| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Habe mir (vermutlich) ein Virus eingefangenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.06.2018, 18:00
| #16 |
 |  Habe mir (vermutlich) ein Virus eingefangenCode:
ATTFilter 18:47:00.0262 0x5190 TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
18:47:06.0519 0x5190 ============================================================
18:47:06.0519 0x5190 Current date / time: 2018/06/08 18:47:06.0519
18:47:06.0519 0x5190 SystemInfo:
18:47:06.0519 0x5190
18:47:06.0519 0x5190 OS Version: 10.0.17134 ServicePack: 0.0
18:47:06.0519 0x5190 Product type: Workstation
18:47:06.0519 0x5190 ComputerName: HOME-PC
18:47:06.0519 0x5190 UserName: Martin
18:47:06.0519 0x5190 Windows directory: C:\WINDOWS
18:47:06.0519 0x5190 System windows directory: C:\WINDOWS
18:47:06.0519 0x5190 Running under WOW64
18:47:06.0519 0x5190 Processor architecture: Intel x64
18:47:06.0519 0x5190 Number of processors: 4
18:47:06.0519 0x5190 Page size: 0x1000
18:47:06.0519 0x5190 Boot type: Normal boot
18:47:06.0519 0x5190 CodeIntegrityOptions = 0x00000001
18:47:06.0519 0x5190 ============================================================
18:47:06.0690 0x5190 KLMD registered as C:\WINDOWS\system32\drivers\71725125.sys
18:47:06.0690 0x5190 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
18:47:06.0784 0x5190 System UUID: {6D6B31AC-2085-4887-6AC4-EA7149D83BBB}
18:47:07.0191 0x5190 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:47:07.0191 0x5190 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:47:07.0206 0x5190 Drive \Device\Harddisk2\DR4 - Size: 0xF4B00000 ( 3.82 Gb ), SectorSize: 0x200, Cylinders: 0x1F3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:47:07.0222 0x5190 ============================================================
18:47:07.0222 0x5190 \Device\Harddisk0\DR0:
18:47:07.0222 0x5190 MBR partitions:
18:47:07.0222 0x5190 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
18:47:07.0222 0x5190 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1D01B35F
18:47:07.0222 0x5190 \Device\Harddisk1\DR1:
18:47:07.0222 0x5190 MBR partitions:
18:47:07.0222 0x5190 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6A706800
18:47:07.0222 0x5190 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x6A707000, BlocksNum 0x9FFF000
18:47:07.0222 0x5190 \Device\Harddisk2\DR4:
18:47:07.0222 0x5190 MBR partitions:
18:47:07.0222 0x5190 \Device\Harddisk2\DR4\Partition1: MBR, Type 0xC, StartLBA 0xAC8, BlocksNum 0x7A4D38
18:47:07.0222 0x5190 ============================================================
18:47:07.0222 0x5190 C: <-> \Device\Harddisk0\DR0\Partition2
18:47:07.0722 0x5190 D: <-> \Device\Harddisk1\DR1\Partition1
18:47:07.0769 0x5190 E: <-> \Device\Harddisk1\DR1\Partition2
18:47:07.0769 0x5190 ============================================================
18:47:07.0769 0x5190 Initialize success
18:47:07.0769 0x5190 ============================================================
18:48:28.0743 0x4d4c ============================================================
18:48:28.0743 0x4d4c Scan started
18:48:28.0743 0x4d4c Mode: Manual;
18:48:28.0743 0x4d4c ============================================================
18:48:28.0743 0x4d4c KSN ping started
18:48:28.0778 0x4d4c KSN ping finished: true
18:48:29.0347 0x4d4c ================ Scan system memory ========================
18:48:29.0347 0x4d4c System memory - ok
18:48:29.0347 0x4d4c ================ Scan services =============================
18:48:29.0362 0x4d4c [ 4B45A2D37CCE3CC0F161B7C7286081A6, DF4EBAA12E083AE45411AABD3EDE916E2CC6963FBA664861AC9B2351B5E042DC ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
18:48:29.0378 0x4d4c 1394ohci - ok
18:48:29.0378 0x4d4c [ F5E5BA493B7C497F1F769942E2EA4CE2, 4AD54DA24142BCE49FB64CFF2CB28764FAA93827E7DB02925090B68F8C73B1FB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
18:48:29.0378 0x4d4c 3ware - ok
18:48:29.0394 0x4d4c [ CA51BB1B81F97E896E116C839B92D9D8, 09F73D8FB93EA524D3C9A9C264F62340560DC7042589597A318626A0A198F91F ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
18:48:29.0409 0x4d4c ACPI - ok
18:48:29.0409 0x4d4c [ 75795E4B19BB3ED8D3C25A17CD15DC30, 22A13064E0B472A0A2258D61A889B73EE3F537DA7796CCE39DF973AFA8FA1567 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
18:48:29.0409 0x4d4c AcpiDev - ok
18:48:29.0409 0x4d4c [ DDA0FC1400A24988A7D3E746AEDF2C0F, 3A703A204FDE46C67017C274CA1F50F591D909EE182A82697E89442D4A5569CE ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
18:48:29.0425 0x4d4c acpiex - ok
18:48:29.0425 0x4d4c [ 1F2EC25DA23D1DF3ADA12FE5A26D321C, B165D72949E43F04312C95BF0FF5C25CFE5CA0CDF43415E01AB2B1550D06C737 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
18:48:29.0425 0x4d4c acpipagr - ok
18:48:29.0425 0x4d4c [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
18:48:29.0425 0x4d4c AcpiPmi - ok
18:48:29.0425 0x4d4c [ 0FC8673FAFC7D78C1CDC000F892CAC64, 33FB109ABD18FBF4DA5047BAA9FAF63E88D5BA1826442DB02F9130DAD11D15F2 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
18:48:29.0425 0x4d4c acpitime - ok
18:48:29.0441 0x4d4c [ CA805DA983594B01F3554464B2E5158F, AC311C5D59AA1FA2B1B3CDB9CCEABEC85878BF6CA6106253186909AA9EB3C1BA ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:48:29.0441 0x4d4c AdobeARMservice - ok
18:48:29.0456 0x4d4c [ A3D4CF2F3A433BE18CD4AD3E6665DC63, 9D62A7E2DDA15B2E75490CCB9C8E10A41030F496A93631EDED5F1003DF368290 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:48:29.0472 0x4d4c ADP80XX - ok
18:48:29.0487 0x4d4c [ 4DCCC3E02A22ED4A4ADB11386F226071, 40BB183049DE3ADCC7A5B1B269620C8534291BB7A956157434C857DE249559EE ] AFD C:\WINDOWS\system32\drivers\afd.sys
18:48:29.0487 0x4d4c AFD - ok
18:48:29.0503 0x4d4c [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix C:\WINDOWS\system32\drivers\afunix.sys
18:48:29.0503 0x4d4c afunix - ok
18:48:29.0503 0x4d4c [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:48:29.0503 0x4d4c ahcache - ok
18:48:29.0519 0x4d4c [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
18:48:29.0519 0x4d4c AJRouter - ok
18:48:29.0519 0x4d4c [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG C:\WINDOWS\System32\alg.exe
18:48:29.0519 0x4d4c ALG - ok
18:48:29.0519 0x4d4c [ 6DF48AD26E6285FB137F11328B64A376, 76FF9A753C262065E819E862E7950127472C5E6AB7E97B57977C6DCE6180760A ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
18:48:29.0534 0x4d4c AmdK8 - ok
18:48:29.0534 0x4d4c [ D8804032BCDE4077A6D8D431D12AC6CC, F017A3FEAB2919A9662A9BFEF31AE7B7EC19F1136C9D0DC6C48A415B540A8062 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
18:48:29.0534 0x4d4c AmdPPM - ok
18:48:29.0534 0x4d4c [ A88F5E24B65228FB25F2051B3408A0E4, C124B486839EA15D6806EB51E91EBF99401CD7D226541320A7A4934A8477DCEF ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
18:48:29.0534 0x4d4c amdsata - ok
18:48:29.0550 0x4d4c [ AECD39E51DABC2BF045B2857F02FA2BD, 83E2AC3200B6EA1586E4E0204D81CEAF303D7C9EBE7E5D1273A41A4EC1390E56 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
18:48:29.0550 0x4d4c amdsbs - ok
18:48:29.0550 0x4d4c [ B4CC9943230CAEB05B46CC30C220E141, 013716E6911136EB0916A1D592198DD7953800549DA0C885093D2BA3CC9BA2A7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
18:48:29.0550 0x4d4c amdxata - ok
18:48:29.0566 0x4d4c [ E4A18157BF5D8D714C05169A8A8D604C, 45D8CB25A9967D634F8331070BDFB3DF4ACB6295CF1520F9AAE8753D3BF4018A ] AppID C:\WINDOWS\system32\drivers\appid.sys
18:48:29.0566 0x4d4c AppID - ok
18:48:29.0566 0x4d4c [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
18:48:29.0566 0x4d4c AppIDSvc - ok
18:48:29.0581 0x4d4c [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo C:\WINDOWS\System32\appinfo.dll
18:48:29.0581 0x4d4c Appinfo - ok
18:48:29.0581 0x4d4c [ A4811754EF548619F68FB3418325BB66, D9DA070D4B0F74F29B8D94B90F1827B5863C4053D185889F7BF451FF5677C773 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:48:29.0581 0x4d4c Apple Mobile Device Service - ok
18:48:29.0597 0x4d4c [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
18:48:29.0597 0x4d4c applockerfltr - ok
18:48:29.0597 0x4d4c [ 922BBB78C86D1E3B34599E6513BAD2F3, 30904E54F0CE28273EC6EFE91B6237F656A158D7B976FB3322E3A25692528747 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
18:48:29.0612 0x4d4c AppReadiness - ok
18:48:29.0659 0x4d4c [ BAE38E49755CFF157B4EA06988465E10, 792E0D4E443DB997B4EDADF90F460FDB85D6AE762B83CB28873B0D65A8F2D388 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
18:48:29.0706 0x4d4c AppXSvc - ok
18:48:29.0722 0x4d4c [ 013E057DF3D13A4462AD912D7732E7E0, 7C89AD5799091D17EAED682058559DBAE882D0E18C347B5AECE7BCCFD0E2D21C ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
18:48:29.0722 0x4d4c arcsas - ok
18:48:29.0737 0x4d4c [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
18:48:29.0753 0x4d4c asComSvc - ok
18:48:29.0753 0x4d4c [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
18:48:29.0753 0x4d4c AsIO - ok
18:48:29.0769 0x4d4c [ B25ACCD9BE5F5798E9DD8FFB04D7BE4C, 87577AD2E4A47518B8101C67F1025CB3CD2ABBA678774A5926192FCD56EF1350 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
18:48:29.0769 0x4d4c AsyncMac - ok
18:48:29.0769 0x4d4c [ 90AB4ED8EBD72A1C096A40CC35404B91, C343466D439552D154BBD1A5F9D391CDD3FA298A712594EA27C3049E3516D1AF ] atapi C:\WINDOWS\system32\drivers\atapi.sys
18:48:29.0769 0x4d4c atapi - ok
18:48:29.0784 0x4d4c [ 7B62AFBD877C2FC64E639A60B73D82B7, 4EA0B5E4BC11C03D1FBDA98B6F4CE844A127B7BFDB5D237A01F8B0EB4844E9B9 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:48:29.0800 0x4d4c AudioEndpointBuilder - ok
18:48:29.0831 0x4d4c [ D4DDEBD1EF825B0C2FE1A11BAFBE55E3, 2B5533E1A14821D37483FB85294A9227134E7FBF9E2E7E0B32D3EF9C6AF83CE6 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
18:48:29.0847 0x4d4c Audiosrv - ok
18:48:29.0862 0x4d4c [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
18:48:29.0862 0x4d4c AxInstSV - ok
18:48:29.0878 0x4d4c [ F10E4C9444A9FC6DCBAB2C42F6999FA1, 4238B6DD49CBADFE2C737AC1B211AE045F458DDF1693EE54608455C1ECE1BCCA ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
18:48:29.0878 0x4d4c b06bdrv - ok
18:48:29.0878 0x4d4c [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam C:\WINDOWS\system32\drivers\bam.sys
18:48:29.0878 0x4d4c bam - ok
18:48:29.0894 0x4d4c [ FA4973E379E872C61D0CF4E39F807833, 3320FAB0CF16BB1ABBBA222CC31D20B5AC7A4259DE4323B109A8F2FECC28C8A4 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:48:29.0894 0x4d4c BasicDisplay - ok
18:48:29.0894 0x4d4c [ F024B80EA0076A318598DAB795F9C3D0, 6225A5FCD2B750A0E4FFFCCB1CDF49BAA7809A4B4AD7AB625A585CF4971CDE25 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
18:48:29.0894 0x4d4c BasicRender - ok
18:48:29.0925 0x4d4c [ 15971E9AE43AA92C6A527622F36C41A0, DD3F0B5F6231A0C32AE7135ECB5ACABD495801C0D5673D76821EA06112ED83F5 ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
18:48:29.0941 0x4d4c BcastDVRUserService - ok
18:48:29.0941 0x4d4c [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
18:48:29.0941 0x4d4c bcmfn2 - ok
18:48:29.0956 0x4d4c [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
18:48:29.0956 0x4d4c BDESVC - ok
18:48:29.0956 0x4d4c [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:48:29.0956 0x4d4c Beep - ok
18:48:29.0972 0x4d4c [ 8152A6374BB6DAF39C3215903A76F6CF, D991CBA589DB2482F2183EAF4BADD6C92183AF6A6EC48FD97F249AC1C1CC4D38 ] BFE C:\WINDOWS\System32\bfe.dll
18:48:29.0987 0x4d4c BFE - ok
18:48:29.0987 0x4d4c [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys
18:48:30.0003 0x4d4c bindflt - ok
18:48:30.0019 0x4d4c [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS C:\WINDOWS\System32\qmgr.dll
18:48:30.0034 0x4d4c BITS - ok
18:48:30.0050 0x4d4c [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
18:48:30.0050 0x4d4c BluetoothUserService - ok
18:48:30.0066 0x4d4c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:48:30.0081 0x4d4c Bonjour Service - ok
18:48:30.0081 0x4d4c [ 00C33AC3096BB64BACD5554A55025F8F, E13669966AA69A9C18E8932491F722F595666163DA2C6695C8F415AD55836B53 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
18:48:30.0081 0x4d4c bowser - ok
18:48:30.0097 0x4d4c [ 53C4AF4DA254AED8D3EEBA4A319960FA, 707D27136D96044C2C964F34731D43CF94C583059414CFD9033276F999D4BEC0 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:48:30.0112 0x4d4c BrokerInfrastructure - ok
18:48:30.0128 0x4d4c [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService C:\WINDOWS\System32\BTAGService.dll
18:48:30.0128 0x4d4c BTAGService - ok
18:48:30.0144 0x4d4c [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll
18:48:30.0144 0x4d4c BthAvctpSvc - ok
18:48:30.0159 0x4d4c [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
18:48:30.0159 0x4d4c BthHFEnum - ok
18:48:30.0159 0x4d4c [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
18:48:30.0159 0x4d4c BTHMODEM - ok
18:48:30.0159 0x4d4c [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv C:\WINDOWS\system32\bthserv.dll
18:48:30.0175 0x4d4c bthserv - ok
18:48:30.0175 0x4d4c [ E3786BEBB7E4003DE324A18069DDA081, 4DDA70CCB011D74811BA51686E6ED9A404EBE549AE6B3CE0DDBCB83D09E8AABA ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys
18:48:30.0175 0x4d4c bttflt - ok
18:48:30.0175 0x4d4c [ 03C13BB635635B9152DBF49AA07B728C, F6141576EB54EFE5E329762EC548C7D256EFB57C42A46BB3426B779413F0C975 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
18:48:30.0175 0x4d4c buttonconverter - ok
18:48:30.0175 0x4d4c [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD C:\WINDOWS\System32\drivers\CAD.sys
18:48:30.0175 0x4d4c CAD - ok
18:48:30.0191 0x4d4c [ 91EACB2FCD384C2D71EAF2BAB3FAA5C5, A3BB724570A9E882E8E6AF8CF29BC03DB77B3D31B87DDF6187C101E1B9C2617F ] camsvc C:\WINDOWS\system32\CapabilityAccessManager.dll
18:48:30.0191 0x4d4c camsvc - ok
18:48:30.0191 0x4d4c [ 407B33DE151A3DFCF564AC4270E44B1D, 8B1419FEDDCEF9F9F239B4C1A629F4F2748FC09CF3E38CA01D8D6D1D32252346 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
18:48:30.0206 0x4d4c CapImg - ok
18:48:30.0206 0x4d4c [ D3CBC6DE5955D014407C7BD1FFE80F00, 9D185AED383FCBF16EE63192452DE888D8485D7BD9C0257BF92A68C42120A1B8 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:48:30.0206 0x4d4c cdfs - ok
18:48:30.0222 0x4d4c [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
18:48:30.0222 0x4d4c CDPSvc - ok
18:48:30.0238 0x4d4c [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
18:48:30.0238 0x4d4c CDPUserSvc - ok
18:48:30.0254 0x4d4c [ AD4D24434C058AFAFD5AB319B4BF5B66, 362470CF93CC1A7B37AFFF8F41C5E0089EDCE16553DC9EC131E7202B52A745A2 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
18:48:30.0254 0x4d4c cdrom - ok
18:48:30.0254 0x4d4c [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
18:48:30.0269 0x4d4c CertPropSvc - ok
18:48:30.0269 0x4d4c [ 4A08B239F92B319AD31E3916D27AD4B9, 948772689F14090E9E096CF7423CE5D994E3F9964775AD5B2F78C37A987EE980 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
18:48:30.0269 0x4d4c cht4iscsi - ok
18:48:30.0301 0x4d4c [ C8EA9376E4D284F9DF24B27AC6E3AB85, DAD3B00A37797E7C80E0C359BA735B65BBBE5DC25480910737D86D2711A6FF8C ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
18:48:30.0332 0x4d4c cht4vbd - ok
18:48:30.0332 0x4d4c [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
18:48:30.0332 0x4d4c circlass - ok
18:48:30.0347 0x4d4c [ 5619FC2A3AE4F43D4B20D95472ED948E, A5D530FB6AC493FC01489A1D32C311F7D28F0D7B49C950E71F4ADF4FBA302689 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
18:48:30.0347 0x4d4c CldFlt - ok
18:48:30.0363 0x4d4c [ DB26170CF6555B9AFF76CFA067ABCF90, A066E89267783A5E54A36D1CF193916218BE2E1D177F0ACA82E2B86211629806 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
18:48:30.0363 0x4d4c CLFS - ok
18:48:30.0379 0x4d4c [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
18:48:30.0394 0x4d4c ClipSVC - ok
18:48:30.0410 0x4d4c [ 66CBF6F8FE6F436B315D7FEAF5D2BB40, 0F6AE6412EF73C74EF0EB1866E8CD85AACE4373D5C24F3D0121F5A7420E5A03B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
18:48:30.0410 0x4d4c CmBatt - ok
18:48:30.0425 0x4d4c [ 05E7964417FAA5A1F128CDC00D0AC570, 1617C15C27FF0E160F9FED43B39926D4729419F28C2F9152C73DBC2E33140217 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
18:48:30.0425 0x4d4c CNG - ok
18:48:30.0441 0x4d4c [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
18:48:30.0441 0x4d4c cnghwassist - ok
18:48:30.0441 0x4d4c [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
18:48:30.0441 0x4d4c CompositeBus - ok
18:48:30.0441 0x4d4c COMSysApp - ok
18:48:30.0457 0x4d4c [ 3799A9DFB162D9AAD6AC12CB8185FD19, 942F2777049166EC43F93177F0084EA08B06CE9107AF55337124FE25CCB158C4 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
18:48:30.0457 0x4d4c condrv - ok
18:48:30.0472 0x4d4c [ 9D1E4820F8EE2DD5B9720C8DC62F4C4F, 82BC0228B88A745C628A6B1625FF597426CAAB791E629D00FA780A2B4DAE7175 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
18:48:30.0488 0x4d4c CoreMessagingRegistrar - ok
18:48:30.0488 0x4d4c [ 6C6073B45D65887A6035F1A8D073274A, F002B25E05D0894CD12BA3D046E11D4AD6F0BCE8796618B0EE54851223A65C15 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
18:48:30.0488 0x4d4c CryptSvc - ok
18:48:30.0504 0x4d4c [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam C:\WINDOWS\system32\drivers\dam.sys
18:48:30.0504 0x4d4c dam - ok
18:48:30.0519 0x4d4c [ 8CE6D7338F84B228450C8240BB77DB16, 3580ACCD3D1D31E2BA90A1A0FE7CE1FFBD12CF00931098664AAD2EA42F075FEF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:48:30.0535 0x4d4c DcomLaunch - ok
18:48:30.0550 0x4d4c [ 7ECF8E55CAF04A8F7F7498C55A6EDAC5, F6E033A10338AD8746E1538B12B1B470E8F97210E4564893568D0C7EB165D794 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
18:48:30.0550 0x4d4c defragsvc - ok
18:48:30.0566 0x4d4c [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:48:30.0566 0x4d4c DeviceAssociationService - ok
18:48:30.0582 0x4d4c [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
18:48:30.0582 0x4d4c DeviceInstall - ok
18:48:30.0582 0x4d4c [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
18:48:30.0597 0x4d4c DevicePickerUserSvc - ok
18:48:30.0613 0x4d4c [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
18:48:30.0629 0x4d4c DevicesFlowUserSvc - ok
18:48:30.0629 0x4d4c [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
18:48:30.0629 0x4d4c DevQueryBroker - ok
18:48:30.0644 0x4d4c [ 9E74A900CCCA3EA6C8533CF94B3F8223, A585A0EBCC604981BB648B709903A263CECC5D589F65411C297D0D68864947AE ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
18:48:30.0644 0x4d4c Dfsc - ok
18:48:30.0644 0x4d4c [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:48:30.0644 0x4d4c dg_ssudbus - ok
18:48:30.0660 0x4d4c [ 51D1F76C6EC94B0773D276C91B06A781, DF3E512D1FFA1E7AA75D4CEDD5D5AB8DAA13BE5C8427B6A4F064FDCF455C9589 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
18:48:30.0660 0x4d4c Dhcp - ok
18:48:30.0660 0x4d4c [ FF05980EEE93D2B4AB1284BF21D7F12B, 026C8489CC9232605B87F02E3276B81DB23A6B64BB66C01F0FD6E7D266ECD17C ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
18:48:30.0660 0x4d4c diagnosticshub.standardcollector.service - ok
18:48:30.0679 0x4d4c [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
18:48:30.0679 0x4d4c diagsvc - ok
18:48:30.0726 0x4d4c [ E74FCFD1499A4F816A99D35E297CCE63, 9C6D75200A8D0932CA77F68D78F11B89B0A45441ABB1662BE69567FE13138D19 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
18:48:30.0757 0x4d4c DiagTrack - ok
18:48:30.0773 0x4d4c [ A79FCB89805FA9EA9F48B671A4591D4E, 13CA8B9CB35DF9F8EFFF8E6ECC0F65E4F179FA9BEF4B68F3382CA4A6BF14FA54 ] Disk C:\WINDOWS\system32\drivers\disk.sys
18:48:30.0773 0x4d4c Disk - ok
18:48:30.0788 0x4d4c [ 89FC056F9CEFB85FC7159AA063904AFF, 6B6F86F87C48EE92F616D4EEE624C9711D0606FD651F3B1D4DD5EF3767B76750 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
18:48:30.0804 0x4d4c DmEnrollmentSvc - ok
18:48:30.0804 0x4d4c [ F69D7A5D7EDEE16B85F08040836FB09C, 944730FA6CA6ED0ECA85848A2F00EE1E647F7DD4CC37E557A812ECE8A92B3999 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
18:48:30.0804 0x4d4c dmvsc - ok
18:48:30.0804 0x4d4c [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
18:48:30.0820 0x4d4c dmwappushservice - ok
18:48:30.0820 0x4d4c [ E65844BC31FE3687A745C2E48C845CBC, 826845A9FC00E4D68CDE5FA5C293DF6D41DB0E8D15B43647A1335F0A79AFD4D6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:48:30.0820 0x4d4c Dnscache - ok
18:48:30.0835 0x4d4c [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
18:48:30.0835 0x4d4c dot3svc - ok
18:48:30.0835 0x4d4c [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS C:\WINDOWS\system32\dps.dll
18:48:30.0851 0x4d4c DPS - ok
18:48:30.0851 0x4d4c [ AD1BEFBF96C0273925EDC9282557D984, E23B1B043E9EE25054DCEFB10C1C69009DCB1E12675DAE60B00A646735B03D99 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
18:48:30.0851 0x4d4c drmkaud - ok
18:48:30.0851 0x4d4c [ 5242DC5849014BCFBB3147B76A899783, 759542B42D9DCC224D9CBD19A0C6B8939417F2F08B547BE07FFA3356918C1ED7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
18:48:30.0851 0x4d4c DsmSvc - ok
18:48:30.0867 0x4d4c [ A8923D6A577D176A90A36A9EC0BD4BCB, 5EC87DA3DF7F1869D9542416651606C7731F4D1BDEC42C8A0D5285292EC7EF7C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
18:48:30.0867 0x4d4c DsSvc - ok
18:48:30.0867 0x4d4c [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
18:48:30.0882 0x4d4c DusmSvc - ok
18:48:30.0929 0x4d4c [ 357D15FA5C15A44218770B40313E4856, EB5A8C01A9ABED5CE01DBDCCDC20716097351DB2E82684ED5F9488AC1072C249 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:48:30.0960 0x4d4c DXGKrnl - ok
18:48:30.0976 0x4d4c [ 7E9A1608894297B133AF5EE18E404208, 9E2E4B4F6133375DB8E490337594BEFB86BA964223FB272A23ADD02FA8065253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
18:48:30.0976 0x4d4c Eaphost - ok
18:48:31.0023 0x4d4c [ 75CA88887850A74DDAAAF92500B6D9B9, 1C413719D0E659E20C66B0762B2FC708E55536961A1D9F21906ADBE9CF431489 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
18:48:31.0070 0x4d4c ebdrv - ok
18:48:31.0070 0x4d4c [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] EFS C:\WINDOWS\System32\lsass.exe
18:48:31.0070 0x4d4c EFS - ok
18:48:31.0085 0x4d4c [ 7E838D857FC55535710C316441459C38, C4673014D3ED3E68E02DB5BE6DB53E45B1E4A3CE2B04B15BFD507AF703A60134 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
18:48:31.0085 0x4d4c EhStorClass - ok
18:48:31.0085 0x4d4c [ 49023DD6F646B8C70AE1C105415F3E2B, 16EC2920A2CB71C17BFA7A0E22EDAE1C0E7004C986BEBCA9435F6FDB5D8E64CF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:48:31.0085 0x4d4c EhStorTcgDrv - ok
18:48:31.0117 0x4d4c [ 623FB075689986670D16795787632B1F, 93DF0E91B29458B4CA23420715A3BF5784CFDEF9F79F20B30C500861227FF828 ] ElfoService C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe
18:48:31.0132 0x4d4c ElfoService - ok
18:48:31.0132 0x4d4c [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
18:48:31.0132 0x4d4c embeddedmode - ok
18:48:31.0148 0x4d4c [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
18:48:31.0148 0x4d4c EntAppSvc - ok
18:48:31.0148 0x4d4c [ 1DF19D7A941CB06F8EADF89FA0BF59AD, 0A8891AD73AF277B764FA5CF163E6BC29DFFA0E35388A941AE27E001289C0A4A ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
18:48:31.0148 0x4d4c ErrDev - ok
18:48:31.0163 0x4d4c [ 1E01F509048BEF78831AC89401B172BD, 34558F56D9AEA8527B84B2BE2A752D181A5D825622EB4B90D454F6D4F971BFED ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
18:48:31.0163 0x4d4c ESProtectionDriver - ok
18:48:31.0179 0x4d4c [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem C:\WINDOWS\system32\es.dll
18:48:31.0179 0x4d4c EventSystem - ok
18:48:31.0195 0x4d4c [ B2858C386B99A68C3E3F0DFAB935C232, D278EA60AED4C3769B827BF2DEE584135FFDCF9E1380B982A7AEFB531848F4A2 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
18:48:31.0195 0x4d4c exfat - ok
18:48:31.0210 0x4d4c [ CE38CED74D85849BB2C9894DCA712615, 087B9EA66C06F8AA185F78E482DCA128B0554B716A1740033FC624414AA1B237 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
18:48:31.0210 0x4d4c fastfat - ok
18:48:31.0226 0x4d4c [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax C:\WINDOWS\system32\fxssvc.exe
18:48:31.0226 0x4d4c Fax - ok
18:48:31.0241 0x4d4c [ 6701B9973DE98578A491721B4BDE0926, 48D07092E6B44CAA529559DF620BDAA4DFCC16430DBA8178B461E556AC526DE1 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
18:48:31.0241 0x4d4c fdc - ok
18:48:31.0241 0x4d4c [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
18:48:31.0241 0x4d4c fdPHost - ok
18:48:31.0241 0x4d4c [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
18:48:31.0241 0x4d4c FDResPub - ok
18:48:31.0241 0x4d4c [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
18:48:31.0257 0x4d4c fhsvc - ok
18:48:31.0257 0x4d4c [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
18:48:31.0257 0x4d4c FileCrypt - ok
18:48:31.0257 0x4d4c [ A0AF205465482EE0FC6261782629566B, E0C0E9EB327F4DEEDF3E32EB5573A74436829078331A8EA1B795438892EE81B8 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
18:48:31.0257 0x4d4c FileInfo - ok
18:48:31.0273 0x4d4c [ 01D83D284E6B37902DB3C4D4DB0649E0, 4376F872575013DE87CA8173FABAD367FFF907086864C106A4C82933EF9DA308 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
18:48:31.0273 0x4d4c Filetrace - ok
18:48:31.0273 0x4d4c [ CE9CB1DB00B5007ABFFF0717E748E919, 314E1FA6B0CD9416894EED93ADF3DCB273FF37F6E56EF64C9E7B55E174EB3226 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
18:48:31.0273 0x4d4c flpydisk - ok
18:48:31.0273 0x4d4c [ C5374BA2CAE89DE7269EC61A969EF5D5, 520D7A4C50A9FFF308599C6EADDCADD3D9E398718786D82F02F7EE5C30E7D6A2 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:48:31.0288 0x4d4c FltMgr - ok
18:48:31.0320 0x4d4c [ 8F528FD267C55ABE2A156C5F6EA6B867, 540A852F250783553E042FC31D3F2D695DADA4777FF31F1BA8B60E3407333277 ] FontCache C:\WINDOWS\system32\FntCache.dll
18:48:31.0335 0x4d4c FontCache - ok
18:48:31.0351 0x4d4c [ CE9456F925ADA70ED5A4158F103F9A26, 89753CCCB2E8B1553F077B8F13C63FBEC2EABE7093A6B847477542483347C827 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:48:31.0351 0x4d4c FontCache3.0.0.0 - ok
18:48:31.0366 0x4d4c [ 4B5B18BF7E060A7FC7B80D79D542529C, 483E4D96D2E44A135FAD3B9D1AFA05B571418B3BA9864BE751DDA1DAE9D02D77 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
18:48:31.0366 0x4d4c FrameServer - ok
18:48:31.0382 0x4d4c [ 835F9C7193B6F9A796DE76897DC56968, 62D6CF40CD6B798E79FF3274DB156DAB17724EDEEC85F6602F3C0EDCDD2DBA11 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
18:48:31.0382 0x4d4c FsDepends - ok
18:48:31.0382 0x4d4c [ A01BA0506E07F316483E99D7AD9B6E75, B2CFB3AAE0E49C539C743A7F416CFC0DE2E0CFC2D5AE685F8B1BECBDB95C4308 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:48:31.0382 0x4d4c Fs_Rec - ok
18:48:31.0398 0x4d4c [ F00AA662A862BA1B5B0BB9FBDFAE2DFC, 1DBEA358E58370C1BD8D5797382FD22A19E92BA171AB70868359CF921F324CA7 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:48:31.0398 0x4d4c fvevol - ok
18:48:31.0413 0x4d4c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:48:31.0413 0x4d4c GEARAspiWDM - ok
18:48:31.0413 0x4d4c [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
18:48:31.0413 0x4d4c gencounter - ok
18:48:31.0413 0x4d4c [ EA5EE5EF9765A9157B346DF671952F18, FD0A8DBA6EA3E47D454B877CEC74B7B6BEC8B7A98BE37E9E1110D867009D9EA1 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
18:48:31.0413 0x4d4c genericusbfn - ok
18:48:31.0429 0x4d4c [ 6BE6550F1A32796A11EBC58BBC72C44D, 99DC4058EC1B3BF316F1470BF1208F0A2FC72A508BCC9E7548D91BB0FF04376A ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:48:31.0429 0x4d4c GPIOClx0101 - ok
18:48:31.0445 0x4d4c [ 3FC2377994D9D63FC128B6C48B22B68F, B47D6BE6FF596A23BBDB7261B1CA9CA67CD138CBF89AEA7A68882E62C0087561 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
18:48:31.0460 0x4d4c gpsvc - ok
18:48:31.0460 0x4d4c [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
18:48:31.0476 0x4d4c GpuEnergyDrv - ok
18:48:31.0476 0x4d4c [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
18:48:31.0476 0x4d4c GraphicsPerfSvc - ok
18:48:31.0476 0x4d4c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:48:31.0476 0x4d4c gupdate - ok
18:48:31.0491 0x4d4c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:48:31.0491 0x4d4c gupdatem - ok
18:48:31.0491 0x4d4c [ DED74127C7A2266715C0B8EA2EE75214, 999507BECB4BAAC61317D98311962D446844CAC6271BFFE181F6CD6DFE221465 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
18:48:31.0491 0x4d4c HDAudBus - ok
18:48:31.0491 0x4d4c [ 95888B85956AF97320D1F5C354632957, C0218271A17897D4682192AB431658523EC87CB13551B2BDA40576BF766BB26C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
18:48:31.0491 0x4d4c HidBatt - ok
18:48:31.0507 0x4d4c [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
18:48:31.0507 0x4d4c HidBth - ok
18:48:31.0507 0x4d4c [ 6D767FEB02DF712F783BEEFF09E06431, AB64C61E5729FB27BF9564CA8308D895CFFB992CE8606FDC31EFF01BB1FF8FFE ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
18:48:31.0507 0x4d4c hidi2c - ok
18:48:31.0507 0x4d4c [ 542AB7A14235C5227A9307ACF1636F0B, E54C4C4511727F4E70CB1C9259C56D4AC62E70BAB2F42E9AB402C1DF4AF3FA25 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
18:48:31.0507 0x4d4c hidinterrupt - ok
18:48:31.0523 0x4d4c [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
18:48:31.0523 0x4d4c HidIr - ok
18:48:31.0523 0x4d4c [ 3030F19C6A73367D6D5EEDD157F5D01A, B1F13C2AE334C8CDF15BD96B70E92A81487308D841196A29AE3D1164CDAF9AA2 ] hidserv C:\WINDOWS\system32\hidserv.dll
18:48:31.0523 0x4d4c hidserv - ok
18:48:31.0523 0x4d4c [ 6E3FB2047B8AE72E1B5F1C00A5F3E475, A5F791BECA43925D410751C114BCF2FC4A46D7A44BE80B02CD3259C6E271FF31 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
18:48:31.0523 0x4d4c HidUsb - ok
18:48:31.0538 0x4d4c [ 621B1FFB2E4E4745484EA01B013BF1D2, 6F6761922EF931DB95D6597A5884DEB3CC127FB9D763A5A27369F7881DE64B8D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
18:48:31.0538 0x4d4c HpSAMD - ok
18:48:31.0554 0x4d4c [ 100CE4CEB62568F1B7B45AD1D8BE53D9, 31543F6EC6E4A20721B748979AD41C7E3FBF633333DDC2AE3F2B5E333EE4237F ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
18:48:31.0570 0x4d4c HTTP - ok
18:48:31.0570 0x4d4c [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys
18:48:31.0570 0x4d4c hvcrash - ok
18:48:31.0570 0x4d4c [ 64A94654E5703D2E8830AA2500D8F0A4, A1E3C910DFF1485E412F01076A11B9441161224C0F08A9067082A9FD8A5D8E5B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
18:48:31.0570 0x4d4c HvHost - ok
18:48:31.0585 0x4d4c [ 621042C19113527CF8FA89F3454576BF, AB072C44B9BA8CD3AFE0DA33E42A69210AE87F4314FA3A0DF984DDF12516F063 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
18:48:31.0585 0x4d4c hvservice - ok
18:48:31.0585 0x4d4c [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
18:48:31.0585 0x4d4c HwNClx0101 - ok
18:48:31.0585 0x4d4c [ FE36689912DEC37D45B7A6C6414046FE, 3AE4E52B4ECD50ABEF67DCD1E30E409908F53624D9854BDD472352E8B280F19D ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
18:48:31.0585 0x4d4c hwpolicy - ok
18:48:31.0585 0x4d4c [ A1133368F47D514D73DD7FB4C4FD2B75, 6019DABCAB9E2941D76EC62F4352FA76DDCD964671C490730BF725CA2234CA3D ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
18:48:31.0585 0x4d4c hyperkbd - ok
18:48:31.0601 0x4d4c [ B68252C53556FFB52CCE18FF30FACA99, 0463FB8661A9EF338EFBBE43EE76C63DE170510D0E9B612D62009D7D85669365 ] HyperVideo C:\WINDOWS\System32\drivers\HyperVideo.sys
18:48:31.0601 0x4d4c HyperVideo - ok
18:48:31.0601 0x4d4c [ DA179667B8CEC22E4ECBBF4210DC0E35, 70CDB592E1775919B9AB1810A7BA18FE4851FBD493E4772741F36FC11A4CA47E ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
18:48:31.0601 0x4d4c i8042prt - ok
18:48:31.0601 0x4d4c [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
18:48:31.0601 0x4d4c iagpio - ok
18:48:31.0616 0x4d4c [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
18:48:31.0616 0x4d4c iai2c - ok
18:48:31.0616 0x4d4c [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
18:48:31.0616 0x4d4c iaLPSS2i_GPIO2 - ok
18:48:31.0616 0x4d4c [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
18:48:31.0616 0x4d4c iaLPSS2i_GPIO2_BXT_P - ok
18:48:31.0632 0x4d4c [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
18:48:31.0632 0x4d4c iaLPSS2i_I2C - ok
18:48:31.0632 0x4d4c [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
18:48:31.0648 0x4d4c iaLPSS2i_I2C_BXT_P - ok
18:48:31.0648 0x4d4c [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:48:31.0648 0x4d4c iaLPSSi_GPIO - ok
18:48:31.0648 0x4d4c [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:48:31.0648 0x4d4c iaLPSSi_I2C - ok
18:48:31.0663 0x4d4c [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
18:48:31.0679 0x4d4c iaStorA - ok
