| |
| |||||||
Log-Analyse und Auswertung: Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erkWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
09.07.2018, 10:25
| #1 |
| |  Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk Hallo TrojanerBoard, es wurde bereits ein gleicher Thread geöffnet, nur hat sich der Betroffene nicht mehr nach drei Tagen gemeldet (Thread zum anderen Betroffenen: https://www.trojaner-board.de/191755-anwendung-svchost-exe-greift-web-ressource-http-crl-comodoca-com-comodorsacertificationauthority-crl.html). Ich habe folgende Meldung am frühen Morgen am 6.7.2018 durch mein BitDefender-Programm erhalten: "Die Anwendung svchost.exe greift auf die Web-Ressource hxxp://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erkannt wurde. Die Web-Ressource wurde erfolgreich blockiert und Ihr PC ist sicher." Die Meldung ist 12 x Mal innerhalb von 3 Stunden erschienen. Zudem habe ich auf einem GamingAccount die Nachricht erhalten, dass eine IP aus Polen versucht hatte Zugriff auf meinen Account zu erhalten. Ebenso am selben Tag, als die obige Nachricht erschienen ist. Folgende Anweisungen habe ich bereits gemacht und lade nun die ADWCleaner-Textdatei, die mbam-Textdatei und die Addition sowie FRST Datei hoch. |
|
09.07.2018, 10:28
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
09.07.2018, 10:34
| #3 |
| | Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk ADW-Cleaner Datei:
__________________Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build: 07-04-2018
# Database: 2018-07-04.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-09-2018
# Duration: 00:00:06
# OS: Windows 8.1
# Cleaned: 5
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
Deleted C:\Users\beats_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Menu.lnk
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM2
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Internet Explorer\DOMStorage\homepage-web.com
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C0454C6B-AAAF-11E4-827A-97ABCD511544}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Windows Firewall
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1835 octets] - [09/07/2018 10:46:04]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
mbam-Datei: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 09.07.18
Scan-Zeit: 10:54
Protokolldatei: a6144f2e-8355-11e8-aa9a-c454449542bd.json
Administrator: Ja
-Softwaredaten-
Version: 3.5.1.2522
Komponentenversion: 1.0.374
Version des Aktualisierungspakets: 1.0.5831
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: JO\\u00c3\u0096zg\u00c3\u00bcr
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 275619
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 9 Min., 40 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
WMI: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20.06.2018
durchgeführt von Özgür (09-07-2018 11:10:02)
Gestartet von C:\Users\beats_000\Downloads
Windows 8.1 (Update) (X64) (2014-11-21 16:50:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3751807267-4179795327-3503721674-500 - Administrator - Disabled)
Gast (S-1-5-21-3751807267-4179795327-3503721674-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3751807267-4179795327-3503721674-1003 - Limited - Enabled)
Özgür (S-1-5-21-3751807267-4179795327-3503721674-1001 - Administrator - Enabled) => C:\Users\beats_000
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Virenschutz (Enabled - Up to date) {0E17DB7D-A20F-62CE-B95B-17DB0CDFE318}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {B5763A99-8435-6D40-83EB-2CA97758A9A5}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8105 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8104 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8106 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.01.3003 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.01.3003 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2001.4 - Acer Incorporated)
Adobe Reader XI (11.0.23) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Anki (HKLM-x32\...\Anki) (Version: - )
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.03.2001.0 - Acer Incorporated)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.20.99 - Bitdefender)
Bitdefender Antivirus Plus (HKLM\...\Bitdefender) (Version: 22.0.21.297 - Bitdefender)
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.10 - Kakao Games Europe B.V.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.6.01103 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\{58524593-122C-43F0-96E2-A6BCC42E3412}) (Version: 4.6.01103 - Cisco Systems, Inc.) Hidden
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.3721 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Epic Games Launcher (HKLM-x32\...\{64F36122-A72E-4185-A986-0A73C3FA6F73}) (Version: 1.1.135.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
f.lux (HKU\S-1-5-21-3751807267-4179795327-3503721674-1001\...\Flux) (Version: - f.lux Software LLC)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.0 - Genesys Logic)
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.44.0 - International GeoGebra Institute)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.1 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{B2777235-FDF0-4371-9D1E-0CD24DFE3579}) (Version: 4.2.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Acer Incorporated)
