endpoint Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Endpoint Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 17.01 beta (x64) (HKLM\...\7-Zip) (Version: 17.01 beta - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.5 - Adobe Systems Incorporated)
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\{F24F876B-7D71-4BD6-88E9-614D3B000044}) (Version: 1.7.44.0 - Alcor Micro Corp.) Hidden
Alcor Micro Smart Card Reader Driver (HKLM-x32\...\SZCCID) (Version: 1.7.44.0 - Alcor Micro Corp.)
Apple Application Support (32 bits) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Atom (HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\atom) (Version: 1.23.3 - GitHub Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.1.04011 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{0FC5E486-6EA0-4665-A39D-DCC016D88632}) (Version: 4.1.04011 - Cisco Systems, Inc.) Hidden
Conexant ISST Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 9.0.134.2 - Conexant)
EPS Viewer (HKLM-x32\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version: - IdeaMK)
ESET Endpoint Antivirus (HKLM\...\{E794A738-5725-4AA7-85EA-898235D36B3F}) (Version: 6.5.2107.1 - ESET, spol. s r.o.)
ESET Remote Administrator Agent (HKLM\...\{94FB5797-B020-44BC-BCAB-DBB35366B9B0}) (Version: 6.4.283.0 - ESET, spol. s r.o.)
FileZilla Client 3.26.1 (HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\FileZilla Client) (Version: 3.26.1 - Tim Kosse)
GAUSS 18 x64 (HKLM\...\{61357717-545A-46AB-8B79-008FE2C25988}) (Version: 18.1.0.4407 - Aptech)
GAUSS 18 x64 (HKLM\...\{E62B7C25-9B3B-470F-ACEB-2F23E7328C53}) (Version: 18.1.2.4416 - Aptech)
Git version 2.12.2.2 (HKLM\...\Git_is1) (Version: 2.12.2.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.8.47.1 - HP)
HP System Default Settings (HKLM-x32\...\{BCF8F914-F91D-4DC5-A9E3-655B444CBFFD}) (Version: 1.2.6.1 - Hewlett-Packard Company)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1177 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 20.4 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4771 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.7.1051 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{35069AA3-F7B2-4759-96F0-9EE43AACB690}) (Version: 19.00.1621.3340 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{a2d9fda8-65eb-4c06-81ef-31e0a4daa335}) (Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed4a5da7-ac62-4aa5-9502-7b4de55e8cb5}) (Version: 20.20.2 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{3D45BD48-F215-4C69-B23F-256C83D1D7F0}) (Version: 1.0.0.534 - Intel Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office 365 - it-it (HKLM\...\O365HomePremRetail - it-it) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office Configuration Analyzer Tool 2.2 (HKLM-x32\...\{EA5C0F11-00CA-0321-0801-141002021782}) (Version: 2.2.6018.801 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - it-it (HKLM\...\ProPlusRetail - it-it) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft Office Professionnel Plus*2016 - fr-fr (HKLM\...\ProPlusRetail - fr-fr) (Version: 16.0.9126.2152 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 59.0.2 (x64 en-GB) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-GB)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
Nullsoft Install System (HKLM-x32\...\NSIS) (Version: 3.02.1 - )
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-040C-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0410-0000-0000000FF1CE}) (Version: 16.0.9126.2152 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.2.6 (HKLM\...\{E4157798-7F79-4E27-84A0-A6BF96607F47}) (Version: 5.2.6 - Oracle Corporation)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Python 3.6.0 (Anaconda3 4.3.1 64-bit) (HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\Python 3.6.0 (Anaconda3 4.3.1 64-bit)) (Version: 4.3.1 - Continuum Analytics, Inc.)