18:48:31.0695 0x4d4c [ 26405FA714257E449581DE5D6E6200E6, 1C3055AF6BB53308B7E6268A11929881263767619FF524674C51C03B7990C0A8 ] iaStorAVC C:\WINDOWS\system32\drivers\iaStorAVC.sys
18:48:31.0695 0x4d4c iaStorAVC - ok
18:48:31.0710 0x4d4c [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:48:31.0710 0x4d4c IAStorDataMgrSvc - ok
18:48:31.0710 0x4d4c [ 11AC0355FE52CC8813EE6864DE7531E4, 4D77C451C230395E03B3DB592B1BDCDB8B2142961906A25F0FD070D3A8B670EB ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
18:48:31.0726 0x4d4c iaStorV - ok
18:48:31.0726 0x4d4c [ 62CD9FA7394BCDF7784CCEFC9D00C9AA, 2A09A921EBD998EC45470675FC8D803EAE5F9E2E16B9313591987AA574835CFE ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
18:48:31.0741 0x4d4c ibbus - ok
18:48:31.0741 0x4d4c [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc C:\WINDOWS\System32\tetheringservice.dll
18:48:31.0757 0x4d4c icssvc - ok
18:48:31.0757 0x4d4c [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:48:31.0757 0x4d4c IDriverT - ok
18:48:31.0757 0x4d4c [ EB7BA65AA0EDF27EAB0109AC73F2779C, EB952C72CBB43A07E1E8AC003323CD7C5E2ED7AFC5E06973F7BDB0C702C5630D ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
18:48:31.0757 0x4d4c IJPLMSVC - ok
18:48:31.0776 0x4d4c [ 25793D173BD83ACF8B248C97ABC3B860, 0133EEB7C08E02F3C732FA89381920E5C4BB0CD2190E49C19619FAB43C68708A ] IKEEXT C:\WINDOWS\System32\ikeext.dll
18:48:31.0792 0x4d4c IKEEXT - ok
18:48:31.0792 0x4d4c [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
18:48:31.0792 0x4d4c IndirectKmd - ok
18:48:31.0823 0x4d4c [ CC03A8D6443D1BB148A499366612683E, 1EF1A69B60CAB33F63C9A58B2DA0B0FCD8F21AA122F4CE8D953682C20A4BA585 ] InstallService C:\WINDOWS\system32\InstallService.dll
18:48:31.0838 0x4d4c InstallService - ok
Code:
ATTFilter 18:48:31.0901 0x4d4c [ 8CAA2A543155675D09B0D5239E31EC99, 033CF96E110136A59E01C4D26FE3681862C0993938959059A37A34DC1C0E1D49 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
18:48:31.0948 0x4d4c IntcAzAudAddService - ok
18:48:31.0979 0x4d4c [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:48:31.0979 0x4d4c Intel(R) Capability Licensing Service Interface - ok
18:48:32.0010 0x4d4c [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:48:32.0010 0x4d4c Intel(R) Capability Licensing Service TCP IP Interface - ok
18:48:32.0026 0x4d4c [ F1B552F7ACDF6E3E4DDDB76118CAFDE3, C4047BAAECF6FA3B73EB684F53C7F81A08AA39F42F8DC7C31BF35DFA93B7C647 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
18:48:32.0026 0x4d4c intelide - ok
18:48:32.0026 0x4d4c [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
18:48:32.0026 0x4d4c intelpep - ok
18:48:32.0042 0x4d4c [ 2CEF9DEB97B2CA327175EE8AD5F195A1, 1D6A3B47A844A235B73F8DC2BF872A943FE980480480843EDD5935307C115B3E ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
18:48:32.0042 0x4d4c intelppm - ok
18:48:32.0042 0x4d4c [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
18:48:32.0042 0x4d4c iorate - ok
18:48:32.0042 0x4d4c [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:48:32.0042 0x4d4c IpFilterDriver - ok
18:48:32.0057 0x4d4c [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
18:48:32.0073 0x4d4c iphlpsvc - ok
18:48:32.0073 0x4d4c [ 5C58142E0F1F8AA379748CC123BA7527, 1D6D42F2595DF3C0EE8FEF751F13119951A2D040D2B22A7F0CBD6083B49F8A37 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:48:32.0073 0x4d4c IPMIDRV - ok
18:48:32.0088 0x4d4c [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
18:48:32.0088 0x4d4c IPNAT - ok
18:48:32.0104 0x4d4c [ 3A531CF0C87FBB197A5F4CE2C450454E, 186C21F5C36642C05C5D0C4EC8930CE6BA83D8905B2928133BDEC16990F73700 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:48:32.0104 0x4d4c iPod Service - ok
18:48:32.0120 0x4d4c [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
18:48:32.0120 0x4d4c IPT - ok
18:48:32.0120 0x4d4c [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
18:48:32.0120 0x4d4c IpxlatCfgSvc - ok
18:48:32.0120 0x4d4c [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda C:\WINDOWS\system32\drivers\irda.sys
18:48:32.0135 0x4d4c irda - ok
18:48:32.0135 0x4d4c [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
18:48:32.0135 0x4d4c IRENUM - ok
18:48:32.0135 0x4d4c [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon C:\WINDOWS\System32\irmon.dll
18:48:32.0135 0x4d4c irmon - ok
18:48:32.0135 0x4d4c [ 38A6EC08D0067DECF7B5BA4C871B846C, 0FAB8EACA2BB4A0BF3895B6BB7CA9BCF74447CF640535A57998C6A4A35EAC030 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
18:48:32.0135 0x4d4c isapnp - ok
18:48:32.0151 0x4d4c [ 5529131AAB75E07D9295B19E20C54DAE, C2F2C7D33945C13DDC5EF540581772CEF73EFB23F19E6BCDBB6A99D8C96A302B ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
18:48:32.0151 0x4d4c iScsiPrt - ok
18:48:32.0151 0x4d4c [ C35FD802C800F3CBB4FD426D5A542A22, B2325956DB68222C5FBB43DFA0BF5EEC073470010E13997F2A5635CC89D66872 ] ItSas35i C:\WINDOWS\system32\drivers\ItSas35i.sys
18:48:32.0151 0x4d4c ItSas35i - ok
18:48:32.0167 0x4d4c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:48:32.0167 0x4d4c jhi_service - ok
18:48:32.0167 0x4d4c [ 17F3B012B28F27E7B813A7B037A3D790, DADE75BB016438B7E0A11A1CF1FFA596C27246EF7F4E04D96366029C9F65F0C5 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
18:48:32.0167 0x4d4c kbdclass - ok
18:48:32.0182 0x4d4c [ 843B4BBD15DD0340C5C293CD419D4A76, F6D17CCE13697669DA4EF1F83E394F5496C437496E0E09307F8B615DE3216CC5 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
18:48:32.0182 0x4d4c kbdhid - ok
18:48:32.0182 0x4d4c [ 5BBB86F3F1700E0ACE1DF10F0EF7B227, 348FE61522F8C24F407F87D2966F62BD816DF27CD824AC103699CA66EE799640 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
18:48:32.0182 0x4d4c kdnic - ok
18:48:32.0182 0x4d4c [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] KeyIso C:\WINDOWS\system32\lsass.exe
18:48:32.0182 0x4d4c KeyIso - ok
18:48:32.0198 0x4d4c [ D54931F61470509C2DEBF6B99F9C314F, D054A3E8EC01AF0175B7764E98E0C764F5CD446C89E156FE4035D032CC30B026 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
18:48:32.0198 0x4d4c KSecDD - ok
18:48:32.0198 0x4d4c [ C52C20AACA6DEB2711C247CA24008CF1, B64D033983F4516977B31BB6A622A2A661B6AE89366031C86E1C8481DE741525 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:48:32.0198 0x4d4c KSecPkg - ok
18:48:32.0198 0x4d4c [ 10F2EBC1F1C4549C355781715DE47B66, 9D23CBA56245532D88396DF99C62A26E71A7EEEF7CD8BA98FFF9FD2804DDF946 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
18:48:32.0213 0x4d4c ksthunk - ok
18:48:32.0213 0x4d4c [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
18:48:32.0213 0x4d4c KtmRm - ok
18:48:32.0229 0x4d4c [ 081D030BC669BDEDC68B8FE81A67E6A7, B5C1FA89ACAE1683A524CD14E2D7D6C3C1FAE0ABCD330841D493FC6DB0843798 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
18:48:32.0229 0x4d4c LanmanServer - ok
18:48:32.0245 0x4d4c [ 514E8BD07F42D95667F54777D57403D0, 3D024A18F7AC70A846FAB3255AA1048F8DD1DC4301F1B70B647B71F5E7A1AA24 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:48:32.0245 0x4d4c LanmanWorkstation - ok
18:48:32.0260 0x4d4c [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
18:48:32.0260 0x4d4c lfsvc - ok
18:48:32.0260 0x4d4c [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
18:48:32.0260 0x4d4c LicenseManager - ok
18:48:32.0260 0x4d4c [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
18:48:32.0260 0x4d4c lltdio - ok
18:48:32.0276 0x4d4c [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
18:48:32.0276 0x4d4c lltdsvc - ok
18:48:32.0276 0x4d4c [ BD35F484DA59014D091736F8F10BFB42, 7004408EEE281BA707248369910483928A15F3304F4A8F594EA2E04D43929926 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
18:48:32.0276 0x4d4c lmhosts - ok
18:48:32.0292 0x4d4c [ 08E2B577DB95156F9A658C988EE71F5D, D229FFD97EE9478169D2418A722FD2AD6AD10108FF1B0156BE9A1ADF38B5633A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:48:32.0292 0x4d4c LMS - ok
18:48:32.0307 0x4d4c [ 48380096385DB46E43D85CD92B9500DB, D93F4FDAA5A665E09004F7676E821AEAD0ED059F0E006FF73F02BB8FF1C0F9FC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
18:48:32.0307 0x4d4c LSI_SAS - ok
18:48:32.0307 0x4d4c [ F708223E5829510DF0D5AF209D11C8B8, DE82ACC6D04092C22BA4E63CF527814467870A10B93D7E9B061DBA23CEF9424B ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
18:48:32.0307 0x4d4c LSI_SAS2i - ok
18:48:32.0323 0x4d4c [ B91BCC8F670F128A4BB826ACF2C2B9D5, D905232E3E49EA6CACE04CDB241D12CA9E84F106D15340C921B980610C1080FB ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
18:48:32.0323 0x4d4c LSI_SAS3i - ok
18:48:32.0323 0x4d4c [ FA31CDF977CD31AF9AEAAA422966ACC1, 705761786930A2534CD1B797F5F16F56F58647192175F5D19E13642A89462CAA ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
18:48:32.0323 0x4d4c LSI_SSS - ok
18:48:32.0338 0x4d4c [ 52B6D805C60127F0456DF019775F5740, 3005C49349072EDD68DBFC6DBF884FC75E060920EA3FA90A60C39F5A83939595 ] LSM C:\WINDOWS\System32\lsm.dll
18:48:32.0338 0x4d4c LSM - ok
18:48:32.0354 0x4d4c [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
18:48:32.0354 0x4d4c luafv - ok
18:48:32.0354 0x4d4c [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll
18:48:32.0370 0x4d4c LxpSvc - ok
18:48:32.0370 0x4d4c [ 1C1FF36E51F73989FB4DD2DBAFAE11EC, B5C0B169BFEF5FD769745F924B3F30C960A555F8B0C0C7315B273435D9F246D5 ] MapsBroker C:\WINDOWS\System32\moshost.dll
18:48:32.0370 0x4d4c MapsBroker - ok
18:48:32.0385 0x4d4c [ BD3D311802427608403C5E73A8D6137D, C85DCB557E931E302AF90270731C3F5AA820CDF14D7DBACA95284FD9E4BF5F3D ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
18:48:32.0385 0x4d4c mausbhost - ok
18:48:32.0385 0x4d4c [ 61C2D9790943D8E3AD05AE35E4A313EF, 96BBA5333F4AEEE41FAD28124DD448CFECD8111F931758CAB60FCB1DAA05E239 ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
18:48:32.0385 0x4d4c mausbip - ok
18:48:32.0401 0x4d4c [ 0B4A62420642B842DF8656DBFF663B0C, ACB7961ECA32A50FCBD51B194488DDF40E610C2384EDFD06235AE427BCB80C96 ] MBAMChameleon C:\WINDOWS\System32\Drivers\MbamChameleon.sys
18:48:32.0401 0x4d4c MBAMChameleon - ok
18:48:32.0401 0x4d4c [ 30531264292DBC7507AA1FF4123F1F39, AD27317BFAB1D5C1B332000DF51336424B4B80AF725392EB4A0FE53DC0695C41 ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
18:48:32.0401 0x4d4c MBAMFarflt - ok
18:48:32.0417 0x4d4c [ 0987B4BB03FA1F3C0C7D37347B707D4E, EDEA667695A680B955F42024AD349A9B795A2365C59312EDCC3FE5BF362F59E6 ] MBAMProtection C:\WINDOWS\system32\DRIVERS\mbam.sys
18:48:32.0417 0x4d4c MBAMProtection - ok
18:48:32.0510 0x4d4c [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
18:48:32.0588 0x4d4c MBAMService - ok
18:48:32.0604 0x4d4c [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
18:48:32.0620 0x4d4c MBAMSwissArmy - ok
18:48:32.0620 0x4d4c [ A2814DB0A52A490AE674AD06ECBDC4CF, D3FA7326AFBC7A5A94F7A4AEC84A51ACAB89179D7CAF0CB5F2AF3794E6DBA7F5 ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
18:48:32.0620 0x4d4c MBAMWebProtection - ok
18:48:32.0620 0x4d4c [ 61BCE12529E96E6F0335A2A8DEB83C61, BFDD1E52736311CF53AE9C778C664D37B5B711B544BC41BDFB137F7A9789AD2A ] megasas C:\WINDOWS\system32\drivers\megasas.sys
18:48:32.0620 0x4d4c megasas - ok
18:48:32.0635 0x4d4c [ CA22763F12783A9C81C512ED747CECDD, 8D2403364D5479D89479FA0C23BB9511A4360F51504F78AA1675220CDCD21398 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
18:48:32.0635 0x4d4c megasas2i - ok
18:48:32.0635 0x4d4c [ FDB06D857FC43D654547BBB31D039DB4, 4CBE0F0FBDD88A5DB4F333466BB4E1C886E0742D41B4ED418587B40C4F59B307 ] megasas35i C:\WINDOWS\system32\drivers\megasas35i.sys
18:48:32.0635 0x4d4c megasas35i - ok
18:48:32.0651 0x4d4c [ 230361AF74DDB91705284E024A22DF4F, 82F13E3E4A8B3CB6AE65C1C9F878702D16D101B0DCC79B9FF8368F9B87E0F285 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
18:48:32.0651 0x4d4c megasr - ok
18:48:32.0666 0x4d4c [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
18:48:32.0666 0x4d4c MEIx64 - ok
18:48:32.0666 0x4d4c [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll
18:48:32.0666 0x4d4c MessagingService - ok
18:48:32.0682 0x4d4c [ A8931C3820D5F392D89176E0628E766E, 0F035833B1CBABDF9E5142F3E5EB6413DC7DDBF3A0562170018A8EBA20992CA4 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
18:48:32.0698 0x4d4c mlx4_bus - ok
18:48:32.0698 0x4d4c [ EB4D7C9354CB88DE4B085EA3EEA5BC76, DD842967ED5A9232AF34E68548C98F9760487D5626C9628A44598A97B28F24D3 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
18:48:32.0698 0x4d4c MMCSS - ok
18:48:32.0713 0x4d4c [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem C:\WINDOWS\system32\drivers\modem.sys
18:48:32.0713 0x4d4c Modem - ok
18:48:32.0713 0x4d4c [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor C:\WINDOWS\System32\drivers\monitor.sys
18:48:32.0713 0x4d4c monitor - ok
18:48:32.0713 0x4d4c [ 66C9CCC6A100ACF7A4514BD3091CE566, 1423EC39D4203D717B79BF2E5F4A89A0541CCEA2162351A670EA46AA69A0859D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
18:48:32.0713 0x4d4c mouclass - ok
18:48:32.0713 0x4d4c [ 6BE61DAF4CDC0E13940096EAC4A9F490, 954DA0C9FE3881030EC0B9A428C2C2BBC86353EC9421009AC48FDC047315160F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
18:48:32.0713 0x4d4c mouhid - ok
18:48:32.0729 0x4d4c [ 2CFB54C638F75E39FBB22723401A8A56, 5E4B1107534AF4ADCD031FC4931B6819B8371720A3D68B5C9788C2AB34DA2C21 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
18:48:32.0729 0x4d4c mountmgr - ok
18:48:32.0729 0x4d4c [ 1D8121F646343BD58B25ACBD0E5E9A8A, 5189E054F64159931B11699AAB3B0F9C21170253BED8B9271B74FDB452FBD263 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:48:32.0729 0x4d4c MozillaMaintenance - ok
18:48:32.0745 0x4d4c [ E2E2C07657D8A724FC0B97E828E89701, B72D0C08CB7C7E647E01E19D717D4A6B97E14A60F6600E4039EBE4F26F576D8D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
18:48:32.0745 0x4d4c mpsdrv - ok
18:48:32.0760 0x4d4c [ A69A8D833AB4C94710E00604EAC09BA7, DDE0563780CE6F43ADB0D8DD7993C3576ED49EC1AF35AE7BE3F644CD4C2B545C ] mpssvc C:\WINDOWS\system32\mpssvc.dll
18:48:32.0776 0x4d4c mpssvc - ok
18:48:32.0776 0x4d4c [ 1E49E45D68E4E7779B9E36F39407C5D9, 08E422BE41A69EE3D9AC482DED2A35D0EF1F366CCC7E6675720479D28E23B6A8 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
18:48:32.0776 0x4d4c MRxDAV - ok
18:48:32.0791 0x4d4c [ 3C0FA2ED75875481D00F3D77B1A3E336, 031E1A6F826CEDB44D9FAAA1615872087B822F7A4E0731D3023AEF1CFCD10A2F ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:48:32.0791 0x4d4c mrxsmb - ok
18:48:32.0807 0x4d4c [ 42FE3D84EFE835443151DC2A50D05643, 3582EA0CAA2A02AA9A6FDECF9DE0F962BF10FB1C2E7E804A3F0D62C4A4C365B1 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:48:32.0807 0x4d4c mrxsmb20 - ok
18:48:32.0807 0x4d4c [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
18:48:32.0807 0x4d4c MsBridge - ok
18:48:32.0823 0x4d4c [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC C:\WINDOWS\System32\msdtc.exe
18:48:32.0823 0x4d4c MSDTC - ok
18:48:32.0823 0x4d4c [ 128E1D8C23F690DF1DD7AFDB214DB6ED, 9A04B77E91956B76B2FA2FE5F192C794E0C1DA708AE99B64B3B3D39902452E39 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:48:32.0823 0x4d4c Msfs - ok
18:48:32.0838 0x4d4c [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:48:32.0838 0x4d4c msgpiowin32 - ok
18:48:32.0838 0x4d4c [ D727DEA75E316C80793C7098225D3F56, F6E7F01DDDED03E29BE64796873875A4CC7215B3C8152192A465EE2E76FFC8A1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:48:32.0838 0x4d4c mshidkmdf - ok
18:48:32.0838 0x4d4c [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
18:48:32.0838 0x4d4c mshidumdf - ok
18:48:32.0838 0x4d4c [ 8E42D6B92CB4567467E29F58F2E31715, F1EEB6811526C079EF8C3702A535B23FA14C5A33CA2B14C9A65BAE136568B724 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
18:48:32.0838 0x4d4c msisadrv - ok
18:48:32.0854 0x4d4c [ C9930B9F2ABF42C732202813951A9A26, FFCE4E4FEC9F8393C75828C1D5CC380A666D4606891789D3A6923CE6701D5D99 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
18:48:32.0854 0x4d4c MSiSCSI - ok
18:48:32.0854 0x4d4c msiserver - ok
18:48:32.0854 0x4d4c [ 6CF0815F0A75828CE1E0EE87EF0082F9, 5F6C7DE2A9EE5E98C02B903F13EF98C95162DAECEC08098972507F626BD71F4B ] MSKSSRV C:\WINDOWS\System32\drivers\MSKSSRV.sys
18:48:32.0854 0x4d4c MSKSSRV - ok
18:48:32.0870 0x4d4c [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
18:48:32.0870 0x4d4c MsLldp - ok
18:48:32.0870 0x4d4c [ 83364A92271339D8042C9DD5FD938A84, 23B9A90411DEF1ABA0A9EBFA6CC39F7EA2BFABD578F3783AD398551816AFEC2A ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys
18:48:32.0870 0x4d4c MSPCLOCK - ok
18:48:32.0870 0x4d4c [ AE5A4B89CDFF544B6481970BFD48A056, 6BE9ABE33305387AA61B29AB075C2C72CCFC01A7E86C573B6BE9B4A0FFA9D3EC ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys
18:48:32.0870 0x4d4c MSPQM - ok
18:48:32.0885 0x4d4c [ AA4B272A4083356918D96679C74701C2, 42A053E5876761E87CDFC504D76749BE6236BAD275F0ECFD8B8BA1C1658CC73F ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
18:48:32.0885 0x4d4c MsRPC - ok
18:48:32.0885 0x4d4c [ 4566CB65F176CE5CD8FCA487D2E3A64B, C058E431ED6D3F83A6C923648A79664A61A25F8797DA83C4AE25B491CC195F30 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
18:48:32.0885 0x4d4c mssmbios - ok
18:48:32.0901 0x4d4c [ 8A11E03B32840C0B73C14D16794F1A8A, A003C44F5234522454E285D388E506B7880CCE5FCE5622618F97C2DFFC6EA9DB ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys
18:48:32.0901 0x4d4c MSTEE - ok
18:48:32.0901 0x4d4c [ 794285C4F166B8108292E63FEA3C41E3, 69BB7DDB7D6F3D21395432384FB06E114B2C343664CD62A5DE1A95FBC0F5AEDD ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
18:48:32.0901 0x4d4c MTConfig - ok
18:48:32.0901 0x4d4c [ EEB9D3E90B83546864211D63C1A0A74A, E67118F7B91A192B50C9C2DC159B4276BBD8BF9CC935ABADA459E4DF4191066A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
18:48:32.0901 0x4d4c Mup - ok
18:48:32.0916 0x4d4c [ 69CECA6726FAD321F5643B16A1FF3934, 8F43BEC668DD0A1D65D3B545B78AF4324AE36DCC3524B7CF3385FE2B19CB6B07 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
18:48:32.0916 0x4d4c mvumis - ok
18:48:32.0916 0x4d4c [ B66E5DDF484DE03D61B83118E45D5E11, ECADFC9178CC957498F54F22758F4944C23CE692653DA1862061C9382AE8FD23 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:48:32.0932 0x4d4c NativeWifiP - ok
18:48:32.0948 0x4d4c [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
18:48:32.0963 0x4d4c NaturalAuthentication - ok
18:48:32.0979 0x4d4c [ 0CB8324F6CB624812FD9D4FE9186F845, 15E939AF3F11FD109BF7678C010F2C9C883DFA375A4A18FDE24B3C960C983B84 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
18:48:32.0995 0x4d4c NAUpdate - ok
18:48:32.0995 0x4d4c [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
18:48:32.0995 0x4d4c NcaSvc - ok
18:48:33.0010 0x4d4c [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService C:\WINDOWS\System32\ncbservice.dll
18:48:33.0010 0x4d4c NcbService - ok
18:48:33.0026 0x4d4c [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
18:48:33.0026 0x4d4c NcdAutoSetup - ok
18:48:33.0026 0x4d4c [ AB9EB3CADF4D415B598487397476A23A, EA48BC5CCD9814F6CA50485818BA150A1066D462306764C197935A926DF0565E ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
18:48:33.0026 0x4d4c ndfltr - ok
18:48:33.0041 0x4d4c [ 5269DDC879DF5FEA2B7DB91AA4726CCA, 14B0A7A03A1A49D7018F8E82A8B95BEDCBF444535B4FF4A38157FC4FD61FA72B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
18:48:33.0073 0x4d4c NDIS - ok
18:48:33.0073 0x4d4c [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
18:48:33.0073 0x4d4c NdisCap - ok
18:48:33.0073 0x4d4c [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
18:48:33.0073 0x4d4c NdisImPlatform - ok
18:48:33.0088 0x4d4c [ 4C8BBD7EE829CE9BFB8E21134AC477E0, ED8E0D603AFFA4BD7C7057B7B10FEB811B89CB8C6D66EC8212AC24062D58CEDB ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:48:33.0088 0x4d4c NdisTapi - ok
18:48:33.0088 0x4d4c [ 76DB7B344F90A29A16CB6B7C67B87CF6, 921E6AF5B22CF3A9E153F6A6F5E3FFE64BE49959AD705F865D2734B0F8A07517 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
18:48:33.0088 0x4d4c Ndisuio - ok
18:48:33.0088 0x4d4c [ A76D79B71300EB3FEDD3D12D4C6F1D76, 9B20C3716DDD9EECCDDFA2C4F1A9ACA512B612A8CDFC8C22B2F867280AE51A3B ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:48:33.0088 0x4d4c NdisVirtualBus - ok
18:48:33.0104 0x4d4c [ DA9896F6ED9EAFDAC19177ADF99DD932, A89EA83567059A59058C0330951B292C1FD98A829276618703570293C73E2FFE ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
18:48:33.0104 0x4d4c NdisWan - ok
18:48:33.0104 0x4d4c [ DA9896F6ED9EAFDAC19177ADF99DD932, A89EA83567059A59058C0330951B292C1FD98A829276618703570293C73E2FFE ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:48:33.0104 0x4d4c ndiswanlegacy - ok
18:48:33.0120 0x4d4c [ 934E4A5CFD9CB891CD338052FA3467C6, 0D7C1709E6C818E2DA969220C888BF3A28D0952E73322EDDFF66AFEEB03A3103 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
18:48:33.0120 0x4d4c ndproxy - ok
18:48:33.0120 0x4d4c [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
18:48:33.0120 0x4d4c Ndu - ok
18:48:33.0135 0x4d4c [ A704515CF3038668E9E2CA66E31A0700, 0F5A75AC5FF8E021D15D89ACE4C4D215825D931097E1BB633F46177E36F40157 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
18:48:33.0135 0x4d4c NetAdapterCx - ok
18:48:33.0135 0x4d4c [ DD09E3115DF2CDB36FED21E67149EB91, F2FAD5091F456E593FB25843026C5F2440D3605E5355F5FEFBFEF5E9E70DDED6 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
18:48:33.0135 0x4d4c NetBIOS - ok
18:48:33.0151 0x4d4c [ 045A018E0BA5F9B75C5928A31C0E822C, 4285B752D5D1BC601B43537064DCE385F52A46D13E7988088B3BF2E2ADF3E2F2 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:48:33.0151 0x4d4c NetBT - ok
18:48:33.0151 0x4d4c [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:48:33.0151 0x4d4c Netlogon - ok
18:48:33.0166 0x4d4c [ C3D07481FDD607F9B66B2CF1D8E26EF0, 5B20EAE39884B103F83A36E9AA55BA8932432344C7BADB11D8B827C07C7999E4 ] Netman C:\WINDOWS\System32\netman.dll
18:48:33.0166 0x4d4c Netman - ok
18:48:33.0182 0x4d4c [ E9931F57F05696CBF53A086449D97BF6, 986C99033AA10A258F0CC42727B14C5812BC76AB535CDF54FCA1B038C4BF9546 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
18:48:33.0182 0x4d4c netprofm - ok
18:48:33.0198 0x4d4c [ C8B1AF912319FEF251288BDD27E9576D, 0A8C2CDE353C23F076F6ED8609F3074116179B3C8BF7700324250689FDB2331C ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
18:48:33.0198 0x4d4c NetSetupSvc - ok
18:48:33.0213 0x4d4c [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:48:33.0213 0x4d4c NetTcpPortSharing - ok
18:48:33.0213 0x4d4c [ DA8548D75434CE421BF921BAAC0916D9, 3A7E1D5EC02D6D4FD3321A1B8ADB20E99DD556E2D5FE1C98633F06EE6A023A23 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
18:48:33.0213 0x4d4c netvsc - ok
18:48:33.0229 0x4d4c [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
18:48:33.0245 0x4d4c NgcCtnrSvc - ok
18:48:33.0260 0x4d4c [ DB3589FF79F06EC1967EBA56C7249E3C, C3F1B4687F2AAE869C8566B38DCFE507F8E7201A2241BD5342AAC22A2370D5E4 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
18:48:33.0260 0x4d4c NgcSvc - ok
18:48:33.0276 0x4d4c [ BF69FF80C3975B1D1E9428A689A16CB1, 670016D59D2169B44E2EF4CBDE281A34C4E868D2465362B09FA2DBFA393A2804 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
18:48:33.0292 0x4d4c NlaSvc - ok
18:48:33.0292 0x4d4c [ 7190932DB00BE83B57C01B5EAC4D746B, A3C7C87874620E042EFCDF64332450ACEDD4FAB7F6C1B2DE97A1C6EDA2DA3055 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:48:33.0292 0x4d4c Npfs - ok
18:48:33.0292 0x4d4c [ 218DB396170D77BB94F69B526CC51B8F, 6AACC3C38E22061A210918771D3B087903CB7024AFBD013827864C02CD75A3F9 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
18:48:33.0292 0x4d4c npsvctrig - ok
18:48:33.0292 0x4d4c [ 457DAC0D0978F5391E0742ADCB4C2E28, AD53F2FC597E90AFF0795655A36192BA803AD1E737C86FD216CD39E2EC4F9C36 ] nsi C:\WINDOWS\system32\nsisvc.dll
18:48:33.0292 0x4d4c nsi - ok
18:48:33.0307 0x4d4c [ A4952889D7C5804F17ABB9F454A371C2, 0FCE2AD4F705805D95993337915607F74CE2AA9EC92919DDE3D2569D6B9B5C13 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
18:48:33.0307 0x4d4c nsiproxy - ok
18:48:33.0339 0x4d4c [ 2B98586D5D7D536E8BDD33E276A1EE16, 915323F7F06C5B0A076BE840CAC9385FE1288C3DE1BE0A600F31DA72EB144CCE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:48:33.0385 0x4d4c Ntfs - ok
18:48:33.0385 0x4d4c [ C029E5408EEE26C3B4E5BA5D29738DB8, 8463A19A690304DC757E7698FCB59902B6305A0E9C48BF2FB2DF24C1EFA4A6EC ] Null C:\WINDOWS\system32\drivers\Null.sys
18:48:33.0385 0x4d4c Null - ok
18:48:33.0401 0x4d4c [ 189E5FCB96ABFEA84239A16062256EE4, F3233B1B14363CD4CD032F43368FD10A42C0BE665F4B13A7E253C327C2B832DB ] nvdimm C:\WINDOWS\System32\drivers\nvdimm.sys
18:48:33.0401 0x4d4c nvdimm - ok
18:48:33.0401 0x4d4c [ 8DE05D2A2C15D1A42F7BA85A819DEE0C, 2364C83770D4341C0CB70DF70520212568C3461E3BA90C77AE3CF1090B37D139 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
18:48:33.0401 0x4d4c NVHDA - ok
18:48:33.0667 0x4d4c [ 66ED27A828302B0E1FFF74DBB912A9DF, 0D92BCEC1A989245A2A1D4738DC141ACABF8A8E0461565246A3AF8C12FA606DE ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys
18:48:33.0870 0x4d4c nvlddmkm - ok
18:48:33.0901 0x4d4c [ 1F50ED95984009BF3634D6BD1A16FA5B, 650A25B2419331D95B1E4C26DE253AC3500374EDEFC5DB55CD5D5884A26783F0 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
18:48:33.0901 0x4d4c nvraid - ok
18:48:33.0901 0x4d4c [ D6C14906B78F235461EEF96A886830D4, 5D0EDE46EB9965C494B994F7071696C91C0C01352D1B000501E7B55F54F11952 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
18:48:33.0901 0x4d4c nvstor - ok
18:48:33.0917 0x4d4c [ 33486D139DB345A3D3245C4B57FDADC7, B1DFB0210F264572B641D25D9A8C3E558ADBFA097713DCCCD8F8C328B6687EAA ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:48:33.0917 0x4d4c NvStreamKms - ok
18:48:33.0917 0x4d4c [ 64473C7916BAF33FE73F1A44C559E672, 033F37F4B91ACAB7569F5CBA5542D3CC063C030C751209CE7C468052476A9BF8 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
18:48:33.0932 0x4d4c NvTelemetryContainer - ok
18:48:33.0932 0x4d4c [ 036A8C30C662397A2D882D9AFF99089F, C7AC0E6F7E3275890E36CA052C9DFF1D6D16D9F6102856D51AF088641C7B5709 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
18:48:33.0932 0x4d4c nvvad_WaveExtensible - ok
18:48:33.0932 0x4d4c [ 8BC04BF71C919C669D3D3D459F14F343, 4375AE3857A1AF1FFEF2A224DF3E6AAC269B782C1910E4A3BEF36778679B336E ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
18:48:33.0948 0x4d4c nvvhci - ok
18:48:33.0948 0x4d4c [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
18:48:33.0948 0x4d4c OneSyncSvc - ok
18:48:33.0964 0x4d4c [ C3E24FBFA4C3291A5E5310609A58DB2E, CC49A52348B880B68CF403D27FB82A2FA4DE0450F37A5F45A40E101D41E5F984 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:48:33.0964 0x4d4c ose - ok
18:48:34.0073 0x4d4c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:48:34.0135 0x4d4c osppsvc - ok
18:48:34.0151 0x4d4c [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
18:48:34.0151 0x4d4c p2pimsvc - ok
18:48:34.0167 0x4d4c [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
18:48:34.0167 0x4d4c p2psvc - ok
18:48:34.0182 0x4d4c [ 13B175715A4391E4E5D2AB2EBC8CDBB5, 12BA91A586C5A31FBECEB2D4842E52F79EDD3E2AD4DB169C902B9A120AEC0201 ] Parport C:\WINDOWS\System32\drivers\parport.sys
18:48:34.0182 0x4d4c Parport - ok
18:48:34.0182 0x4d4c [ 428B9FAFB0EE6EF66EAAB7B49A96487A, 90892AC924B529B86B42D011B2B2F0556E204650C890FDACABD8051AD6EDB631 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
18:48:34.0182 0x4d4c partmgr - ok
18:48:34.0198 0x4d4c [ 0CF87FC2DA60940031D553F8FDF5066B, 95F8A15210D6F431B84C6E18643F93C9D16F53D3FF4873F9A327A77924B4B9F8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
18:48:34.0198 0x4d4c PcaSvc - ok
18:48:34.0214 0x4d4c [ 7B6C0AFE5029A791F23B03EB13194797, E175EF1248ABD178A3C54D2CA910D2F3B7B1AB07A79CB88A383307EC1876C7A0 ] pci C:\WINDOWS\system32\drivers\pci.sys
18:48:34.0214 0x4d4c pci - ok
18:48:34.0229 0x4d4c [ C447CDA030A3415711E4E940D2E9B399, 292888AE9D44013D8B12BB1D8803988EFF64957DE682B64FDC82E100646390DA ] pciide C:\WINDOWS\system32\drivers\pciide.sys
18:48:34.0229 0x4d4c pciide - ok
18:48:34.0229 0x4d4c [ 753174DF234EA8BBF732986D5F78FCE7, 6BE93B24DA2161DAE5ECBE393729BD4661F04CD0CDEBEBF6D92E9E212FA89D71 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
18:48:34.0229 0x4d4c pcmcia - ok
18:48:34.0229 0x4d4c [ 1D05B6DE437515281CD91A16C16529E6, 0FC581E40AF55D916CF428ECF4387C1E909C3361426F1D9F723F9497C9B025D8 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
18:48:34.0229 0x4d4c pcw - ok
18:48:34.0245 0x4d4c [ F5F1A092463D6E46E71CC709A65403D1, 9EEB499D54842667B4ECF1036E28926C8AD20515333373D2965C57BC2C7EAD4C ] pdc C:\WINDOWS\system32\drivers\pdc.sys
18:48:34.0245 0x4d4c pdc - ok
18:48:34.0260 0x4d4c [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
18:48:34.0260 0x4d4c PEAUTH - ok
18:48:34.0276 0x4d4c [ CD9BA1C279BE0E92E971C2B45A7F3D9B, EC6546868718771EE45D07E9E856E5F33DD4339C1115E4479D7DEF4394D141D0 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
18:48:34.0276 0x4d4c percsas2i - ok
18:48:34.0276 0x4d4c [ 6D5EA79E82A48B181E18C2C39416E8C8, 4F5EF24FFFABB82B1E9D98DE3275508D458589F729C4976FDB3C2EC51549D414 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
18:48:34.0276 0x4d4c percsas3i - ok
18:48:34.0292 0x4d4c [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
18:48:34.0292 0x4d4c PerfHost - ok
18:48:34.0307 0x4d4c [ 630C3D645133B759CFC0E354E2A55D11, 094465C2DB324A784EA505C9C2CF06A12326F105EF767126BBDFBFE3D081E6E0 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
18:48:34.0323 0x4d4c PhoneSvc - ok
18:48:34.0339 0x4d4c [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
18:48:34.0339 0x4d4c PimIndexMaintenanceSvc - ok
18:48:34.0370 0x4d4c [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla C:\WINDOWS\system32\pla.dll
18:48:34.0385 0x4d4c pla - ok
18:48:34.0401 0x4d4c [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
18:48:34.0401 0x4d4c PlugPlay - ok
18:48:34.0401 0x4d4c [ E8BE4041A69023B6A4D1096EE8436347, 133BAA21852D077EA600F0A09C112F6511ACB792757472891E71185E94135D5B ] pmem C:\WINDOWS\System32\drivers\pmem.sys
18:48:34.0401 0x4d4c pmem - ok
18:48:34.0417 0x4d4c [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
18:48:34.0417 0x4d4c PNPMEM - ok
18:48:34.0417 0x4d4c [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
18:48:34.0417 0x4d4c PNRPAutoReg - ok
18:48:34.0432 0x4d4c [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
18:48:34.0432 0x4d4c PNRPsvc - ok
18:48:34.0448 0x4d4c [ 9744ADAF8DD679D64A33D828FABA39E1, AE820E529697A2F308E6A24127B3D4A7F02C406DA46A6CB65243EC3F6B400950 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
18:48:34.0448 0x4d4c PolicyAgent - ok
18:48:34.0464 0x4d4c [ F39D3876C731BB01BFE8F574188837C8, 51CB5E89397D6A150A05BDD53CC9B90B419A040BE1828C2E7BBD6684FE371588 ] Power C:\WINDOWS\system32\umpo.dll
18:48:34.0464 0x4d4c Power - ok
18:48:34.0464 0x4d4c [ 1FB09FD846D5030B82EB345E9970A105, 871D38DD966EDD919B2E0C51125E1834A15A0222E2452605988BFD7E7B37C5C1 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
18:48:34.0464 0x4d4c PptpMiniport - ok
18:48:34.0526 0x4d4c [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:48:34.0573 0x4d4c PrintNotify - ok
18:48:34.0589 0x4d4c [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
18:48:34.0589 0x4d4c PrintWorkflowUserSvc - ok
18:48:34.0589 0x4d4c [ E0E55CDA29C80A9520FCFC78D7F8A73D, 9DE15A73643D71183E568F8F4DD8776D935786BE46F15BFE2DFD607378FC9E58 ] Processor C:\WINDOWS\System32\drivers\processr.sys
18:48:34.0604 0x4d4c Processor - ok
18:48:34.0604 0x4d4c [ C974AC54A9D34AF4899E98ECC1784E03, C71B76743AAF1E8490204F7B8204C4B98BD2BFDEE159EEA42A28A23300D3B87C ] ProfSvc C:\WINDOWS\system32\profsvc.dll
18:48:34.0620 0x4d4c ProfSvc - ok
18:48:34.0620 0x4d4c [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
18:48:34.0620 0x4d4c Psched - ok
18:48:34.0635 0x4d4c [ 29F12CD3F77B65C7E37F8517395B13D2, 690517756A21B3DE4CF4A027AA712FC62DB6F5F2E89B4D2DE220A29C4A36878B ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
18:48:34.0635 0x4d4c PushToInstall - ok
18:48:34.0635 0x4d4c [ F2EECF8977BD3FE4E38743DDCFBECD20, 37AC3692C9159289C0675886930AA1999AE55196192F4EB22634D8DB46E4D9CC ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys
18:48:34.0635 0x4d4c PxHlpa64 - ok
18:48:34.0651 0x4d4c [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE C:\WINDOWS\system32\qwave.dll
18:48:34.0651 0x4d4c QWAVE - ok
18:48:34.0651 0x4d4c [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
18:48:34.0651 0x4d4c QWAVEdrv - ok
18:48:34.0667 0x4d4c [ 0FFABEB2D06CD74DDE0BCA510EEAEEBC, 8598F39D312754C92A3776104D596F0C0312712D934B9994B2711F95FA6FE0AE ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys
18:48:34.0667 0x4d4c Ramdisk - ok