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Mendeley Desktop 1.17.9 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.9 - Mendeley Ltd.)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.10228.20080 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3751807267-4179795327-3503721674-1001\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 61.0.1 (x64 de) (HKLM\...\Mozilla Firefox 61.0.1 (x64 de)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.1.6759 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.150 - Symantec Corporation)
NVIDIA Grafiktreiber 332.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.91 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0927 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0927 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.10228.20080 - Microsoft Corporation) Hidden
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.318 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.29 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7218 - Realtek Semiconductor Corp.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.12.3 (HKLM\...\SteelSeries Engine 3) (Version: 3.12.3 - SteelSeries ApS)
TeamSpeak 3 Client (HKU\S-1-5-21-3751807267-4179795327-3503721674-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3751807267-4179795327-3503721674-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\beats_000\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3751807267-4179795327-3503721674-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2014-02-25] (Qualcomm®Atheros®)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll -> Keine Datei
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2014-02-25] (Qualcomm®Atheros®)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2014-03-07] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2014-03-24] (NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll -> Keine Datei
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll -> Keine Datei
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0C598CDD-EE23-4C66-B4EA-56AB88DF7C04} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-06-29] (Microsoft Corporation)
Task: {13D07042-C4A9-4ADF-A776-A4E191CBD62F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-29] (Microsoft Corporation)
Task: {3238846F-433D-4086-B0B5-FD8DCB147DF7} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-07-08] ()
Task: {3ABE0BFD-24C0-443A-9E52-A4188B4B8CBD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-29] (Microsoft Corporation)
Task: {3C280160-6293-4BED-A3AD-6DE462B35137} - \UbtFrameworkService -> Keine Datei <==== ACHTUNG
Task: {3CDDF364-3373-4C93-BBD6-A3BA027CF4D9} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {43FF920D-1F38-496D-8B9C-56C22C6186F3} - \Microsoft OneDrive Auto Update Task-S-1-5-21-3751807267-4179795327-3503721674-1001 -> Keine Datei <==== ACHTUNG
Task: {4C7539FF-DB23-429E-AE51-E3E2C2B50A6F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-20] (Microsoft Corporation)
Task: {5CCA18AA-EACC-41C5-AEF9-E2FA7C8D36E2} - \{9D69BC38-F4D2-4B16-A2CC-C195A4444518} -> Keine Datei <==== ACHTUNG
Task: {5DA8AAE3-B035-488D-AEB5-C656F381311B} - System32\Tasks\{F3726AFF-555B-4C90-A77C-4CAB45DE4663} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.33.0.104.607/de/abandoninstall?page=tsInstall
Task: {5E1421F5-BD29-4295-9E50-727562219687} - System32\Tasks\Norton Security Scan for Özgür => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.150\Nss.exe [2018-01-10] (Symantec Corporation)
Task: {5FB87853-4AF5-4098-B8AF-E0FF7025EF5F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-06-20] (Microsoft Corporation)
Task: {7F091677-102D-47D0-B0D2-8E3DD0ADE5F6} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-06-29] (Microsoft Corporation)
Task: {8E4FCE27-CC65-464A-8AF3-42362E29789F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-06-29] (Microsoft Corporation)
Task: {904A08D3-5297-48FD-8412-1A4AF65593D8} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-03-18] (Acer Incorporated)
Task: {9A003450-C421-427B-BAF7-D0EFE3170DC2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {9CA8F99C-FFF6-42F7-B886-2453A279C110} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-06-29] (Microsoft Corporation)
Task: {AE614FC0-70DF-4CE1-A4CF-708682C75403} - \OneDrive Standalone Update Task -> Keine Datei <==== ACHTUNG
Task: {AF5539AB-AD67-4049-9B40-C6EB22D5BAB0} - \Power Management -> Keine Datei <==== ACHTUNG
Task: {B87EF652-F2A5-4482-AF38-09A8490CFAE1} - \{0ECDA438-5FFD-4448-A2B4-64FE785F7ED5} -> Keine Datei <==== ACHTUNG
Task: {CDBC8887-A270-4B70-9058-06CF7B798D78} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {E498F75F-B280-497B-B9CD-68CA12F8E586} - \Optimize Start Menu Cache Files-S-1-5-21-3751807267-4179795327-3503721674-500 -> Keine Datei <==== ACHTUNG
Task: {E9E6A522-B8E5-4CA7-B109-ACEFDCCA793E} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe
Task: {FB154304-FF88-4AEB-B2E1-958BC25B40FE} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-05-16] (Bitdefender)
Task: {FC06E9E1-D176-45C8-BD9A-FEE004D8CD62} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-03-17] (Acer Incorporate)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2018-06-13 13:36 - 2018-05-08 21:27 - 000992704 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpbr.mdl
2018-06-13 13:36 - 2018-05-08 21:27 - 000543344 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpdsp.mdl
2018-06-13 13:36 - 2018-05-08 21:27 - 003228632 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttpph.mdl
2018-06-13 13:36 - 2018-05-08 21:27 - 001527808 _____ () C:\Program Files\Bitdefender\Bitdefender Security\otengines_001_001\ashttprbl.mdl