R for Windows 3.4.1 (HKLM\...\R for Windows 3.4.1_is1) (Version: 3.4.1 - R Core Team)
R for Windows 3.4.2 (HKLM\...\R for Windows 3.4.2_is1) (Version: 3.4.2 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 1.0.153 - RStudio)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Steuer St.Gallen 2017 nP 1.1.0 (HKLM-x32\...\7449-9735-2550-3422) (Version: 1.1.0 - Information Factory AG)
Sublime Text Build 3126 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.19.65 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.88438 - TeamViewer)
TeXstudio 2.12.4 (HKLM-x32\...\TeXstudio_is1) (Version: 2.12.4 - Benito van der Zander)
WinDirStat 1.1.2 (HKU\S-1-5-21-4260820389-203242751-2565199900-1108\...\WinDirStat) (Version: - )
ZyWALL SecuExtender (HKLM-x32\...\{82AC941C-39BC-448D-89AF-9D65CC7E8167}) (Version: 4.0.2.0 - Zyxel Communications Corp.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4260820389-203242751-2565199900-1108_Classes\CLSID\{0358B920-0AC7-461F-98F4-58E32CD89148}\InprocServer32 -> C:\Users\jch\AppData\Roaming\Microsoft\Windows\Contrrt\Everysummer.dll ()
CustomCLSID: HKU\S-1-5-21-4260820389-203242751-2565199900-1108_Classes\CLSID\{DAE467D6-5C66-404A-BD99-4AC8261A733A}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2017-06-09] (ESET)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2017-06-09] (ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-09-07] (Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2017-08-28] (Igor Pavlov)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2017-06-09] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00548BE5-8698-4915-8B2C-47B21FAB4A2A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {110CEA16-CCA2-4CB9-ACD4-D57BF67978BC} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA}
Task: {43103991-73C6-46BD-85D1-28104DF9AC91} - System32\Tasks\Microsoft\Windows\Conexant\SA3 => C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SACpl.exe [2016-10-06] (Conexant Systems, Inc.)
Task: {9A75D74C-6C0F-4BC3-A7B0-9E4DE0296B3F} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2017-05-14] (Conexant)
Task: {9D128E36-F120-4C34-B3A2-3E4C1A83E41A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-15] (Microsoft Corporation)
Task: {A5271525-0462-42CB-8FE8-13C1AB55D3E4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {A5E40BB3-466D-46B5-9BA5-C2854978D793} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-04-06] (Microsoft Corporation)
Task: {A8D56C44-A4F4-4293-ABB9-673DD4B68B7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-21] (Google Inc.)
Task: {A8FDA858-E140-4EAD-9278-D5290AD198CF} - System32\Tasks\Workhours_Recorder => C:\Users\jch\AppData\Local\Continuum\Anaconda3\python.exe [2017-10-15] (Python Software Foundation)
Task: {C4B1661D-D88C-45A9-9E82-175EAE7721CF} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202}
Task: {CA98F9E9-92D7-4524-B9D7-9A9C41575D54} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-04-15] (Microsoft Corporation)
Task: {CC2559E0-1346-4EAA-BC65-5F88FCF26359} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-04-15] (Microsoft Corporation)
Task: {D258E4A3-FEEF-4E80-98E7-48E2399905C5} - System32\Tasks\RegistrationModuleReminder_Welcome-S-1-5-21-795514730-4054122176-1461915740-1001 => C:\Program Files\HP\HP Welcome\Garage.Container.exe [2015-12-15] (HP Inc)
Task: {D261BA7A-020B-4215-BD71-8C841C816674} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-04-15] (Microsoft Corporation)
Task: {D4A2F8C5-2E8B-4A36-A39F-DCAFF48E33B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {DA0785C6-DCF7-44FE-81DF-DD07D02DF4A4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {E2D09B08-6B3D-41B6-B97A-FC267CFDC203} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-21] (Google Inc.)