18:48:34.0667 0x4d4c [ B834761352403111D0113284D8736025, 444D05D5F4CED956AFE48CA29CD59420BDB2B14336D19BE2A28612A851EACF4E ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:48:34.0667 0x4d4c RasAcd - ok
18:48:34.0667 0x4d4c [ FA99CE309B66586A0AA6EF9CFF7BC467, 4684EB05828C2153FE94468E7A9A75D8C81F90E700B437C5990BC9451AD39AC7 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
18:48:34.0667 0x4d4c RasAgileVpn - ok
18:48:34.0682 0x4d4c [ C7CCE345D0010B3B9AC5067578436BFE, 4473E7D0492B7F0214576861A6AD90363D7F826B5E0DE15A56E93DA94BBF19E7 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:48:34.0682 0x4d4c RasAuto - ok
18:48:34.0682 0x4d4c [ 775ED7E51B58CF9EB415A1DBA540DACF, A3035A8A299D35B7A24A347FB8A2DB6B5892FD2A181D90F64CCD4806EA154395 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
18:48:34.0682 0x4d4c Rasl2tp - ok
18:48:34.0698 0x4d4c [ 5AD6D0A830EAE44DB17E612824ACDF3D, 2094737D7D6CB8246F12D2020710BA94C1544835FE354524159CF7D4BD7B68CB ] RasMan C:\WINDOWS\System32\rasmans.dll
18:48:34.0714 0x4d4c RasMan - ok
18:48:34.0729 0x4d4c [ E2433A620ABF4083157944E4692C500D, 126CA9F9D38FB4FA312A82FEA24C13D0693407384B1BCD55A0CBEFA8E52E1D8A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:48:34.0729 0x4d4c RasPppoe - ok
18:48:34.0729 0x4d4c [ EE5D1D51FA74ECCE57CF2DB8F6A417D8, CC295366C60CAECA7CC32903E3A983635B55A5F5FD6E6BC4FEFE997B8154345C ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
18:48:34.0729 0x4d4c RasSstp - ok
18:48:34.0745 0x4d4c [ FFE99C3066FCBC23AA957BD23EC39839, 7FE3F8A0EC0C3C0AB85143C1D325978B99533A2535965DFB989C0A41E6DC2677 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:48:34.0745 0x4d4c rdbss - ok
18:48:34.0745 0x4d4c [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
18:48:34.0745 0x4d4c rdpbus - ok
18:48:34.0760 0x4d4c [ 52A6CC99F5934CFAE88353C47B6193E7, 37F6991FA526036866E8CFC938A16750644AD764FA52BB102B11B5D594DB7E96 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
18:48:34.0760 0x4d4c RDPDR - ok
18:48:34.0776 0x4d4c [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:48:34.0776 0x4d4c RdpVideoMiniport - ok
18:48:34.0776 0x4d4c [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
18:48:34.0776 0x4d4c rdyboost - ok
18:48:34.0807 0x4d4c [ 03C37A5A2FA13F3B669BC56358FC96CE, E38FE4AC6DDC431DA37FEB667A5C224A1BBE2D9F69949859DCB2628150B8C095 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
18:48:34.0838 0x4d4c ReFS - ok
18:48:34.0854 0x4d4c [ 51E5E37F672641BDE9CF004A61529F4D, AE5F7C3706ABE89C99485605C3FD03FD016A0A462A733BBD58A85BDC584615AA ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
18:48:34.0870 0x4d4c ReFSv1 - ok
18:48:34.0885 0x4d4c [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:48:34.0885 0x4d4c RemoteAccess - ok
18:48:34.0901 0x4d4c [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:48:34.0901 0x4d4c RemoteRegistry - ok
18:48:34.0917 0x4d4c [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
18:48:34.0917 0x4d4c RetailDemo - ok
18:48:34.0932 0x4d4c [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
18:48:34.0932 0x4d4c rhproxy - ok
18:48:34.0932 0x4d4c [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc C:\WINDOWS\System32\RMapi.dll
18:48:34.0932 0x4d4c RmSvc - ok
18:48:34.0948 0x4d4c [ 3CD63AE6A9A1DE4CD5831AE15221C861, CB8B5FDA48D9D4E5A9F26F67859105E2769AF82B2CA1B0B35D9BFBA611445CC0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
18:48:34.0948 0x4d4c RpcEptMapper - ok
18:48:34.0948 0x4d4c [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:48:34.0948 0x4d4c RpcLocator - ok
18:48:34.0963 0x4d4c [ 8CE6D7338F84B228450C8240BB77DB16, 3580ACCD3D1D31E2BA90A1A0FE7CE1FFBD12CF00931098664AAD2EA42F075FEF ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:48:34.0979 0x4d4c RpcSs - ok
18:48:34.0995 0x4d4c [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
18:48:34.0995 0x4d4c rspndr - ok
18:48:35.0010 0x4d4c [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168 C:\WINDOWS\System32\drivers\Rt630x64.sys
18:48:35.0026 0x4d4c RTL8168 - ok
18:48:35.0026 0x4d4c [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
18:48:35.0026 0x4d4c s3cap - ok
18:48:35.0026 0x4d4c [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] SamSs C:\WINDOWS\system32\lsass.exe
18:48:35.0026 0x4d4c SamSs - ok
18:48:35.0042 0x4d4c [ 04C51BBD8C9F54E5F2C5D831B03B11E3, 15AD9F224CBBCAFB117574F03C6F1C02639928A95BC4533453EBAFB20F7AE671 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
18:48:35.0042 0x4d4c sbp2port - ok
18:48:35.0042 0x4d4c [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
18:48:35.0057 0x4d4c SCardSvr - ok
18:48:35.0057 0x4d4c [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
18:48:35.0057 0x4d4c ScDeviceEnum - ok
18:48:35.0073 0x4d4c [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:48:35.0073 0x4d4c scfilter - ok
18:48:35.0088 0x4d4c [ 9D13410D7B4D76AA2EA73EC8CA0E0190, 7C46D202683F34F1C07D9D297E9A239376800DC8C84FE1585FE7FC723B6EBBA0 ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:48:35.0104 0x4d4c Schedule - ok
18:48:35.0104 0x4d4c [ 6538E939E55B589AA4F5BC22D35A6B36, 262BB2C6499B1B033E07CD0B8CB9C41122EE9DE52B34F664999B667E1C7CDB0D ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
18:48:35.0104 0x4d4c scmbus - ok
18:48:35.0104 0x4d4c [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
18:48:35.0120 0x4d4c SCPolicySvc - ok
18:48:35.0120 0x4d4c [ 495273177E87B0C34D7E431E9254FA23, 61116DA77622F5A0E931F5033C1B870A22AD3438C056FD1F320F857908E4124B ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
18:48:35.0120 0x4d4c sdbus - ok
18:48:35.0135 0x4d4c [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
18:48:35.0135 0x4d4c SDFRd - ok
18:48:35.0135 0x4d4c [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
18:48:35.0135 0x4d4c SDRSVC - ok
18:48:35.0151 0x4d4c [ F80D6C03FEA2F7DEE14023B7229DA8C2, B62AFCFCDE9C1BA0A5D80BAAC3D3D95546DB2E532C04C765FF85B27D1CBD5B8D ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
18:48:35.0151 0x4d4c sdstor - ok
18:48:35.0151 0x4d4c [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon C:\WINDOWS\system32\seclogon.dll
18:48:35.0151 0x4d4c seclogon - ok
18:48:35.0167 0x4d4c [ 1E8CC4964FEECEE44D720A5130075F79, 75656541633FE90045183C68F4A81F1AA305E4A03CFBF7C50F226F18000924D5 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
18:48:35.0182 0x4d4c SecurityHealthService - ok
18:48:35.0198 0x4d4c [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
18:48:35.0213 0x4d4c SEMgrSvc - ok
18:48:35.0229 0x4d4c [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS C:\WINDOWS\System32\sens.dll
18:48:35.0229 0x4d4c SENS - ok
18:48:35.0245 0x4d4c [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
18:48:35.0261 0x4d4c SensorDataService - ok
18:48:35.0276 0x4d4c [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService C:\WINDOWS\system32\SensorService.dll
18:48:35.0292 0x4d4c SensorService - ok
18:48:35.0292 0x4d4c [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
18:48:35.0308 0x4d4c SensrSvc - ok
18:48:35.0308 0x4d4c [ C5CF2941AA9E417B3A224601255C002E, 31E2988E13D9BB3630980E8B71AE5FB244EFB15970623C1FE76B7ACA25A4A2F2 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
18:48:35.0308 0x4d4c SerCx - ok
18:48:35.0308 0x4d4c [ B9C113BD9FCA4F3E23F03708A7DA07CC, 0A070BDDA956B1869D58A173B56ABA011E1F7A3C5D258343D0AEDC1EC87F4B53 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
18:48:35.0323 0x4d4c SerCx2 - ok
18:48:35.0323 0x4d4c [ 1845736FA47A1DFBBB642FE21095B4E0, 057E8750E8695F6B72A33BBF1C5CFCCD6BFC992E6B99A487A07F5A4921004791 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
18:48:35.0323 0x4d4c Serenum - ok
18:48:35.0323 0x4d4c [ F1BABF50469041797ED9928C31318832, 1A8C75F4696D4D2AA47EA33BC96069A394466953EBC3CFB2B3D6B961B8B5875A ] Serial C:\WINDOWS\System32\drivers\serial.sys
18:48:35.0323 0x4d4c Serial - ok
18:48:35.0323 0x4d4c [ 340116988930B07629A2D0C2B380A365, EBAAC3DF2E8DABFB477340E79FC8E3A8B74340C389D73E51D64A97A332664113 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
18:48:35.0323 0x4d4c sermouse - ok
18:48:35.0339 0x4d4c [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
18:48:35.0354 0x4d4c SessionEnv - ok
18:48:35.0354 0x4d4c [ 77FF0A5BA023D8E8C82EACCD54EA5C78, A4A88A550419C347E369DDD29D4EB5C1BC4D980FBA9C655DF787A166FCA2497D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
18:48:35.0354 0x4d4c sfloppy - ok
18:48:35.0354 0x4d4c [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys
18:48:35.0354 0x4d4c SgrmAgent - ok
18:48:35.0370 0x4d4c [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe
18:48:35.0370 0x4d4c SgrmBroker - ok
18:48:35.0386 0x4d4c [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:48:35.0386 0x4d4c SharedAccess - ok
18:48:35.0401 0x4d4c [ 0BE15FDA358837ABD88DC72AA75C75CD, 3990FA051E7C280B446C8A749FCEE04E384230CC5E286B4E7080B1737E5730DD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
18:48:35.0417 0x4d4c SharedRealitySvc - ok
18:48:35.0433 0x4d4c [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:48:35.0448 0x4d4c ShellHWDetection - ok
18:48:35.0448 0x4d4c [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
18:48:35.0448 0x4d4c shpamsvc - ok
18:48:35.0464 0x4d4c [ 1443CF919C2A3207CE7724E0A31686A2, 3F0ECC565F67638A57A23BF69C399AD638DA9F81F1660CF3E027DC057E990EA4 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:48:35.0464 0x4d4c SiSRaid2 - ok
18:48:35.0464 0x4d4c [ C0B1EAD6CC127CAE4E84EBF54105B3B8, 86F5C937D9DC61F262FF00B45249162F4087B6A1CA0FC24EF7950E4E77FEF26B ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
18:48:35.0464 0x4d4c SiSRaid4 - ok
18:48:35.0464 0x4d4c [ B7C6144293CFAD2DEDCD022C44735DC2, 75F26A8F43EED45764D50B2CCE44C453BFBBD0FA56B6AF1F2B4B8B3665C3961E ] smphost C:\WINDOWS\System32\smphost.dll
18:48:35.0464 0x4d4c smphost - ok
18:48:35.0479 0x4d4c [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
18:48:35.0495 0x4d4c SmsRouter - ok
18:48:35.0495 0x4d4c [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
18:48:35.0495 0x4d4c SNMPTRAP - ok
18:48:35.0511 0x4d4c [ 3F11BAB1C9963BFD648A80C0BE71AAAC, C39CA1CE9C16C119C7C8AC677E1608B013146039FBC9E34F88406444B7C2B5BE ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
18:48:35.0526 0x4d4c spaceport - ok
18:48:35.0526 0x4d4c [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
18:48:35.0526 0x4d4c SpatialGraphFilter - ok
18:48:35.0526 0x4d4c [ D05EB2BB52EC6B665D1631EC33241B80, 29598FC180020515254A9FAE7BE8077549C656EDB425059691007EEC0F9346F9 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
18:48:35.0526 0x4d4c SpbCx - ok
18:48:35.0558 0x4d4c [ 14C99B814E284592548C4D63AE5BE954, B47FEAAAC512D07F1F9489FC1F51F0D3965F762AA02662E24F7272A208D96E6F ] spectrum C:\WINDOWS\system32\spectrum.exe
18:48:35.0558 0x4d4c spectrum - ok
18:48:35.0573 0x4d4c [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler C:\WINDOWS\System32\spoolsv.exe
18:48:35.0589 0x4d4c Spooler - ok
18:48:35.0667 0x4d4c [ FEEC8055C5986182C717DD888000AEF6, E09B7B1DE43A226842A4B8C591D712E51585BC7E8A39CFB8852CBF16D234C3A6 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
18:48:35.0714 0x4d4c sppsvc - ok
18:48:35.0745 0x4d4c [ 3EB4023AC700182D84CB6761D3727394, 6993C127F4AD8B899E6A285EDB849807F522D9B0A0018E5436114F527EC8B1F1 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
18:48:35.0745 0x4d4c srv2 - ok
18:48:35.0761 0x4d4c [ 63ADE24D0B3F655ED3F5B6E7F09B2312, 2387FB2FAB3F8A15CBDC069AC140F01B9012B5EF8A0E7434B78571B24F4ADB1E ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:48:35.0761 0x4d4c srvnet - ok
18:48:35.0761 0x4d4c [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:48:35.0776 0x4d4c SSDPSRV - ok
18:48:35.0776 0x4d4c [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
18:48:35.0792 0x4d4c ssh-agent - ok
18:48:35.0792 0x4d4c [ C7DF51E24DD853E7E2D3C0BCDCE57D6C, D1BFDC89F00C5B8388EB233290B6D540C246D0267B1C192C51645004A8CD8C62 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
18:48:35.0808 0x4d4c SstpSvc - ok
18:48:35.0808 0x4d4c [ F0B59ADCD06BCEB9D47311B7041CA2C9, 6299AB514CBE153C875F083ED789F6205C1781C0178759521F5A6D8007F5257C ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:48:35.0808 0x4d4c ssudmdm - ok
18:48:35.0823 0x4d4c [ 46826B02C346D48A62FF11882AF662BB, DE8FAD3E99D0E90CE8ABA15D604CF1E80F16C9E4B92F1A41A63D56CF7D96A414 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
18:48:35.0839 0x4d4c ss_conn_service - ok
18:48:35.0917 0x4d4c [ BDFDF0A5B3622E4320C72D5B9619C9B2, EC0B8A80302B118D6148B9B4488D3E0D220B23FFC9F28F9956F3D46265CBEF14 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
18:48:35.0979 0x4d4c StateRepository - ok
18:48:35.0979 0x4d4c [ DA82903F26AE12034CC5229F61098948, E7B5CA27C864BE95EC109D0692F44BE9F5F56AB6173AB1811F4E83A3EB5F26CA ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
18:48:35.0995 0x4d4c stexstor - ok
18:48:35.0995 0x4d4c [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc C:\WINDOWS\System32\wiaservc.dll
18:48:36.0011 0x4d4c stisvc - ok
18:48:36.0011 0x4d4c [ F2D1983C7BEF5E3AB8978A7796C59A75, 39B2005F7CCEC95D2F67AE5F69C3768FEFA04AABC0723BAD8A986A036AF0629B ] storahci C:\WINDOWS\system32\drivers\storahci.sys
18:48:36.0011 0x4d4c storahci - ok
18:48:36.0026 0x4d4c [ 76C9E2AA3400C22FC7091AD2F2999F95, 0015CF42CBA603448DFD85909D5047D5F9BE9153972C3832B1CF4B92A6BF0D01 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
18:48:36.0026 0x4d4c storflt - ok
18:48:36.0026 0x4d4c [ FF70FB4B82C27B87CBDE2B7F8F1BB96F, B7985CD42962943D09E7B692421D162F0F0FC1C3A7ED0C78FB10652E62591645 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
18:48:36.0026 0x4d4c stornvme - ok
18:48:36.0042 0x4d4c [ 47CE4211A40C2C023A8138E18757F3D2, D684D2A7DECC23418A685358EA9B4F6EB3A68C690D5ED8E82F4B4639DF022775 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
18:48:36.0042 0x4d4c storqosflt - ok
18:48:36.0058 0x4d4c [ 3B4F0D616CC972A286003134809D26F5, 5711025BD7D1EEBB6A9A35E47DF297522BD082EA9C34E09F055A183E00453DF4 ] StorSvc C:\WINDOWS\system32\storsvc.dll
18:48:36.0073 0x4d4c StorSvc - ok
18:48:36.0073 0x4d4c [ 99DE14B208B6F3EE07E8B7FB16940D50, 313B8BDBB050D4A2E4B901FA0F84D4E4D8BADC161762D559D6A7F85CC096B3E0 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
18:48:36.0073 0x4d4c storufs - ok
18:48:36.0073 0x4d4c [ 1FC7B7BE58A29DF27F5E6F6C2F061FA3, D8CD6D1BD0ACA4B851DBC85F898CB5DA8715C5AB3D62D7B0D6BBFEADC0382A8E ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
18:48:36.0073 0x4d4c storvsc - ok
18:48:36.0089 0x4d4c [ 0B154B033AD7F9215DED11E0CFC80A25, 383D7BF361D75A3B78E4C8E3F616E487FA6172F860AE364B1AC73F75BE38944F ] svsvc C:\WINDOWS\system32\svsvc.dll
18:48:36.0089 0x4d4c svsvc - ok
18:48:36.0089 0x4d4c [ 54255DF324C621A97220EBFA832237D2, 27BAB2018BE66C67D6C2BBAA8E849E89B4150B8C81E7350DB0A1D14BEEB965D9 ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
18:48:36.0089 0x4d4c swenum - ok
18:48:36.0104 0x4d4c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:48:36.0120 0x4d4c SwitchBoard - ok
18:48:36.0136 0x4d4c [ B3C113C9B784A4D296C7A7BA515F74BF, 0D20281B8AA9ED6C89E10122F3A153C2E21464686E5A3D2F907224584E6B5BCF ] swprv C:\WINDOWS\System32\swprv.dll
18:48:36.0136 0x4d4c swprv - ok
18:48:36.0136 0x4d4c [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
18:48:36.0136 0x4d4c Synth3dVsc - ok
18:48:36.0167 0x4d4c [ 62492FAAC26223E8A21E79A2331A3F10, 164C2650EAD344B6DFF95B8275436231E7994B7F06ACB3DA19054849BED61FD2 ] SysMain C:\WINDOWS\system32\sysmain.dll
18:48:36.0167 0x4d4c SysMain - ok
18:48:36.0183 0x4d4c [ 607143646829B70F7C60F4CF499AD41D, 00746AA3D0ECE27BC04FCAB4955A199C5E040F850D0129865EC8F03DD202EF7A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:48:36.0183 0x4d4c SystemEventsBroker - ok
18:48:36.0198 0x4d4c [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:48:36.0198 0x4d4c TabletInputService - ok
18:48:36.0214 0x4d4c [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:48:36.0214 0x4d4c TapiSrv - ok
18:48:36.0261 0x4d4c [ BFCBA5F57D278720718B8CB39C50A8EC, CC09339FC116299D14C66EB83D4A78108A411ED42376AC8112A9AD0FB2513D0A ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
18:48:36.0292 0x4d4c Tcpip - ok
18:48:36.0339 0x4d4c [ BFCBA5F57D278720718B8CB39C50A8EC, CC09339FC116299D14C66EB83D4A78108A411ED42376AC8112A9AD0FB2513D0A ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
18:48:36.0370 0x4d4c Tcpip6 - ok
18:48:36.0386 0x4d4c [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
18:48:36.0386 0x4d4c tcpipreg - ok
18:48:36.0386 0x4d4c [ 16071C42E21CE3378FA449322FB9AB1D, 44CA7FD91275546492EEF0A59261E2B1C924613515D45EFD2EF0442023B2CBE5 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
18:48:36.0386 0x4d4c tdx - ok
18:48:36.0386 0x4d4c [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
18:48:36.0401 0x4d4c terminpt - ok
18:48:36.0417 0x4d4c [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService C:\WINDOWS\System32\termsrv.dll
18:48:36.0433 0x4d4c TermService - ok
18:48:36.0433 0x4d4c [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes C:\WINDOWS\system32\themeservice.dll
18:48:36.0433 0x4d4c Themes - ok
18:48:36.0448 0x4d4c [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
18:48:36.0448 0x4d4c TieringEngineService - ok
18:48:36.0448 0x4d4c [ 8BF5E2FD72E939CF68D617E273034793, EE27D070E1C4EFE902BE173C5561F5601499F835762278CC1E5987886BD8A4D1 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
18:48:36.0464 0x4d4c TimeBrokerSvc - ok
18:48:36.0480 0x4d4c [ 673FB0E68AADCCF840AC7A56A9B38150, A9A1CF08D544A488ECABBFBD994C3A8CEB8CFE86A098DAB8533430BABDEA27EB ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
18:48:36.0511 0x4d4c TokenBroker - ok
18:48:36.0511 0x4d4c [ BF705C64C1522646BF00E72393DC5D6F, 9D60CB5DFBD400C59C33C5221040FBBFE1A18870E75E176A6BC7D352783B56A7 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
18:48:36.0511 0x4d4c TPM - ok
18:48:36.0526 0x4d4c [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks C:\WINDOWS\System32\trkwks.dll
18:48:36.0526 0x4d4c TrkWks - ok
18:48:36.0526 0x4d4c [ 4578046C54A954C917BB393B70BA0AEB, 2DFE9DE656B415CF7D81F583F33A20A74CD54C07DB8C3196AA2102431F42F74F ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:48:36.0526 0x4d4c TrustedInstaller - ok
18:48:36.0542 0x4d4c [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
18:48:36.0542 0x4d4c TsUsbFlt - ok
18:48:36.0542 0x4d4c [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:48:36.0542 0x4d4c TsUsbGD - ok
18:48:36.0542 0x4d4c [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys
18:48:36.0558 0x4d4c tunnel - ok
|
|
08.06.2018, 18:02
| #17 |
| | Habe mir (vermutlich) ein Virus eingefangenCode:
ATTFilter 18:48:36.0558 0x4d4c [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
18:48:36.0558 0x4d4c tzautoupdate - ok
18:48:36.0558 0x4d4c [ BDFACE024EFF2398214797143AD76C87, EF9B6CB1F6EAE4786BBDE1E0946BECC5BD2AA493FC32A8F779A757BA57238EC9 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
18:48:36.0558 0x4d4c UASPStor - ok
18:48:36.0573 0x4d4c [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
18:48:36.0573 0x4d4c UcmCx0101 - ok
18:48:36.0573 0x4d4c [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
18:48:36.0573 0x4d4c UcmTcpciCx0101 - ok
18:48:36.0589 0x4d4c [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
18:48:36.0589 0x4d4c UcmUcsi - ok
18:48:36.0589 0x4d4c [ 7CC95F6BDEEEC52D53ADC86E5110EDF6, 9A666D7FDA4BC7246027F4171559BABFD537E1422BC6E57454A40B8FA4C696E2 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
18:48:36.0589 0x4d4c Ucx01000 - ok
18:48:36.0604 0x4d4c [ 12E2B6B642360E66396502B62B048694, C9AC86BF767ED4ACE0F58BA3720369A2758BA154AFFE10CAAD5A2C4C259BA50A ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
18:48:36.0604 0x4d4c UdeCx - ok
18:48:36.0604 0x4d4c [ 6A442723D4D05D9F15D24C9942CDA00D, 4A60D6CF7214A3891877AC6E5A49AE49D056567162D6355C0D893510F0241DA7 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
18:48:36.0620 0x4d4c udfs - ok
18:48:36.0620 0x4d4c [ 93F73F95EC7218971928B25F9728C5B4, 1EE71BB16009B57B192148FF5D8BB51191097686518C0179B7019099D6A01888 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
18:48:36.0620 0x4d4c UEFI - ok
18:48:36.0620 0x4d4c [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
18:48:36.0636 0x4d4c Ufx01000 - ok
18:48:36.0636 0x4d4c [ 78B5C069C9AA1463ACC833FD7E2A3BD5, A44BAB6AB5E071537BD37A26DAF6D0D69BBFFFF686C183BFAAB04286DD3B81BB ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
18:48:36.0636 0x4d4c UfxChipidea - ok
18:48:36.0636 0x4d4c [ 533BF4F456A1C6E7581E8C0A4EC59300, E5AE7EB4A8E6CE410F465C48F102797806172B5881C2CF570A9851CCDFE656FD ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
18:48:36.0651 0x4d4c ufxsynopsys - ok
18:48:36.0651 0x4d4c [ 360FEE6F687D98EFFE46A5433FE6182E, 1A35569DC29F45F78D705BCEDE850CAF86FD27D6253977497EB3B000CAAE0B27 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
18:48:36.0651 0x4d4c umbus - ok
18:48:36.0651 0x4d4c [ F6F1A9D91F684AA02951B96EE8127DAE, 351139331041BC123C9FEE3A5CE4965AFC4CDCA488080338D98C5EB85D5843D4 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
18:48:36.0651 0x4d4c UmPass - ok
18:48:36.0667 0x4d4c [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
18:48:36.0683 0x4d4c UmRdpService - ok
18:48:36.0698 0x4d4c [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
18:48:36.0714 0x4d4c UnistoreSvc - ok
18:48:36.0729 0x4d4c [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:48:36.0745 0x4d4c upnphost - ok
18:48:36.0745 0x4d4c [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
18:48:36.0745 0x4d4c UrsChipidea - ok
18:48:36.0745 0x4d4c [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
18:48:36.0745 0x4d4c UrsCx01000 - ok
18:48:36.0745 0x4d4c [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
18:48:36.0761 0x4d4c UrsSynopsys - ok
18:48:36.0761 0x4d4c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
18:48:36.0761 0x4d4c USBAAPL64 - ok
18:48:36.0761 0x4d4c [ B7211393225AB05324C52BA47B31FEB4, 3FFB7F1C1CA5001B95026D30ECD1991747DDAFFBE3B4929CAEDFA90E169A28AE ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
18:48:36.0761 0x4d4c usbccgp - ok
18:48:36.0776 0x4d4c [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
18:48:36.0776 0x4d4c usbcir - ok
18:48:36.0776 0x4d4c [ 4269DE1EB8029D55B3BB3A8A330FCF90, 5D9081A07F91AF704D27EEE60516D6E1E0A106D1656CEF0C5C50E51C23E17F61 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
18:48:36.0776 0x4d4c usbehci - ok
18:48:36.0792 0x4d4c [ D67AABAE0C9EBAC9BBA2E20E0AF52EF1, FE51895BB81E5320F66C433378469092D39F325D310543AFE28A5603FA9B4F08 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
18:48:36.0792 0x4d4c usbhub - ok
18:48:36.0808 0x4d4c [ C662CE4F762275109B70B7376067C142, 74A31FF4A84D040523A44D2CAB14BBC13DC09D6902C42200EE7261783C953432 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
18:48:36.0823 0x4d4c USBHUB3 - ok
18:48:36.0823 0x4d4c [ A547E7B1B3FB2228259AA85AC7E82698, AB18BBE30A2D149A0E10621DC8497A72DFB841B09F4E4B47FED21843C0F88D92 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
18:48:36.0823 0x4d4c usbohci - ok
18:48:36.0823 0x4d4c [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
18:48:36.0823 0x4d4c usbprint - ok
18:48:36.0839 0x4d4c [ 555DE99E30E6A6EF37137F8325B30068, B78B44883A3E524DFEC13B72AFFDF06FD446EFB12061593D8247C0B92D558B8A ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:48:36.0839 0x4d4c usbscan - ok
18:48:36.0839 0x4d4c [ 45A9E57185B79420EFEA5A4AED655809, 91D4BDBBAF1D06C404AC926357C3F20D780CF5C858B223930D69CFB17D81F3D3 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
18:48:36.0839 0x4d4c usbser - ok
18:48:36.0839 0x4d4c [ CEF7527514EC49EBE0C760D784643EF0, 2A4E49C5C906339C31F0A646E53773297F4B4CEAFD94CE653C37556AE243E104 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:48:36.0854 0x4d4c USBSTOR - ok
18:48:36.0854 0x4d4c [ A4124036C4FD2B94C6157C4588EEB4E3, 595C8BFB5E63AEA2F7DF2745F7C7CE45938B091470C921E3064E766A0E12851F ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
18:48:36.0854 0x4d4c usbuhci - ok
18:48:36.0870 0x4d4c [ 9F4CCFCD4B4C6008C940510E43D54AEC, CD6082E95EBA618490A2A97E258875440B3440E721B21E81608804B90DEF0D20 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:48:36.0870 0x4d4c USBXHCI - ok
18:48:36.0901 0x4d4c [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
18:48:36.0917 0x4d4c UserDataSvc - ok
18:48:36.0933 0x4d4c [ B8D1D74FEF1F190BA4DA7E7A72D5D9CE, F467F39EE09DDC7750BF42C3FF317E0DC324897589268B4C7B63F8E176445820 ] UserManager C:\WINDOWS\System32\usermgr.dll
18:48:36.0948 0x4d4c UserManager - ok
18:48:36.0979 0x4d4c [ 6103984EBC387D6D27BA003EED63217D, 7F9BD12F75F98E593C753A3397EE8F9E59D944BC4EFBC52279A14BA93A7FA9AE ] UsoSvc C:\WINDOWS\system32\usocore.dll
18:48:36.0995 0x4d4c UsoSvc - ok
18:48:37.0011 0x4d4c [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc C:\WINDOWS\System32\vac.dll
18:48:37.0011 0x4d4c VacSvc - ok
18:48:37.0026 0x4d4c [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] VaultSvc C:\WINDOWS\system32\lsass.exe
18:48:37.0026 0x4d4c VaultSvc - ok
18:48:37.0026 0x4d4c [ 8B61E7B09D27EAAE8BD227A04841BB8B, 225BF9B03E90ED7C4BA92F3E774F46F6CB90D721755930ABABEA255B07C0DD5D ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
18:48:37.0026 0x4d4c VBoxNetAdp - ok
18:48:37.0042 0x4d4c [ 8DCB7E5A9497C030484E5AD9E541B85C, 1170E5C190E2B6F2966076EFF11B8476CC03D924F43144C2936E11314A89ACA6 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
18:48:37.0042 0x4d4c vdrvroot - ok
18:48:37.0058 0x4d4c [ 4940B49502323905B66039D0D1AB4613, 963BFD563B5A79F0AE81EB9708E85901A545545D4F25FCF37A17295EE9EDA514 ] vds C:\WINDOWS\System32\vds.exe
18:48:37.0058 0x4d4c vds - ok
18:48:37.0073 0x4d4c [ 5C25C1A89650C95D15F7988D71487B08, EC42E586309B46CF51EC5DC00362ABA82A503545292CACE7B3D23BB0F5E687B9 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
18:48:37.0073 0x4d4c VerifierExt - ok
18:48:37.0089 0x4d4c [ C1050DFCEFB6C76D554B45CF4CF51372, 52EDEFB26359A6C610F9DB02B7D3CFEFCAB72B62AB3A6B4BD26374E9A645E9BE ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
18:48:37.0089 0x4d4c vhdmp - ok
18:48:37.0104 0x4d4c [ 209A34F4BE17B0A56328C86F8CCC5577, 58F8A57233FC7DD220A6EF64FD48C2A5756B21AB30644FF6919847D13FF44F16 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
18:48:37.0104 0x4d4c vhf - ok
18:48:37.0104 0x4d4c [ 44F4ED5D8FC0CFA7C3755D44C575D994, CB52418888916D185C74992BDD7A26E13A1C60F83E5FF664A3DE00424C1C4BC6 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
18:48:37.0104 0x4d4c vmbus - ok
18:48:37.0104 0x4d4c [ E2D57FB1A62F0BB7F70570806A09CE2B, DCF1699488D913C9E94E2C74CD8606BDAFF69B995B2E3B7DE7F2E9C4D2E6ECF2 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
18:48:37.0104 0x4d4c VMBusHID - ok
18:48:37.0120 0x4d4c [ C9F69EBA06A703CE726CC6FC0AEFB5E9, 53E441D9D6017CC4BB75F41C6CB9DA79DE500CACBDDE58104D1857A2B749C373 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
18:48:37.0120 0x4d4c vmgid - ok
18:48:37.0120 0x4d4c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
18:48:37.0136 0x4d4c vmicguestinterface - ok
18:48:37.0136 0x4d4c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
18:48:37.0136 0x4d4c vmicheartbeat - ok
18:48:37.0151 0x4d4c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
18:48:37.0151 0x4d4c vmickvpexchange - ok
18:48:37.0167 0x4d4c [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
18:48:37.0167 0x4d4c vmicrdv - ok
18:48:37.0167 0x4d4c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
18:48:37.0183 0x4d4c vmicshutdown - ok
18:48:37.0183 0x4d4c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
18:48:37.0183 0x4d4c vmictimesync - ok
18:48:37.0198 0x4d4c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
18:48:37.0198 0x4d4c vmicvmsession - ok
18:48:37.0214 0x4d4c [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
18:48:37.0214 0x4d4c vmicvss - ok
18:48:37.0214 0x4d4c [ 229CD4485458C9D11E35E1F00F21857D, C939BD79471A1D6EC617BAD840ED678D1EE508AFC19187BC7CD0FB4223EF7A91 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
18:48:37.0230 0x4d4c volmgr - ok
18:48:37.0230 0x4d4c [ 1514506CA7462A64DC38C48108DDBB45, DEE5D7B79962D9EB6D92FCF870CA1B06FE68CE6AE25F82A5B449445C99E76D2A ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
18:48:37.0230 0x4d4c volmgrx - ok
18:48:37.0245 0x4d4c [ F0EE4E6028CCA58BEA9A04E7BEAB7DB4, 628D0E3D60256B914E46C26BCE8F512DFE0409C34EA603EB0A20C80EB469A4D2 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
18:48:37.0245 0x4d4c volsnap - ok
18:48:37.0261 0x4d4c [ 77FD1607F2C371ABD241EC7699C58884, A6FE00D76C615DC641A667EB9B6824C992ED752A31A89AE3FE43BAE5462F3EB7 ] volume C:\WINDOWS\system32\drivers\volume.sys
18:48:37.0261 0x4d4c volume - ok
18:48:37.0261 0x4d4c [ CB90DACF9194DD9D60A2C1DBFBC1E0D1, BE454495C79857FD8DF4ABAF5BDB7D076467BBC27B31E87FA9D920F2001B670D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
18:48:37.0261 0x4d4c vpci - ok
18:48:37.0276 0x4d4c [ ED0B3436E1DE601C6C8EB86789AC8BAB, 0CD186B09903A1D3748A3258D8B84557F3674DA04FEB8EFA24AE81FFE376265C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
18:48:37.0276 0x4d4c vsmraid - ok
18:48:37.0292 0x4d4c [ C7053D974A35EAB81F153FF33C883613, 9D89DC644971F93931D0E59D42ADE0A4AB49A5490709B46FCBBC309041C5432D ] VSS C:\WINDOWS\system32\vssvc.exe
18:48:37.0323 0x4d4c VSS - ok
18:48:37.0323 0x4d4c [ 3D706FBED35DF3B17809C6714F31F9B0, BBC337479DEB628721E651FC165EA01D986E31950189F1A81534922667101487 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
18:48:37.0339 0x4d4c VSTXRAID - ok
18:48:37.0339 0x4d4c [ 0B11DBB8173AD374D67893D54EBEE9F3, AB8B6FC81244729157E59D062FCC234FD7E818804D94AA6B7BF81E01B7922395 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
18:48:37.0339 0x4d4c vwifibus - ok
18:48:37.0339 0x4d4c [ 95540F74893235C189409C98643D7A77, 4F041301C95F55C8448C3CC5825ED9E631E770BA35BEC8498A0ABB3563584AAE ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
18:48:37.0339 0x4d4c vwififlt - ok
18:48:37.0355 0x4d4c [ 4F904ADE8BECDFB48CBA3F44FC0676A1, 2C3D619E9AD0D0DAEC0D170795FD6E5B7FE3FC667C947660320A9BC671B55736 ] W32Time C:\WINDOWS\system32\w32time.dll
18:48:37.0370 0x4d4c W32Time - ok
18:48:37.0370 0x4d4c [ 1C8447EFBC2B36B1CFE889E519F46A6E, 2601185B01909682FB921400C26BE6391AC93F72E84E70E2F49B4059987E191E ] WaaSMedicSvc C:\WINDOWS\System32\WaaSMedicSvc.dll
18:48:37.0386 0x4d4c WaaSMedicSvc - ok
18:48:37.0386 0x4d4c [ 87A01F65BD16C9FCCDD1B65F56CB93B0, E84B46DB67F2FCB22DB7130570FE7211FC96A806AC9D1D69D187899C93785CB2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
18:48:37.0386 0x4d4c WacomPen - ok
18:48:37.0401 0x4d4c [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService C:\WINDOWS\system32\WalletService.dll
18:48:37.0401 0x4d4c WalletService - ok
18:48:37.0417 0x4d4c [ 85E187443F68F285DB78BD2279AE3701, FAC03A162CF07FCC6BDB4E45F5EDF16D48BE10D95F73A74E9BADA62EC7F24B53 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:48:37.0417 0x4d4c wanarp - ok
18:48:37.0417 0x4d4c [ 85E187443F68F285DB78BD2279AE3701, FAC03A162CF07FCC6BDB4E45F5EDF16D48BE10D95F73A74E9BADA62EC7F24B53 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:48:37.0417 0x4d4c wanarpv6 - ok
18:48:37.0417 0x4d4c [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
18:48:37.0417 0x4d4c WarpJITSvc - ok
18:48:37.0448 0x4d4c [ 6E235F75DF84C387388D23D697D6540B, 7113DD02243E9368EF3265CF5A7F991F9B4D69CAB70B1A446062F8DD714AFC8E ] wbengine C:\WINDOWS\system32\wbengine.exe
18:48:37.0464 0x4d4c wbengine - ok
18:48:37.0495 0x4d4c [ A7C39DF528040967C2C281AB5A9DB5D0, B300F663DD45393BB86A1BFBE2EF47CD2315552B2410E3AE3F60E8294DC3E4A9 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
18:48:37.0511 0x4d4c WbioSrvc - ok
18:48:37.0511 0x4d4c [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
18:48:37.0511 0x4d4c wcifs - ok
18:48:37.0526 0x4d4c [ 2BCA9BABB5CEC329E604AE9C1DBA9D5B, 315C72B80A5E6278A725E7BD2DE0C8A2751C2A3F9B4D82F7A034B1ADDE687507 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
18:48:37.0542 0x4d4c Wcmsvc - ok
18:48:37.0558 0x4d4c [ B797B163EDCA46B5244F4E083BE7A7E7, 18D977A8015380A87EC9962273B90806145186A69F3455B3445A0FE1FE431219 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
18:48:37.0558 0x4d4c wcncsvc - ok
18:48:37.0573 0x4d4c [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
18:48:37.0573 0x4d4c wcnfs - ok
18:48:37.0573 0x4d4c [ 042ABE47A7BA6722AA5B61E267B28DFC, 07CE195F12B5234F4FA10A08E18CB51CDAF179CC1C32581872C28F57835CE1BE ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
18:48:37.0573 0x4d4c WdBoot - ok
18:48:37.0589 0x4d4c [ 152926023B401D1F5F8852929572F5C3, 61D0FDB0E3A4D16FFA6852174B3824F6294502E331BB0831BCF99F049B09C328 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
18:48:37.0605 0x4d4c Wdf01000 - ok