2014-06-29 01:53 - 2014-03-24 14:30 - 000116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-16 14:41 - 2016-09-16 14:41 - 001864384 _____ () C:\Users\beats_000\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2014-06-29 02:19 - 2012-04-24 12:43 - 000254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-02-25 22:14 - 2014-02-25 22:14 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-02-25 22:11 - 2014-02-25 22:11 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-02-25 22:17 - 2014-02-25 22:17 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2018-07-09 10:52 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-07-09 10:52 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-06-12 16:13 - 2018-06-12 16:13 - 000033792 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_system.dll
2018-06-12 16:12 - 2018-06-12 16:12 - 000062464 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_date_time.dll
2018-06-12 16:13 - 2018-06-12 16:13 - 000108032 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_thread.dll
2018-06-12 16:14 - 2018-06-12 16:14 - 000043008 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\boost_chrono.dll
2018-06-12 16:14 - 2018-06-12 16:14 - 000073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-06-29 01:56 - 2013-12-10 01:27 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-09-16 14:41 - 2016-09-16 14:41 - 001383616 _____ () C:\Users\beats_000\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [480]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3751807267-4179795327-3503721674-1001\...\sharepoint.com -> hxxps://bwedu-files.sharepoint.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2018-07-09 10:48 - 000000000 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3751807267-4179795327-3503721674-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img13.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
07-07-2018 11:36:38 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/08/2018 09:26:00 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/06/2018 11:52:57 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/06/2018 08:40:30 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 16.0.10228.20080 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: c34
Startzeit: 01d414f2a64d8c4a
Endzeit: 55
Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Root\Office16\WINWORD.EXE
Berichts-ID: 6f498c62-80e7-11e8-83f3-c454449542bd
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/05/2018 11:53:01 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/04/2018 11:54:59 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/04/2018 08:47:09 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/02/2018 11:52:59 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (07/01/2018 11:52:59 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Systemfehler:
=============
Error: (07/09/2018 10:47:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" ist vom Dienst "Windows Search" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Das System kann den angegebenen Pfad nicht finden.
Error: (07/09/2018 10:47:24 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann den angegebenen Pfad nicht finden.
Error: (07/09/2018 10:46:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2018 10:46:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/09/2018 10:46:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CCDMonitorService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2018 10:46:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Cyberlink RichVideo Service(CRVS)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2018 10:46:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/09/2018 10:46:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AtherosSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Windows Defender:
===================================
Date: 2018-06-13 12:47:35.645
Description:
Von Windows Defender wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:HTML/Brocoiner!rfn&threatid=2147724297&enterprise=0
Name: Trojan:HTML/Brocoiner!rfn
ID: 2147724297
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\beats_000\AppData\Local\Mozilla\Firefox\Profiles\v8cidznp.default-1464625567183-1516175131858\cache2\entries\CE94BF5164C04AE312403C4CA6A85F4F3B1133A2
Erkennungsursprung: Lokaler Computer
Erkennungstyp: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: JO\Özgür
Prozessname: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Signaturversion: AV: 1.269.1157.0, AS: 1.269.1157.0, NIS: 119.0.0.0
Modulversion: AM: 1.1.14901.4, NIS: 2.1.14600.4
Date: 2018-06-13 12:46:24.589
Description:
Von Windows Defender wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:HTML/Brocoiner!rfn&threatid=2147724297&enterprise=0
Name: Trojan:HTML/Brocoiner!rfn
ID: 2147724297
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\beats_000\AppData\Local\Mozilla\Firefox\Profiles\v8cidznp.default-1464625567183-1516175131858\cache2\entries\CE94BF5164C04AE312403C4CA6A85F4F3B1133A2
Erkennungsursprung: Lokaler Computer
Erkennungstyp: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: JO\Özgür
Prozessname: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Signaturversion: AV: 1.269.1157.0, AS: 1.269.1157.0, NIS: 119.0.0.0
Modulversion: AM: 1.1.14901.4, NIS: 2.1.14600.4
Date: 2018-06-13 12:44:53.270
Description:
Von Windows Defender wurde Schadsoftware oder andere potenziell unerwünschte Software erkannt.