Task: {EB349381-BACF-43F5-B1B6-85E022ECF454} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\jch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda3 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\jch\AppData\Local\Continuum\Anaconda3\Scripts\activate.bat C:\Users\jch\AppData\Local\Continuum\Anaconda3
==================== Loaded Modules (Whitelisted) ==============
2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-06 13:52 - 2015-07-06 13:52 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2018-04-16 15:47 - 2018-03-27 13:47 - 002492704 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-04-16 15:47 - 2018-03-12 15:09 - 002300192 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-03-29 11:38 - 2018-03-29 11:38 - 000120016 _____ () C:\Users\jch\AppData\Roaming\Microsoft\Windows\Contrrt\Everysummer.dll
2016-07-30 23:11 - 2018-03-31 16:19 - 008936112 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
2018-03-14 11:38 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-14 11:38 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-27 06:44 - 2018-03-27 06:44 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-27 06:44 - 2018-03-27 06:44 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-27 06:44 - 2018-03-27 06:44 - 022050304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-27 06:44 - 2018-03-27 06:44 - 002584576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.1000_x64__kzf8qxf38zg5c\skypert.dll
2018-03-23 14:11 - 2018-03-20 08:00 - 004435288 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-23 14:11 - 2018-03-20 08:00 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\libegl.dll
2015-07-24 14:34 - 2015-07-24 14:34 - 000063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-01-07 01:48 - 2016-01-07 01:48 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4260820389-203242751-2565199900-1108\Control Panel\Desktop\\Wallpaper -> C:\Users\jch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D3FF034F-34B3-459C-B05D-8456097DE15F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9AC369AC-A43E-4F18-93A8-7CB6714CA1DB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C0E2CA54-1894-4E30-B9C2-BE3871EA22CF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{B7C9AE53-7434-4CD6-A05D-8665A7324A62}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{B306BE91-8745-45CE-8E0A-F1C70A282DF0}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [TCP Query User{03F8E3C0-3B33-45E2-B82C-583FB621A877}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [{3B1549BA-F4C0-428E-AE31-3331E961A157}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{774D9AE3-96A1-4441-8141-0A866F1D1A65}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{97E7F89C-91B9-446D-99E1-D2C2131F88CE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1A4FDE6F-CC13-4F98-A7BF-C199FA345B57}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4BA01265-A99B-449B-86DE-EEDAB388BBC5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C2DF2CC9-CB97-47C5-BA3D-077BF5B51435}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FE289D97-3BB1-48A4-80A5-0F32DB1001C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BBAEA70A-D08A-42BD-A243-C4B704450B7C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8CCF8713-27EA-4A8C-98FC-D5085601B9D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{99D1CD07-0174-4EBB-B51C-7EA494D687F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AD24028D-9EA6-421C-8A9F-AC22E8114423}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{146F132B-BCA0-45A3-B9F3-0AA8CC70B85F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C1C94678-7188-4FEE-B4FD-7B312A75359A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{87A0515E-15DA-42E3-AF47-10FB9E58AADF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FDB67C82-549B-4DCC-85D9-77AAF5387635}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F7F9654-1E4E-4889-84D9-A217F1B0D4D4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{10A30443-8FA6-4620-827D-E5F998691D33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9DA95F4F-5011-44C4-9A64-2B9E5B50E0A0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{97298E4B-E8F1-4E0D-AAB7-F39B2FB94118}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D9FE6E31-18EA-4CE1-80F4-2137C7043B7F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{6C5844D7-9E45-482F-8C84-636D817DAF4E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{C61677A6-BFB9-4146-A9DE-7B8EB5DA2303}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [UDP Query User{6218A402-9722-4819-A649-457167129B8A}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [TCP Query User{CA81B221-094F-4AE2-B4CA-75AE80D6EDF6}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [UDP Query User{4CF466CD-873B-4E01-9C10-B6D2EC441DB7}C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe] => (Allow) C:\users\jch\appdata\local\continuum\anaconda3\pythonw.exe
FirewallRules: [{C621B4A1-193E-4341-A849-F3D2C22EF5E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{ECC5F8CB-0BA6-4324-9E3B-0BF50C8FF38B}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{FC6F42AE-7AC6-4E01-9440-140372264FC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{695E16B4-E12D-41B1-B724-070342ED16D6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0D798167-8422-4975-893C-7179C7067333}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
14-04-2018 11:25:12 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/16/2018 05:46:14 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1521) (User: SANDERSG)
Description: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights.