18:48:37.0620 0x4d4c [ C8C75E56CDDBCDF597055343B641C910, A26556923165B84DC481B9924FF6AE57C7022E07AF1FC2E1FC1B14F12EF85CCF ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
18:48:37.0620 0x4d4c WdFilter - ok
18:48:37.0620 0x4d4c [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
18:48:37.0636 0x4d4c WdiServiceHost - ok
18:48:37.0636 0x4d4c [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
18:48:37.0636 0x4d4c WdiSystemHost - ok
18:48:37.0652 0x4d4c [ EC1414291F8488B983005AC4B9C112C9, 6FB9B33A520808AB53F2C15EFF3ED48EFAF24A7E8F9F38C4AD48A98E24B83654 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
18:48:37.0667 0x4d4c wdiwifi - ok
18:48:37.0667 0x4d4c [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
18:48:37.0667 0x4d4c WdmCompanionFilter - ok
18:48:37.0667 0x4d4c [ 318AE771614EE4919ED68830C13EA2AE, BFC40724B94623348EFF185BD415893E7F521F58D8F5139913D469D66D9C6CF3 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
18:48:37.0667 0x4d4c WdNisDrv - ok
18:48:37.0749 0x4d4c [ F41413EEE16B618FB03EAB487A7DC0B7, E59FFC2EE80DB61564EAE0B35759BF6E750FD909104C12DD085112A7A5853319 ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe
18:48:37.0812 0x4d4c WdNisSvc - ok
18:48:37.0812 0x4d4c [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:48:37.0827 0x4d4c WebClient - ok
18:48:37.0827 0x4d4c [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
18:48:37.0827 0x4d4c Wecsvc - ok
18:48:37.0843 0x4d4c [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
18:48:37.0843 0x4d4c WEPHOSTSVC - ok
18:48:37.0843 0x4d4c [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
18:48:37.0843 0x4d4c wercplsupport - ok
18:48:37.0859 0x4d4c [ 5DDB06B07A60E7AEA69837931373C159, 4E0A3260058B19F414B5053701C4723C27735818212AB3D297F896BF4C39E536 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
18:48:37.0859 0x4d4c WerSvc - ok
18:48:37.0874 0x4d4c [ 0427A785512BB39BEA530DC5367A9A03, 8ED29AE0FDB65D4E1D8CD3FA1783D74EF7B01AB30DD1090C917A74AC88FD4C3E ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
18:48:37.0890 0x4d4c WFDSConMgrSvc - ok
18:48:37.0890 0x4d4c [ C16F011763DF92A6B62705DE8FEAB5B9, EAB25EBC9910F5A6C9F082B11D68F9A616B7349590BDB8F1C1040802E4ADF97C ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
18:48:37.0890 0x4d4c WFPLWFS - ok
18:48:37.0905 0x4d4c [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
18:48:37.0905 0x4d4c WiaRpc - ok
18:48:37.0905 0x4d4c [ 3AE28A996C9EB8A6F2AC12BC55035126, E54227B97F42800D445241EA638EFE86A7FEC664E96A0FA38BC48DDF7DA182AD ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
18:48:37.0905 0x4d4c WIMMount - ok
18:48:37.0905 0x4d4c [ DD005C7745BE7F0CDB8B17E9CA1FB796, 29C429BC839CE6B88365DADEEC01B7F0629AFF4FE7E555C18692CCE5858D74D8 ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe
18:48:37.0921 0x4d4c WinDefend - ok
18:48:37.0921 0x4d4c [ EC7C1A7397988EFAF37BF685CA25525D, 50DA7D63CDE618D6426649AED250CEBE229CBBAC718C4E3CD882D816839B4CE9 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
18:48:37.0921 0x4d4c WindowsTrustedRT - ok
18:48:37.0921 0x4d4c [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
18:48:37.0921 0x4d4c WindowsTrustedRTProxy - ok
18:48:37.0952 0x4d4c [ A35C57466BF5E869B5C04BEA55B966D4, 10A04A99106E3C3AB6193874A62D6D950693EBD190C344436D62703F7202DFE3 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:48:37.0952 0x4d4c WinHttpAutoProxySvc - ok
18:48:37.0968 0x4d4c [ 762D8D839C44C5A0BE0449AA84034522, E6602D0FDB501081DF165CE904DA0FEC75F3FE29C3B07B44DED6268612742F9C ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
18:48:37.0968 0x4d4c WinMad - ok
18:48:37.0968 0x4d4c [ 72D83880FEF0C788C5F305F330744208, 3126C2907170BBA47421D61CD6ED04DA3A3FCC66B4DBFCB4E3B56001B3BF6045 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:48:37.0983 0x4d4c Winmgmt - ok
18:48:37.0983 0x4d4c [ 48194110C410B335AC985D9194275A1C, 1CE64B9DD2DB4CCB3916AA4F4C5F8C71C647ABF7845D284019725761138B8A8B ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
18:48:37.0983 0x4d4c WinNat - ok
18:48:38.0030 0x4d4c [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
18:48:38.0062 0x4d4c WinRM - ok
18:48:38.0077 0x4d4c [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
18:48:38.0077 0x4d4c WINUSB - ok
18:48:38.0093 0x4d4c [ D2D6DB37E06608A5AF5B68D8E677B219, C7AAFEE7AAF76A4DCFF4FD2EE7232501832A57E3EE92CE20FA4A5D22F03FBE45 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
18:48:38.0093 0x4d4c WinVerbs - ok
18:48:38.0108 0x4d4c [ 99C6BC8CA38A4F3F59EE239850ED22E8, F4D50D4268CAFE75314010AE53313E3EA3CA064CB55E9515508D4144903F4B4E ] wisvc C:\WINDOWS\system32\flightsettings.dll
18:48:38.0108 0x4d4c wisvc - ok
18:48:38.0155 0x4d4c [ 4058FD1372AF428F4A0C6F9DA90375DB, 0D2F55E87EADE0E49EF5A1337147863707F57E2A7265780C9AE7F2DA82E38739 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
18:48:38.0187 0x4d4c WlanSvc - ok
18:48:38.0233 0x4d4c [ DB98D3F6AA7655AC8AE76745E553BD46, F5DA82BC6DFC3ADCAEB6634A976C15451382B5535F78EE267B5F8E37A9135FDC ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
18:48:38.0265 0x4d4c wlidsvc - ok
18:48:38.0296 0x4d4c [ 59F6A50CD336D0ADD22E3F1FC0D73957, A62469B30325965735FE76AE7D83E5D829AE09D7F0996CC0B42604E68426B088 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
18:48:38.0312 0x4d4c wlpasvc - ok
18:48:38.0312 0x4d4c [ EAEF2A087812BB7110C744446AB731D5, F5571D3C47564DFB6182DC43CC28124892323B60C3F389599DFEC94D227B4A86 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
18:48:38.0312 0x4d4c WmiAcpi - ok
18:48:38.0328 0x4d4c [ ABAC310F5E01CBA9B33AE694F99D0977, 700CDC85479CDBF765FB1A6A389DC991FC4D2A77851A81FF80BEED921250DBF6 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:48:38.0328 0x4d4c wmiApSrv - ok
18:48:38.0328 0x4d4c WMPNetworkSvc - ok
18:48:38.0343 0x4d4c [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
18:48:38.0343 0x4d4c Wof - ok
18:48:38.0374 0x4d4c [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
18:48:38.0406 0x4d4c workfolderssvc - ok
18:48:38.0437 0x4d4c [ 7328299647F28A62D39F9B546BD10C02, 0BD08E05D7FF1D4BF122FF4043B4AFC019183A22FF1E6F0C973DC87471D2EB7E ] WpcMonSvc C:\WINDOWS\System32\WpcDesktopMonSvc.dll
18:48:38.0453 0x4d4c WpcMonSvc - ok
18:48:38.0468 0x4d4c [ 25180559693250D7B7FF16A6BE7AC9BE, 1872BC298C3ED6A204B3BA2AB13D08EB9DAE5B30B7F83CA7A67BFDECA8D043AD ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
18:48:38.0468 0x4d4c WPDBusEnum - ok
18:48:38.0468 0x4d4c [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:48:38.0468 0x4d4c WpdUpFltr - ok
18:48:38.0484 0x4d4c [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService C:\WINDOWS\system32\WpnService.dll
18:48:38.0484 0x4d4c WpnService - ok
18:48:38.0499 0x4d4c [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
18:48:38.0499 0x4d4c WpnUserService - ok
18:48:38.0499 0x4d4c [ C1C2E769FCD3B00A59FF876FB2AD4336, B4D9065268A8B3C509E9160E6F30C20F80D14876C9F6C1057245F09CEB6B0F36 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:48:38.0499 0x4d4c ws2ifsl - ok
18:48:38.0515 0x4d4c [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc C:\WINDOWS\System32\wscsvc.dll
18:48:38.0515 0x4d4c wscsvc - ok
18:48:38.0515 0x4d4c WSearch - ok
18:48:38.0578 0x4d4c [ 89313A07E7FEC8E2E4352D2059939306, 68D95248CF460D673775C572BB0C929BE56A87CFCE2E4E672EA93D2A5E0A8DE1 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
18:48:38.0609 0x4d4c wuauserv - ok
18:48:38.0624 0x4d4c [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
18:48:38.0624 0x4d4c WudfPf - ok
18:48:38.0624 0x4d4c [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:48:38.0640 0x4d4c WUDFRd - ok
18:48:38.0640 0x4d4c [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:48:38.0640 0x4d4c WUDFWpdFs - ok
18:48:38.0656 0x4d4c [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:48:38.0656 0x4d4c WUDFWpdMtp - ok
18:48:38.0687 0x4d4c [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
18:48:38.0703 0x4d4c WwanSvc - ok
18:48:38.0718 0x4d4c [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe
18:48:38.0718 0x4d4c xbgm - ok
18:48:38.0734 0x4d4c [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
18:48:38.0749 0x4d4c XblAuthManager - ok
18:48:38.0781 0x4d4c [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
18:48:38.0796 0x4d4c XblGameSave - ok
18:48:38.0812 0x4d4c [ 0AA38B54EB292CB3EB13FFF948473DBA, C5256ABC0A4A2117EC6F1C88B5BFDBECAE673AD47639A274BFFF92A46452E9B0 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
18:48:38.0812 0x4d4c xboxgip - ok
18:48:38.0812 0x4d4c [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
18:48:38.0812 0x4d4c XboxGipSvc - ok
18:48:38.0843 0x4d4c [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
18:48:38.0859 0x4d4c XboxNetApiSvc - ok
18:48:38.0859 0x4d4c [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
18:48:38.0859 0x4d4c xinputhid - ok
Code:
ATTFilter 18:48:38.0859 0x4d4c ================ Scan global ===============================
18:48:38.0874 0x4d4c [ 44D259E3B8F950D123CBE21893CEF1AB, 94FEA350B54D1581FF07D078D25A27FE3C9F815E24D299A0504FB1153E68A903 ] C:\WINDOWS\system32\basesrv.dll
18:48:38.0874 0x4d4c [ 1C346B5D7E5336246604A9FCFCB092BC, BD0C56C943A8F23CA9CD1CE1FE4F9D2183F752B469A72D14B713301A867AE776 ] C:\WINDOWS\system32\winsrv.dll
18:48:38.0874 0x4d4c [ FE8D1AB6D6711BE791A01C17EDEBD0D6, EECE3A16DFA0BE1BB1E7B882D33FB926C90A1DCA89805DD3514FABF7C9F05253 ] C:\WINDOWS\system32\sxssrv.dll
18:48:38.0890 0x4d4c [ E2F4C75AFA20E742DE1B70372F15DCD7, 6AF120D627E26274D001A01E5CB9B165318B14B9FA8F1C8C59BF069DA1114618 ] C:\WINDOWS\system32\services.exe
18:48:38.0906 0x4d4c [ Global ] - ok
18:48:38.0906 0x4d4c ================ Scan MBR ==================================
18:48:38.0906 0x4d4c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:48:38.0937 0x4d4c \Device\Harddisk0\DR0 - ok
18:48:39.0484 0x4d4c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:48:39.0515 0x4d4c \Device\Harddisk1\DR1 - ok
18:48:39.0515 0x4d4c [ 66D0B28C8B44E531D0C19F436252ABAA ] \Device\Harddisk2\DR4
18:48:39.0531 0x4d4c \Device\Harddisk2\DR4 - ok
18:48:39.0531 0x4d4c ================ Scan VBR ==================================
18:48:39.0531 0x4d4c [ AC09BB3AFF03EA33D4AA213C9C16AB2E ] \Device\Harddisk0\DR0\Partition1
18:48:39.0531 0x4d4c \Device\Harddisk0\DR0\Partition1 - ok
18:48:39.0531 0x4d4c [ D8575758C5B6398F115EC2AB30BD5CCF ] \Device\Harddisk0\DR0\Partition2
18:48:39.0531 0x4d4c \Device\Harddisk0\DR0\Partition2 - ok
18:48:39.0546 0x4d4c [ 81C02ED62638F88B833DA97256BFD3AB ] \Device\Harddisk1\DR1\Partition1
18:48:39.0546 0x4d4c \Device\Harddisk1\DR1\Partition1 - ok
18:48:39.0546 0x4d4c [ F75E567D7FB6A57D3F26B55801A46FF2 ] \Device\Harddisk1\DR1\Partition2
18:48:39.0546 0x4d4c \Device\Harddisk1\DR1\Partition2 - ok
18:48:39.0546 0x4d4c [ 2D7ED993752AD1882781F5B5AFE09F2C ] \Device\Harddisk2\DR4\Partition1
18:48:39.0546 0x4d4c \Device\Harddisk2\DR4\Partition1 - ok
18:48:39.0546 0x4d4c ================ Scan generic autorun ======================
18:48:39.0546 0x4d4c SecurityHealth - ok
18:48:39.0671 0x4d4c [ 559F228C84DD7B5E35D33154CED320B2, 7D6C77613550024825DE7B17249A8B5E822FA54DAC475A849374A89D84993F8F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
18:48:39.0765 0x4d4c RTHDVCPL - ok
18:48:39.0765 0x4d4c [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:48:39.0765 0x4d4c IAStorIcon - ok
18:48:39.0781 0x4d4c [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:48:39.0796 0x4d4c AdobeAAMUpdater-1.0 - ok
18:48:39.0796 0x4d4c [ 8F3F547B85CE21C1F652F5EFBCFA123A, 44D73E059F53BFC65099A9471EFBD063E915D547F06BD1B74CA7CF29FDA71DFA ] C:\Program Files\iTunes\iTunesHelper.exe
18:48:39.0796 0x4d4c iTunesHelper - ok
18:48:39.0812 0x4d4c [ 45F2C61BD30137F7BD7F5339A34DF601, CBCCCF5D107F8A104E9A98F2E78FC29E2DCBA3D76E8B317CC503682F0E7E5B28 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
18:48:39.0812 0x4d4c ISUSPM Startup - ok
18:48:39.0812 0x4d4c [ 0711524E77BE0747927D18385468D36E, 283B8B8FDD93E8D72A974951449D170045DB2CF084692D27905898A6F84F934C ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
18:48:39.0812 0x4d4c ISUSScheduler - ok
18:48:39.0828 0x4d4c [ 27CFFB1E41A2BE2A25957A679BD84E10, 521DC8F3439EAA780AE0DA68B0FC6E671963AF76E165590EA83D2F6896B1C941 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
18:48:39.0843 0x4d4c AdobeCS5ServiceManager - ok
18:48:39.0859 0x4d4c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:48:39.0859 0x4d4c SwitchBoard - ok
18:48:39.0859 0x4d4c [ DDEFF7E98629203E66BB4298FABC5983, 59CBE0A49AAA93898831B1D64FFB1D0809736CABB4D19843DB2E99C2650D1AD9 ] C:\Program Files (x86)\PDF24\pdf24.exe
18:48:39.0874 0x4d4c PDFPrint - ok
18:48:39.0921 0x4d4c [ D879C51F86EA278C223576D43A7CDE28, 53530DAF80A28C1E0DE4F557B4E58CC7A71EED5302FBD1277715F805AFA5EF73 ] C:\Program Files (x86)\Canon\Quick Toolbox\cnqtbapp.exe
18:48:39.0968 0x4d4c CanonQuickToolbox - ok
18:48:40.0297 0x4d4c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:48:40.0593 0x4d4c OneDriveSetup - ok
18:48:40.0625 0x4d4c [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
18:48:40.0656 0x4d4c WAB Migrate - ok
18:48:40.0984 0x4d4c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:48:41.0218 0x4d4c OneDriveSetup - ok
18:48:41.0250 0x4d4c [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
18:48:41.0250 0x4d4c WAB Migrate - ok
18:48:41.0281 0x4d4c [ A9620DF3B8AE68B0DD2881BF1805B86B, 1895C0A5B049CC2C9C9AC92AF103E1703379AD84766352E83F98A088B5A6612E ] C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:48:41.0312 0x4d4c OneDrive - ok
18:48:41.0312 0x4d4c [ B306E6D61881B167A5A35ED25717168E, 6F6D7ED3E74EDCFCE70AD0112CFEF335DBFABC049DA2650F274E1CADC66A5353 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
18:48:41.0312 0x4d4c iCloudServices - ok
18:48:41.0343 0x4d4c [ A9620DF3B8AE68B0DD2881BF1805B86B, 1895C0A5B049CC2C9C9AC92AF103E1703379AD84766352E83F98A088B5A6612E ] C:\Users\Martin_2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:48:41.0359 0x4d4c OneDrive - ok
18:48:41.0687 0x4d4c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:48:41.0937 0x4d4c OneDriveSetup - ok
18:48:41.0968 0x4d4c [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
18:48:41.0968 0x4d4c WAB Migrate - ok
18:48:41.0968 0x4d4c Waiting for KSN requests completion. In queue: 279
18:48:43.0036 0x4d4c AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x61100 ( enabled : updated )
18:48:43.0067 0x4d4c Win FW state via NFP2: enabled ( trusted )
18:48:43.0161 0x4d4c ============================================================
18:48:43.0161 0x4d4c Scan finished
18:48:43.0161 0x4d4c ============================================================
18:48:43.0176 0x5f88 Detected object count: 0
18:48:43.0176 0x5f88 Actual detected object count: 0
18:49:18.0538 0x452c ============================================================
18:49:18.0538 0x452c Scan started
18:49:18.0538 0x452c Mode: Manual; SigCheck; TDLFS;
18:49:18.0538 0x452c ============================================================
18:49:18.0538 0x452c KSN ping started
18:49:18.0585 0x452c KSN ping finished: true
18:49:18.0882 0x452c ================ Scan system memory ========================
18:49:18.0882 0x452c System memory - ok
18:49:18.0882 0x452c ================ Scan services =============================
18:49:18.0913 0x452c [ 4B45A2D37CCE3CC0F161B7C7286081A6, DF4EBAA12E083AE45411AABD3EDE916E2CC6963FBA664861AC9B2351B5E042DC ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
18:49:18.0975 0x452c 1394ohci - ok
18:49:18.0975 0x452c [ F5E5BA493B7C497F1F769942E2EA4CE2, 4AD54DA24142BCE49FB64CFF2CB28764FAA93827E7DB02925090B68F8C73B1FB ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
18:49:18.0991 0x452c 3ware - ok
18:49:19.0007 0x452c [ CA51BB1B81F97E896E116C839B92D9D8, 09F73D8FB93EA524D3C9A9C264F62340560DC7042589597A318626A0A198F91F ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
18:49:19.0022 0x452c ACPI - ok
18:49:19.0022 0x452c [ 75795E4B19BB3ED8D3C25A17CD15DC30, 22A13064E0B472A0A2258D61A889B73EE3F537DA7796CCE39DF973AFA8FA1567 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
18:49:19.0038 0x452c AcpiDev - ok
18:49:19.0054 0x452c [ DDA0FC1400A24988A7D3E746AEDF2C0F, 3A703A204FDE46C67017C274CA1F50F591D909EE182A82697E89442D4A5569CE ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
18:49:19.0069 0x452c acpiex - ok
18:49:19.0069 0x452c [ 1F2EC25DA23D1DF3ADA12FE5A26D321C, B165D72949E43F04312C95BF0FF5C25CFE5CA0CDF43415E01AB2B1550D06C737 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
18:49:19.0085 0x452c acpipagr - ok
18:49:19.0085 0x452c [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
18:49:19.0100 0x452c AcpiPmi - ok
18:49:19.0100 0x452c [ 0FC8673FAFC7D78C1CDC000F892CAC64, 33FB109ABD18FBF4DA5047BAA9FAF63E88D5BA1826442DB02F9130DAD11D15F2 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
18:49:19.0116 0x452c acpitime - ok
18:49:19.0116 0x452c [ CA805DA983594B01F3554464B2E5158F, AC311C5D59AA1FA2B1B3CDB9CCEABEC85878BF6CA6106253186909AA9EB3C1BA ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:49:19.0132 0x452c AdobeARMservice - ok
18:49:19.0147 0x452c [ A3D4CF2F3A433BE18CD4AD3E6665DC63, 9D62A7E2DDA15B2E75490CCB9C8E10A41030F496A93631EDED5F1003DF368290 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:49:19.0179 0x452c ADP80XX - ok
18:49:19.0194 0x452c [ 4DCCC3E02A22ED4A4ADB11386F226071, 40BB183049DE3ADCC7A5B1B269620C8534291BB7A956157434C857DE249559EE ] AFD C:\WINDOWS\system32\drivers\afd.sys
18:49:19.0225 0x452c AFD - ok
18:49:19.0225 0x452c [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix C:\WINDOWS\system32\drivers\afunix.sys
18:49:19.0241 0x452c afunix - ok
18:49:19.0257 0x452c [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:49:19.0272 0x452c ahcache - ok
18:49:19.0272 0x452c [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
18:49:19.0288 0x452c AJRouter - ok
18:49:19.0304 0x452c [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG C:\WINDOWS\System32\alg.exe
18:49:19.0319 0x452c ALG - ok
18:49:19.0319 0x452c [ 6DF48AD26E6285FB137F11328B64A376, 76FF9A753C262065E819E862E7950127472C5E6AB7E97B57977C6DCE6180760A ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
18:49:19.0335 0x452c AmdK8 - ok
18:49:19.0351 0x452c [ D8804032BCDE4077A6D8D431D12AC6CC, F017A3FEAB2919A9662A9BFEF31AE7B7EC19F1136C9D0DC6C48A415B540A8062 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
18:49:19.0366 0x452c AmdPPM - ok
18:49:19.0366 0x452c [ A88F5E24B65228FB25F2051B3408A0E4, C124B486839EA15D6806EB51E91EBF99401CD7D226541320A7A4934A8477DCEF ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
18:49:19.0382 0x452c amdsata - ok
18:49:19.0382 0x452c [ AECD39E51DABC2BF045B2857F02FA2BD, 83E2AC3200B6EA1586E4E0204D81CEAF303D7C9EBE7E5D1273A41A4EC1390E56 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
18:49:19.0397 0x452c amdsbs - ok
18:49:19.0413 0x452c [ B4CC9943230CAEB05B46CC30C220E141, 013716E6911136EB0916A1D592198DD7953800549DA0C885093D2BA3CC9BA2A7 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
18:49:19.0413 0x452c amdxata - ok
18:49:19.0429 0x452c [ E4A18157BF5D8D714C05169A8A8D604C, 45D8CB25A9967D634F8331070BDFB3DF4ACB6295CF1520F9AAE8753D3BF4018A ] AppID C:\WINDOWS\system32\drivers\appid.sys
18:49:19.0444 0x452c AppID - ok
18:49:19.0444 0x452c [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
18:49:19.0460 0x452c AppIDSvc - ok
18:49:19.0476 0x452c [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo C:\WINDOWS\System32\appinfo.dll
18:49:19.0491 0x452c Appinfo - ok
18:49:19.0491 0x452c [ A4811754EF548619F68FB3418325BB66, D9DA070D4B0F74F29B8D94B90F1827B5863C4053D185889F7BF451FF5677C773 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:49:19.0507 0x452c Apple Mobile Device Service - ok
18:49:19.0507 0x452c [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
18:49:19.0522 0x452c applockerfltr - ok
18:49:19.0540 0x452c [ 922BBB78C86D1E3B34599E6513BAD2F3, 30904E54F0CE28273EC6EFE91B6237F656A158D7B976FB3322E3A25692528747 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
18:49:19.0572 0x452c AppReadiness - ok
18:49:19.0618 0x452c [ BAE38E49755CFF157B4EA06988465E10, 792E0D4E443DB997B4EDADF90F460FDB85D6AE762B83CB28873B0D65A8F2D388 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
18:49:19.0728 0x452c AppXSvc - ok
18:49:19.0728 0x452c [ 013E057DF3D13A4462AD912D7732E7E0, 7C89AD5799091D17EAED682058559DBAE882D0E18C347B5AECE7BCCFD0E2D21C ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
18:49:19.0743 0x452c arcsas - ok
18:49:19.0759 0x452c [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
18:49:19.0790 0x452c asComSvc - ok
18:49:19.0806 0x452c [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
18:49:19.0806 0x452c AsIO - ok
18:49:19.0822 0x452c [ B25ACCD9BE5F5798E9DD8FFB04D7BE4C, 87577AD2E4A47518B8101C67F1025CB3CD2ABBA678774A5926192FCD56EF1350 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
18:49:19.0837 0x452c AsyncMac - ok
18:49:19.0837 0x452c [ 90AB4ED8EBD72A1C096A40CC35404B91, C343466D439552D154BBD1A5F9D391CDD3FA298A712594EA27C3049E3516D1AF ] atapi C:\WINDOWS\system32\drivers\atapi.sys
18:49:19.0853 0x452c atapi - ok
18:49:19.0868 0x452c [ 7B62AFBD877C2FC64E639A60B73D82B7, 4EA0B5E4BC11C03D1FBDA98B6F4CE844A127B7BFDB5D237A01F8B0EB4844E9B9 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:49:19.0900 0x452c AudioEndpointBuilder - ok
18:49:19.0931 0x452c [ D4DDEBD1EF825B0C2FE1A11BAFBE55E3, 2B5533E1A14821D37483FB85294A9227134E7FBF9E2E7E0B32D3EF9C6AF83CE6 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
18:49:19.0978 0x452c Audiosrv - ok
18:49:19.0993 0x452c [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
18:49:20.0009 0x452c AxInstSV - ok
18:49:20.0025 0x452c [ F10E4C9444A9FC6DCBAB2C42F6999FA1, 4238B6DD49CBADFE2C737AC1B211AE045F458DDF1693EE54608455C1ECE1BCCA ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
18:49:20.0040 0x452c b06bdrv - ok
18:49:20.0040 0x452c [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam C:\WINDOWS\system32\drivers\bam.sys
18:49:20.0056 0x452c bam - ok
18:49:20.0056 0x452c [ FA4973E379E872C61D0CF4E39F807833, 3320FAB0CF16BB1ABBBA222CC31D20B5AC7A4259DE4323B109A8F2FECC28C8A4 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:49:20.0072 0x452c BasicDisplay - ok
18:49:20.0087 0x452c [ F024B80EA0076A318598DAB795F9C3D0, 6225A5FCD2B750A0E4FFFCCB1CDF49BAA7809A4B4AD7AB625A585CF4971CDE25 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
18:49:20.0103 0x452c BasicRender - ok
18:49:20.0118 0x452c [ 15971E9AE43AA92C6A527622F36C41A0, DD3F0B5F6231A0C32AE7135ECB5ACABD495801C0D5673D76821EA06112ED83F5 ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
18:49:20.0165 0x452c BcastDVRUserService - ok
18:49:20.0181 0x452c [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
18:49:20.0196 0x452c bcmfn2 - ok
18:49:20.0196 0x452c [ 255D1EA1F4EDA1B7B28A88581F12A1CE, 5B2D7F2EFA7BB539719890CF2E45568C544DD0EECEC44BBA56CCECB792E8BC44 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
18:49:20.0228 0x452c BDESVC - ok
18:49:20.0228 0x452c [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:49:20.0243 0x452c Beep - ok
18:49:20.0259 0x452c [ 8152A6374BB6DAF39C3215903A76F6CF, D991CBA589DB2482F2183EAF4BADD6C92183AF6A6EC48FD97F249AC1C1CC4D38 ] BFE C:\WINDOWS\System32\bfe.dll
18:49:20.0306 0x452c BFE - ok
18:49:20.0306 0x452c [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt C:\WINDOWS\system32\drivers\bindflt.sys
18:49:20.0321 0x452c bindflt - ok
18:49:20.0337 0x452c [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS C:\WINDOWS\System32\qmgr.dll
18:49:20.0400 0x452c BITS - ok
18:49:20.0400 0x452c [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
18:49:20.0431 0x452c BluetoothUserService - ok
18:49:20.0446 0x452c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:49:20.0462 0x452c Bonjour Service - ok
18:49:20.0478 0x452c [ 00C33AC3096BB64BACD5554A55025F8F, E13669966AA69A9C18E8932491F722F595666163DA2C6695C8F415AD55836B53 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
18:49:20.0493 0x452c bowser - ok
18:49:20.0509 0x452c [ 53C4AF4DA254AED8D3EEBA4A319960FA, 707D27136D96044C2C964F34731D43CF94C583059414CFD9033276F999D4BEC0 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:49:20.0540 0x452c BrokerInfrastructure - ok
18:49:20.0556 0x452c [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService C:\WINDOWS\System32\BTAGService.dll
18:49:20.0587 0x452c BTAGService - ok
18:49:20.0587 0x452c [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc C:\WINDOWS\System32\BthAvctpSvc.dll
18:49:20.0618 0x452c BthAvctpSvc - ok
18:49:20.0618 0x452c [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
18:49:20.0634 0x452c BthHFEnum - ok
18:49:20.0650 0x452c [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
18:49:20.0665 0x452c BTHMODEM - ok
18:49:20.0665 0x452c [ 1EB49C9E2716D4924460B2FAA295E313, B96D39479BFD2ABCD3A3BB8897EAD7C5A03DFFD7266E82A1FBA0E7FEAF73E4B8 ] bthserv C:\WINDOWS\system32\bthserv.dll
18:49:20.0681 0x452c bthserv - ok
18:49:20.0696 0x452c [ E3786BEBB7E4003DE324A18069DDA081, 4DDA70CCB011D74811BA51686E6ED9A404EBE549AE6B3CE0DDBCB83D09E8AABA ] bttflt C:\WINDOWS\system32\drivers\bttflt.sys
18:49:20.0696 0x452c bttflt - ok
18:49:20.0712 0x452c [ 03C13BB635635B9152DBF49AA07B728C, F6141576EB54EFE5E329762EC548C7D256EFB57C42A46BB3426B779413F0C975 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
18:49:20.0728 0x452c buttonconverter - ok
18:49:20.0728 0x452c [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD C:\WINDOWS\System32\drivers\CAD.sys
18:49:20.0743 0x452c CAD - ok
18:49:20.0743 0x452c [ 91EACB2FCD384C2D71EAF2BAB3FAA5C5, A3BB724570A9E882E8E6AF8CF29BC03DB77B3D31B87DDF6187C101E1B9C2617F ] camsvc C:\WINDOWS\system32\CapabilityAccessManager.dll
18:49:20.0775 0x452c camsvc - ok
18:49:20.0775 0x452c [ 407B33DE151A3DFCF564AC4270E44B1D, 8B1419FEDDCEF9F9F239B4C1A629F4F2748FC09CF3E38CA01D8D6D1D32252346 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
18:49:20.0790 0x452c CapImg - ok
18:49:20.0790 0x452c [ D3CBC6DE5955D014407C7BD1FFE80F00, 9D185AED383FCBF16EE63192452DE888D8485D7BD9C0257BF92A68C42120A1B8 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:49:20.0821 0x452c cdfs - ok
18:49:20.0821 0x452c [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
18:49:20.0868 0x452c CDPSvc - ok
18:49:20.0868 0x452c [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
18:49:20.0900 0x452c CDPUserSvc - ok
18:49:20.0915 0x452c [ AD4D24434C058AFAFD5AB319B4BF5B66, 362470CF93CC1A7B37AFFF8F41C5E0089EDCE16553DC9EC131E7202B52A745A2 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
18:49:20.0931 0x452c cdrom - ok
18:49:20.0931 0x452c [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
18:49:20.0946 0x452c CertPropSvc - ok
18:49:20.0962 0x452c [ 4A08B239F92B319AD31E3916D27AD4B9, 948772689F14090E9E096CF7423CE5D994E3F9964775AD5B2F78C37A987EE980 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
18:49:20.0978 0x452c cht4iscsi - ok
18:49:21.0009 0x452c [ C8EA9376E4D284F9DF24B27AC6E3AB85, DAD3B00A37797E7C80E0C359BA735B65BBBE5DC25480910737D86D2711A6FF8C ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
18:49:21.0056 0x452c cht4vbd - ok
18:49:21.0056 0x452c [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
18:49:21.0071 0x452c circlass - ok
18:49:21.0087 0x452c [ 5619FC2A3AE4F43D4B20D95472ED948E, A5D530FB6AC493FC01489A1D32C311F7D28F0D7B49C950E71F4ADF4FBA302689 ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
18:49:21.0103 0x452c CldFlt - ok
18:49:21.0118 0x452c [ DB26170CF6555B9AFF76CFA067ABCF90, A066E89267783A5E54A36D1CF193916218BE2E1D177F0ACA82E2B86211629806 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
18:49:21.0134 0x452c CLFS - ok
18:49:21.0150 0x452c [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
18:49:21.0181 0x452c ClipSVC - ok
18:49:21.0196 0x452c [ 66CBF6F8FE6F436B315D7FEAF5D2BB40, 0F6AE6412EF73C74EF0EB1866E8CD85AACE4373D5C24F3D0121F5A7420E5A03B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
18:49:21.0212 0x452c CmBatt - ok
18:49:21.0228 0x452c [ 05E7964417FAA5A1F128CDC00D0AC570, 1617C15C27FF0E160F9FED43B39926D4729419F28C2F9152C73DBC2E33140217 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
18:49:21.0243 0x452c CNG - ok
18:49:21.0259 0x452c [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
18:49:21.0275 0x452c cnghwassist - ok
18:49:21.0275 0x452c [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
18:49:21.0290 0x452c CompositeBus - ok
18:49:21.0290 0x452c COMSysApp - ok
18:49:21.0290 0x452c [ 3799A9DFB162D9AAD6AC12CB8185FD19, 942F2777049166EC43F93177F0084EA08B06CE9107AF55337124FE25CCB158C4 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
18:49:21.0306 0x452c condrv - ok
18:49:21.0322 0x452c [ 9D1E4820F8EE2DD5B9720C8DC62F4C4F, 82BC0228B88A745C628A6B1625FF597426CAAB791E629D00FA780A2B4DAE7175 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
18:49:21.0353 0x452c CoreMessagingRegistrar - ok
18:49:21.0368 0x452c [ 6C6073B45D65887A6035F1A8D073274A, F002B25E05D0894CD12BA3D046E11D4AD6F0BCE8796618B0EE54851223A65C15 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
18:49:21.0384 0x452c CryptSvc - ok
18:49:21.0384 0x452c [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam C:\WINDOWS\system32\drivers\dam.sys
18:49:21.0400 0x452c dam - ok
18:49:21.0431 0x452c [ 8CE6D7338F84B228450C8240BB77DB16, 3580ACCD3D1D31E2BA90A1A0FE7CE1FFBD12CF00931098664AAD2EA42F075FEF ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:49:21.0462 0x452c DcomLaunch - ok
18:49:21.0478 0x452c [ 7ECF8E55CAF04A8F7F7498C55A6EDAC5, F6E033A10338AD8746E1538B12B1B470E8F97210E4564893568D0C7EB165D794 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
18:49:21.0509 0x452c defragsvc - ok
18:49:21.0525 0x452c [ 8DF502E8116C625387DD789936D7A0C2, D42661E068F401199FAEA012C200EEF02C1409A09DACD30E6B08E3FBE4149BFA ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:49:21.0540 0x452c DeviceAssociationService - ok
18:49:21.0556 0x452c [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
18:49:21.0572 0x452c DeviceInstall - ok
18:49:21.0587 0x452c [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
18:49:21.0603 0x452c DevicePickerUserSvc - ok
18:49:21.0634 0x452c [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
18:49:21.0665 0x452c DevicesFlowUserSvc - ok
18:49:21.0665 0x452c [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
18:49:21.0681 0x452c DevQueryBroker - ok
18:49:21.0697 0x452c [ 9E74A900CCCA3EA6C8533CF94B3F8223, A585A0EBCC604981BB648B709903A263CECC5D589F65411C297D0D68864947AE ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
18:49:21.0712 0x452c Dfsc - ok
18:49:21.0712 0x452c [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
18:49:21.0728 0x452c dg_ssudbus - ok
18:49:21.0728 0x452c [ 51D1F76C6EC94B0773D276C91B06A781, DF3E512D1FFA1E7AA75D4CEDD5D5AB8DAA13BE5C8427B6A4F064FDCF455C9589 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
18:49:21.0759 0x452c Dhcp - ok
18:49:21.0759 0x452c [ FF05980EEE93D2B4AB1284BF21D7F12B, 026C8489CC9232605B87F02E3276B81DB23A6B64BB66C01F0FD6E7D266ECD17C ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
18:49:21.0790 0x452c diagnosticshub.standardcollector.service - ok
18:49:21.0790 0x452c [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc C:\WINDOWS\system32\DiagSvc.dll
18:49:21.0806 0x452c diagsvc - ok
18:49:21.0853 0x452c [ E74FCFD1499A4F816A99D35E297CCE63, 9C6D75200A8D0932CA77F68D78F11B89B0A45441ABB1662BE69567FE13138D19 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
18:49:21.0947 0x452c DiagTrack - ok
18:49:21.0962 0x452c [ A79FCB89805FA9EA9F48B671A4591D4E, 13CA8B9CB35DF9F8EFFF8E6ECC0F65E4F179FA9BEF4B68F3382CA4A6BF14FA54 ] Disk C:\WINDOWS\system32\drivers\disk.sys
18:49:21.0978 0x452c Disk - ok
18:49:21.0993 0x452c [ 89FC056F9CEFB85FC7159AA063904AFF, 6B6F86F87C48EE92F616D4EEE624C9711D0606FD651F3B1D4DD5EF3767B76750 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
18:49:22.0025 0x452c DmEnrollmentSvc - ok
18:49:22.0025 0x452c [ F69D7A5D7EDEE16B85F08040836FB09C, 944730FA6CA6ED0ECA85848A2F00EE1E647F7DD4CC37E557A812ECE8A92B3999 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
18:49:22.0040 0x452c dmvsc - ok
18:49:22.0040 0x452c [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
18:49:22.0056 0x452c dmwappushservice - ok
18:49:22.0072 0x452c [ E65844BC31FE3687A745C2E48C845CBC, 826845A9FC00E4D68CDE5FA5C293DF6D41DB0E8D15B43647A1335F0A79AFD4D6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:49:22.0103 0x452c Dnscache - ok
18:49:22.0103 0x452c [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
18:49:22.0118 0x452c dot3svc - ok
18:49:22.0134 0x452c [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS C:\WINDOWS\system32\dps.dll