Weitere Informationen:
hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:HTML/Brocoiner!rfn&threatid=2147724297&enterprise=0
Name: Trojan:HTML/Brocoiner!rfn
ID: 2147724297
Schweregrad: Schwerwiegend
Kategorie: Trojaner
Pfad: file:_C:\Users\beats_000\AppData\Local\Mozilla\Firefox\Profiles\v8cidznp.default-1464625567183-1516175131858\cache2\entries\CE94BF5164C04AE312403C4CA6A85F4F3B1133A2
Erkennungsursprung: Lokaler Computer
Erkennungstyp: Konkret
Erkennungsquelle: Echtzeitschutz
Benutzer: JO\Özgür
Prozessname: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Signaturversion: AV: 1.269.1157.0, AS: 1.269.1157.0, NIS: 119.0.0.0
Modulversion: AM: 1.1.14901.4, NIS: 2.1.14600.4
Date: 2017-03-31 10:52:50.138
Description:
Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {85F63AC4-3273-4F6C-ADD5-142228CBF603}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2017-03-31 10:28:48.126
Description:
Die Windows Defender-Überprüfung wurde vor ihrem Abschluss beendet.
Überprüfungs-ID: {24CED078-E0EA-4F7D-9E88-22902E500157}
Überprüfungstyp: Antimalware
Überprüfungsparameter: Schnellüberprüfung
Benutzer: NT-AUTORITÄT\SYSTEM
Date: 2017-03-30 10:41:16.511
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion:
Updatequelle: Benutzer
Signaturtyp:
Updatetyp:
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion:
Fehlercode: 0x80070652
Fehlerbeschreibung: Es wird bereits anderweitig eine Installation ausgeführt. Beenden Sie den anderen Installationsvorgang, bevor Sie diese Installation fortsetzen.
Date: 2017-03-30 10:41:00.688
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.239.313.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.13601.0
Fehlercode: 0x80240016
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2017-03-30 10:41:00.688
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.239.313.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.13601.0
Fehlercode: 0x80240016
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2017-03-30 10:41:00.688
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 1.239.313.0
Updatequelle: Microsoft Update-Server
Signaturtyp: AntiVirus
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion:
Vorherige Modulversion: 1.1.13601.0
Fehlercode: 0x80240016
Fehlerbeschreibung: Unerwartetes Problem bei der Überprüfung auf Updates. Informationen zum Installieren von Updates oder zur Problembehandlung finden Sie unter "Hilfe und Support".
Date: 2016-08-22 09:48:15.861
Description:
Fehler von Windows Defender beim Aktualisieren von Signaturen.
Neue Signaturversion:
Vorherige Signaturversion: 116.22.0.0
Updatequelle: Microsoft Center zum Schutz vor Schadsoftware
Signaturtyp: Netzwerkinspektionssystem
Updatetyp: Voll
Benutzer: NT-AUTORITÄT\Netzwerkdienst
Aktuelle Modulversion:
Vorherige Modulversion: 2.1.12706.0
Fehlercode: 0x80072ee7
Fehlerbeschreibung: Der Servername oder die Serveradresse konnte nicht verarbeitet werden.