DETAIL - The network path was not found.
Error: (04/16/2018 03:49:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 3.0.0.1429, time stamp: 0x5ab557c4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x70e248e8
Faulting process ID: 0xbf8
Faulting application start time: 0x01d3d589acc82605
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Faulting module path: unknown
Report ID: 6320b8d0-da40-4b8f-a33f-63371d69e685
Faulting package full name:
Faulting package-relative application ID:
Error: (04/16/2018 01:30:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program EXCEL.EXE version 16.0.9126.2152 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1bac
Start Time: 01d3d572e3653e59
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
Report Id: 0ee5600d-5f84-4f60-a9d2-a91e6e12c798
Faulting package full name:
Faulting package-relative application ID:
Error: (04/16/2018 12:19:52 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1521) (User: SANDERSG)
Description: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights.
DETAIL - The network path was not found.
Error: (04/16/2018 09:31:38 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1521) (User: SANDERSG)
Description: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights.
DETAIL - The network path was not found.
Error: (04/15/2018 04:50:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 65.0.3325.181, time stamp: 0x5ab09a5a
Faulting module name: KERNELBASE.dll, version: 10.0.16299.371, time stamp: 0x6369e29f
Exception code: 0xe0000008
Fault offset: 0x0000000000014008
Faulting process ID: 0xcec
Faulting application start time: 0x01d3d48e7e3fceca
Faulting application path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report ID: 55ebf0c8-affe-4db4-8b31-7486621c3a43
Faulting package full name:
Faulting package-relative application ID:
Error: (04/15/2018 09:50:32 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1521) (User: SANDERSG)
Description: Windows cannot locate the server copy of your roaming profile and is attempting to log you on with your local profile. Changes to the profile will not be copied to the server when you log off. This error may be caused by network problems or insufficient security rights.
DETAIL - The network path was not found.
Error: (04/14/2018 10:46:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: git-credential-manager.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileLoadException
at Microsoft.Alm.Cli.Program.Main(System.String[])
System errors:
=============
Error: (04/16/2018 05:46:36 PM) (Source: DCOM) (EventID: 10016) (User: SANDERSG)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user SANDERSG\jch SID (S-1-5-21-4260820389-203242751-2565199900-1108) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/16/2018 05:46:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/16/2018 05:46:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/16/2018 05:46:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/16/2018 05:46:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/16/2018 05:46:17 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: SANDERSG)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (04/16/2018 05:46:13 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (04/16/2018 05:46:13 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1794) (User: NT AUTHORITY)
Description: The Trusted Platform Module (TPM) firmware on this PC has a known security problem. Please contact your PC manufacturer to find out if an update is available. For more information please go to https://go.microsoft.com/fwlink/?linkid=852572
CodeIntegrity:
===================================
Date: 2018-04-16 17:51:23.771
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-04-16 17:51:23.769
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-04-16 17:51:15.562
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-04-16 17:51:15.560
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-04-16 17:51:08.128
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-04-16 17:51:08.126
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-04-16 17:47:27.957
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-04-16 17:47:27.954
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-6600U CPU @ 2.60GHz
Percentage of memory in use: 24%
Total physical RAM: 16264.6 MB
Available physical RAM: 12244.65 MB
Total Virtual: 16664.6 MB
Available Virtual: 12787.85 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:216.78 GB) (Free:71.39 GB) NTFS
Drive d: (Recovery Image) (Fixed) (Total:18.26 GB) (Free:2.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32
\\?\Volume{19840438-2f25-483e-a6f6-19ca01f35a14}\ (SYSTEM) (Fixed) (Total:0.35 GB) (Free:0.25 GB) FAT32
\\?\Volume{4e2a5558-dcb9-4625-b08d-b1c473c34809}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.38 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 152DCB03)
Partition: GPT.