18:49:22.0150 0x452c DPS - ok
18:49:22.0150 0x452c [ AD1BEFBF96C0273925EDC9282557D984, E23B1B043E9EE25054DCEFB10C1C69009DCB1E12675DAE60B00A646735B03D99 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
18:49:22.0165 0x452c drmkaud - ok
18:49:22.0165 0x452c [ 5242DC5849014BCFBB3147B76A899783, 759542B42D9DCC224D9CBD19A0C6B8939417F2F08B547BE07FFA3356918C1ED7 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
18:49:22.0197 0x452c DsmSvc - ok
18:49:22.0197 0x452c [ A8923D6A577D176A90A36A9EC0BD4BCB, 5EC87DA3DF7F1869D9542416651606C7731F4D1BDEC42C8A0D5285292EC7EF7C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
18:49:22.0228 0x452c DsSvc - ok
18:49:22.0228 0x452c [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
18:49:22.0259 0x452c DusmSvc - ok
18:49:22.0306 0x452c [ 357D15FA5C15A44218770B40313E4856, EB5A8C01A9ABED5CE01DBDCCDC20716097351DB2E82684ED5F9488AC1072C249 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:49:22.0368 0x452c DXGKrnl - ok
18:49:22.0368 0x452c [ 7E9A1608894297B133AF5EE18E404208, 9E2E4B4F6133375DB8E490337594BEFB86BA964223FB272A23ADD02FA8065253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
18:49:22.0384 0x452c Eaphost - ok
18:49:22.0446 0x452c [ 75CA88887850A74DDAAAF92500B6D9B9, 1C413719D0E659E20C66B0762B2FC708E55536961A1D9F21906ADBE9CF431489 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
18:49:22.0509 0x452c ebdrv - ok
18:49:22.0525 0x452c [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] EFS C:\WINDOWS\System32\lsass.exe
18:49:22.0540 0x452c EFS - ok
18:49:22.0540 0x452c [ 7E838D857FC55535710C316441459C38, C4673014D3ED3E68E02DB5BE6DB53E45B1E4A3CE2B04B15BFD507AF703A60134 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
18:49:22.0556 0x452c EhStorClass - ok
18:49:22.0556 0x452c [ 49023DD6F646B8C70AE1C105415F3E2B, 16EC2920A2CB71C17BFA7A0E22EDAE1C0E7004C986BEBCA9435F6FDB5D8E64CF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:49:22.0571 0x452c EhStorTcgDrv - ok
18:49:22.0603 0x452c [ 623FB075689986670D16795787632B1F, 93DF0E91B29458B4CA23420715A3BF5784CFDEF9F79F20B30C500861227FF828 ] ElfoService C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe
18:49:22.0634 0x452c ElfoService - ok
18:49:22.0634 0x452c [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
18:49:22.0665 0x452c embeddedmode - ok
18:49:22.0665 0x452c [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
18:49:22.0696 0x452c EntAppSvc - ok
18:49:22.0696 0x452c [ 1DF19D7A941CB06F8EADF89FA0BF59AD, 0A8891AD73AF277B764FA5CF163E6BC29DFFA0E35388A941AE27E001289C0A4A ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
18:49:22.0712 0x452c ErrDev - ok
18:49:22.0712 0x452c [ 1E01F509048BEF78831AC89401B172BD, 34558F56D9AEA8527B84B2BE2A752D181A5D825622EB4B90D454F6D4F971BFED ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
18:49:22.0728 0x452c ESProtectionDriver - ok
18:49:22.0743 0x452c [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem C:\WINDOWS\system32\es.dll
18:49:22.0759 0x452c EventSystem - ok
18:49:22.0775 0x452c [ B2858C386B99A68C3E3F0DFAB935C232, D278EA60AED4C3769B827BF2DEE584135FFDCF9E1380B982A7AEFB531848F4A2 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
18:49:22.0806 0x452c exfat - ok
18:49:22.0806 0x452c [ CE38CED74D85849BB2C9894DCA712615, 087B9EA66C06F8AA185F78E482DCA128B0554B716A1740033FC624414AA1B237 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
18:49:22.0821 0x452c fastfat - ok
18:49:22.0837 0x452c [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax C:\WINDOWS\system32\fxssvc.exe
18:49:22.0868 0x452c Fax - ok
18:49:22.0868 0x452c [ 6701B9973DE98578A491721B4BDE0926, 48D07092E6B44CAA529559DF620BDAA4DFCC16430DBA8178B461E556AC526DE1 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
18:49:22.0884 0x452c fdc - ok
18:49:22.0884 0x452c [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
18:49:22.0915 0x452c fdPHost - ok
Code:
ATTFilter 18:49:22.0915 0x452c [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
18:49:22.0931 0x452c FDResPub - ok
18:49:22.0931 0x452c [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
18:49:22.0946 0x452c fhsvc - ok
18:49:22.0962 0x452c [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
18:49:22.0978 0x452c FileCrypt - ok
18:49:22.0978 0x452c [ A0AF205465482EE0FC6261782629566B, E0C0E9EB327F4DEEDF3E32EB5573A74436829078331A8EA1B795438892EE81B8 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
18:49:22.0993 0x452c FileInfo - ok
18:49:22.0993 0x452c [ 01D83D284E6B37902DB3C4D4DB0649E0, 4376F872575013DE87CA8173FABAD367FFF907086864C106A4C82933EF9DA308 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
18:49:23.0009 0x452c Filetrace - ok
18:49:23.0009 0x452c [ CE9CB1DB00B5007ABFFF0717E748E919, 314E1FA6B0CD9416894EED93ADF3DCB273FF37F6E56EF64C9E7B55E174EB3226 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
18:49:23.0025 0x452c flpydisk - ok
18:49:23.0040 0x452c [ C5374BA2CAE89DE7269EC61A969EF5D5, 520D7A4C50A9FFF308599C6EADDCADD3D9E398718786D82F02F7EE5C30E7D6A2 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:49:23.0056 0x452c FltMgr - ok
18:49:23.0087 0x452c [ 8F528FD267C55ABE2A156C5F6EA6B867, 540A852F250783553E042FC31D3F2D695DADA4777FF31F1BA8B60E3407333277 ] FontCache C:\WINDOWS\system32\FntCache.dll
18:49:23.0150 0x452c FontCache - ok
18:49:23.0150 0x452c [ CE9456F925ADA70ED5A4158F103F9A26, 89753CCCB2E8B1553F077B8F13C63FBEC2EABE7093A6B847477542483347C827 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:49:23.0165 0x452c FontCache3.0.0.0 - ok
18:49:23.0181 0x452c [ 4B5B18BF7E060A7FC7B80D79D542529C, 483E4D96D2E44A135FAD3B9D1AFA05B571418B3BA9864BE751DDA1DAE9D02D77 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
18:49:23.0212 0x452c FrameServer - ok
18:49:23.0212 0x452c [ 835F9C7193B6F9A796DE76897DC56968, 62D6CF40CD6B798E79FF3274DB156DAB17724EDEEC85F6602F3C0EDCDD2DBA11 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
18:49:23.0228 0x452c FsDepends - ok
18:49:23.0228 0x452c [ A01BA0506E07F316483E99D7AD9B6E75, B2CFB3AAE0E49C539C743A7F416CFC0DE2E0CFC2D5AE685F8B1BECBDB95C4308 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:49:23.0243 0x452c Fs_Rec - ok
18:49:23.0259 0x452c [ F00AA662A862BA1B5B0BB9FBDFAE2DFC, 1DBEA358E58370C1BD8D5797382FD22A19E92BA171AB70868359CF921F324CA7 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:49:23.0291 0x452c fvevol - ok
18:49:23.0291 0x452c [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:49:23.0291 0x452c GEARAspiWDM - ok
18:49:23.0306 0x452c [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
18:49:23.0322 0x452c gencounter - ok
18:49:23.0322 0x452c [ EA5EE5EF9765A9157B346DF671952F18, FD0A8DBA6EA3E47D454B877CEC74B7B6BEC8B7A98BE37E9E1110D867009D9EA1 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
18:49:23.0337 0x452c genericusbfn - ok
18:49:23.0337 0x452c [ 6BE6550F1A32796A11EBC58BBC72C44D, 99DC4058EC1B3BF316F1470BF1208F0A2FC72A508BCC9E7548D91BB0FF04376A ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:49:23.0353 0x452c GPIOClx0101 - ok
18:49:23.0384 0x452c [ 3FC2377994D9D63FC128B6C48B22B68F, B47D6BE6FF596A23BBDB7261B1CA9CA67CD138CBF89AEA7A68882E62C0087561 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
18:49:23.0431 0x452c gpsvc - ok
18:49:23.0431 0x452c [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
18:49:23.0447 0x452c GpuEnergyDrv - ok
18:49:23.0447 0x452c [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
18:49:23.0462 0x452c GraphicsPerfSvc - ok
18:49:23.0478 0x452c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:49:23.0478 0x452c gupdate - ok
18:49:23.0494 0x452c [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:49:23.0494 0x452c gupdatem - ok
18:49:23.0509 0x452c [ DED74127C7A2266715C0B8EA2EE75214, 999507BECB4BAAC61317D98311962D446844CAC6271BFFE181F6CD6DFE221465 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
18:49:23.0525 0x452c HDAudBus - ok
18:49:23.0525 0x452c [ 95888B85956AF97320D1F5C354632957, C0218271A17897D4682192AB431658523EC87CB13551B2BDA40576BF766BB26C ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
18:49:23.0541 0x452c HidBatt - ok
18:49:23.0541 0x452c [ 33346BD26BB0AE4361DF1ED00D2876CF, 1777169606573646F7E7D54E01E421F62479DF57FAE86005B1EEFDC06F4898B7 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
18:49:23.0556 0x452c HidBth - ok
18:49:23.0556 0x452c [ 6D767FEB02DF712F783BEEFF09E06431, AB64C61E5729FB27BF9564CA8308D895CFFB992CE8606FDC31EFF01BB1FF8FFE ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
18:49:23.0572 0x452c hidi2c - ok
18:49:23.0587 0x452c [ 542AB7A14235C5227A9307ACF1636F0B, E54C4C4511727F4E70CB1C9259C56D4AC62E70BAB2F42E9AB402C1DF4AF3FA25 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
18:49:23.0603 0x452c hidinterrupt - ok
18:49:23.0603 0x452c [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
18:49:23.0619 0x452c HidIr - ok
18:49:23.0619 0x452c [ 3030F19C6A73367D6D5EEDD157F5D01A, B1F13C2AE334C8CDF15BD96B70E92A81487308D841196A29AE3D1164CDAF9AA2 ] hidserv C:\WINDOWS\system32\hidserv.dll
18:49:23.0634 0x452c hidserv - ok
18:49:23.0634 0x452c [ 6E3FB2047B8AE72E1B5F1C00A5F3E475, A5F791BECA43925D410751C114BCF2FC4A46D7A44BE80B02CD3259C6E271FF31 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
18:49:23.0650 0x452c HidUsb - ok
18:49:23.0666 0x452c [ 621B1FFB2E4E4745484EA01B013BF1D2, 6F6761922EF931DB95D6597A5884DEB3CC127FB9D763A5A27369F7881DE64B8D ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
18:49:23.0681 0x452c HpSAMD - ok
18:49:23.0697 0x452c [ 100CE4CEB62568F1B7B45AD1D8BE53D9, 31543F6EC6E4A20721B748979AD41C7E3FBF633333DDC2AE3F2B5E333EE4237F ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
18:49:23.0728 0x452c HTTP - ok
18:49:23.0728 0x452c [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash C:\WINDOWS\System32\drivers\hvcrash.sys
18:49:23.0744 0x452c hvcrash - ok
18:49:23.0744 0x452c [ 64A94654E5703D2E8830AA2500D8F0A4, A1E3C910DFF1485E412F01076A11B9441161224C0F08A9067082A9FD8A5D8E5B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
18:49:23.0759 0x452c HvHost - ok
18:49:23.0759 0x452c [ 621042C19113527CF8FA89F3454576BF, AB072C44B9BA8CD3AFE0DA33E42A69210AE87F4314FA3A0DF984DDF12516F063 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
18:49:23.0775 0x452c hvservice - ok
18:49:23.0775 0x452c [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101 C:\WINDOWS\system32\Drivers\mshwnclx.sys
18:49:23.0791 0x452c HwNClx0101 - ok
18:49:23.0791 0x452c [ FE36689912DEC37D45B7A6C6414046FE, 3AE4E52B4ECD50ABEF67DCD1E30E409908F53624D9854BDD472352E8B280F19D ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
18:49:23.0806 0x452c hwpolicy - ok
18:49:23.0806 0x452c [ A1133368F47D514D73DD7FB4C4FD2B75, 6019DABCAB9E2941D76EC62F4352FA76DDCD964671C490730BF725CA2234CA3D ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
18:49:23.0822 0x452c hyperkbd - ok
18:49:23.0837 0x452c [ B68252C53556FFB52CCE18FF30FACA99, 0463FB8661A9EF338EFBBE43EE76C63DE170510D0E9B612D62009D7D85669365 ] HyperVideo C:\WINDOWS\System32\drivers\HyperVideo.sys
18:49:23.0853 0x452c HyperVideo - ok
18:49:23.0853 0x452c [ DA179667B8CEC22E4ECBBF4210DC0E35, 70CDB592E1775919B9AB1810A7BA18FE4851FBD493E4772741F36FC11A4CA47E ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
18:49:23.0869 0x452c i8042prt - ok
18:49:23.0869 0x452c [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
18:49:23.0884 0x452c iagpio - ok
18:49:23.0884 0x452c [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
18:49:23.0916 0x452c iai2c - ok
18:49:23.0916 0x452c [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
18:49:23.0931 0x452c iaLPSS2i_GPIO2 - ok
18:49:23.0931 0x452c [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
18:49:23.0947 0x452c iaLPSS2i_GPIO2_BXT_P - ok
18:49:23.0962 0x452c [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
18:49:23.0978 0x452c iaLPSS2i_I2C - ok
18:49:23.0978 0x452c [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
18:49:23.0994 0x452c iaLPSS2i_I2C_BXT_P - ok
18:49:23.0994 0x452c [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:49:24.0009 0x452c iaLPSSi_GPIO - ok
18:49:24.0009 0x452c [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:49:24.0041 0x452c iaLPSSi_I2C - ok
18:49:24.0041 0x452c [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
18:49:24.0072 0x452c iaStorA - ok
18:49:24.0087 0x452c [ 26405FA714257E449581DE5D6E6200E6, 1C3055AF6BB53308B7E6268A11929881263767619FF524674C51C03B7990C0A8 ] iaStorAVC C:\WINDOWS\system32\drivers\iaStorAVC.sys
18:49:24.0119 0x452c iaStorAVC - ok
18:49:24.0119 0x452c [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:49:24.0119 0x452c IAStorDataMgrSvc - ok
18:49:24.0134 0x452c [ 11AC0355FE52CC8813EE6864DE7531E4, 4D77C451C230395E03B3DB592B1BDCDB8B2142961906A25F0FD070D3A8B670EB ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
18:49:24.0150 0x452c iaStorV - ok
18:49:24.0166 0x452c [ 62CD9FA7394BCDF7784CCEFC9D00C9AA, 2A09A921EBD998EC45470675FC8D803EAE5F9E2E16B9313591987AA574835CFE ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
18:49:24.0181 0x452c ibbus - ok
18:49:24.0197 0x452c [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc C:\WINDOWS\System32\tetheringservice.dll
18:49:24.0212 0x452c icssvc - ok
18:49:24.0228 0x452c [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:49:24.0228 0x452c IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:49:24.0228 0x452c Detect skipped due to KSN trusted
18:49:24.0228 0x452c IDriverT - ok
18:49:24.0228 0x452c [ EB7BA65AA0EDF27EAB0109AC73F2779C, EB952C72CBB43A07E1E8AC003323CD7C5E2ED7AFC5E06973F7BDB0C702C5630D ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
18:49:24.0244 0x452c IJPLMSVC - ok
18:49:24.0259 0x452c [ 25793D173BD83ACF8B248C97ABC3B860, 0133EEB7C08E02F3C732FA89381920E5C4BB0CD2190E49C19619FAB43C68708A ] IKEEXT C:\WINDOWS\System32\ikeext.dll
18:49:24.0306 0x452c IKEEXT - ok
18:49:24.0306 0x452c [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
18:49:24.0322 0x452c IndirectKmd - ok
18:49:24.0353 0x452c [ CC03A8D6443D1BB148A499366612683E, 1EF1A69B60CAB33F63C9A58B2DA0B0FCD8F21AA122F4CE8D953682C20A4BA585 ] InstallService C:\WINDOWS\system32\InstallService.dll
18:49:24.0400 0x452c InstallService - ok
18:49:24.0462 0x452c [ 8CAA2A543155675D09B0D5239E31EC99, 033CF96E110136A59E01C4D26FE3681862C0993938959059A37A34DC1C0E1D49 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
18:49:24.0525 0x452c IntcAzAudAddService - ok
18:49:24.0556 0x452c [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:49:24.0572 0x452c Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
18:49:24.0572 0x452c Detect skipped due to KSN trusted
18:49:24.0572 0x452c Intel(R) Capability Licensing Service Interface - ok
18:49:24.0603 0x452c [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:49:24.0619 0x452c Intel(R) Capability Licensing Service TCP IP Interface - ok
18:49:24.0619 0x452c [ F1B552F7ACDF6E3E4DDDB76118CAFDE3, C4047BAAECF6FA3B73EB684F53C7F81A08AA39F42F8DC7C31BF35DFA93B7C647 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
18:49:24.0634 0x452c intelide - ok
18:49:24.0634 0x452c [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
18:49:24.0650 0x452c intelpep - ok
18:49:24.0666 0x452c [ 2CEF9DEB97B2CA327175EE8AD5F195A1, 1D6A3B47A844A235B73F8DC2BF872A943FE980480480843EDD5935307C115B3E ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
18:49:24.0681 0x452c intelppm - ok
18:49:24.0681 0x452c [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
18:49:24.0697 0x452c iorate - ok
18:49:24.0697 0x452c [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:49:24.0712 0x452c IpFilterDriver - ok
18:49:24.0728 0x452c [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
18:49:24.0775 0x452c iphlpsvc - ok
18:49:24.0775 0x452c [ 5C58142E0F1F8AA379748CC123BA7527, 1D6D42F2595DF3C0EE8FEF751F13119951A2D040D2B22A7F0CBD6083B49F8A37 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:49:24.0791 0x452c IPMIDRV - ok
18:49:24.0791 0x452c [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
18:49:24.0806 0x452c IPNAT - ok
18:49:24.0822 0x452c [ 3A531CF0C87FBB197A5F4CE2C450454E, 186C21F5C36642C05C5D0C4EC8930CE6BA83D8905B2928133BDEC16990F73700 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:49:24.0853 0x452c iPod Service - ok
18:49:24.0853 0x452c [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT C:\WINDOWS\System32\drivers\ipt.sys
18:49:24.0869 0x452c IPT - ok
18:49:24.0869 0x452c [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
18:49:24.0884 0x452c IpxlatCfgSvc - ok
18:49:24.0884 0x452c [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda C:\WINDOWS\system32\drivers\irda.sys
18:49:24.0916 0x452c irda - ok
18:49:24.0916 0x452c [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
18:49:24.0931 0x452c IRENUM - ok
18:49:24.0931 0x452c [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon C:\WINDOWS\System32\irmon.dll
18:49:24.0947 0x452c irmon - ok
18:49:24.0947 0x452c [ 38A6EC08D0067DECF7B5BA4C871B846C, 0FAB8EACA2BB4A0BF3895B6BB7CA9BCF74447CF640535A57998C6A4A35EAC030 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
18:49:24.0962 0x452c isapnp - ok
18:49:24.0978 0x452c [ 5529131AAB75E07D9295B19E20C54DAE, C2F2C7D33945C13DDC5EF540581772CEF73EFB23F19E6BCDBB6A99D8C96A302B ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
18:49:24.0994 0x452c iScsiPrt - ok
18:49:24.0994 0x452c [ C35FD802C800F3CBB4FD426D5A542A22, B2325956DB68222C5FBB43DFA0BF5EEC073470010E13997F2A5635CC89D66872 ] ItSas35i C:\WINDOWS\system32\drivers\ItSas35i.sys
18:49:25.0009 0x452c ItSas35i - ok
18:49:25.0009 0x452c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:49:25.0025 0x452c jhi_service - ok
18:49:25.0025 0x452c [ 17F3B012B28F27E7B813A7B037A3D790, DADE75BB016438B7E0A11A1CF1FFA596C27246EF7F4E04D96366029C9F65F0C5 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
18:49:25.0041 0x452c kbdclass - ok
18:49:25.0041 0x452c [ 843B4BBD15DD0340C5C293CD419D4A76, F6D17CCE13697669DA4EF1F83E394F5496C437496E0E09307F8B615DE3216CC5 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
18:49:25.0056 0x452c kbdhid - ok
18:49:25.0072 0x452c [ 5BBB86F3F1700E0ACE1DF10F0EF7B227, 348FE61522F8C24F407F87D2966F62BD816DF27CD824AC103699CA66EE799640 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
18:49:25.0087 0x452c kdnic - ok
18:49:25.0087 0x452c [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] KeyIso C:\WINDOWS\system32\lsass.exe
18:49:25.0103 0x452c KeyIso - ok
18:49:25.0103 0x452c [ D54931F61470509C2DEBF6B99F9C314F, D054A3E8EC01AF0175B7764E98E0C764F5CD446C89E156FE4035D032CC30B026 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
18:49:25.0119 0x452c KSecDD - ok
18:49:25.0134 0x452c [ C52C20AACA6DEB2711C247CA24008CF1, B64D033983F4516977B31BB6A622A2A661B6AE89366031C86E1C8481DE741525 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:49:25.0134 0x452c KSecPkg - ok
18:49:25.0150 0x452c [ 10F2EBC1F1C4549C355781715DE47B66, 9D23CBA56245532D88396DF99C62A26E71A7EEEF7CD8BA98FFF9FD2804DDF946 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
18:49:25.0166 0x452c ksthunk - ok
18:49:25.0166 0x452c [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
18:49:25.0197 0x452c KtmRm - ok
18:49:25.0197 0x452c [ 081D030BC669BDEDC68B8FE81A67E6A7, B5C1FA89ACAE1683A524CD14E2D7D6C3C1FAE0ABCD330841D493FC6DB0843798 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
18:49:25.0228 0x452c LanmanServer - ok
18:49:25.0244 0x452c [ 514E8BD07F42D95667F54777D57403D0, 3D024A18F7AC70A846FAB3255AA1048F8DD1DC4301F1B70B647B71F5E7A1AA24 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:49:25.0259 0x452c LanmanWorkstation - ok
18:49:25.0275 0x452c [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
18:49:25.0291 0x452c lfsvc - ok
18:49:25.0291 0x452c [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
18:49:25.0306 0x452c LicenseManager - ok
18:49:25.0306 0x452c [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
18:49:25.0322 0x452c lltdio - ok
18:49:25.0338 0x452c [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
18:49:25.0353 0x452c lltdsvc - ok
18:49:25.0369 0x452c [ BD35F484DA59014D091736F8F10BFB42, 7004408EEE281BA707248369910483928A15F3304F4A8F594EA2E04D43929926 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
18:49:25.0384 0x452c lmhosts - ok
18:49:25.0384 0x452c [ 08E2B577DB95156F9A658C988EE71F5D, D229FFD97EE9478169D2418A722FD2AD6AD10108FF1B0156BE9A1ADF38B5633A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:49:25.0400 0x452c LMS - ok
18:49:25.0416 0x452c [ 48380096385DB46E43D85CD92B9500DB, D93F4FDAA5A665E09004F7676E821AEAD0ED059F0E006FF73F02BB8FF1C0F9FC ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
18:49:25.0431 0x452c LSI_SAS - ok
18:49:25.0447 0x452c [ F708223E5829510DF0D5AF209D11C8B8, DE82ACC6D04092C22BA4E63CF527814467870A10B93D7E9B061DBA23CEF9424B ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
18:49:25.0463 0x452c LSI_SAS2i - ok
18:49:25.0463 0x452c [ B91BCC8F670F128A4BB826ACF2C2B9D5, D905232E3E49EA6CACE04CDB241D12CA9E84F106D15340C921B980610C1080FB ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
18:49:25.0478 0x452c LSI_SAS3i - ok
18:49:25.0478 0x452c [ FA31CDF977CD31AF9AEAAA422966ACC1, 705761786930A2534CD1B797F5F16F56F58647192175F5D19E13642A89462CAA ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
18:49:25.0494 0x452c LSI_SSS - ok
18:49:25.0509 0x452c [ 52B6D805C60127F0456DF019775F5740, 3005C49349072EDD68DBFC6DBF884FC75E060920EA3FA90A60C39F5A83939595 ] LSM C:\WINDOWS\System32\lsm.dll
18:49:25.0541 0x452c LSM - ok
18:49:25.0541 0x452c [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
18:49:25.0556 0x452c luafv - ok
18:49:25.0572 0x452c [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc C:\WINDOWS\System32\LanguageOverlayServer.dll
18:49:25.0588 0x452c LxpSvc - ok
18:49:25.0588 0x452c [ 1C1FF36E51F73989FB4DD2DBAFAE11EC, B5C0B169BFEF5FD769745F924B3F30C960A555F8B0C0C7315B273435D9F246D5 ] MapsBroker C:\WINDOWS\System32\moshost.dll
18:49:25.0619 0x452c MapsBroker - ok
18:49:25.0619 0x452c [ BD3D311802427608403C5E73A8D6137D, C85DCB557E931E302AF90270731C3F5AA820CDF14D7DBACA95284FD9E4BF5F3D ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
18:49:25.0650 0x452c mausbhost - ok
18:49:25.0650 0x452c [ 61C2D9790943D8E3AD05AE35E4A313EF, 96BBA5333F4AEEE41FAD28124DD448CFECD8111F931758CAB60FCB1DAA05E239 ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
18:49:25.0666 0x452c mausbip - ok
18:49:25.0666 0x452c [ 0B4A62420642B842DF8656DBFF663B0C, ACB7961ECA32A50FCBD51B194488DDF40E610C2384EDFD06235AE427BCB80C96 ] MBAMChameleon C:\WINDOWS\System32\Drivers\MbamChameleon.sys
18:49:25.0681 0x452c MBAMChameleon - ok
18:49:25.0681 0x452c [ 30531264292DBC7507AA1FF4123F1F39, AD27317BFAB1D5C1B332000DF51336424B4B80AF725392EB4A0FE53DC0695C41 ] MBAMFarflt C:\WINDOWS\system32\DRIVERS\farflt.sys
18:49:25.0697 0x452c MBAMFarflt - ok
18:49:25.0697 0x452c [ 0987B4BB03FA1F3C0C7D37347B707D4E, EDEA667695A680B955F42024AD349A9B795A2365C59312EDCC3FE5BF362F59E6 ] MBAMProtection C:\WINDOWS\system32\DRIVERS\mbam.sys
18:49:25.0713 0x452c MBAMProtection - ok
18:49:25.0806 0x452c [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
18:49:25.0916 0x452c MBAMService - ok
18:49:25.0931 0x452c [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy C:\WINDOWS\System32\Drivers\mbamswissarmy.sys
18:49:25.0947 0x452c MBAMSwissArmy - ok
18:49:25.0963 0x452c [ A2814DB0A52A490AE674AD06ECBDC4CF, D3FA7326AFBC7A5A94F7A4AEC84A51ACAB89179D7CAF0CB5F2AF3794E6DBA7F5 ] MBAMWebProtection C:\WINDOWS\system32\DRIVERS\mwac.sys
18:49:25.0963 0x452c MBAMWebProtection - ok
18:49:25.0963 0x452c [ 61BCE12529E96E6F0335A2A8DEB83C61, BFDD1E52736311CF53AE9C778C664D37B5B711B544BC41BDFB137F7A9789AD2A ] megasas C:\WINDOWS\system32\drivers\megasas.sys
18:49:25.0978 0x452c megasas - ok
18:49:25.0994 0x452c [ CA22763F12783A9C81C512ED747CECDD, 8D2403364D5479D89479FA0C23BB9511A4360F51504F78AA1675220CDCD21398 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
18:49:25.0994 0x452c megasas2i - ok
18:49:26.0009 0x452c [ FDB06D857FC43D654547BBB31D039DB4, 4CBE0F0FBDD88A5DB4F333466BB4E1C886E0742D41B4ED418587B40C4F59B307 ] megasas35i C:\WINDOWS\system32\drivers\megasas35i.sys
18:49:26.0009 0x452c megasas35i - ok
18:49:26.0025 0x452c [ 230361AF74DDB91705284E024A22DF4F, 82F13E3E4A8B3CB6AE65C1C9F878702D16D101B0DCC79B9FF8368F9B87E0F285 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
18:49:26.0056 0x452c megasr - ok
18:49:26.0056 0x452c [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
18:49:26.0072 0x452c MEIx64 - ok
18:49:26.0072 0x452c [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll
18:49:26.0088 0x452c MessagingService - ok
18:49:26.0103 0x452c [ A8931C3820D5F392D89176E0628E766E, 0F035833B1CBABDF9E5142F3E5EB6413DC7DDBF3A0562170018A8EBA20992CA4 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
18:49:26.0134 0x452c mlx4_bus - ok
18:49:26.0134 0x452c [ EB4D7C9354CB88DE4B085EA3EEA5BC76, DD842967ED5A9232AF34E68548C98F9760487D5626C9628A44598A97B28F24D3 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
18:49:26.0150 0x452c MMCSS - ok
18:49:26.0166 0x452c [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem C:\WINDOWS\system32\drivers\modem.sys
18:49:26.0181 0x452c Modem - ok
18:49:26.0181 0x452c [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor C:\WINDOWS\System32\drivers\monitor.sys
18:49:26.0197 0x452c monitor - ok
18:49:26.0197 0x452c [ 66C9CCC6A100ACF7A4514BD3091CE566, 1423EC39D4203D717B79BF2E5F4A89A0541CCEA2162351A670EA46AA69A0859D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
18:49:26.0213 0x452c mouclass - ok
18:49:26.0213 0x452c [ 6BE61DAF4CDC0E13940096EAC4A9F490, 954DA0C9FE3881030EC0B9A428C2C2BBC86353EC9421009AC48FDC047315160F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
18:49:26.0228 0x452c mouhid - ok
18:49:26.0228 0x452c [ 2CFB54C638F75E39FBB22723401A8A56, 5E4B1107534AF4ADCD031FC4931B6819B8371720A3D68B5C9788C2AB34DA2C21 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
18:49:26.0244 0x452c mountmgr - ok
18:49:26.0259 0x452c [ 1D8121F646343BD58B25ACBD0E5E9A8A, 5189E054F64159931B11699AAB3B0F9C21170253BED8B9271B74FDB452FBD263 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:49:26.0259 0x452c MozillaMaintenance - ok
18:49:26.0275 0x452c [ E2E2C07657D8A724FC0B97E828E89701, B72D0C08CB7C7E647E01E19D717D4A6B97E14A60F6600E4039EBE4F26F576D8D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
18:49:26.0291 0x452c mpsdrv - ok
18:49:26.0306 0x452c [ A69A8D833AB4C94710E00604EAC09BA7, DDE0563780CE6F43ADB0D8DD7993C3576ED49EC1AF35AE7BE3F644CD4C2B545C ] mpssvc C:\WINDOWS\system32\mpssvc.dll
18:49:26.0338 0x452c mpssvc - ok
18:49:26.0353 0x452c [ 1E49E45D68E4E7779B9E36F39407C5D9, 08E422BE41A69EE3D9AC482DED2A35D0EF1F366CCC7E6675720479D28E23B6A8 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
18:49:26.0369 0x452c MRxDAV - ok
18:49:26.0385 0x452c [ 3C0FA2ED75875481D00F3D77B1A3E336, 031E1A6F826CEDB44D9FAAA1615872087B822F7A4E0731D3023AEF1CFCD10A2F ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:49:26.0400 0x452c mrxsmb - ok
18:49:26.0400 0x452c [ 42FE3D84EFE835443151DC2A50D05643, 3582EA0CAA2A02AA9A6FDECF9DE0F962BF10FB1C2E7E804A3F0D62C4A4C365B1 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:49:26.0416 0x452c mrxsmb20 - ok
18:49:26.0431 0x452c [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
18:49:26.0447 0x452c MsBridge - ok
18:49:26.0447 0x452c [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC C:\WINDOWS\System32\msdtc.exe
18:49:26.0478 0x452c MSDTC - ok
18:49:26.0478 0x452c [ 128E1D8C23F690DF1DD7AFDB214DB6ED, 9A04B77E91956B76B2FA2FE5F192C794E0C1DA708AE99B64B3B3D39902452E39 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:49:26.0494 0x452c Msfs - ok
18:49:26.0494 0x452c [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:49:26.0510 0x452c msgpiowin32 - ok
18:49:26.0510 0x452c [ D727DEA75E316C80793C7098225D3F56, F6E7F01DDDED03E29BE64796873875A4CC7215B3C8152192A465EE2E76FFC8A1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:49:26.0525 0x452c mshidkmdf - ok
18:49:26.0525 0x452c [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
18:49:26.0541 0x452c mshidumdf - ok
18:49:26.0556 0x452c [ 8E42D6B92CB4567467E29F58F2E31715, F1EEB6811526C079EF8C3702A535B23FA14C5A33CA2B14C9A65BAE136568B724 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
18:49:26.0556 0x452c msisadrv - ok
18:49:26.0572 0x452c [ C9930B9F2ABF42C732202813951A9A26, FFCE4E4FEC9F8393C75828C1D5CC380A666D4606891789D3A6923CE6701D5D99 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
18:49:26.0588 0x452c MSiSCSI - ok
18:49:26.0588 0x452c msiserver - ok
18:49:26.0588 0x452c [ 6CF0815F0A75828CE1E0EE87EF0082F9, 5F6C7DE2A9EE5E98C02B903F13EF98C95162DAECEC08098972507F626BD71F4B ] MSKSSRV C:\WINDOWS\System32\drivers\MSKSSRV.sys
18:49:26.0603 0x452c MSKSSRV - ok
18:49:26.0619 0x452c [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
18:49:26.0635 0x452c MsLldp - ok
18:49:26.0635 0x452c [ 83364A92271339D8042C9DD5FD938A84, 23B9A90411DEF1ABA0A9EBFA6CC39F7EA2BFABD578F3783AD398551816AFEC2A ] MSPCLOCK C:\WINDOWS\System32\drivers\MSPCLOCK.sys
18:49:26.0650 0x452c MSPCLOCK - ok
18:49:26.0650 0x452c [ AE5A4B89CDFF544B6481970BFD48A056, 6BE9ABE33305387AA61B29AB075C2C72CCFC01A7E86C573B6BE9B4A0FFA9D3EC ] MSPQM C:\WINDOWS\System32\drivers\MSPQM.sys
18:49:26.0666 0x452c MSPQM - ok
18:49:26.0681 0x452c [ AA4B272A4083356918D96679C74701C2, 42A053E5876761E87CDFC504D76749BE6236BAD275F0ECFD8B8BA1C1658CC73F ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
18:49:26.0697 0x452c MsRPC - ok
18:49:26.0697 0x452c [ 4566CB65F176CE5CD8FCA487D2E3A64B, C058E431ED6D3F83A6C923648A79664A61A25F8797DA83C4AE25B491CC195F30 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
18:49:26.0713 0x452c mssmbios - ok
18:49:26.0713 0x452c [ 8A11E03B32840C0B73C14D16794F1A8A, A003C44F5234522454E285D388E506B7880CCE5FCE5622618F97C2DFFC6EA9DB ] MSTEE C:\WINDOWS\System32\drivers\MSTEE.sys
18:49:26.0728 0x452c MSTEE - ok
18:49:26.0744 0x452c [ 794285C4F166B8108292E63FEA3C41E3, 69BB7DDB7D6F3D21395432384FB06E114B2C343664CD62A5DE1A95FBC0F5AEDD ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
18:49:26.0744 0x452c MTConfig - ok
18:49:26.0760 0x452c [ EEB9D3E90B83546864211D63C1A0A74A, E67118F7B91A192B50C9C2DC159B4276BBD8BF9CC935ABADA459E4DF4191066A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
18:49:26.0775 0x452c Mup - ok
18:49:26.0775 0x452c [ 69CECA6726FAD321F5643B16A1FF3934, 8F43BEC668DD0A1D65D3B545B78AF4324AE36DCC3524B7CF3385FE2B19CB6B07 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
18:49:26.0791 0x452c mvumis - ok
|
|
08.06.2018, 18:03
| #18 |
| | Habe mir (vermutlich) ein Virus eingefangenCode:
ATTFilter 18:49:26.0806 0x452c [ B66E5DDF484DE03D61B83118E45D5E11, ECADFC9178CC957498F54F22758F4944C23CE692653DA1862061C9382AE8FD23 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:49:26.0822 0x452c NativeWifiP - ok
18:49:26.0838 0x452c [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
18:49:26.0885 0x452c NaturalAuthentication - ok
18:49:26.0900 0x452c [ 0CB8324F6CB624812FD9D4FE9186F845, 15E939AF3F11FD109BF7678C010F2C9C883DFA375A4A18FDE24B3C960C983B84 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
18:49:26.0916 0x452c NAUpdate - ok
18:49:26.0931 0x452c [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
18:49:26.0947 0x452c NcaSvc - ok
18:49:26.0947 0x452c [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService C:\WINDOWS\System32\ncbservice.dll
18:49:26.0978 0x452c NcbService - ok
18:49:26.0978 0x452c [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
18:49:27.0010 0x452c NcdAutoSetup - ok
18:49:27.0010 0x452c [ AB9EB3CADF4D415B598487397476A23A, EA48BC5CCD9814F6CA50485818BA150A1066D462306764C197935A926DF0565E ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
18:49:27.0025 0x452c ndfltr - ok
18:49:27.0041 0x452c [ 5269DDC879DF5FEA2B7DB91AA4726CCA, 14B0A7A03A1A49D7018F8E82A8B95BEDCBF444535B4FF4A38157FC4FD61FA72B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
18:49:27.0072 0x452c NDIS - ok
18:49:27.0088 0x452c [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
18:49:27.0103 0x452c NdisCap - ok
18:49:27.0103 0x452c [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
18:49:27.0119 0x452c NdisImPlatform - ok
18:49:27.0135 0x452c [ 4C8BBD7EE829CE9BFB8E21134AC477E0, ED8E0D603AFFA4BD7C7057B7B10FEB811B89CB8C6D66EC8212AC24062D58CEDB ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:49:27.0150 0x452c NdisTapi - ok
18:49:27.0150 0x452c [ 76DB7B344F90A29A16CB6B7C67B87CF6, 921E6AF5B22CF3A9E153F6A6F5E3FFE64BE49959AD705F865D2734B0F8A07517 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