CodeIntegrity:
===================================
Date: 2018-06-13 12:21:36.996
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-06-13 12:10:47.161
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-09-15 09:37:23.934
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-09-14 19:34:32.338
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-09-13 20:45:35.272
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-09-10 09:20:21.421
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-09-09 18:54:35.913
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-08-30 09:29:49.987
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 4770.56 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 5877.91 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:913.51 GB) (Free:742.92 GB) NTFS
Drive e: () (Removable) (Total:3.75 GB) (Free:3.74 GB) FAT32
Drive f: (TOSHIBA) (Removable) (Total:14.44 GB) (Free:6.34 GB) FAT32
\\?\Volume{7224d92d-355f-4c7e-b04c-eae35cd012b6}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.18 GB) NTFS
\\?\Volume{bc966328-185b-44ce-825f-1b011629fc2c}\ (Push Button Reset) (Fixed) (Total:17 GB) (Free:1.5 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F01AA88B)
Partition: GPT.
========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 11B4306F)
Partition 1: (Active) - (Size=3.8 GB) - (Type=0B)
========================================================
Disk: 2 (Size: 14.5 GB) (Disk ID: 372E3D4D)
Partition 1: (Not Active) - (Size=14.5 GB) - (Type=0B)
==================== Ende von Addition.txt ============================
FRST-Datei: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
durchgeführt von Özgür (Administrator) auf JO (09-07-2018 11:08:16)
Gestartet von C:\Users\beats_000\Downloads
Geladene Profile: Özgür (Verfügbare Profile: Özgür)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
(f.lux Software LLC) C:\Users\beats_000\AppData\Local\FluxSoftware\Flux\flux.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\bdwtxag.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Security\seccenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-03-26] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe [452032 2018-05-08] (Bitdefender)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1320448 2018-06-12] (Cisco Systems, Inc.)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-02-25] (Atheros Communications)
HKU\S-1-5-21-3751807267-4179795327-3503721674-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3751807267-4179795327-3503721674-1001\...\Run: [f.lux] => C:\Users\beats_000\AppData\Local\FluxSoftware\Flux\flux.exe [1806344 2018-07-03] (f.lux Software LLC)
HKU\S-1-5-21-3751807267-4179795327-3503721674-1001\...\MountPoints2: {65f9bb8a-a1e6-11e6-8330-c454449542bd} - "E:\EMP_UDSe.exe" /autorun
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-05-19]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\beats_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-04-30]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{1275C8FC-1C55-42B2-8A8A-95B73C0B3A74}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{F37CC5EA-5D21-4823-A909-1997138E4FC3}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3751807267-4179795327-3503721674-1001 -> {52A4C436-4C0E-4FF2-A955-09FF6654946E} URL =
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-05-08] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-06-29] (Microsoft Corporation)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-05-08] (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-04-28] (Microsoft Corporation)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\pmbxie.dll [2018-05-08] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender Security\Antispam32\pmbxie.dll [2018-05-08] (Bitdefender)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-06-29] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: v8cidznp.default-1464625567183-1516175131858
FF ProfilePath: C:\Users\beats_000\AppData\Roaming\Mozilla\Firefox\Profiles\v8cidznp.default-1464625567183-1516175131858 [2018-07-09]
FF Extension: (Adblock Plus) - C:\Users\beats_000\AppData\Roaming\Mozilla\Firefox\Profiles\v8cidznp.default-1464625567183-1516175131858\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-17]
FF ProfilePath: C:\Users\beats_000\AppData\Roaming\Marmiko IT-Solutions GmbH\Browser 7\Profiles\ayvbkyhc.default [2015-02-01]