==================== End of Addition.txt ============================
|
|
17.04.2018, 00:30
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Raiffeisen E-Banking Probleme - infizierten Rechner hi, Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
17.04.2018, 09:59
| #6 |
| | Raiffeisen E-Banking Probleme - infizierten Rechner Hallo cosinus, zunächst danke für die schnelle Rückmeldung. Der PC ist tatsächlich etwas zwischen Arbeit und Privat. Den Laptop habe ich ursprünglich über die Arbeit bestellt, doch inzwischen ist es eher ein privaten Laptop geworden. Ich bin noch Student und habe deswegen Cisco als Uni-VPN. Gleichzeitig bin ich auch an der Universität angestellt und kann deswegen auf Seiten wie Studyhouse Office Professional sehr günstig holen (warum ich Office 365 habe weiss ich ehrlich gesagt nicht). Gauss ist ebenfalls mit meiner Uni-Anstellung verbunden, da meine Aufgabe dort in der Optimierung eines Gauss-Codes liegt. ZyWall und ESET sind mit meiner anderen Anstellung verbunden. Dort arbeite ich hauptsächlich im Home-Office, desewegen habe ich den VPN auf alle meine privaten Geräte. ESET habe ich, weil ich eben über die Firma den Laptop bekommen habe. Ich bin mir nicht genau sicher, warum TB solche Sachen an der IT-Abteilung überlässt, doch ich kann mir folgendes vorstellen:
Wenn es also aus dem ersten Grund ist, dürfte dies kein Problem sein. Wenn es hingegen aus dem zweiten ist, dann bitte entschuldigt den Beitrag, den dürft ihr gerne löschen. Wenn es aus anderen Gründen ist, die ich nicht genannt habe, dürft ihr gerne anhand von den gegebenen Informationen entscheiden ob der Beitrag gelöscht werden soll. Auf jeden Fall danke für Deine Zeit |
|
17.04.2018, 12:22
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  Raiffeisen E-Banking Probleme - infizierten Rechner Ich begreife nicht wirklich, warum das fast immer in Diskussionen ausartet. Es ist doch sonnenklar, dass für gewerbliche Systeme bzw Bürorechner die dafür eingestellten Admins nunmal zuständig sind. Siehe auch https://www.trojaner-board.de/108423...-anfragen.html
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.04.2018, 12:40
| #8 | |
| | Raiffeisen E-Banking Probleme - infizierten RechnerZitat:
In deinem Link steht nämlich auch, dass ihr bei Kleinunternehmen manchmal Ausnahmen macht. Ich wollte hiermit keine Diskussion starten, wenn Du das Gefühl hast, ich soll eine IT-Beratung direkt kontaktieren dann bitte schliesse den Beitrag. Die IT-Abteilung unserer Firma bin aber grundsätzlich ich. Danke für Deine Zeit. |
|
17.04.2018, 12:51
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Raiffeisen E-Banking Probleme - infizierten Rechner Nein was ich nicht verstehe sind solchen grundsätzlichen Diskussionen. Als wenn es nicht selbstverständlich sei , dass für gewerblich Rechner nun mal die IT der Firma zuständig ist. Dass du den halbprivat nutzt bzw es hier um ne kleine 5-Mann-Firma geht kann ich ich bitte wie vorher wissen? Sowas steht nicht in deinem FRST-Log und beschrieben hast du es auch nicht...  Lesestoff:Google Chrome Offensichtlich nutzt du den Browser Chrome von Google. Ich muss von der Verwendung dieses Browsers aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {00548BE5-8698-4915-8B2C-47B21FAB4A2A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.04.2018, 13:23
| #10 |
| | Raiffeisen E-Banking Probleme - infizierten Rechner Okay, ich verstehe. Sorry, dass ich mein Fall nicht präzis genug geschildert habe und danke für deine Bemühungen trotz der Unklarheit meinerseits. Hier der FRST Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version: 15.04.2018
Ran by jch (17-04-2018 14:17:49) Run:3
Running from C:\Users\jch\Desktop
Loaded Profiles: jch (Available Profiles: jch & defaultuser0 & admin)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Task: {00548BE5-8698-4915-8B2C-47B21FAB4A2A} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
emptytemp:
*****************
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00548BE5-8698-4915-8B2C-47B21FAB4A2A} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
HKLM\SOFTWARE\Policies\Google => not found
=========== EmptyTemp: ==========
BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9488668 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 7090 B
Edge => 0 B