18:49:27.0166 0x452c Ndisuio - ok
18:49:27.0166 0x452c [ A76D79B71300EB3FEDD3D12D4C6F1D76, 9B20C3716DDD9EECCDDFA2C4F1A9ACA512B612A8CDFC8C22B2F867280AE51A3B ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:49:27.0181 0x452c NdisVirtualBus - ok
18:49:27.0197 0x452c [ DA9896F6ED9EAFDAC19177ADF99DD932, A89EA83567059A59058C0330951B292C1FD98A829276618703570293C73E2FFE ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
18:49:27.0213 0x452c NdisWan - ok
18:49:27.0213 0x452c [ DA9896F6ED9EAFDAC19177ADF99DD932, A89EA83567059A59058C0330951B292C1FD98A829276618703570293C73E2FFE ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:49:27.0244 0x452c ndiswanlegacy - ok
18:49:27.0244 0x452c [ 934E4A5CFD9CB891CD338052FA3467C6, 0D7C1709E6C818E2DA969220C888BF3A28D0952E73322EDDFF66AFEEB03A3103 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
18:49:27.0260 0x452c ndproxy - ok
18:49:27.0260 0x452c [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
18:49:27.0291 0x452c Ndu - ok
18:49:27.0291 0x452c [ A704515CF3038668E9E2CA66E31A0700, 0F5A75AC5FF8E021D15D89ACE4C4D215825D931097E1BB633F46177E36F40157 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
18:49:27.0307 0x452c NetAdapterCx - ok
18:49:27.0323 0x452c [ DD09E3115DF2CDB36FED21E67149EB91, F2FAD5091F456E593FB25843026C5F2440D3605E5355F5FEFBFEF5E9E70DDED6 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
18:49:27.0323 0x452c NetBIOS - ok
18:49:27.0338 0x452c [ 045A018E0BA5F9B75C5928A31C0E822C, 4285B752D5D1BC601B43537064DCE385F52A46D13E7988088B3BF2E2ADF3E2F2 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:49:27.0354 0x452c NetBT - ok
18:49:27.0369 0x452c [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:49:27.0385 0x452c Netlogon - ok
18:49:27.0385 0x452c [ C3D07481FDD607F9B66B2CF1D8E26EF0, 5B20EAE39884B103F83A36E9AA55BA8932432344C7BADB11D8B827C07C7999E4 ] Netman C:\WINDOWS\System32\netman.dll
18:49:27.0401 0x452c Netman - ok
18:49:27.0416 0x452c [ E9931F57F05696CBF53A086449D97BF6, 986C99033AA10A258F0CC42727B14C5812BC76AB535CDF54FCA1B038C4BF9546 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
18:49:27.0448 0x452c netprofm - ok
18:49:27.0463 0x452c [ C8B1AF912319FEF251288BDD27E9576D, 0A8C2CDE353C23F076F6ED8609F3074116179B3C8BF7700324250689FDB2331C ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
18:49:27.0479 0x452c NetSetupSvc - ok
18:49:27.0494 0x452c [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:49:27.0510 0x452c NetTcpPortSharing - ok
18:49:27.0510 0x452c [ DA8548D75434CE421BF921BAAC0916D9, 3A7E1D5EC02D6D4FD3321A1B8ADB20E99DD556E2D5FE1C98633F06EE6A023A23 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
18:49:27.0526 0x452c netvsc - ok
18:49:27.0541 0x452c [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
18:49:27.0573 0x452c NgcCtnrSvc - ok
18:49:27.0588 0x452c [ DB3589FF79F06EC1967EBA56C7249E3C, C3F1B4687F2AAE869C8566B38DCFE507F8E7201A2241BD5342AAC22A2370D5E4 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
18:49:27.0619 0x452c NgcSvc - ok
18:49:27.0635 0x452c [ BF69FF80C3975B1D1E9428A689A16CB1, 670016D59D2169B44E2EF4CBDE281A34C4E868D2465362B09FA2DBFA393A2804 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
18:49:27.0666 0x452c NlaSvc - ok
18:49:27.0666 0x452c [ 7190932DB00BE83B57C01B5EAC4D746B, A3C7C87874620E042EFCDF64332450ACEDD4FAB7F6C1B2DE97A1C6EDA2DA3055 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:49:27.0682 0x452c Npfs - ok
18:49:27.0682 0x452c [ 218DB396170D77BB94F69B526CC51B8F, 6AACC3C38E22061A210918771D3B087903CB7024AFBD013827864C02CD75A3F9 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
18:49:27.0698 0x452c npsvctrig - ok
18:49:27.0713 0x452c [ 457DAC0D0978F5391E0742ADCB4C2E28, AD53F2FC597E90AFF0795655A36192BA803AD1E737C86FD216CD39E2EC4F9C36 ] nsi C:\WINDOWS\system32\nsisvc.dll
18:49:27.0729 0x452c nsi - ok
18:49:27.0729 0x452c [ A4952889D7C5804F17ABB9F454A371C2, 0FCE2AD4F705805D95993337915607F74CE2AA9EC92919DDE3D2569D6B9B5C13 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
18:49:27.0744 0x452c nsiproxy - ok
18:49:27.0776 0x452c [ 2B98586D5D7D536E8BDD33E276A1EE16, 915323F7F06C5B0A076BE840CAC9385FE1288C3DE1BE0A600F31DA72EB144CCE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:49:27.0838 0x452c Ntfs - ok
18:49:27.0838 0x452c [ C029E5408EEE26C3B4E5BA5D29738DB8, 8463A19A690304DC757E7698FCB59902B6305A0E9C48BF2FB2DF24C1EFA4A6EC ] Null C:\WINDOWS\system32\drivers\Null.sys
18:49:27.0854 0x452c Null - ok
18:49:27.0869 0x452c [ 189E5FCB96ABFEA84239A16062256EE4, F3233B1B14363CD4CD032F43368FD10A42C0BE665F4B13A7E253C327C2B832DB ] nvdimm C:\WINDOWS\System32\drivers\nvdimm.sys
18:49:27.0885 0x452c nvdimm - ok
18:49:27.0901 0x452c [ 8DE05D2A2C15D1A42F7BA85A819DEE0C, 2364C83770D4341C0CB70DF70520212568C3461E3BA90C77AE3CF1090B37D139 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
18:49:27.0901 0x452c NVHDA - ok
18:49:28.0166 0x452c [ 66ED27A828302B0E1FFF74DBB912A9DF, 0D92BCEC1A989245A2A1D4738DC141ACABF8A8E0461565246A3AF8C12FA606DE ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys
18:49:28.0448 0x452c nvlddmkm - ok
18:49:28.0463 0x452c [ 1F50ED95984009BF3634D6BD1A16FA5B, 650A25B2419331D95B1E4C26DE253AC3500374EDEFC5DB55CD5D5884A26783F0 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
18:49:28.0479 0x452c nvraid - ok
18:49:28.0479 0x452c [ D6C14906B78F235461EEF96A886830D4, 5D0EDE46EB9965C494B994F7071696C91C0C01352D1B000501E7B55F54F11952 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
18:49:28.0494 0x452c nvstor - ok
18:49:28.0510 0x452c [ 33486D139DB345A3D3245C4B57FDADC7, B1DFB0210F264572B641D25D9A8C3E558ADBFA097713DCCCD8F8C328B6687EAA ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:49:28.0510 0x452c NvStreamKms - ok
18:49:28.0526 0x452c [ 64473C7916BAF33FE73F1A44C559E672, 033F37F4B91ACAB7569F5CBA5542D3CC063C030C751209CE7C468052476A9BF8 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
18:49:28.0541 0x452c NvTelemetryContainer - ok
18:49:28.0541 0x452c [ 036A8C30C662397A2D882D9AFF99089F, C7AC0E6F7E3275890E36CA052C9DFF1D6D16D9F6102856D51AF088641C7B5709 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
18:49:28.0557 0x452c nvvad_WaveExtensible - ok
18:49:28.0557 0x452c [ 8BC04BF71C919C669D3D3D459F14F343, 4375AE3857A1AF1FFEF2A224DF3E6AAC269B782C1910E4A3BEF36778679B336E ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
18:49:28.0573 0x452c nvvhci - ok
18:49:28.0573 0x452c [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
18:49:28.0604 0x452c OneSyncSvc - ok
18:49:28.0604 0x452c [ C3E24FBFA4C3291A5E5310609A58DB2E, CC49A52348B880B68CF403D27FB82A2FA4DE0450F37A5F45A40E101D41E5F984 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:49:28.0619 0x452c ose - ok
18:49:28.0744 0x452c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:49:28.0823 0x452c osppsvc - ok
18:49:28.0854 0x452c [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
18:49:28.0885 0x452c p2pimsvc - ok
18:49:28.0885 0x452c [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
18:49:28.0916 0x452c p2psvc - ok
18:49:28.0916 0x452c [ 13B175715A4391E4E5D2AB2EBC8CDBB5, 12BA91A586C5A31FBECEB2D4842E52F79EDD3E2AD4DB169C902B9A120AEC0201 ] Parport C:\WINDOWS\System32\drivers\parport.sys
18:49:28.0932 0x452c Parport - ok
18:49:28.0948 0x452c [ 428B9FAFB0EE6EF66EAAB7B49A96487A, 90892AC924B529B86B42D011B2B2F0556E204650C890FDACABD8051AD6EDB631 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
18:49:28.0963 0x452c partmgr - ok
18:49:28.0963 0x452c [ 0CF87FC2DA60940031D553F8FDF5066B, 95F8A15210D6F431B84C6E18643F93C9D16F53D3FF4873F9A327A77924B4B9F8 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
18:49:28.0994 0x452c PcaSvc - ok
18:49:28.0994 0x452c [ 7B6C0AFE5029A791F23B03EB13194797, E175EF1248ABD178A3C54D2CA910D2F3B7B1AB07A79CB88A383307EC1876C7A0 ] pci C:\WINDOWS\system32\drivers\pci.sys
18:49:29.0026 0x452c pci - ok
18:49:29.0026 0x452c [ C447CDA030A3415711E4E940D2E9B399, 292888AE9D44013D8B12BB1D8803988EFF64957DE682B64FDC82E100646390DA ] pciide C:\WINDOWS\system32\drivers\pciide.sys
18:49:29.0041 0x452c pciide - ok
18:49:29.0041 0x452c [ 753174DF234EA8BBF732986D5F78FCE7, 6BE93B24DA2161DAE5ECBE393729BD4661F04CD0CDEBEBF6D92E9E212FA89D71 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
18:49:29.0057 0x452c pcmcia - ok
18:49:29.0057 0x452c [ 1D05B6DE437515281CD91A16C16529E6, 0FC581E40AF55D916CF428ECF4387C1E909C3361426F1D9F723F9497C9B025D8 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
18:49:29.0073 0x452c pcw - ok
18:49:29.0073 0x452c [ F5F1A092463D6E46E71CC709A65403D1, 9EEB499D54842667B4ECF1036E28926C8AD20515333373D2965C57BC2C7EAD4C ] pdc C:\WINDOWS\system32\drivers\pdc.sys
18:49:29.0088 0x452c pdc - ok
18:49:29.0104 0x452c [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
18:49:29.0135 0x452c PEAUTH - ok
18:49:29.0135 0x452c [ CD9BA1C279BE0E92E971C2B45A7F3D9B, EC6546868718771EE45D07E9E856E5F33DD4339C1115E4479D7DEF4394D141D0 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
18:49:29.0151 0x452c percsas2i - ok
18:49:29.0151 0x452c [ 6D5EA79E82A48B181E18C2C39416E8C8, 4F5EF24FFFABB82B1E9D98DE3275508D458589F729C4976FDB3C2EC51549D414 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
18:49:29.0166 0x452c percsas3i - ok
18:49:29.0182 0x452c [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
18:49:29.0198 0x452c PerfHost - ok
18:49:29.0229 0x452c [ 630C3D645133B759CFC0E354E2A55D11, 094465C2DB324A784EA505C9C2CF06A12326F105EF767126BBDFBFE3D081E6E0 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
18:49:29.0260 0x452c PhoneSvc - ok
18:49:29.0260 0x452c [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
18:49:29.0291 0x452c PimIndexMaintenanceSvc - ok
18:49:29.0307 0x452c [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla C:\WINDOWS\system32\pla.dll
18:49:29.0370 0x452c pla - ok
18:49:29.0370 0x452c [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
18:49:29.0385 0x452c PlugPlay - ok
18:49:29.0401 0x452c [ E8BE4041A69023B6A4D1096EE8436347, 133BAA21852D077EA600F0A09C112F6511ACB792757472891E71185E94135D5B ] pmem C:\WINDOWS\System32\drivers\pmem.sys
18:49:29.0416 0x452c pmem - ok
18:49:29.0416 0x452c [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM C:\WINDOWS\System32\drivers\pnpmem.sys
18:49:29.0432 0x452c PNPMEM - ok
18:49:29.0432 0x452c [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
18:49:29.0448 0x452c PNRPAutoReg - ok
18:49:29.0463 0x452c [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
18:49:29.0479 0x452c PNRPsvc - ok
18:49:29.0495 0x452c [ 9744ADAF8DD679D64A33D828FABA39E1, AE820E529697A2F308E6A24127B3D4A7F02C406DA46A6CB65243EC3F6B400950 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
18:49:29.0510 0x452c PolicyAgent - ok
18:49:29.0526 0x452c [ F39D3876C731BB01BFE8F574188837C8, 51CB5E89397D6A150A05BDD53CC9B90B419A040BE1828C2E7BBD6684FE371588 ] Power C:\WINDOWS\system32\umpo.dll
18:49:29.0541 0x452c Power - ok
18:49:29.0557 0x452c [ 1FB09FD846D5030B82EB345E9970A105, 871D38DD966EDD919B2E0C51125E1834A15A0222E2452605988BFD7E7B37C5C1 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
18:49:29.0573 0x452c PptpMiniport - ok
18:49:29.0620 0x452c [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:49:29.0713 0x452c PrintNotify - ok
18:49:29.0729 0x452c [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
18:49:29.0745 0x452c PrintWorkflowUserSvc - ok
18:49:29.0760 0x452c [ E0E55CDA29C80A9520FCFC78D7F8A73D, 9DE15A73643D71183E568F8F4DD8776D935786BE46F15BFE2DFD607378FC9E58 ] Processor C:\WINDOWS\System32\drivers\processr.sys
18:49:29.0776 0x452c Processor - ok
18:49:29.0791 0x452c [ C974AC54A9D34AF4899E98ECC1784E03, C71B76743AAF1E8490204F7B8204C4B98BD2BFDEE159EEA42A28A23300D3B87C ] ProfSvc C:\WINDOWS\system32\profsvc.dll
18:49:29.0823 0x452c ProfSvc - ok
18:49:29.0823 0x452c [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
18:49:29.0838 0x452c Psched - ok
18:49:29.0838 0x452c [ 29F12CD3F77B65C7E37F8517395B13D2, 690517756A21B3DE4CF4A027AA712FC62DB6F5F2E89B4D2DE220A29C4A36878B ] PushToInstall C:\WINDOWS\system32\PushToInstall.dll
18:49:29.0870 0x452c PushToInstall - ok
18:49:29.0870 0x452c [ F2EECF8977BD3FE4E38743DDCFBECD20, 37AC3692C9159289C0675886930AA1999AE55196192F4EB22634D8DB46E4D9CC ] PxHlpa64 C:\WINDOWS\system32\Drivers\PxHlpa64.sys
18:49:29.0885 0x452c PxHlpa64 - ok
18:49:29.0885 0x452c [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE C:\WINDOWS\system32\qwave.dll
18:49:29.0916 0x452c QWAVE - ok
18:49:29.0916 0x452c [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
18:49:29.0932 0x452c QWAVEdrv - ok
18:49:29.0932 0x452c [ 0FFABEB2D06CD74DDE0BCA510EEAEEBC, 8598F39D312754C92A3776104D596F0C0312712D934B9994B2711F95FA6FE0AE ] Ramdisk C:\WINDOWS\system32\DRIVERS\ramdisk.sys
18:49:29.0948 0x452c Ramdisk - ok
18:49:29.0948 0x452c [ B834761352403111D0113284D8736025, 444D05D5F4CED956AFE48CA29CD59420BDB2B14336D19BE2A28612A851EACF4E ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:49:29.0963 0x452c RasAcd - ok
18:49:29.0979 0x452c [ FA99CE309B66586A0AA6EF9CFF7BC467, 4684EB05828C2153FE94468E7A9A75D8C81F90E700B437C5990BC9451AD39AC7 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
18:49:29.0995 0x452c RasAgileVpn - ok
18:49:29.0995 0x452c [ C7CCE345D0010B3B9AC5067578436BFE, 4473E7D0492B7F0214576861A6AD90363D7F826B5E0DE15A56E93DA94BBF19E7 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:49:30.0010 0x452c RasAuto - ok
18:49:30.0026 0x452c [ 775ED7E51B58CF9EB415A1DBA540DACF, A3035A8A299D35B7A24A347FB8A2DB6B5892FD2A181D90F64CCD4806EA154395 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
18:49:30.0041 0x452c Rasl2tp - ok
18:49:30.0057 0x452c [ 5AD6D0A830EAE44DB17E612824ACDF3D, 2094737D7D6CB8246F12D2020710BA94C1544835FE354524159CF7D4BD7B68CB ] RasMan C:\WINDOWS\System32\rasmans.dll
18:49:30.0104 0x452c RasMan - ok
18:49:30.0104 0x452c [ E2433A620ABF4083157944E4692C500D, 126CA9F9D38FB4FA312A82FEA24C13D0693407384B1BCD55A0CBEFA8E52E1D8A ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:49:30.0120 0x452c RasPppoe - ok
18:49:30.0120 0x452c [ EE5D1D51FA74ECCE57CF2DB8F6A417D8, CC295366C60CAECA7CC32903E3A983635B55A5F5FD6E6BC4FEFE997B8154345C ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
18:49:30.0135 0x452c RasSstp - ok
18:49:30.0151 0x452c [ FFE99C3066FCBC23AA957BD23EC39839, 7FE3F8A0EC0C3C0AB85143C1D325978B99533A2535965DFB989C0A41E6DC2677 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:49:30.0166 0x452c rdbss - ok
18:49:30.0182 0x452c [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
18:49:30.0198 0x452c rdpbus - ok
18:49:30.0198 0x452c [ 52A6CC99F5934CFAE88353C47B6193E7, 37F6991FA526036866E8CFC938A16750644AD764FA52BB102B11B5D594DB7E96 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
18:49:30.0213 0x452c RDPDR - ok
18:49:30.0229 0x452c [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:49:30.0229 0x452c RdpVideoMiniport - ok
18:49:30.0245 0x452c [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
18:49:30.0260 0x452c rdyboost - ok
18:49:30.0291 0x452c [ 03C37A5A2FA13F3B669BC56358FC96CE, E38FE4AC6DDC431DA37FEB667A5C224A1BBE2D9F69949859DCB2628150B8C095 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
18:49:30.0338 0x452c ReFS - ok
18:49:30.0354 0x452c [ 51E5E37F672641BDE9CF004A61529F4D, AE5F7C3706ABE89C99485605C3FD03FD016A0A462A733BBD58A85BDC584615AA ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
18:49:30.0385 0x452c ReFSv1 - ok
18:49:30.0401 0x452c [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:49:30.0432 0x452c RemoteAccess - ok
18:49:30.0432 0x452c [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:49:30.0448 0x452c RemoteRegistry - ok
18:49:30.0463 0x452c [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
18:49:30.0495 0x452c RetailDemo - ok
18:49:30.0510 0x452c [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy C:\WINDOWS\System32\drivers\rhproxy.sys
18:49:30.0526 0x452c rhproxy - ok
18:49:30.0526 0x452c [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc C:\WINDOWS\System32\RMapi.dll
18:49:30.0557 0x452c RmSvc - ok
18:49:30.0557 0x452c [ 3CD63AE6A9A1DE4CD5831AE15221C861, CB8B5FDA48D9D4E5A9F26F67859105E2769AF82B2CA1B0B35D9BFBA611445CC0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
18:49:30.0573 0x452c RpcEptMapper - ok
18:49:30.0573 0x452c [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator C:\WINDOWS\system32\locator.exe
18:49:30.0588 0x452c RpcLocator - ok
18:49:30.0620 0x452c [ 8CE6D7338F84B228450C8240BB77DB16, 3580ACCD3D1D31E2BA90A1A0FE7CE1FFBD12CF00931098664AAD2EA42F075FEF ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:49:30.0666 0x452c RpcSs - ok
18:49:30.0666 0x452c [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
18:49:30.0682 0x452c rspndr - ok
18:49:30.0698 0x452c [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168 C:\WINDOWS\System32\drivers\Rt630x64.sys
18:49:30.0729 0x452c RTL8168 - ok
18:49:30.0729 0x452c [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
18:49:30.0745 0x452c s3cap - ok
18:49:30.0745 0x452c [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] SamSs C:\WINDOWS\system32\lsass.exe
18:49:30.0760 0x452c SamSs - ok
18:49:30.0760 0x452c [ 04C51BBD8C9F54E5F2C5D831B03B11E3, 15AD9F224CBBCAFB117574F03C6F1C02639928A95BC4533453EBAFB20F7AE671 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
18:49:30.0776 0x452c sbp2port - ok
18:49:30.0776 0x452c [ D48F36EA4B4E8237B24E33B18D76EB2A, 128E754F15FDB00D218FB23431BF0FBDC65D64EEF294D72535B0C07EB5472136 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
18:49:30.0807 0x452c SCardSvr - ok
18:49:30.0807 0x452c [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
18:49:30.0838 0x452c ScDeviceEnum - ok
18:49:30.0838 0x452c [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:49:30.0854 0x452c scfilter - ok
18:49:30.0870 0x452c [ 9D13410D7B4D76AA2EA73EC8CA0E0190, 7C46D202683F34F1C07D9D297E9A239376800DC8C84FE1585FE7FC723B6EBBA0 ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:49:30.0916 0x452c Schedule - ok
18:49:30.0916 0x452c [ 6538E939E55B589AA4F5BC22D35A6B36, 262BB2C6499B1B033E07CD0B8CB9C41122EE9DE52B34F664999B667E1C7CDB0D ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
18:49:30.0932 0x452c scmbus - ok
18:49:30.0948 0x452c [ 620E4F2FDD04FFB70702676423F1C2AC, 25A19FFA966605C229F5BFBCBBBEE36695FC673C7814CF13E79EE4A9B3D8CBE2 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
18:49:30.0963 0x452c SCPolicySvc - ok
18:49:30.0979 0x452c [ 495273177E87B0C34D7E431E9254FA23, 61116DA77622F5A0E931F5033C1B870A22AD3438C056FD1F320F857908E4124B ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
18:49:30.0995 0x452c sdbus - ok
18:49:30.0995 0x452c [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
18:49:31.0010 0x452c SDFRd - ok
18:49:31.0010 0x452c [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
18:49:31.0026 0x452c SDRSVC - ok
18:49:31.0041 0x452c [ F80D6C03FEA2F7DEE14023B7229DA8C2, B62AFCFCDE9C1BA0A5D80BAAC3D3D95546DB2E532C04C765FF85B27D1CBD5B8D ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
18:49:31.0057 0x452c sdstor - ok
18:49:31.0057 0x452c [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon C:\WINDOWS\system32\seclogon.dll
18:49:31.0073 0x452c seclogon - ok
18:49:31.0088 0x452c [ 1E8CC4964FEECEE44D720A5130075F79, 75656541633FE90045183C68F4A81F1AA305E4A03CFBF7C50F226F18000924D5 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
18:49:31.0120 0x452c SecurityHealthService - ok
18:49:31.0135 0x452c [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
18:49:31.0182 0x452c SEMgrSvc - ok
18:49:31.0182 0x452c [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS C:\WINDOWS\System32\sens.dll
18:49:31.0213 0x452c SENS - ok
18:49:31.0229 0x452c [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
18:49:31.0276 0x452c SensorDataService - ok
18:49:31.0292 0x452c [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService C:\WINDOWS\system32\SensorService.dll
18:49:31.0323 0x452c SensorService - ok
18:49:31.0338 0x452c [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
18:49:31.0354 0x452c SensrSvc - ok
18:49:31.0354 0x452c [ C5CF2941AA9E417B3A224601255C002E, 31E2988E13D9BB3630980E8B71AE5FB244EFB15970623C1FE76B7ACA25A4A2F2 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
18:49:31.0370 0x452c SerCx - ok
18:49:31.0370 0x452c [ B9C113BD9FCA4F3E23F03708A7DA07CC, 0A070BDDA956B1869D58A173B56ABA011E1F7A3C5D258343D0AEDC1EC87F4B53 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
18:49:31.0385 0x452c SerCx2 - ok
18:49:31.0401 0x452c [ 1845736FA47A1DFBBB642FE21095B4E0, 057E8750E8695F6B72A33BBF1C5CFCCD6BFC992E6B99A487A07F5A4921004791 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
18:49:31.0401 0x452c Serenum - ok
18:49:31.0417 0x452c [ F1BABF50469041797ED9928C31318832, 1A8C75F4696D4D2AA47EA33BC96069A394466953EBC3CFB2B3D6B961B8B5875A ] Serial C:\WINDOWS\System32\drivers\serial.sys
18:49:31.0432 0x452c Serial - ok
18:49:31.0432 0x452c [ 340116988930B07629A2D0C2B380A365, EBAAC3DF2E8DABFB477340E79FC8E3A8B74340C389D73E51D64A97A332664113 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
18:49:31.0448 0x452c sermouse - ok
18:49:31.0463 0x452c [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
18:49:31.0495 0x452c SessionEnv - ok
18:49:31.0495 0x452c [ 77FF0A5BA023D8E8C82EACCD54EA5C78, A4A88A550419C347E369DDD29D4EB5C1BC4D980FBA9C655DF787A166FCA2497D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
18:49:31.0510 0x452c sfloppy - ok
18:49:31.0510 0x452c [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent C:\WINDOWS\system32\drivers\SgrmAgent.sys
18:49:31.0526 0x452c SgrmAgent - ok
18:49:31.0526 0x452c [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker C:\WINDOWS\system32\SgrmBroker.exe
18:49:31.0542 0x452c SgrmBroker - ok
18:49:31.0557 0x452c [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:49:31.0588 0x452c SharedAccess - ok
18:49:31.0604 0x452c [ 0BE15FDA358837ABD88DC72AA75C75CD, 3990FA051E7C280B446C8A749FCEE04E384230CC5E286B4E7080B1737E5730DD ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
18:49:31.0635 0x452c SharedRealitySvc - ok
18:49:31.0651 0x452c [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:49:31.0682 0x452c ShellHWDetection - ok
18:49:31.0698 0x452c [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
18:49:31.0713 0x452c shpamsvc - ok
18:49:31.0713 0x452c [ 1443CF919C2A3207CE7724E0A31686A2, 3F0ECC565F67638A57A23BF69C399AD638DA9F81F1660CF3E027DC057E990EA4 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:49:31.0729 0x452c SiSRaid2 - ok
18:49:31.0729 0x452c [ C0B1EAD6CC127CAE4E84EBF54105B3B8, 86F5C937D9DC61F262FF00B45249162F4087B6A1CA0FC24EF7950E4E77FEF26B ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
18:49:31.0745 0x452c SiSRaid4 - ok
18:49:31.0760 0x452c [ B7C6144293CFAD2DEDCD022C44735DC2, 75F26A8F43EED45764D50B2CCE44C453BFBBD0FA56B6AF1F2B4B8B3665C3961E ] smphost C:\WINDOWS\System32\smphost.dll
18:49:31.0776 0x452c smphost - ok
18:49:31.0776 0x452c [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
18:49:31.0807 0x452c SmsRouter - ok
18:49:31.0823 0x452c [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
18:49:31.0838 0x452c SNMPTRAP - ok
18:49:31.0854 0x452c [ 3F11BAB1C9963BFD648A80C0BE71AAAC, C39CA1CE9C16C119C7C8AC677E1608B013146039FBC9E34F88406444B7C2B5BE ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
18:49:31.0870 0x452c spaceport - ok
18:49:31.0885 0x452c [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
18:49:31.0885 0x452c SpatialGraphFilter - ok
18:49:31.0901 0x452c [ D05EB2BB52EC6B665D1631EC33241B80, 29598FC180020515254A9FAE7BE8077549C656EDB425059691007EEC0F9346F9 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
18:49:31.0917 0x452c SpbCx - ok
18:49:31.0932 0x452c [ 14C99B814E284592548C4D63AE5BE954, B47FEAAAC512D07F1F9489FC1F51F0D3965F762AA02662E24F7272A208D96E6F ] spectrum C:\WINDOWS\system32\spectrum.exe
18:49:31.0963 0x452c spectrum - ok
18:49:31.0979 0x452c [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler C:\WINDOWS\System32\spoolsv.exe
18:49:32.0026 0x452c Spooler - ok
18:49:32.0088 0x452c [ FEEC8055C5986182C717DD888000AEF6, E09B7B1DE43A226842A4B8C591D712E51585BC7E8A39CFB8852CBF16D234C3A6 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
18:49:32.0182 0x452c sppsvc - ok
18:49:32.0213 0x452c [ 3EB4023AC700182D84CB6761D3727394, 6993C127F4AD8B899E6A285EDB849807F522D9B0A0018E5436114F527EC8B1F1 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
18:49:32.0245 0x452c srv2 - ok
18:49:32.0245 0x452c [ 63ADE24D0B3F655ED3F5B6E7F09B2312, 2387FB2FAB3F8A15CBDC069AC140F01B9012B5EF8A0E7434B78571B24F4ADB1E ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:49:32.0276 0x452c srvnet - ok
18:49:32.0276 0x452c [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:49:32.0307 0x452c SSDPSRV - ok
18:49:32.0307 0x452c [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
18:49:32.0339 0x452c ssh-agent - ok
18:49:32.0354 0x452c [ C7DF51E24DD853E7E2D3C0BCDCE57D6C, D1BFDC89F00C5B8388EB233290B6D540C246D0267B1C192C51645004A8CD8C62 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
18:49:32.0370 0x452c SstpSvc - ok
18:49:32.0370 0x452c [ F0B59ADCD06BCEB9D47311B7041CA2C9, 6299AB514CBE153C875F083ED789F6205C1781C0178759521F5A6D8007F5257C ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
18:49:32.0385 0x452c ssudmdm - ok
18:49:32.0401 0x452c [ 46826B02C346D48A62FF11882AF662BB, DE8FAD3E99D0E90CE8ABA15D604CF1E80F16C9E4B92F1A41A63D56CF7D96A414 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
18:49:32.0432 0x452c ss_conn_service - ok
18:49:32.0510 0x452c [ BDFDF0A5B3622E4320C72D5B9619C9B2, EC0B8A80302B118D6148B9B4488D3E0D220B23FFC9F28F9956F3D46265CBEF14 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
18:49:32.0604 0x452c StateRepository - ok
18:49:32.0620 0x452c [ DA82903F26AE12034CC5229F61098948, E7B5CA27C864BE95EC109D0692F44BE9F5F56AB6173AB1811F4E83A3EB5F26CA ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
18:49:32.0635 0x452c stexstor - ok
18:49:32.0651 0x452c [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc C:\WINDOWS\System32\wiaservc.dll
18:49:32.0682 0x452c stisvc - ok
18:49:32.0682 0x452c [ F2D1983C7BEF5E3AB8978A7796C59A75, 39B2005F7CCEC95D2F67AE5F69C3768FEFA04AABC0723BAD8A986A036AF0629B ] storahci C:\WINDOWS\system32\drivers\storahci.sys
18:49:32.0698 0x452c storahci - ok
18:49:32.0698 0x452c [ 76C9E2AA3400C22FC7091AD2F2999F95, 0015CF42CBA603448DFD85909D5047D5F9BE9153972C3832B1CF4B92A6BF0D01 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
18:49:32.0713 0x452c storflt - ok
18:49:32.0713 0x452c [ FF70FB4B82C27B87CBDE2B7F8F1BB96F, B7985CD42962943D09E7B692421D162F0F0FC1C3A7ED0C78FB10652E62591645 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
18:49:32.0729 0x452c stornvme - ok
18:49:32.0745 0x452c [ 47CE4211A40C2C023A8138E18757F3D2, D684D2A7DECC23418A685358EA9B4F6EB3A68C690D5ED8E82F4B4639DF022775 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
18:49:32.0760 0x452c storqosflt - ok
18:49:32.0776 0x452c [ 3B4F0D616CC972A286003134809D26F5, 5711025BD7D1EEBB6A9A35E47DF297522BD082EA9C34E09F055A183E00453DF4 ] StorSvc C:\WINDOWS\system32\storsvc.dll
18:49:32.0807 0x452c StorSvc - ok
18:49:32.0823 0x452c [ 99DE14B208B6F3EE07E8B7FB16940D50, 313B8BDBB050D4A2E4B901FA0F84D4E4D8BADC161762D559D6A7F85CC096B3E0 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
18:49:32.0823 0x452c storufs - ok
18:49:32.0838 0x452c [ 1FC7B7BE58A29DF27F5E6F6C2F061FA3, D8CD6D1BD0ACA4B851DBC85F898CB5DA8715C5AB3D62D7B0D6BBFEADC0382A8E ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
18:49:32.0838 0x452c storvsc - ok
18:49:32.0854 0x452c [ 0B154B033AD7F9215DED11E0CFC80A25, 383D7BF361D75A3B78E4C8E3F616E487FA6172F860AE364B1AC73F75BE38944F ] svsvc C:\WINDOWS\system32\svsvc.dll
18:49:32.0870 0x452c svsvc - ok
18:49:32.0870 0x452c [ 54255DF324C621A97220EBFA832237D2, 27BAB2018BE66C67D6C2BBAA8E849E89B4150B8C81E7350DB0A1D14BEEB965D9 ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
18:49:32.0885 0x452c swenum - ok
18:49:32.0901 0x452c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:49:32.0932 0x452c SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
18:49:32.0932 0x452c Detect skipped due to KSN trusted
18:49:32.0932 0x452c SwitchBoard - ok
18:49:32.0932 0x452c [ B3C113C9B784A4D296C7A7BA515F74BF, 0D20281B8AA9ED6C89E10122F3A153C2E21464686E5A3D2F907224584E6B5BCF ] swprv C:\WINDOWS\System32\swprv.dll
18:49:32.0963 0x452c swprv - ok
18:49:32.0979 0x452c [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
18:49:32.0995 0x452c Synth3dVsc - ok
18:49:33.0010 0x452c [ 62492FAAC26223E8A21E79A2331A3F10, 164C2650EAD344B6DFF95B8275436231E7994B7F06ACB3DA19054849BED61FD2 ] SysMain C:\WINDOWS\system32\sysmain.dll
18:49:33.0042 0x452c SysMain - ok
18:49:33.0057 0x452c [ 607143646829B70F7C60F4CF499AD41D, 00746AA3D0ECE27BC04FCAB4955A199C5E040F850D0129865EC8F03DD202EF7A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:49:33.0073 0x452c SystemEventsBroker - ok
18:49:33.0088 0x452c [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:49:33.0104 0x452c TabletInputService - ok
18:49:33.0120 0x452c [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:49:33.0151 0x452c TapiSrv - ok
18:49:33.0182 0x452c [ BFCBA5F57D278720718B8CB39C50A8EC, CC09339FC116299D14C66EB83D4A78108A411ED42376AC8112A9AD0FB2513D0A ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
18:49:33.0245 0x452c Tcpip - ok
18:49:33.0292 0x452c [ BFCBA5F57D278720718B8CB39C50A8EC, CC09339FC116299D14C66EB83D4A78108A411ED42376AC8112A9AD0FB2513D0A ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
18:49:33.0354 0x452c Tcpip6 - ok
18:49:33.0370 0x452c [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
18:49:33.0385 0x452c tcpipreg - ok
18:49:33.0385 0x452c [ 16071C42E21CE3378FA449322FB9AB1D, 44CA7FD91275546492EEF0A59261E2B1C924613515D45EFD2EF0442023B2CBE5 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
18:49:33.0401 0x452c tdx - ok
18:49:33.0417 0x452c [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
18:49:33.0417 0x452c terminpt - ok
18:49:33.0448 0x452c [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService C:\WINDOWS\System32\termsrv.dll
18:49:33.0479 0x452c TermService - ok
18:49:33.0495 0x452c [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes C:\WINDOWS\system32\themeservice.dll
18:49:33.0510 0x452c Themes - ok
18:49:33.0510 0x452c [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
18:49:33.0542 0x452c TieringEngineService - ok
18:49:33.0542 0x452c [ 8BF5E2FD72E939CF68D617E273034793, EE27D070E1C4EFE902BE173C5561F5601499F835762278CC1E5987886BD8A4D1 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
18:49:33.0573 0x452c TimeBrokerSvc - ok
18:49:33.0589 0x452c [ 673FB0E68AADCCF840AC7A56A9B38150, A9A1CF08D544A488ECABBFBD994C3A8CEB8CFE86A098DAB8533430BABDEA27EB ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
18:49:33.0651 0x452c TokenBroker - ok
18:49:33.0651 0x452c [ BF705C64C1522646BF00E72393DC5D6F, 9D60CB5DFBD400C59C33C5221040FBBFE1A18870E75E176A6BC7D352783B56A7 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
18:49:33.0667 0x452c TPM - ok
18:49:33.0682 0x452c [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks C:\WINDOWS\System32\trkwks.dll
18:49:33.0698 0x452c TrkWks - ok
18:49:33.0698 0x452c [ 4578046C54A954C917BB393B70BA0AEB, 2DFE9DE656B415CF7D81F583F33A20A74CD54C07DB8C3196AA2102431F42F74F ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:49:33.0714 0x452c TrustedInstaller - ok
18:49:33.0729 0x452c [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
18:49:33.0745 0x452c TsUsbFlt - ok
18:49:33.0745 0x452c [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:49:33.0760 0x452c TsUsbGD - ok
18:49:33.0760 0x452c [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel C:\WINDOWS\system32\drivers\tunnel.sys
18:49:33.0776 0x452c tunnel - ok
18:49:33.0792 0x452c [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
18:49:33.0807 0x452c tzautoupdate - ok
18:49:33.0807 0x452c [ BDFACE024EFF2398214797143AD76C87, EF9B6CB1F6EAE4786BBDE1E0946BECC5BD2AA493FC32A8F779A757BA57238EC9 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
18:49:33.0823 0x452c UASPStor - ok
18:49:33.0823 0x452c [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
18:49:33.0854 0x452c UcmCx0101 - ok
18:49:33.0854 0x452c [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
18:49:33.0870 0x452c UcmTcpciCx0101 - ok
18:49:33.0885 0x452c [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
18:49:33.0901 0x452c UcmUcsi - ok
18:49:33.0901 0x452c [ 7CC95F6BDEEEC52D53ADC86E5110EDF6, 9A666D7FDA4BC7246027F4171559BABFD537E1422BC6E57454A40B8FA4C696E2 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