FF Extension: (WebCompat Reporter) - C:\Program Files (x86)\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-06] [Legacy] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF Extension: (Kein Name) - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff [2018-05-14]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext [2018-05-14] [Legacy] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender Security\bdtbext
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-04-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-01] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <kein Path/update_url>
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-02-25] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2135032 2018-02-15] (Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2018-01-04] ()
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2709760 2014-11-17] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8765104 2018-06-20] (Microsoft Corporation)
S3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1616160 2014-03-26] (NVIDIA Corporation)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1275776 2018-05-16] (Bitdefender)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe [112712 2018-05-08] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe [1001072 2018-05-09] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 atc; C:\Windows\System32\DRIVERS\atc.sys [1177008 2018-04-17] (BitDefender S.R.L. Bucharest, ROMANIA)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3888640 2014-02-14] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1723552 2018-04-17] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23032 2018-04-19] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [130840 2018-04-20] (BitDefender LLC)
S3 bdprivmon; C:\Windows\System32\DRIVERS\bdprivmon.sys [45104 2018-04-20] (© Bitdefender SRL)
S3 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [96448 2018-04-27] (BitDefender)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-02-25] (Qualcomm Atheros)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-05-24] (Malwarebytes)
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [107208 2014-01-18] (GenesysLogic)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [189544 2018-04-18] (BitDefender LLC)
S3 HPKBx64; C:\Windows\system32\DRIVERS\HPKBx64.sys [57728 2012-03-06] (Hewlett-Packard Company)
R3 iaLPSS_GPIO; C:\Windows\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [120312 2014-06-03] (Intel Corporation)
S3 Ignis; C:\Windows\System32\DRIVERS\ignis.sys [191592 2018-05-04] (Bitdefender)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-07-09] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112872 2018-07-09] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [44768 2018-07-09] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-07-09] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [103656 2018-07-09] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation )
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46408 2017-12-15] (SteelSeries ApS)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [54560 2018-01-09] (SteelSeries ApS)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42224 2014-02-20] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [607640 2018-06-13] (Bitdefender)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [73616 2018-06-12] (Cisco Systems, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-07-09 11:08 - 2018-07-09 11:08 - 000019222 _____ C:\Users\beats_000\Downloads\FRST.txt
2018-07-09 11:07 - 2018-07-09 11:08 - 000000000 ____D C:\FRST
2018-07-09 11:07 - 2018-07-09 11:07 - 002412544 _____ (Farbar) C:\Users\beats_000\Downloads\FRST64.exe
2018-07-09 11:05 - 2018-07-09 11:05 - 000001510 _____ C:\Users\beats_000\Desktop\mbam.txt
2018-07-09 10:53 - 2018-07-09 10:54 - 000103656 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-07-09 10:53 - 2018-07-09 10:53 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-09 10:53 - 2018-07-09 10:53 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-07-09 10:53 - 2018-07-09 10:53 - 000112872 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-07-09 10:53 - 2018-07-09 10:53 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-07-09 10:52 - 2018-07-09 10:52 - 000001887 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-07-09 10:52 - 2018-07-09 10:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-09 10:52 - 2018-07-09 10:52 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-09 10:52 - 2018-07-09 10:52 - 000000000 ____D C:\Program Files\Malwarebytes