Chrome => 14922424 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 822 B
NetworkService => 0 B
jch => 52609716 B
jgr => 0 B
Mba => 0 B
defaultuser0 => 0 B
admin => 0 B
RecycleBin => 0 B
EmptyTemp: => 82.5 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 17-04-2018 14:20:34)
Result of scheduled keys to remove after reboot:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00548BE5-8698-4915-8B2C-47B21FAB4A2A} => could not remove. Access Denied.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
==== End of Fixlog 14:20:35 ====
Ich war leider etwas dumm und habe die erste Fixlog.txt Datei nicht gespeichert, dies wäre nur die zweite. Geändert von RSLB (17.04.2018 um 13:30 Uhr) |
|
17.04.2018, 13:56
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Raiffeisen E-Banking Probleme - infizierten Rechner Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.04.2018, 17:07
| #12 |
| | Raiffeisen E-Banking Probleme - infizierten Rechner Anbei die Scan Berichte: Malwarebytes Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 4/17/18
Scan Time: 4:26 PM
Log File: 447e6308-424b-11e8-95d1-3c528247f0f3.json
Administrator: Yes
-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.4768
License: Trial
-System Information-
OS: Windows 10 (Build 16299.371)
CPU: x64
File System: NTFS
User: System
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 521433
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 3 min, 10 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
(end)
Code:
ATTFilter 16:30:35 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=
# end=init
# utc_time=2018-04-17 14:30:35
# local_time=2018-04-17 16:30:35 (+0100, W. Europe Summer Time)
# country="Switzerland"
# osver=10.0.16299 NT
16:30:38 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=b70346254a1b59469d5637779b78a648
# end=init
# utc_time=2018-04-17 14:30:38
# local_time=2018-04-17 16:30:38 (+0100, W. Europe Summer Time)
# country="Switzerland"
# osver=10.0.16299 NT
16:30:51 Updating
16:30:51 Update Init
16:30:53 Update Download
16:32:22 esets_scanner_reload returned 0
16:32:22 g_uiModuleBuild: 37074
16:32:22 Update Finalize
16:32:22 Call m_esets_charon_send
16:32:22 Call m_esets_charon_destroy
16:32:22 Updated modules version: 37074
16:32:32 Call m_esets_charon_setup_create
16:32:32 Call m_esets_charon_create
16:32:32 m_esets_charon_create OK
16:32:32 Call m_esets_charon_start_send_thread
16:32:32 Call m_esets_charon_setup_set
16:32:32 m_esets_charon_setup_set OK
16:32:32 Scanner engine: 37074
17:50:57 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.19.0
# EOSSerial=b70346254a1b59469d5637779b78a648
# engine=37074
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# sfx_checked=true
# utc_time=2018-04-17 15:50:57
# local_time=2018-04-17 17:50:57 (+0100, W. Europe Summer Time)
# country="Switzerland"
# lang=1031
# osver=10.0.16299 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 10397988 18214768 0 0
# compatibility_mode_1='ESET Endpoint Antivirus'
# compatibility_mode=8248 16777213 100 100 2526428 35691821 0 0
# scanned=2
# found=0
# cleaned=0
# scan_time=4713
Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Malwarebytes ESET Endpoint Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 144 Java version 32-bit out of Date! Google Chrome (65.0.3325.181) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` ESET NOD32 Antivirus egui.exe ESET NOD32 Antivirus ekrn.exe Malwarebytes Anti-Malware mbamservice.exe ESET RemoteAdministrator Agent ERAAgent.exe Malwarebytes Anti-Malware mbamtray.exe Windows Defender MSASCuiL.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
18.04.2018, 07:58
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Raiffeisen E-Banking Probleme - infizierten Rechner Da war auch nicht mehr wirklich was... Dann wären wir durch!  Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Abschließend müssen wir noch ein paar Schritte unternehmen, um dein System aufzuräumen (cleanup mit DelFix) und abzusichern; ich poste dir dazu mal meine Lesestoffe. Wichtiger als irgendein AV ist ein vernünftiger Umgang, also gewisse Verhaltensregeln am Gerät mit Internetzugang, und ein paar grundsätzliche Absicherungen. Deswegen kommen die zuerst. Gliederung:
Lesestoff:Cleanup Alle Logs gepostet? Dann lade Dir bitte das TBCleanUpTool herunter.