18:49:33.0917 0x452c Ucx01000 - ok
18:49:33.0917 0x452c [ 12E2B6B642360E66396502B62B048694, C9AC86BF767ED4ACE0F58BA3720369A2758BA154AFFE10CAAD5A2C4C259BA50A ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
18:49:33.0932 0x452c UdeCx - ok
18:49:33.0948 0x452c [ 6A442723D4D05D9F15D24C9942CDA00D, 4A60D6CF7214A3891877AC6E5A49AE49D056567162D6355C0D893510F0241DA7 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
18:49:33.0964 0x452c udfs - ok
18:49:33.0979 0x452c [ 93F73F95EC7218971928B25F9728C5B4, 1EE71BB16009B57B192148FF5D8BB51191097686518C0179B7019099D6A01888 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
18:49:33.0979 0x452c UEFI - ok
18:49:33.0995 0x452c [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
18:49:34.0010 0x452c Ufx01000 - ok
18:49:34.0010 0x452c [ 78B5C069C9AA1463ACC833FD7E2A3BD5, A44BAB6AB5E071537BD37A26DAF6D0D69BBFFFF686C183BFAAB04286DD3B81BB ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
18:49:34.0026 0x452c UfxChipidea - ok
18:49:34.0042 0x452c [ 533BF4F456A1C6E7581E8C0A4EC59300, E5AE7EB4A8E6CE410F465C48F102797806172B5881C2CF570A9851CCDFE656FD ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
18:49:34.0042 0x452c ufxsynopsys - ok
18:49:34.0057 0x452c [ 360FEE6F687D98EFFE46A5433FE6182E, 1A35569DC29F45F78D705BCEDE850CAF86FD27D6253977497EB3B000CAAE0B27 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
18:49:34.0073 0x452c umbus - ok
18:49:34.0073 0x452c [ F6F1A9D91F684AA02951B96EE8127DAE, 351139331041BC123C9FEE3A5CE4965AFC4CDCA488080338D98C5EB85D5843D4 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
18:49:34.0089 0x452c UmPass - ok
18:49:34.0104 0x452c [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
18:49:34.0120 0x452c UmRdpService - ok
18:49:34.0151 0x452c [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
18:49:34.0198 0x452c UnistoreSvc - ok
18:49:34.0214 0x452c [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:49:34.0245 0x452c upnphost - ok
18:49:34.0245 0x452c [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
18:49:34.0260 0x452c UrsChipidea - ok
18:49:34.0260 0x452c [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
18:49:34.0276 0x452c UrsCx01000 - ok
18:49:34.0276 0x452c [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
18:49:34.0292 0x452c UrsSynopsys - ok
18:49:34.0292 0x452c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
18:49:34.0307 0x452c USBAAPL64 - ok
18:49:34.0323 0x452c [ B7211393225AB05324C52BA47B31FEB4, 3FFB7F1C1CA5001B95026D30ECD1991747DDAFFBE3B4929CAEDFA90E169A28AE ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
18:49:34.0339 0x452c usbccgp - ok
18:49:34.0339 0x452c [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
18:49:34.0354 0x452c usbcir - ok
18:49:34.0354 0x452c [ 4269DE1EB8029D55B3BB3A8A330FCF90, 5D9081A07F91AF704D27EEE60516D6E1E0A106D1656CEF0C5C50E51C23E17F61 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
18:49:34.0370 0x452c usbehci - ok
18:49:34.0386 0x452c [ D67AABAE0C9EBAC9BBA2E20E0AF52EF1, FE51895BB81E5320F66C433378469092D39F325D310543AFE28A5603FA9B4F08 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
18:49:34.0401 0x452c usbhub - ok
18:49:34.0417 0x452c [ C662CE4F762275109B70B7376067C142, 74A31FF4A84D040523A44D2CAB14BBC13DC09D6902C42200EE7261783C953432 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
18:49:34.0448 0x452c USBHUB3 - ok
18:49:34.0448 0x452c [ A547E7B1B3FB2228259AA85AC7E82698, AB18BBE30A2D149A0E10621DC8497A72DFB841B09F4E4B47FED21843C0F88D92 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
18:49:34.0464 0x452c usbohci - ok
18:49:34.0479 0x452c [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
18:49:34.0495 0x452c usbprint - ok
18:49:34.0511 0x452c [ 555DE99E30E6A6EF37137F8325B30068, B78B44883A3E524DFEC13B72AFFDF06FD446EFB12061593D8247C0B92D558B8A ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:49:34.0526 0x452c usbscan - ok
18:49:34.0526 0x452c [ 45A9E57185B79420EFEA5A4AED655809, 91D4BDBBAF1D06C404AC926357C3F20D780CF5C858B223930D69CFB17D81F3D3 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
18:49:34.0542 0x452c usbser - ok
18:49:34.0557 0x452c [ CEF7527514EC49EBE0C760D784643EF0, 2A4E49C5C906339C31F0A646E53773297F4B4CEAFD94CE653C37556AE243E104 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:49:34.0573 0x452c USBSTOR - ok
18:49:34.0573 0x452c [ A4124036C4FD2B94C6157C4588EEB4E3, 595C8BFB5E63AEA2F7DF2745F7C7CE45938B091470C921E3064E766A0E12851F ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
18:49:34.0589 0x452c usbuhci - ok
18:49:34.0604 0x452c [ 9F4CCFCD4B4C6008C940510E43D54AEC, CD6082E95EBA618490A2A97E258875440B3440E721B21E81608804B90DEF0D20 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:49:34.0620 0x452c USBXHCI - ok
18:49:34.0651 0x452c [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
18:49:34.0698 0x452c UserDataSvc - ok
18:49:34.0729 0x452c [ B8D1D74FEF1F190BA4DA7E7A72D5D9CE, F467F39EE09DDC7750BF42C3FF317E0DC324897589268B4C7B63F8E176445820 ] UserManager C:\WINDOWS\System32\usermgr.dll
18:49:34.0760 0x452c UserManager - ok
18:49:34.0792 0x452c [ 6103984EBC387D6D27BA003EED63217D, 7F9BD12F75F98E593C753A3397EE8F9E59D944BC4EFBC52279A14BA93A7FA9AE ] UsoSvc C:\WINDOWS\system32\usocore.dll
18:49:34.0839 0x452c UsoSvc - ok
18:49:34.0854 0x452c [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc C:\WINDOWS\System32\vac.dll
18:49:34.0870 0x452c VacSvc - ok
18:49:34.0885 0x452c [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] VaultSvc C:\WINDOWS\system32\lsass.exe
18:49:34.0885 0x452c VaultSvc - ok
18:49:34.0901 0x452c [ 8B61E7B09D27EAAE8BD227A04841BB8B, 225BF9B03E90ED7C4BA92F3E774F46F6CB90D721755930ABABEA255B07C0DD5D ] VBoxNetAdp C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys
18:49:34.0901 0x452c VBoxNetAdp - ok
18:49:34.0917 0x452c [ 8DCB7E5A9497C030484E5AD9E541B85C, 1170E5C190E2B6F2966076EFF11B8476CC03D924F43144C2936E11314A89ACA6 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
18:49:34.0932 0x452c vdrvroot - ok
18:49:34.0932 0x452c [ 4940B49502323905B66039D0D1AB4613, 963BFD563B5A79F0AE81EB9708E85901A545545D4F25FCF37A17295EE9EDA514 ] vds C:\WINDOWS\System32\vds.exe
18:49:34.0979 0x452c vds - ok
18:49:34.0979 0x452c [ 5C25C1A89650C95D15F7988D71487B08, EC42E586309B46CF51EC5DC00362ABA82A503545292CACE7B3D23BB0F5E687B9 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
18:49:34.0995 0x452c VerifierExt - ok
18:49:35.0010 0x452c [ C1050DFCEFB6C76D554B45CF4CF51372, 52EDEFB26359A6C610F9DB02B7D3CFEFCAB72B62AB3A6B4BD26374E9A645E9BE ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
18:49:35.0042 0x452c vhdmp - ok
18:49:35.0042 0x452c [ 209A34F4BE17B0A56328C86F8CCC5577, 58F8A57233FC7DD220A6EF64FD48C2A5756B21AB30644FF6919847D13FF44F16 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
18:49:35.0057 0x452c vhf - ok
18:49:35.0057 0x452c [ 44F4ED5D8FC0CFA7C3755D44C575D994, CB52418888916D185C74992BDD7A26E13A1C60F83E5FF664A3DE00424C1C4BC6 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
18:49:35.0073 0x452c vmbus - ok
18:49:35.0073 0x452c [ E2D57FB1A62F0BB7F70570806A09CE2B, DCF1699488D913C9E94E2C74CD8606BDAFF69B995B2E3B7DE7F2E9C4D2E6ECF2 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
18:49:35.0089 0x452c VMBusHID - ok
18:49:35.0089 0x452c [ C9F69EBA06A703CE726CC6FC0AEFB5E9, 53E441D9D6017CC4BB75F41C6CB9DA79DE500CACBDDE58104D1857A2B749C373 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
18:49:35.0104 0x452c vmgid - ok
18:49:35.0120 0x452c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
18:49:35.0135 0x452c vmicguestinterface - ok
18:49:35.0151 0x452c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
18:49:35.0167 0x452c vmicheartbeat - ok
18:49:35.0182 0x452c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
18:49:35.0198 0x452c vmickvpexchange - ok
18:49:35.0198 0x452c [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
18:49:35.0229 0x452c vmicrdv - ok
18:49:35.0229 0x452c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
18:49:35.0260 0x452c vmicshutdown - ok
18:49:35.0260 0x452c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
18:49:35.0292 0x452c vmictimesync - ok
18:49:35.0292 0x452c [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
18:49:35.0308 0x452c vmicvmsession - ok
18:49:35.0323 0x452c [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
18:49:35.0339 0x452c vmicvss - ok
18:49:35.0354 0x452c [ 229CD4485458C9D11E35E1F00F21857D, C939BD79471A1D6EC617BAD840ED678D1EE508AFC19187BC7CD0FB4223EF7A91 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
18:49:35.0370 0x452c volmgr - ok
18:49:35.0370 0x452c [ 1514506CA7462A64DC38C48108DDBB45, DEE5D7B79962D9EB6D92FCF870CA1B06FE68CE6AE25F82A5B449445C99E76D2A ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
18:49:35.0386 0x452c volmgrx - ok
18:49:35.0401 0x452c [ F0EE4E6028CCA58BEA9A04E7BEAB7DB4, 628D0E3D60256B914E46C26BCE8F512DFE0409C34EA603EB0A20C80EB469A4D2 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
18:49:35.0417 0x452c volsnap - ok
18:49:35.0433 0x452c [ 77FD1607F2C371ABD241EC7699C58884, A6FE00D76C615DC641A667EB9B6824C992ED752A31A89AE3FE43BAE5462F3EB7 ] volume C:\WINDOWS\system32\drivers\volume.sys
18:49:35.0433 0x452c volume - ok
18:49:35.0448 0x452c [ CB90DACF9194DD9D60A2C1DBFBC1E0D1, BE454495C79857FD8DF4ABAF5BDB7D076467BBC27B31E87FA9D920F2001B670D ] vpci C:\WINDOWS\System32\drivers\vpci.sys
18:49:35.0448 0x452c vpci - ok
18:49:35.0464 0x452c [ ED0B3436E1DE601C6C8EB86789AC8BAB, 0CD186B09903A1D3748A3258D8B84557F3674DA04FEB8EFA24AE81FFE376265C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
18:49:35.0479 0x452c vsmraid - ok
18:49:35.0495 0x452c [ C7053D974A35EAB81F153FF33C883613, 9D89DC644971F93931D0E59D42ADE0A4AB49A5490709B46FCBBC309041C5432D ] VSS C:\WINDOWS\system32\vssvc.exe
18:49:35.0557 0x452c VSS - ok
18:49:35.0573 0x452c [ 3D706FBED35DF3B17809C6714F31F9B0, BBC337479DEB628721E651FC165EA01D986E31950189F1A81534922667101487 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
18:49:35.0589 0x452c VSTXRAID - ok
18:49:35.0589 0x452c [ 0B11DBB8173AD374D67893D54EBEE9F3, AB8B6FC81244729157E59D062FCC234FD7E818804D94AA6B7BF81E01B7922395 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
18:49:35.0604 0x452c vwifibus - ok
18:49:35.0604 0x452c [ 95540F74893235C189409C98643D7A77, 4F041301C95F55C8448C3CC5825ED9E631E770BA35BEC8498A0ABB3563584AAE ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
18:49:35.0620 0x452c vwififlt - ok
18:49:35.0636 0x452c [ 4F904ADE8BECDFB48CBA3F44FC0676A1, 2C3D619E9AD0D0DAEC0D170795FD6E5B7FE3FC667C947660320A9BC671B55736 ] W32Time C:\WINDOWS\system32\w32time.dll
18:49:35.0667 0x452c W32Time - ok
18:49:35.0682 0x452c [ 1C8447EFBC2B36B1CFE889E519F46A6E, 2601185B01909682FB921400C26BE6391AC93F72E84E70E2F49B4059987E191E ] WaaSMedicSvc C:\WINDOWS\System32\WaaSMedicSvc.dll
18:49:35.0714 0x452c WaaSMedicSvc - ok
18:49:35.0714 0x452c [ 87A01F65BD16C9FCCDD1B65F56CB93B0, E84B46DB67F2FCB22DB7130570FE7211FC96A806AC9D1D69D187899C93785CB2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
18:49:35.0729 0x452c WacomPen - ok
18:49:35.0729 0x452c [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService C:\WINDOWS\system32\WalletService.dll
18:49:35.0761 0x452c WalletService - ok
18:49:35.0776 0x452c [ 85E187443F68F285DB78BD2279AE3701, FAC03A162CF07FCC6BDB4E45F5EDF16D48BE10D95F73A74E9BADA62EC7F24B53 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:49:35.0792 0x452c wanarp - ok
18:49:35.0792 0x452c [ 85E187443F68F285DB78BD2279AE3701, FAC03A162CF07FCC6BDB4E45F5EDF16D48BE10D95F73A74E9BADA62EC7F24B53 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:49:35.0807 0x452c wanarpv6 - ok
18:49:35.0807 0x452c [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc C:\WINDOWS\System32\Windows.WARP.JITService.dll
18:49:35.0839 0x452c WarpJITSvc - ok
18:49:35.0854 0x452c [ 6E235F75DF84C387388D23D697D6540B, 7113DD02243E9368EF3265CF5A7F991F9B4D69CAB70B1A446062F8DD714AFC8E ] wbengine C:\WINDOWS\system32\wbengine.exe
18:49:35.0917 0x452c wbengine - ok
18:49:35.0932 0x452c [ A7C39DF528040967C2C281AB5A9DB5D0, B300F663DD45393BB86A1BFBE2EF47CD2315552B2410E3AE3F60E8294DC3E4A9 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
18:49:35.0979 0x452c WbioSrvc - ok
18:49:35.0979 0x452c [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
18:49:35.0995 0x452c wcifs - ok
18:49:36.0011 0x452c [ 2BCA9BABB5CEC329E604AE9C1DBA9D5B, 315C72B80A5E6278A725E7BD2DE0C8A2751C2A3F9B4D82F7A034B1ADDE687507 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
18:49:36.0057 0x452c Wcmsvc - ok
18:49:36.0057 0x452c [ B797B163EDCA46B5244F4E083BE7A7E7, 18D977A8015380A87EC9962273B90806145186A69F3455B3445A0FE1FE431219 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
18:49:36.0089 0x452c wcncsvc - ok
18:49:36.0089 0x452c [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
18:49:36.0104 0x452c wcnfs - ok
18:49:36.0120 0x452c [ 042ABE47A7BA6722AA5B61E267B28DFC, 07CE195F12B5234F4FA10A08E18CB51CDAF179CC1C32581872C28F57835CE1BE ] WdBoot C:\WINDOWS\system32\drivers\wd\WdBoot.sys
18:49:36.0136 0x452c WdBoot - ok
18:49:36.0151 0x452c [ 152926023B401D1F5F8852929572F5C3, 61D0FDB0E3A4D16FFA6852174B3824F6294502E331BB0831BCF99F049B09C328 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
18:49:36.0167 0x452c Wdf01000 - ok
18:49:36.0182 0x452c [ C8C75E56CDDBCDF597055343B641C910, A26556923165B84DC481B9924FF6AE57C7022E07AF1FC2E1FC1B14F12EF85CCF ] WdFilter C:\WINDOWS\system32\drivers\wd\WdFilter.sys
18:49:36.0198 0x452c WdFilter - ok
18:49:36.0198 0x452c [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
18:49:36.0229 0x452c WdiServiceHost - ok
18:49:36.0229 0x452c [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
18:49:36.0245 0x452c WdiSystemHost - ok
18:49:36.0261 0x452c [ EC1414291F8488B983005AC4B9C112C9, 6FB9B33A520808AB53F2C15EFF3ED48EFAF24A7E8F9F38C4AD48A98E24B83654 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
18:49:36.0292 0x452c wdiwifi - ok
18:49:36.0308 0x452c [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
18:49:36.0323 0x452c WdmCompanionFilter - ok
18:49:36.0323 0x452c [ 318AE771614EE4919ED68830C13EA2AE, BFC40724B94623348EFF185BD415893E7F521F58D8F5139913D469D66D9C6CF3 ] WdNisDrv C:\WINDOWS\system32\drivers\wd\WdNisDrv.sys
18:49:36.0339 0x452c WdNisDrv - ok
18:49:36.0401 0x452c [ F41413EEE16B618FB03EAB487A7DC0B7, E59FFC2EE80DB61564EAE0B35759BF6E750FD909104C12DD085112A7A5853319 ] WdNisSvc C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe
18:49:36.0495 0x452c WdNisSvc - ok
18:49:36.0511 0x452c [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:49:36.0526 0x452c WebClient - ok
18:49:36.0542 0x452c [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
18:49:36.0558 0x452c Wecsvc - ok
18:49:36.0573 0x452c [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
18:49:36.0589 0x452c WEPHOSTSVC - ok
18:49:36.0589 0x452c [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
18:49:36.0604 0x452c wercplsupport - ok
18:49:36.0620 0x452c [ 5DDB06B07A60E7AEA69837931373C159, 4E0A3260058B19F414B5053701C4723C27735818212AB3D297F896BF4C39E536 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
18:49:36.0636 0x452c WerSvc - ok
18:49:36.0651 0x452c [ 0427A785512BB39BEA530DC5367A9A03, 8ED29AE0FDB65D4E1D8CD3FA1783D74EF7B01AB30DD1090C917A74AC88FD4C3E ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
18:49:36.0683 0x452c WFDSConMgrSvc - ok
18:49:36.0698 0x452c [ C16F011763DF92A6B62705DE8FEAB5B9, EAB25EBC9910F5A6C9F082B11D68F9A616B7349590BDB8F1C1040802E4ADF97C ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
18:49:36.0714 0x452c WFPLWFS - ok
18:49:36.0714 0x452c [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
18:49:36.0729 0x452c WiaRpc - ok
18:49:36.0729 0x452c [ 3AE28A996C9EB8A6F2AC12BC55035126, E54227B97F42800D445241EA638EFE86A7FEC664E96A0FA38BC48DDF7DA182AD ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
18:49:36.0745 0x452c WIMMount - ok
18:49:36.0761 0x452c [ DD005C7745BE7F0CDB8B17E9CA1FB796, 29C429BC839CE6B88365DADEEC01B7F0629AFF4FE7E555C18692CCE5858D74D8 ] WinDefend C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe
18:49:36.0761 0x452c WinDefend - ok
18:49:36.0776 0x452c [ EC7C1A7397988EFAF37BF685CA25525D, 50DA7D63CDE618D6426649AED250CEBE229CBBAC718C4E3CD882D816839B4CE9 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
18:49:36.0792 0x452c WindowsTrustedRT - ok
18:49:36.0792 0x452c [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
18:49:36.0808 0x452c WindowsTrustedRTProxy - ok
18:49:36.0823 0x452c [ A35C57466BF5E869B5C04BEA55B966D4, 10A04A99106E3C3AB6193874A62D6D950693EBD190C344436D62703F7202DFE3 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:49:36.0854 0x452c WinHttpAutoProxySvc - ok
18:49:36.0854 0x452c [ 762D8D839C44C5A0BE0449AA84034522, E6602D0FDB501081DF165CE904DA0FEC75F3FE29C3B07B44DED6268612742F9C ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
18:49:36.0870 0x452c WinMad - ok
18:49:36.0886 0x452c [ 72D83880FEF0C788C5F305F330744208, 3126C2907170BBA47421D61CD6ED04DA3A3FCC66B4DBFCB4E3B56001B3BF6045 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:49:36.0901 0x452c Winmgmt - ok
18:49:36.0917 0x452c [ 48194110C410B335AC985D9194275A1C, 1CE64B9DD2DB4CCB3916AA4F4C5F8C71C647ABF7845D284019725761138B8A8B ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
18:49:36.0933 0x452c WinNat - ok
18:49:36.0964 0x452c [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
18:49:37.0058 0x452c WinRM - ok
18:49:37.0073 0x452c [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
18:49:37.0089 0x452c WINUSB - ok
18:49:37.0089 0x452c [ D2D6DB37E06608A5AF5B68D8E677B219, C7AAFEE7AAF76A4DCFF4FD2EE7232501832A57E3EE92CE20FA4A5D22F03FBE45 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
18:49:37.0104 0x452c WinVerbs - ok
18:49:37.0120 0x452c [ 99C6BC8CA38A4F3F59EE239850ED22E8, F4D50D4268CAFE75314010AE53313E3EA3CA064CB55E9515508D4144903F4B4E ] wisvc C:\WINDOWS\system32\flightsettings.dll
18:49:37.0151 0x452c wisvc - ok
18:49:37.0198 0x452c [ 4058FD1372AF428F4A0C6F9DA90375DB, 0D2F55E87EADE0E49EF5A1337147863707F57E2A7265780C9AE7F2DA82E38739 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
18:49:37.0276 0x452c WlanSvc - ok
18:49:37.0323 0x452c [ DB98D3F6AA7655AC8AE76745E553BD46, F5DA82BC6DFC3ADCAEB6634A976C15451382B5535F78EE267B5F8E37A9135FDC ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
18:49:37.0386 0x452c wlidsvc - ok
18:49:37.0417 0x452c [ 59F6A50CD336D0ADD22E3F1FC0D73957, A62469B30325965735FE76AE7D83E5D829AE09D7F0996CC0B42604E68426B088 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
18:49:37.0464 0x452c wlpasvc - ok
18:49:37.0464 0x452c [ EAEF2A087812BB7110C744446AB731D5, F5571D3C47564DFB6182DC43CC28124892323B60C3F389599DFEC94D227B4A86 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
18:49:37.0480 0x452c WmiAcpi - ok
18:49:37.0495 0x452c [ ABAC310F5E01CBA9B33AE694F99D0977, 700CDC85479CDBF765FB1A6A389DC991FC4D2A77851A81FF80BEED921250DBF6 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:49:37.0511 0x452c wmiApSrv - ok
18:49:37.0511 0x452c WMPNetworkSvc - ok
18:49:37.0526 0x452c [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
18:49:37.0542 0x452c Wof - ok
18:49:37.0573 0x452c [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
18:49:37.0636 0x452c workfolderssvc - ok
18:49:37.0667 0x452c [ 7328299647F28A62D39F9B546BD10C02, 0BD08E05D7FF1D4BF122FF4043B4AFC019183A22FF1E6F0C973DC87471D2EB7E ] WpcMonSvc C:\WINDOWS\System32\WpcDesktopMonSvc.dll
18:49:37.0714 0x452c WpcMonSvc - ok
18:49:37.0730 0x452c [ 25180559693250D7B7FF16A6BE7AC9BE, 1872BC298C3ED6A204B3BA2AB13D08EB9DAE5B30B7F83CA7A67BFDECA8D043AD ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
18:49:37.0745 0x452c WPDBusEnum - ok
18:49:37.0745 0x452c [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:49:37.0761 0x452c WpdUpFltr - ok
18:49:37.0761 0x452c [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService C:\WINDOWS\system32\WpnService.dll
18:49:37.0792 0x452c WpnService - ok
18:49:37.0792 0x452c [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
18:49:37.0808 0x452c WpnUserService - ok
18:49:37.0823 0x452c [ C1C2E769FCD3B00A59FF876FB2AD4336, B4D9065268A8B3C509E9160E6F30C20F80D14876C9F6C1057245F09CEB6B0F36 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:49:37.0839 0x452c ws2ifsl - ok
18:49:37.0855 0x452c [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc C:\WINDOWS\System32\wscsvc.dll
18:49:37.0870 0x452c wscsvc - ok
18:49:37.0870 0x452c WSearch - ok
18:49:37.0933 0x452c [ 89313A07E7FEC8E2E4352D2059939306, 68D95248CF460D673775C572BB0C929BE56A87CFCE2E4E672EA93D2A5E0A8DE1 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
18:49:38.0011 0x452c wuauserv - ok
18:49:38.0026 0x452c [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
18:49:38.0042 0x452c WudfPf - ok
18:49:38.0042 0x452c [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:49:38.0073 0x452c WUDFRd - ok
18:49:38.0073 0x452c [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:49:38.0105 0x452c WUDFWpdFs - ok
18:49:38.0105 0x452c [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:49:38.0120 0x452c WUDFWpdMtp - ok
18:49:38.0167 0x452c [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
18:49:38.0230 0x452c WwanSvc - ok
18:49:38.0230 0x452c [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm C:\WINDOWS\system32\xbgmsvc.exe
18:49:38.0245 0x452c xbgm - ok
18:49:38.0261 0x452c [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
18:49:38.0308 0x452c XblAuthManager - ok
18:49:38.0339 0x452c [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
18:49:38.0386 0x452c XblGameSave - ok
18:49:38.0401 0x452c [ 0AA38B54EB292CB3EB13FFF948473DBA, C5256ABC0A4A2117EC6F1C88B5BFDBECAE673AD47639A274BFFF92A46452E9B0 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
18:49:38.0417 0x452c xboxgip - ok
18:49:38.0417 0x452c [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
18:49:38.0448 0x452c XboxGipSvc - ok
18:49:38.0464 0x452c [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
18:49:38.0511 0x452c XboxNetApiSvc - ok
18:49:38.0511 0x452c [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
18:49:38.0526 0x452c xinputhid - ok
18:49:38.0526 0x452c ================ Scan global ===============================
18:49:38.0542 0x452c [ 44D259E3B8F950D123CBE21893CEF1AB, 94FEA350B54D1581FF07D078D25A27FE3C9F815E24D299A0504FB1153E68A903 ] C:\WINDOWS\system32\basesrv.dll
18:49:38.0542 0x452c [ 1C346B5D7E5336246604A9FCFCB092BC, BD0C56C943A8F23CA9CD1CE1FE4F9D2183F752B469A72D14B713301A867AE776 ] C:\WINDOWS\system32\winsrv.dll
18:49:38.0542 0x452c [ FE8D1AB6D6711BE791A01C17EDEBD0D6, EECE3A16DFA0BE1BB1E7B882D33FB926C90A1DCA89805DD3514FABF7C9F05253 ] C:\WINDOWS\system32\sxssrv.dll
18:49:38.0558 0x452c [ E2F4C75AFA20E742DE1B70372F15DCD7, 6AF120D627E26274D001A01E5CB9B165318B14B9FA8F1C8C59BF069DA1114618 ] C:\WINDOWS\system32\services.exe
18:49:38.0573 0x452c [ Global ] - ok
18:49:38.0573 0x452c ================ Scan MBR ==================================
18:49:38.0573 0x452c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:49:38.0609 0x452c \Device\Harddisk0\DR0 - ok
18:49:38.0609 0x452c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:49:39.0203 0x452c \Device\Harddisk1\DR1 - ok
18:49:39.0218 0x452c [ 66D0B28C8B44E531D0C19F436252ABAA ] \Device\Harddisk2\DR4
18:49:39.0375 0x452c \Device\Harddisk2\DR4 - ok
18:49:39.0375 0x452c ================ Scan VBR ==================================
18:49:39.0390 0x452c [ AC09BB3AFF03EA33D4AA213C9C16AB2E ] \Device\Harddisk0\DR0\Partition1
18:49:39.0390 0x452c \Device\Harddisk0\DR0\Partition1 - ok
18:49:39.0390 0x452c [ D8575758C5B6398F115EC2AB30BD5CCF ] \Device\Harddisk0\DR0\Partition2
18:49:39.0390 0x452c \Device\Harddisk0\DR0\Partition2 - ok
18:49:39.0406 0x452c [ 81C02ED62638F88B833DA97256BFD3AB ] \Device\Harddisk1\DR1\Partition1
18:49:39.0406 0x452c \Device\Harddisk1\DR1\Partition1 - ok
18:49:39.0406 0x452c [ F75E567D7FB6A57D3F26B55801A46FF2 ] \Device\Harddisk1\DR1\Partition2
18:49:39.0421 0x452c \Device\Harddisk1\DR1\Partition2 - ok
18:49:39.0421 0x452c [ 2D7ED993752AD1882781F5B5AFE09F2C ] \Device\Harddisk2\DR4\Partition1
18:49:39.0421 0x452c \Device\Harddisk2\DR4\Partition1 - ok
18:49:39.0421 0x452c ================ Scan generic autorun ======================
18:49:39.0421 0x452c SecurityHealth - ok
18:49:39.0531 0x452c [ 559F228C84DD7B5E35D33154CED320B2, 7D6C77613550024825DE7B17249A8B5E822FA54DAC475A849374A89D84993F8F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
18:49:39.0656 0x452c RTHDVCPL - ok
18:49:39.0671 0x452c [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:49:39.0671 0x452c IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
18:49:39.0671 0x452c Detect skipped due to KSN trusted
18:49:39.0671 0x452c IAStorIcon - ok
18:49:39.0687 0x452c [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:49:39.0703 0x452c AdobeAAMUpdater-1.0 - ok
18:49:39.0703 0x452c [ 8F3F547B85CE21C1F652F5EFBCFA123A, 44D73E059F53BFC65099A9471EFBD063E915D547F06BD1B74CA7CF29FDA71DFA ] C:\Program Files\iTunes\iTunesHelper.exe
18:49:39.0718 0x452c iTunesHelper - ok
18:49:39.0734 0x452c [ 45F2C61BD30137F7BD7F5339A34DF601, CBCCCF5D107F8A104E9A98F2E78FC29E2DCBA3D76E8B317CC503682F0E7E5B28 ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
18:49:39.0734 0x452c ISUSPM Startup - detected UnsignedFile.Multi.Generic ( 1 )
18:49:39.0734 0x452c Detect skipped due to KSN trusted
18:49:39.0734 0x452c ISUSPM Startup - ok
18:49:39.0750 0x452c [ 0711524E77BE0747927D18385468D36E, 283B8B8FDD93E8D72A974951449D170045DB2CF084692D27905898A6F84F934C ] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
18:49:39.0750 0x452c ISUSScheduler - detected UnsignedFile.Multi.Generic ( 1 )
18:49:39.0750 0x452c Detect skipped due to KSN trusted
18:49:39.0750 0x452c ISUSScheduler - ok
18:49:39.0765 0x452c [ 27CFFB1E41A2BE2A25957A679BD84E10, 521DC8F3439EAA780AE0DA68B0FC6E671963AF76E165590EA83D2F6896B1C941 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
18:49:39.0781 0x452c AdobeCS5ServiceManager - detected UnsignedFile.Multi.Generic ( 1 )
18:49:39.0781 0x452c Detect skipped due to KSN trusted
18:49:39.0781 0x452c AdobeCS5ServiceManager - ok
18:49:39.0796 0x452c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
18:49:39.0812 0x452c SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
18:49:39.0812 0x452c Detect skipped due to KSN trusted
18:49:39.0812 0x452c SwitchBoard - ok
18:49:39.0828 0x452c [ DDEFF7E98629203E66BB4298FABC5983, 59CBE0A49AAA93898831B1D64FFB1D0809736CABB4D19843DB2E99C2650D1AD9 ] C:\Program Files (x86)\PDF24\pdf24.exe
18:49:39.0828 0x452c PDFPrint - ok
18:49:39.0890 0x452c [ D879C51F86EA278C223576D43A7CDE28, 53530DAF80A28C1E0DE4F557B4E58CC7A71EED5302FBD1277715F805AFA5EF73 ] C:\Program Files (x86)\Canon\Quick Toolbox\cnqtbapp.exe
18:49:39.0921 0x452c CanonQuickToolbox - ok
18:49:40.0250 0x452c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:49:40.0593 0x452c OneDriveSetup - ok
18:49:40.0609 0x452c [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
18:49:40.0640 0x452c WAB Migrate - ok
18:49:40.0968 0x452c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:49:41.0297 0x452c OneDriveSetup - ok
18:49:41.0328 0x452c [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
18:49:41.0359 0x452c WAB Migrate - ok
18:49:41.0390 0x452c [ A9620DF3B8AE68B0DD2881BF1805B86B, 1895C0A5B049CC2C9C9AC92AF103E1703379AD84766352E83F98A088B5A6612E ] C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:49:41.0422 0x452c OneDrive - ok
18:49:41.0422 0x452c [ B306E6D61881B167A5A35ED25717168E, 6F6D7ED3E74EDCFCE70AD0112CFEF335DBFABC049DA2650F274E1CADC66A5353 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
18:49:41.0437 0x452c iCloudServices - ok
18:49:41.0468 0x452c [ A9620DF3B8AE68B0DD2881BF1805B86B, 1895C0A5B049CC2C9C9AC92AF103E1703379AD84766352E83F98A088B5A6612E ] C:\Users\Martin_2\AppData\Local\Microsoft\OneDrive\OneDrive.exe
18:49:41.0500 0x452c OneDrive - ok
18:49:41.0828 0x452c [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
18:49:42.0156 0x452c OneDriveSetup - ok
18:49:42.0187 0x452c [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
18:49:42.0218 0x452c WAB Migrate - ok
18:49:42.0218 0x452c AV detected via SS2: Windows Defender, windowsdefender:// ( ), 0x61100 ( enabled : updated )
18:49:42.0218 0x452c Win FW state via NFP2: enabled ( trusted )
18:49:42.0313 0x452c ============================================================
18:49:42.0313 0x452c Scan finished
18:49:42.0313 0x452c ============================================================
18:49:42.0328 0x5af8 Detected object count: 0
18:49:42.0328 0x5af8 Actual detected object count: 0
|
|
08.06.2018, 18:06
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Habe mir (vermutlich) ein Virus eingefangen Da scheint alles ok Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
08.06.2018, 18:26
| #20 |
| | Habe mir (vermutlich) ein Virus eingefangenCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.10.3.1001
www.malwarebytes.org
Database version:
main: v2018.06.08.04
rootkit: v2018.06.08.04
Windows 10 x64 NTFS
Internet Explorer 11.48.17134.0
Martin :: HOME-PC [administrator]
08.06.2018 19:11:44
mbar-log-2018-06-08 (19-11-44).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 311081
Time elapsed: 10 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Jedenfalls wurden das nicht angezeigt/angeboten |
|
08.06.2018, 19:28
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe mir (vermutlich) ein Virus eingefangen Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! adwCleaner v7.1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
__________________ --> Habe mir (vermutlich) ein Virus eingefangen |
|
08.06.2018, 19:45
| #22 |
| | Habe mir (vermutlich) ein Virus eingefangenCode:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-07.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-08-2018
# Duration: 00:00:01
# OS: Windows 10 Home
# Cleaned: 16
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\de.ask.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ask.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\de.ask.com
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ask.com
Deleted HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\st.chatango.com
Deleted HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\chatango.com
Deleted HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\st.chatango.com
Deleted HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\chatango.com
Deleted HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com
Deleted HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\format-factory.en.softonic.com
Deleted HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com
Deleted HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\format-factory.en.softonic.com
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [4782 octets] - [08/06/2018 20:40:10]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
|
|
08.06.2018, 19:46
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe mir (vermutlich) ein Virus eingefangen adwcleaner bitte zwecks Kontrolle wiederholen
__________________ Logfiles bitte immer in CODE-Tags posten |
|
08.06.2018, 19:50
| #24 |
| | Habe mir (vermutlich) ein Virus eingefangenCode:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-07.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-08-2018
# Duration: 00:00:13
# OS: Windows 10 Home
# Scanned: 41201
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
AdwCleaner[S00].txt - [4782 octets] - [08/06/2018 20:40:10]
AdwCleaner[C00].txt - [4777 octets] - [08/06/2018 20:40:30]
AdwCleaner[S01].txt - [1364 octets] - [08/06/2018 20:41:57]
AdwCleaner[S02].txt - [1425 octets] - [08/06/2018 20:42:21]
AdwCleaner[C02].txt - [1710 octets] - [08/06/2018 20:42:27]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########
|
|
08.06.2018, 23:06
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe mir (vermutlich) ein Virus eingefangen Ich brauche neue FRST-Logs . Haken setzen bei addition.txt dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.06.2018, 07:50
| #26 |
| | Habe mir (vermutlich) ein Virus eingefangenCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
durchgeführt von Martin (Administrator) auf HOME-PC (09-06-2018 08:48:16)
Gestartet von C:\Users\Martin\Downloads
Geladene Profile: Martin & Rwasser (Verfügbare Profile: Martin & Rwasser & Bärbel)
Platform: Windows 10 Home Version 1803 17134.48 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\MsMpEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-04-08] (Apple Inc.)
HKLM-x32\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [CanonQuickToolbox] => C:\Program Files (x86)\Canon\Quick Toolbox\cnqtbapp.exe [1854544 2014-05-13] (CANON INC.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-03-18] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.3 PE.lnk [2016-02-18]
ShortcutTarget: PHOTOfunSTUDIO 9.3 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9e488231-23b4-42c1-92e7-356bd892bd18}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1714761304-533778531-3308288475-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1714761304-533778531-3308288475-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.1\bin\ssv.dll => Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.1\bin\jp2ssv.dll [2018-04-25] (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
FireFox:
========
FF DefaultProfile: ptzvh2ag.default
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1714761304-533778531-3308288475-1001\FireFox [nicht gefunden] <==== ACHTUNG
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default [2018-05-04]
FF Homepage: Mozilla\Firefox\Profiles\ptzvh2ag.default -> hxxps://www.malwarebytes.org/restorebrowser/
FF Extension: (Cliqz Beta) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\cliqz@cliqz.com.xpi [2015-02-13] [Legacy] [ist nicht signiert]
FF Extension: (NoScript) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-12-20]
FF Extension: (WOT) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-12] [Legacy] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-12-20]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\searchplugins\bing-lavasoft-ff59.xml [2018-05-04]
FF HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @java.com/DTPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\dtplugin\npDeployJava1.dll [2018-04-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.1.0 -> C:\Program Files\Java\jre-10.0.1\bin\plugin2\npjp2.dll [2018-04-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
Chrome:
=======
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default [2018-05-15]
CHR Extension: (Präsentationen) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-20]
CHR Extension: (Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-20]
CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-20]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-20]
CHR Extension: (Tabellen) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-20]
CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-20]
CHR Extension: (Kaspersky Protection) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk [2018-03-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-15]
CHR Extension: (Google Mail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-20]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-15]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-03-29] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\elfoService.exe [1284360 2018-05-01] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\NisSrv.exe [4682552 2018-06-08] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MsMpEng.exe [101096 2018-06-08] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-06-08] (Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-06-08] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112872 2018-06-09] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-06-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-06-09] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103656 2018-06-09] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58680 2018-01-10] (NVIDIA Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-06-08] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [313384 2018-06-08] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-06-08] (Microsoft Corporation)
U3 aspnet_state; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-06-08 20:38 - 2018-06-08 20:40 - 000000000 ____D C:\AdwCleaner
2018-06-08 20:38 - 2018-06-08 20:38 - 007372496 _____ (Malwarebytes) C:\Users\Martin\Downloads\adwcleaner_7.2.0.exe
2018-06-08 20:31 - 2018-06-08 20:31 - 007372496 _____ (Malwarebytes) C:\Users\Martin_2\Downloads\adwcleaner_7.2.0.exe
2018-06-08 19:49 - 2018-06-08 19:49 - 000000000 ____D C:\Users\Martin\AppData\Local\PlaceholderTileLogoFolder
2018-06-08 19:11 - 2018-06-08 19:11 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\166587DA.sys
2018-06-08 19:09 - 2018-06-08 19:23 - 000000000 ____D C:\Users\Martin\Desktop\mbar
2018-06-08 19:09 - 2018-06-08 19:23 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-06-08 19:09 - 2018-06-08 19:09 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Martin\Downloads\mbar-1.10.3.1001.exe
2018-06-08 18:47 - 2018-06-08 18:54 - 000562720 _____ C:\TDSSKiller.3.1.0.17_08.06.2018_18.47.00_log.txt
2018-06-08 18:46 - 2018-06-08 18:46 - 004949824 _____ (AO Kaspersky Lab) C:\Users\Martin\Downloads\tdsskiller.exe
2018-06-08 18:19 - 2018-06-08 18:19 - 007197480 _____ (VS Revo Group ) C:\Users\Martin\Downloads\revosetup205.exe
2018-06-08 18:19 - 2018-06-08 18:19 - 000001083 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2018-06-08 18:19 - 2018-06-08 18:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-06-08 18:19 - 2018-06-08 18:19 - 000000000 ____D C:\Program Files\VS Revo Group
2018-06-08 18:18 - 2018-06-08 18:18 - 007197480 _____ (VS Revo Group ) C:\Users\Martin_2\Downloads\revosetup205.exe
2018-06-08 17:51 - 2018-06-08 17:51 - 000047139 _____ C:\Users\Martin\Downloads\Addition.txt
2018-06-08 17:50 - 2018-06-09 08:48 - 000021202 _____ C:\Users\Martin\Downloads\FRST.txt
2018-06-08 17:50 - 2018-06-08 17:50 - 002413056 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2018-06-08 17:45 - 2018-06-09 08:48 - 000000000 ____D C:\FRST
2018-06-08 17:45 - 2018-06-08 17:45 - 002413056 _____ (Farbar) C:\Users\Martin_2\Downloads\FRST64 (1).exe
2018-06-08 17:23 - 2018-06-09 08:46 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-06-08 17:23 - 2018-06-09 08:46 - 000112872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-06-08 17:23 - 2018-06-09 08:46 - 000103656 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-06-08 17:23 - 2018-06-09 08:46 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-06-08 17:23 - 2018-06-08 20:29 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-06-08 17:23 - 2018-06-08 20:29 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-06-08 17:23 - 2018-06-08 17:23 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-06-08 17:23 - 2018-06-08 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-23 19:11 - 2018-05-23 19:19 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-05-15 10:06 - 2018-05-15 10:06 - 000000780 _____ C:\Users\Martin_2\Desktop\7-Zip File Manager.lnk
2018-05-15 10:05 - 2018-05-15 10:05 - 000000000 ____D C:\Users\Martin\AppData\Local\DBG
2018-05-15 10:01 - 2018-05-15 10:01 - 001438086 _____ (Igor Pavlov) C:\Users\Martin_2\Downloads\7z1805-x64.exe
2018-05-15 10:01 - 2018-05-15 10:01 - 000000000 ____D C:\Program Files\7-Zip
2018-05-15 09:49 - 2018-05-15 09:49 - 000001417 _____ C:\Users\Martin\Desktop\Microsoft Edge.lnk
2018-05-12 14:16 - 2018-05-12 14:16 - 000001820 _____ C:\Users\Public\Desktop\iTunes.lnk
2018-05-12 14:16 - 2018-05-12 14:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2018-05-12 14:16 - 2018-05-12 14:16 - 000000000 ____D C:\Program Files\iTunes
2018-05-12 14:16 - 2018-05-12 14:16 - 000000000 ____D C:\Program Files\iPod
2018-05-12 14:12 - 2018-05-12 14:12 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-05-12 14:12 - 2018-05-12 14:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-05-12 14:12 - 2018-05-12 14:12 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-05-12 14:10 - 2018-05-12 14:10 - 000000020 ___SH C:\Users\Martin\ntuser.ini
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-06-09 08:46 - 2018-05-09 16:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-09 08:46 - 2018-05-09 16:22 - 000000000 ____D C:\Users\Martin
2018-06-09 08:46 - 2018-05-09 16:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-09 08:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-09 08:46 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-09 08:46 - 2016-09-25 18:48 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-08 21:51 - 2018-05-09 16:32 - 000004156 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BDA1C901-421F-4B71-8A22-6486E9B3C396}
2018-06-08 21:20 - 2014-08-26 07:58 - 000000000 ____D C:\Users\Martin\AppData\Local\Adobe
2018-06-08 21:19 - 2014-03-12 10:55 - 000000000 ____D C:\Users\Martin\AppData\Local\NVIDIA
2018-06-08 21:15 - 2014-09-15 08:39 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Apple Computer
2018-06-08 20:58 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-08 20:49 - 2018-05-09 16:21 - 001816188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-08 20:49 - 2018-04-12 18:13 - 000778264 _____ C:\WINDOWS\system32\perfh007.dat
2018-06-08 20:49 - 2018-04-12 18:13 - 000165154 _____ C:\WINDOWS\system32\perfc007.dat
2018-06-08 20:49 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-06-08 20:42 - 2018-04-11 23:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-06-08 20:35 - 2016-11-16 13:14 - 000000000 ____D C:\Users\Martin_2\AppData\LocalLow\Mozilla
2018-06-08 19:49 - 2017-12-19 14:53 - 000000000 ____D C:\Users\Martin\AppData\Local\Packages
2018-06-08 19:11 - 2014-05-22 08:28 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-08 18:29 - 2014-03-20 16:55 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2018-06-08 18:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-08 18:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-08 18:27 - 2014-03-12 11:00 - 000000000 ____D C:\WINDOWS\SysWOW64\Adobe
2018-06-08 18:26 - 2014-03-12 10:56 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-06-08 17:46 - 2015-11-09 14:36 - 000077217 _____ C:\Users\Martin_2\Downloads\FRST.txt
2018-06-08 17:46 - 2015-11-09 14:36 - 000037332 _____ C:\Users\Martin_2\Downloads\Addition.txt
2018-06-08 17:35 - 2018-05-09 16:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-08 17:24 - 2014-05-07 07:52 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-06-08 17:22 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-06-08 17:21 - 2016-10-31 13:35 - 000000000 ____D C:\Program Files\Common Files\AV
2018-06-08 17:21 - 2015-12-08 12:51 - 000000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2018-06-08 17:13 - 2018-05-09 16:32 - 000004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9D6A2598-53E5-4138-BBB1-FAC5B9676E0B}
2018-06-08 17:12 - 2014-03-21 20:23 - 000000000 ____D C:\Users\Martin_2\AppData\Roaming\vlc
2018-06-08 08:15 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-06 01:29 - 2018-04-12 01:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-06 01:29 - 2018-04-12 01:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-23 19:16 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-05-23 19:06 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-23 19:06 - 2014-03-12 11:50 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-05-23 18:47 - 2016-11-23 13:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-05-23 18:47 - 2014-03-12 14:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-23 18:05 - 2015-02-10 17:27 - 000000000 ____D C:\Users\Martin_2\Desktop\Alte Firefox-Daten
2018-05-23 17:52 - 2014-11-22 18:43 - 000000000 ____D C:\ProgramData\tmp
2018-05-23 17:52 - 2014-11-22 18:43 - 000000000 ____D C:\ProgramData\hps
2018-05-22 11:52 - 2018-05-09 16:22 - 000000000 ____D C:\Users\Bärbel
2018-05-18 10:07 - 2014-03-21 12:24 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-18 10:07 - 2014-03-12 10:41 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-18 09:55 - 2018-05-04 16:28 - 000000000 ____D C:\Users\Martin\AppData\Roaming\BitTorrent
2018-05-17 21:48 - 2018-05-09 16:32 - 000003630 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-17 21:48 - 2018-05-09 16:32 - 000003506 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 18:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-05-16 12:09 - 2017-12-19 14:53 - 000000000 ____D C:\Users\Martin_2\AppData\Local\Packages
2018-05-16 08:42 - 2015-12-24 14:05 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-16 08:42 - 2015-12-24 14:05 - 000002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-15 10:06 - 2018-05-09 16:32 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1714761304-533778531-3308288475-1001
2018-05-15 10:06 - 2018-05-09 16:22 - 000002390 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-15 10:06 - 2016-01-16 13:34 - 000000000 ___RD C:\Users\Martin\OneDrive
2018-05-15 09:48 - 2017-12-20 10:41 - 000000000 ___RD C:\Users\Martin\3D Objects
2018-05-15 09:48 - 2016-11-04 14:32 - 000000000 ____D C:\Users\Martin\AppData\Local\ConnectedDevicesPlatform
2018-05-12 14:12 - 2014-08-30 13:13 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2018-05-11 20:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-10 09:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\appcompat
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-07-08 14:09 - 2018-01-28 16:56 - 000099384 _____ () C:\Users\Martin\AppData\Roaming\inst.exe
2015-07-08 14:09 - 2018-01-28 16:56 - 000007859 _____ () C:\Users\Martin\AppData\Roaming\pcouffin.cat
2015-07-08 14:09 - 2018-01-28 16:56 - 000001167 _____ () C:\Users\Martin\AppData\Roaming\pcouffin.inf
2015-07-08 14:09 - 2018-01-28 16:56 - 000000055 _____ () C:\Users\Martin\AppData\Roaming\pcouffin.log
2015-07-08 14:09 - 2018-01-28 16:56 - 000082816 _____ (VSO Software) C:\Users\Martin\AppData\Roaming\pcouffin.sys
Einige Dateien in TEMP:
====================
2018-05-15 11:10 - 2018-05-15 11:10 - 020841976 ____T (Geek Software GmbH ) C:\Users\Martin\AppData\Local\Temp\pdf24-creator-update.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-05-09 16:20
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
durchgeführt von Martin (09-06-2018 08:48:50)
Gestartet von C:\Users\Martin\Downloads
Windows 10 Home Version 1803 17134.48 (X64) (2018-05-09 14:32:26)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1714761304-533778531-3308288475-500 - Administrator - Disabled)
Bärbel (S-1-5-21-1714761304-533778531-3308288475-1006 - Limited - Enabled) => C:\Users\Bärbel
DefaultAccount (S-1-5-21-1714761304-533778531-3308288475-503 - Limited - Disabled)
Gast (S-1-5-21-1714761304-533778531-3308288475-501 - Limited - Disabled)
Martin (S-1-5-21-1714761304-533778531-3308288475-1001 - Administrator - Enabled) => C:\Users\Martin
Rwasser (S-1-5-21-1714761304-533778531-3308288475-1003 - Limited - Enabled) => C:\Users\Martin_2
WDAGUtilityAccount (S-1-5-21-1714761304-533778531-3308288475-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Design Premium (HKLM-x32\...\{02698606-3A21-489D-9D2A-75C9E8D3E5BD}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{39EA6AA6-F891-4D70-867D-839DA49948D2}) (Version: 12.2.9.199 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
Apple Application Support (32-Bit) (HKLM-x32\...\{543F829B-4591-4B2F-AF63-6E6E6AE59EB2}) (Version: 6.4 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0ECA3BB5-4410-414B-B226-241FF1C12CD0}) (Version: 6.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9E005AAA-81A3-478E-8944-532D350952EE}) (Version: 11.3.1.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{263E62B9-CB1E-4864-A8A7-37DEAC651484}) (Version: 2.63.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.12.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.5.0 - Canon Inc.)
Canon MB2300 series Benutzerregistrierung (HKLM-x32\...\Canon MB2300 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MB2300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB2300_series) (Version: 1.01 - Canon Inc.)
Canon MB2300 series On-screen Manual (HKLM-x32\...\Canon MB2300 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Toolbox (HKLM-x32\...\Quick Toolbox) (Version: 1.0.0 - Canon Inc.)
cewe-fotoservice.de (HKLM-x32\...\cewe-fotoservice.de) (Version: 6.3.4 - CEWE Stiftung u Co. KGaA)
Classic Shell (HKLM\...\{023F92C9-AB10-4C54-BF09-C550AEC37917}) (Version: 4.0.6 - IvoSoft)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Diercke Globus Online (HKLM-x32\...\Diercke Globus Online) (Version: 3.1.1 - Imagon GmbH)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
Druckerdeinstallation für EPSON PX650 Series (HKLM\...\EPSON PX650 Series) (Version: - SEIKO EPSON Corporation)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 19.3 - Thüringer Landesfinanzdirektion)
Enigma (HKLM-x32\...\Enigma) (Version: 1.20 - Enigma Devel)
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Earth Pro (HKLM\...\{D9EF644E-2FAE-493B-8180-5617CC774C4F}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{5BD11939-D2C2-4F1B-AAAF-5ECE19A801F7}) (Version: 7.4.0.111 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{39C3E843-9833-446C-BB06-4E068B33D9DA}) (Version: 12.7.4.80 - Apple Inc.)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Kobo (HKLM-x32\...\Kobo) (Version: 4.2.6122 - Rakuten Kobo Inc.)
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1714761304-533778531-3308288475-1003\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.1.6710 - Mozilla)
Mozilla Thunderbird 52.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.8.0 (x86 de)) (Version: 52.8.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero Burning ROM 2014 (HKLM-x32\...\{6932EB55-F428-4F47-905B-56C90245FC48}) (Version: 15.0.04700 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{10EACC1C-7B87-4F57-ACA6-4EC15E13E4E9}) (Version: 12.0.01300 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{59C6E86A-14A9-47FD-9EE8-8D9DA864E0AF}) (Version: 12.5.01300 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Grafiktreiber 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PHOTOfunSTUDIO 9.3 PE (HKLM-x32\...\{E33B3B6C-5712-4A39-B30D-1391918D920D}) (Version: 9.03.703 - Panasonic Corporation)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0004 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}) (Version: 15.0.0005 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{DE083343-D24D-4495-919E-18C65EC0F289}) (Version: 2.8.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-03-18] (Apple Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0ADCCECD-7B67-4782-BE7E-F8E08E10D48D} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> Keine Datei <==== ACHTUNG
Task: {0BBF790F-8A1B-4E6E-A148-3D2169F5A341} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> Keine Datei <==== ACHTUNG
Task: {19D07AA9-62C3-4D6E-83C6-0136FE182082} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-01-10] (NVIDIA Corporation)
Task: {1A1AEC75-61F8-4CFF-A30C-6ADE64867F6E} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> Keine Datei <==== ACHTUNG
Task: {24623292-3690-4670-9E49-C70CF1B03AB5} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {2E29B01E-6CF2-444F-ABAC-24272901C237} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-08] (Microsoft Corporation)
Task: {2F0C90EE-959D-4F80-BB80-8BB6AD5C4B7C} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-Martin_2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {352B5E97-CA81-4945-BBEA-F3BAF48FD7E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D3F30C9-7727-468E-8FBB-BFD9A53E073C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> Keine Datei <==== ACHTUNG
Task: {4D55CED5-2471-4A22-A337-FF1C2E4A343A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {558F30BF-5B19-43E4-A1E4-37F831B6992D} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> Keine Datei <==== ACHTUNG
Task: {58F41D3E-4CC5-47D9-8DD8-56E989CFBE8E} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-rwasser => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {59CA9058-E7B0-48AC-B578-70582AD7C952} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-08] (Microsoft Corporation)
Task: {5AB65BA3-7016-4893-9ABE-F8CE565C299F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-08] (Microsoft Corporation)
Task: {5E6DD87A-D9EB-42D2-B4FC-2CF27099A81E} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {62978F72-FD7E-46E1-8FAD-662C4DDD1A16} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {7A6600FE-9983-46C7-B293-E1A7230A6AC7} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-Martin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {7D05F008-1C1D-488A-BA80-4934D41DCF31} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-01-10] (NVIDIA Corporation)
Task: {7D09C9A9-DABD-4C9E-B5E8-B3DB919BF8F0} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {7E0CC4DF-C261-475F-9DCD-C42FE70EC120} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-ps => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {824EF484-4CF1-4911-8663-9DC41E9C8994} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.16.17656.18052-0\MpCmdRun.exe [2018-06-08] (Microsoft Corporation)
Task: {A9F32772-87D6-4503-AD8D-C389FBB68D77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B892FA17-7020-488B-B965-3A9F10AFB2C9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-01-10] (NVIDIA Corporation)
Task: {CFD6F381-45E5-4549-81E3-B52FD9B1F962} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> Keine Datei <==== ACHTUNG
Task: {D3D3EEBD-182E-46E1-A878-36357648BB86} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-01-10] (NVIDIA Corporation)
Task: {D508E2E1-E885-4099-B18E-3571075D41F9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {E0A8A9C8-11F3-4687-A31F-CFDF133AA570} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-01-10] (NVIDIA Corporation)
Task: {E7A92DED-09A5-460E-930F-CC51F8CA14F6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-05-09] (Microsoft Corporation)
Task: {FBCF04DD-1CB5-441F-A636-4A5941C71894} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-01-10] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-25 18:48 - 2013-05-07 09:45 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-12-10 16:47 - 2018-01-10 16:33 - 001268024 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-05 14:50 - 2013-06-28 17:28 - 000084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2018-06-08 17:23 - 2018-06-08 20:29 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-06-08 17:23 - 2018-06-08 20:29 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-04-12 01:35 - 2018-04-12 18:18 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-23 08:55 - 2018-05-23 08:55 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 08:55 - 2018-05-23 08:55 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 08:55 - 2018-05-23 08:55 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 08:55 - 2018-05-23 08:55 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-08 08:19 - 2018-06-08 08:19 - 027118080 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-05-23 08:55 - 2018-05-23 08:55 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-05-23 08:55 - 2018-05-23 08:55 - 006748672 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 08:40 - 2017-09-26 08:40 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-23 08:55 - 2018-05-23 08:55 - 009358848 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-04-08 08:04 - 2018-04-08 08:04 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-04-08 08:04 - 2018-04-08 08:04 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2016-09-25 18:48 - 2018-06-09 08:46 - 000027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-09-25 18:48 - 2013-05-07 09:45 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2017-12-10 16:47 - 2018-01-10 16:33 - 001041208 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-03-16 15:20 - 2018-03-16 15:20 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-03-16 15:19 - 2018-03-16 15:19 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2014-03-12 10:44 - 2013-09-16 06:19 - 001242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1714761304-533778531-3308288475-1003\...\localhost -> localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "CanonQuickToolbox"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "ISUSScheduler"
HKLM\...\StartupApproved\Run32: => "ISUSPM Startup"
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{3448BDE5-BCAE-4BF5-A23B-857A3F3E4228}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{52E18E04-6D7E-4FB0-B217-DDAFCA3905D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{95E497B8-BA01-415B-97C7-0E54CAB67CDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{06A16860-2BFA-4EA4-B03A-DA9059B83451}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EC044715-3939-4301-A142-AE8D38FB3F38}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4D874E29-02A0-42FF-A0A3-B6F28E439B0E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E0B4CD56-DA8E-4E52-B0DA-901547D8CDBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2EA38139-0CDA-450F-A813-FE1D62D36EC1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F760303F-D83A-4E6D-8599-19E94800CE57}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F67C8A0B-22ED-49FA-AB8E-190443718C86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{82683395-D4C3-4B7C-8D2B-CA2847FA53D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B82F3993-D2CC-4DB6-AC06-A1347AF2093E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{78146481-E77B-4CA1-93C9-4BE7A623395E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FB5A7800-A918-4049-A143-08D6DE3A9699}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{86E137A7-7A6A-4A28-92B7-A38DF5A29325}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{52CC8977-82F5-4FC1-9F9D-D17161133C89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9FAB7F16-E37C-4137-AC30-931EC55D27A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EC6D9D74-53E9-4602-93D2-5A64BEC4CFEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{89041918-7A74-489C-87D7-95432C2E737E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0F31598B-53B4-474F-81DC-F7D438818914}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{67140F02-7BBA-463B-846D-318C7B3A99DF}G:\setup.exe] => (Allow) G:\setup.exe
FirewallRules: [UDP Query User{7944E85A-5B43-4DD8-AB42-335C91862B4C}G:\setup.exe] => (Allow) G:\setup.exe
==================== Wiederherstellungspunkte =========================
18-05-2018 10:04:41 Konfiguriert SILKYPIX Elements Deutsch
08-06-2018 08:15:09 Windows Update
08-06-2018 18:21:33 Revo Uninstaller's restore point - 7-Zip 18.05
08-06-2018 18:23:31 Revo Uninstaller's restore point - 7-Zip 18.05
08-06-2018 18:23:43 Revo Uninstaller's restore point - 7-Zip 18.05
08-06-2018 18:24:30 Revo Uninstaller's restore point - Adobe AIR
08-06-2018 18:25:51 Revo Uninstaller's restore point - Adobe Acrobat Reader DC - Deutsch
08-06-2018 18:26:52 Revo Uninstaller's restore point - Adobe Flash Player 30 NPAPI
08-06-2018 18:27:20 Revo Uninstaller's restore point - Adobe Shockwave Player 12.2
08-06-2018 18:27:44 Revo Uninstaller's restore point - Cliqz
08-06-2018 18:28:00 Revo Uninstaller's restore point - Cliqz
08-06-2018 18:28:46 Revo Uninstaller's restore point - QuickTime 7
08-06-2018 18:28:56 Removed QuickTime 7
08-06-2018 18:29:24 Revo Uninstaller's restore point - VLC media player
08-06-2018 18:31:24 Revo Uninstaller's restore point - Update for Windows 10 for x64-based Systems (KB4023057)
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/09/2018 08:46:51 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Audacity\audacity.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.48_none_b4b2216a3cb4dd3e.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.48_none_fc5f584151310644.manifest.
Error: (06/09/2018 08:46:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Audacity\audacity.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.48_none_b4b2216a3cb4dd3e.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.48_none_fc5f584151310644.manifest.
Error: (06/09/2018 08:46:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Audacity\audacity.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.48_none_b4b2216a3cb4dd3e.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.48_none_fc5f584151310644.manifest.
Error: (06/09/2018 08:46:25 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\Audacity\audacity.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.48_none_b4b2216a3cb4dd3e.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.48_none_fc5f584151310644.manifest.
Error: (06/09/2018 08:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname HOME-PC.local already in use; will try HOME-PC-2.local instead
Error: (06/09/2018 08:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 16 HOME-PC.local. AAAA FE80:0000:0000:0000:CC07:C2E5:4E5B:6D7F
Error: (06/09/2018 08:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:CC07:C2E5:4E5B:6D7F:5353 16 HOME-PC.local. AAAA 2003:00CB:5BC2:4FD5:CC07:C2E5:4E5B:6D7F
Error: (06/09/2018 08:46:24 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 HOME-PC.local. AAAA FE80:0000:0000:0000:CC07:C2E5:4E5B:6D7F
Systemfehler:
=============
Error: (06/09/2018 08:48:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
Windows.SecurityCenter.WscDataProtection
und der APPID
Nicht verfügbar
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/09/2018 08:48:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
Windows.SecurityCenter.WscBrokerManager
und der APPID
Nicht verfügbar
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/09/2018 08:48:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
Windows.SecurityCenter.WscBrokerManager
und der APPID
Nicht verfügbar
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/09/2018 08:46:20 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 08.06.2018 um 22:05:56 unerwartet heruntergefahren.
Error: (06/09/2018 08:46:14 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 3221225684Bei der Verarbeitung der Wiederherstellungsdaten ist ein schwerwiegender Fehler aufgetreten.
Error: (06/08/2018 08:46:04 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/08/2018 08:45:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
Windows.SecurityCenter.WscBrokerManager
und der APPID
Nicht verfügbar
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/08/2018 08:45:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Start" für die COM-Serveranwendung mit der CLSID
Windows.SecurityCenter.WscDataProtection
und der APPID
Nicht verfügbar
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2018-06-09 08:47:36.892
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-09 08:47:36.382
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-09 08:47:13.506
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-09 08:47:04.818
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-09 08:47:04.619
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-09 08:46:57.800
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-09 08:46:53.330
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-09 08:46:53.330
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8130.18 MB
Verfügbarer physikalischer RAM: 5498.15 MB
Summe virtueller Speicher: 10946.18 MB
Verfügbarer virtueller Speicher: 8077.98 MB
==================== Laufwerke ================================
Drive c: (boot) (Fixed) (Total:232.05 GB) (Free:97.61 GB) NTFS
Drive d: (Daten) (Fixed) (Total:851.51 GB) (Free:585.37 GB) NTFS
Drive e: (Rocover) (Fixed) (Total:80 GB) (Free:53.49 GB) NTFS
\\?\Volume{eeb55085-a9c0-11e3-824b-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS
\\?\Volume{612d9dbb-0000-0000-0000-60193a000000}\ () (Fixed) (Total:0.49 GB) (Free:0.09 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 612D9DBB)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=500 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 612D9DA0)
Partition 1: (Not Active) - (Size=851.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=80 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
09.06.2018, 16:28
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe mir (vermutlich) ein Virus eingefangen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1714761304-533778531-3308288475-1001\FireFox [nicht gefunden] <==== ACHTUNG
FF Extension: (Cliqz Beta) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\cliqz@cliqz.com.xpi [2015-02-13] [Legacy] [ist nicht signiert]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\searchplugins\bing-lavasoft-ff59.xml [2018-05-04]
FF HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\extensions\cliqz@cliqz.com => nicht gefunden
Task: {0ADCCECD-7B67-4782-BE7E-F8E08E10D48D} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> Keine Datei <==== ACHTUNG
Task: {0BBF790F-8A1B-4E6E-A148-3D2169F5A341} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> Keine Datei <==== ACHTUNG
Task: {1A1AEC75-61F8-4CFF-A30C-6ADE64867F6E} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> Keine Datei <==== ACHTUNG
Task: {24623292-3690-4670-9E49-C70CF1B03AB5} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {3D3F30C9-7727-468E-8FBB-BFD9A53E073C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> Keine Datei <==== ACHTUNG
Task: {558F30BF-5B19-43E4-A1E4-37F831B6992D} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> Keine Datei <==== ACHTUNG
Task: {CFD6F381-45E5-4549-81E3-B52FD9B1F962} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> Keine Datei <==== ACHTUNG
C:\ProgramData\Kaspersky Lab
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.06.2018, 21:11
| #28 |
| | Habe mir (vermutlich) ein Virus eingefangenCode:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
durchgeführt von Martin (09-06-2018 22:08:41) Run:1
Gestartet von C:\Users\Martin\Downloads
Geladene Profile: Martin & Rwasser (Verfügbare Profile: Martin & Rwasser & Bärbel)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1714761304-533778531-3308288475-1001\FireFox [nicht gefunden] <==== ACHTUNG
FF Extension: (Cliqz Beta) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\cliqz@cliqz.com.xpi [2015-02-13] [Legacy] [ist nicht signiert]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\searchplugins\bing-lavasoft-ff59.xml [2018-05-04]
FF HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\extensions\cliqz@cliqz.com => nicht gefunden
Task: {0ADCCECD-7B67-4782-BE7E-F8E08E10D48D} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> Keine Datei <==== ACHTUNG
Task: {0BBF790F-8A1B-4E6E-A148-3D2169F5A341} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> Keine Datei <==== ACHTUNG
Task: {1A1AEC75-61F8-4CFF-A30C-6ADE64867F6E} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> Keine Datei <==== ACHTUNG
Task: {24623292-3690-4670-9E49-C70CF1B03AB5} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {3D3F30C9-7727-468E-8FBB-BFD9A53E073C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> Keine Datei <==== ACHTUNG
Task: {558F30BF-5B19-43E4-A1E4-37F831B6992D} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> Keine Datei <==== ACHTUNG
Task: {CFD6F381-45E5-4549-81E3-B52FD9B1F962} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> Keine Datei <==== ACHTUNG
C:\ProgramData\Kaspersky Lab
emptytemp:
*****************
C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1714761304-533778531-3308288475-1001\FireFox => Pfad erfolgreich entfernt
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\cliqz@cliqz.com.xpi => erfolgreich verschoben
C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\searchplugins\bing-lavasoft-ff59.xml => erfolgreich verschoben
"HKU\S-1-5-21-1714761304-533778531-3308288475-1001\Software\Mozilla\Firefox\Extensions\\cliqz@cliqz.com" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0ADCCECD-7B67-4782-BE7E-F8E08E10D48D}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0ADCCECD-7B67-4782-BE7E-F8E08E10D48D}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle" => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BBF790F-8A1B-4E6E-A148-3D2169F5A341}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BBF790F-8A1B-4E6E-A148-3D2169F5A341}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time" => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1A1AEC75-61F8-4CFF-A30C-6ADE64867F6E}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1A1AEC75-61F8-4CFF-A30C-6ADE64867F6E}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon" => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24623292-3690-4670-9E49-C70CF1B03AB5}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24623292-3690-4670-9E49-C70CF1B03AB5}" => erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3D3F30C9-7727-468E-8FBB-BFD9A53E073C}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D3F30C9-7727-468E-8FBB-BFD9A53E073C}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2" => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{558F30BF-5B19-43E4-A1E4-37F831B6992D}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{558F30BF-5B19-43E4-A1E4-37F831B6992D}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle" => nicht gefunden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFD6F381-45E5-4549-81E3-B52FD9B1F962}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFD6F381-45E5-4549-81E3-B52FD9B1F962}" => erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock" => nicht gefunden
C:\ProgramData\Kaspersky Lab => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26513043 B
Java, Flash, Steam htmlcache => 446 B
Windows/system/drivers => 1292981 B
Edge => 12322705 B
Chrome => 16693129 B
Firefox => 93349239 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 7600 B
LocalService => 30586 B
LocalService => 0 B
NetworkService => 14806 B
NetworkService => 0 B
Martin => 11586769 B
Martin_2 => 10859401 B
Bärbel => 0 B
RecycleBin => 8266 B
EmptyTemp: => 172.2 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 22:08:53 ====
|
|
10.06.2018, 08:51
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Habe mir (vermutlich) ein Virus eingefangen Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: Malwarebytes Version 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
2. Schritt: ESET Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.06.2018, 14:52
| #30 |
| | Habe mir (vermutlich) ein Virus eingefangenCode:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 10.06.18
Scan-Zeit: 14:08
Protokolldatei: 0589bda7-6ca7-11e8-b779-bcee7b785b0a.json
Administrator: Ja
-Softwaredaten-
Version: 3.5.1.2522
Komponentenversion: 1.0.374
Version des Aktualisierungspakets: 1.0.5422
Lizenz: Premium
-Systemdaten-
Betriebssystem: Windows 10 (Build 17134.48)
CPU: x64
Dateisystem: NTFS
Benutzer: System
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Zeitplaner
Ergebnis: Abgeschlossen
Gescannte Objekte: 417483
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 7 Min., 36 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Code:
ATTFilter 14:21:03 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.22.0
# EOSSerial=9e97c1e7d1e66b4fbc7ed298b16a8df4
# end=init
# utc_time=2018-06-10 12:21:03
# local_time=2018-06-10 14:21:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=10.0.17134 NT
14:21:08 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.22.0
# EOSSerial=9e97c1e7d1e66b4fbc7ed298b16a8df4
# end=init
# utc_time=2018-06-10 12:21:07
# local_time=2018-06-10 14:21:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=10.0.17134 NT
14:21:24 Updating
14:21:24 Update Init
14:21:26 Update Download
14:27:34 esets_scanner_reload returned 0
14:27:34 g_uiModuleBuild: 37666
14:27:34 Update Finalize
14:27:34 Call m_esets_charon_send
14:27:34 Call m_esets_charon_destroy
14:27:34 Updated modules version: 37666
14:27:44 Call m_esets_charon_setup_create
14:27:44 Call m_esets_charon_create
14:27:44 m_esets_charon_create OK
14:27:44 Call m_esets_charon_start_send_thread
14:27:44 Call m_esets_charon_setup_set
14:27:44 m_esets_charon_setup_set OK
14:27:44 Scanner engine: 37666
15:48:42 # product=EOS
# version=8
# flags=0
# esetonlinescanner_deu.exe=2.0.22.0
# EOSSerial=9e97c1e7d1e66b4fbc7ed298b16a8df4
# engine=37666
# end=finished
# bannerClicked=0
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# sfx_checked=true
# utc_time=2018-06-10 13:48:41
# local_time=2018-06-10 15:48:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=10.0.17134 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 5848 5148883 0 0
# scanned=356986
# found=7
# cleaned=0
# scan_time=4798
sh=A46131CF3CD520CDC950B9D55D0DC5C9689D0E60 ft=1 fh=0000000000000000 vn="Variante von MSIL/WebCompanion.A eventuell unerwünschte Anwendung,Variante von Win32/WebCompanion.B eventuell unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1714761304-533778531-3308288475-1003\$RJXON8Y.exe"
sh=9BA29779795218738106E8CE703F90D304EB4861 ft=0 fh=0000000000000000 vn="JS/Adware.Revizer.A Anwendung" ac=I fn="C:\Users\Martin_2\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000205"
sh=9BA29779795218738106E8CE703F90D304EB4861 ft=0 fh=0000000000000000 vn="JS/Adware.Revizer.A Anwendung" ac=I fn="C:\Users\Martin_2\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00020d"
sh=237FEA0A840E2E7EF8F7149B1CDD0BDC1BDAA9F8 ft=0 fh=0000000000000000 vn="JS/Adware.Revizer.A Anwendung" ac=I fn="C:\Users\Martin_2\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00027c"
sh=237FEA0A840E2E7EF8F7149B1CDD0BDC1BDAA9F8 ft=0 fh=0000000000000000 vn="JS/Adware.Revizer.A Anwendung" ac=I fn="C:\Users\Martin_2\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000286"
sh=141818B5F903D8C91F2F4721EDA4F463B0576B82 ft=0 fh=0000000000000000 vn="JS/Adware.Revizer.A Anwendung" ac=I fn="C:\Users\Martin_2\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0002ac"
sh=299FB02B83DE494C50299BD9ADC55BA172A2B45F ft=1 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Martin_2\Downloads\VirtualBox - CHIP-Installer.exe"
15:48:42 RecursiveRemoveDirectoryAndAllFiles: C:\Users\Martin\AppData\Local\ESET\ESETOnlineScanner\Quarantine\
15:48:42 Call m_esets_charon_send
15:48:42 Call m_esets_charon_destroy
Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Mozilla Thunderbird (52.8.0) Google Chrome (66.0.3359.181) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamtray.exe Windows Defender MSASCuiL.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
| Themen zu Habe mir (vermutlich) ein Virus eingefangen |
| benötige, beschreiben, blockiert, deinstalliert, download, eingefangen, erkennt, firefox, forum, gefahren, gen, guten, hoffe, installieren, meldung, minute, neu, neuinstallation, problem, sichere, urlaub, verbindung, vermutlich, versucht, virus |
Linear-Darstellung