Das TBCleanUpTool entfernt die verwendeten Programme, die Quarantäne unserer Scanner und löscht sich abschließend selbst. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, die du nicht mehr verwenden möchtest, kannst du diese über die Systemsteuerung deinstallieren. Lesestoff:Grundsätzliches Lesestoff:Google Chrome Von der Verwendung dieses Browsers muss man aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren, falls es noch installiert ist. Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems (genaueres dazu im Lesestoff zu Backups) Finger weg von Registry-Cleanern, Optimizern usw!!! - die Performancesteigerung ist umstritten bis ganz klar nicht belegbar, dafür hast du ein großes Risiko dein System zu zerstören v.a. bei Registry-Operationen. Das Beste ist, die windowseigene Datenträgerbereinigung zu verwenden - und die Registry in Ruhe zu lassen! Softwareinstallationen und Aktualisierungen Für Windows gibt es seit einiger Zeit einen brauchbaren Paketmanager, der mit einfachen Befehlen es erlaubt, automatisiert Software herunterzuladen und zu installieren. Das erspart eine Menge Arbeit, denn ohne einen Paketmanager muss man jedes Programm selbst prüfen und separat manuell updaten, vorher manuell noch runterladen etc. pp. - siehe auch --> http://www.trojaner-board.de/186035-...r-windows.html Ich empfehle daher, alle Programme, sofern verfügbar, über chocolatey zu installieren. Falls du schon mit Linux zu tun hattest, wird dir die Syntax sehr vertraut sein. Die FAQs zu choco findest du da --> Chocolatey: Häufig gestellte Fragen (englisch) Für den seltenen Fall, dass du das benötigte Programm NICHT im repository von chocolatey findest: Lade diese Software immer von einem sauberen Portal wie  . Finger weg von chip.de oder softonic!Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner. Lesestoff:Absicherung Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen - sofern benötigt, wenn nicht benötigt natürlich sinnigerweise deinstallieren oder Alternativen verwenden (und diese aktuell halten). Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden; Sicherheitslücken werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Besonders aufpassen bzgl. der Aktualität musst du bei folgender Software:
Empfohlene Firefox-Addons (Erweiterungen):  uBlock Origin ist ein einfacher und zuverlässiger Ad- und Trackerblocker.  HTTPS Everywhere Sorgt dafür, dass der Firefox immer, wenn möglich, verschlüsselte Verbindungen (HTTPS) verwendet statt HTTP. Wahlweise kann man darüber durch Setzen eines Häkchens auch alle unverschlüsselten Verbindungen blockieren, Firefox nutzt dann nur noch HTTPS und lädt nichts mehr über üverschlüsselte Verbindungen.Lesestoff:Virenscanner + Firewall Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Die Dinger sind mittlerweile auch unter Windows stark umstritten und können Probleme bereiten, die man so ohne AV einfach nicht haben wird. Zudem werden sie auch niemals jeden Schädling finden können. Aussagen der Anbieter dieser Software entpuppen sich regelmäßig als Marketinggeblubber. Lies dazu => Aus aktuellem Anlass: Antivirus-Schlangenöl | Elias Schwerdtfeger und => http://www.golem.de/news/antivirenso...12-125148.html Verwende also MAXIMAL ein einziges der folgenden AVs mit Echtzeitscanner und stets aktueller Signaturendatenbank; verwende immer nur reine Virenscanner (keine Produkte mit Suite oder Internet Security in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird!)
Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür. Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und/oder mit dem ESET Online Scanner scannen. Lesestoff:Backup-/Image-Tools IMHO sind Wiederherstellungspunkte nix weiter als eine Notlösung, wer sich auf was Funktionierendes verlassen will und muss, kommt um echte Backup/Imaging Software nicht herum. Ich nehme unter Windows immer Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Damit man sinnvolle Backups hat muss man regelmäßig zB wöchentlich ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), sonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor Krypto-Trojaner zu schützen. Option 1: Drivesnapshot Offizielle TB-Anleitung --> http://www.trojaner-board.de/186299-...esnapshot.html  Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64 Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe Es gibt da auch leicht abgespeckte Versionen von Acronis TrueImage gratis wenn man Platten von Seagate und/oder Western Digital hat. Vllt sagen diese Programme dir mehr zu. Mein Favorit aber ist das kleine o.g. Drivesnapshot. Option 2: Seagate DiscWizard Download => Seagate DiscWizard - Download - Filepony Screenshots: http://filepony.de/screenshot/seagate_discwizard5.jpg http://filepony.de/screenshot/seagate_discwizard4.png http://filepony.de/screenshot/seagate_discwizard3.jpg Option 3: Acronis TrueImage WD Edition Download => Acronis True Image WD Edition - Download - Filepony Screenshots: http://filepony.de/screenshot/acroni...d_edition1.jpg http://filepony.de/screenshot/acroni...d_edition2.jpg
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.04.2018, 10:17
| #14 |
| | Raiffeisen E-Banking Probleme - infizierten Rechner Nochmal danke für die hervorragende Hilfe deinerseits. Obwohl gestern Abend zu Hause alles in Ordnung war (i.e. keine Meldung mehr beim E-Banking Besuch), ist es heute nicht mehr der Fall. Ich bin heute ins Büro gegangen um an meiner Masterarbeit zu schreiben, doch irgendwann habe ich gemerkt, dass beim Druck von "^" direkt zwei "^^" auftauchen. Dieses Problem hatte ich zum ersten Mal am Wochenende gemerkt, kurz bevor ich diese E-Banking Probleme feststellen konnte. Ich hatte mich mal informiert und dachte es könnte eventuell an einem Keylogger liegen. Als ich gestern den ersten Beitrag erstellte, hatte ich den Problem mit "^^" nicht mehr und obwohl ich es am Anfang im Beitrag geschrieben hatte, habe ich es schlussendlich doch noch gelöscht, weil es kein aktuelles Problem mehr war. Ich habe auch schon früher festgestellt, dass manche Dateien, die ich zuhause lösche (z.B. den Backup von einem iPhone, der im AppData war) wiederhergestellt werden, wenn ich mir im Büro verbinde. Könnte es sein, dass der Virus irgendwo in meinem Profil steckt und nun wiederhergestellt wurde? Ich gehe die Schritte von gestern im Büro jetzt nochmal durch (1. MBAM, 2. ESET Online Scanner, 3. SecurityCheck, 4. FRST-Scan) und poste gleich die Logs sobald ich damit durch bin. Danke für die wertvolle Unterstützung. |
|
18.04.2018, 10:29
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Raiffeisen E-Banking Probleme - infizierten Rechner Der Rechner ist sauber. Was soll dieser Scannerei? Was habt ihr alle immer nur mit keylogger? Ein keylogger zeichnet Tastaturanschläge auf und macht nicht willkürlich irgendwo neue rein 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Raiffeisen E-Banking Probleme - infizierten Rechner |
| antivirus, bootsektor, brauch, code, data, desktop, detected, eset, explorer, file, firefox, folge, ics, infizierte, kaspersky, malwarebytes, meldung, ordner, problem, probleme, rechner, setup, sigcheck, stream, tdss, verschiedene |
)
Linear-Darstellung