2018-07-09 10:52 - 2018-05-24 06:55 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-07-09 10:51 - 2018-07-09 10:51 - 000002054 _____ C:\Users\beats_000\Desktop\AdwCleaner[C00].txt
2018-07-09 10:22 - 2018-07-09 10:22 - 073185120 _____ (Malwarebytes ) C:\Users\beats_000\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.374-1.0.5819.exe
2018-07-09 10:21 - 2018-07-09 10:46 - 000000000 ____D C:\AdwCleaner
2018-07-09 10:21 - 2018-07-09 10:21 - 007402192 _____ (Malwarebytes) C:\Users\beats_000\Downloads\adwcleaner_7.2.1.exe
2018-07-09 10:08 - 2018-07-09 10:08 - 000113454 _____ C:\Users\beats_000\Desktop\bookmarks-2018-07-09.json
2018-07-09 09:55 - 2018-07-09 09:55 - 000000000 ____D C:\Users\beats_000\Desktop\Neuer Ordner
2018-07-09 07:32 - 2018-07-09 07:32 - 000228098 _____ C:\Users\beats_000\Desktop\Document-20180625-105446-001.pdf
2018-07-01 23:48 - 2018-07-01 23:48 - 000019279 _____ C:\Users\beats_000\Downloads\GEC.pdf
2018-07-01 19:43 - 2018-07-01 19:43 - 000259856 _____ C:\Users\beats_000\Downloads\Vom_Osmanismus_zum_Separatismus_Religios(1).pdf
2018-06-30 13:53 - 2018-06-30 13:53 - 000084393 _____ C:\Users\beats_000\Downloads\bruinessen_98_kurdsandislam(7).pdf
2018-06-30 13:53 - 2018-06-30 13:53 - 000084393 _____ C:\Users\beats_000\Downloads\bruinessen_98_kurdsandislam(6).pdf
2018-06-30 13:51 - 2018-06-30 13:51 - 000084393 _____ C:\Users\beats_000\Downloads\bruinessen_98_kurdsandislam(5).pdf
2018-06-30 13:40 - 2018-06-30 13:40 - 000839228 _____ C:\Users\beats_000\Downloads\emek_berk.pdf
2018-06-30 13:33 - 2018-06-30 13:33 - 000386410 _____ C:\Users\beats_000\Downloads\OnisJSEB2007.pdf
2018-06-30 10:51 - 2018-06-30 10:51 - 001074930 _____ C:\Users\beats_000\Downloads\Turkeys_2015_Parliamentary_Elections.pdf
2018-06-30 10:49 - 2018-06-30 10:49 - 000161021 _____ C:\Users\beats_000\Downloads\LIF-2015-0046.pdf
2018-06-30 10:49 - 2018-06-30 10:49 - 000161021 _____ C:\Users\beats_000\Downloads\LIF-2015-0046(2).pdf
2018-06-30 10:49 - 2018-06-30 10:49 - 000161021 _____ C:\Users\beats_000\Downloads\LIF-2015-0046(1).pdf
2018-06-30 10:47 - 2018-06-30 10:47 - 000597603 _____ C:\Users\beats_000\Downloads\out(1).pdf
2018-06-30 10:40 - 2018-06-30 10:40 - 009188277 _____ C:\Users\beats_000\Downloads\Carkoglu-Yildirim-2015-ElectionStorm.pdf
2018-06-30 10:39 - 2018-06-30 10:39 - 000522280 _____ C:\Users\beats_000\Downloads\out.pdf
2018-06-30 10:28 - 2018-06-30 10:28 - 000146983 _____ C:\Users\beats_000\Downloads\TURKEYS_NOVEMBER_2002_ELECTIONS_A_NEW_BEGINNING.pdf
2018-06-30 09:26 - 2018-06-30 09:26 - 000327213 _____ C:\Users\beats_000\Downloads\New_Dimensions_of_Political_Cleavage.pdf
2018-06-30 01:15 - 2018-06-30 01:15 - 003047796 _____ C:\Users\beats_000\Downloads\20024114.pdf
2018-06-29 18:47 - 2018-06-29 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-06-29 09:23 - 2018-06-29 09:24 - 001604424 _____ (Blue Coat Systems, Inc.) C:\Users\beats_000\Downloads\k9-webprotection-beta.exe
2018-06-28 23:14 - 2018-06-28 23:14 - 000033289 _____ C:\Users\beats_000\Downloads\SA_Daily_Renewal.pdf
2018-06-28 23:09 - 2018-06-28 23:09 - 001604424 _____ (Blue Coat Systems, Inc.) C:\Users\beats_000\Downloads\k9-webprotection.exe
2018-06-28 16:20 - 2018-06-28 16:20 - 000090505 _____ C:\Users\beats_000\Downloads\Bruinessen_Ethnic_identity_Kurds.pdf
2018-06-24 20:00 - 2018-06-24 20:01 - 001779996 _____ C:\Users\beats_000\Downloads\Kurdistan2-ku.pdf
2018-06-23 16:36 - 2018-06-23 16:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2018-06-23 16:36 - 2018-06-12 15:34 - 000263640 ____R (Cisco Systems, Inc.) C:\Windows\system32\Drivers\acsock64.sys
2018-06-23 13:42 - 2018-06-23 13:42 - 000806726 _____ C:\Users\beats_000\Downloads\turkei_verwaltung2.pdf
2018-06-21 11:20 - 2018-06-21 11:20 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-06-20 17:57 - 2018-06-20 17:57 - 000430417 _____ C:\Users\beats_000\Downloads\v978-3-411-90110-4.pdf
2018-06-20 13:19 - 2018-06-20 13:19 - 000154890 _____ C:\Users\beats_000\Downloads\Diplomarbeits-Tipps.pdf
2018-06-13 22:18 - 2018-06-14 01:21 - 000000000 ____D C:\Users\beats_000\Documents\Black Desert
2018-06-13 14:52 - 2018-06-13 14:52 - 000004164 _____ C:\Windows\System32\Tasks\Norton Security Scan for Özgür
2018-06-13 14:51 - 2018-06-13 14:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2018-06-13 14:51 - 2018-06-13 14:51 - 000000000 ____D C:\Windows\system32\Drivers\NSSx64
2018-06-13 14:51 - 2018-06-13 14:51 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2018-06-13 14:51 - 2018-06-13 14:51 - 000000000 ____D C:\Program Files (x86)\Norton Security Scan
2018-06-13 14:49 - 2018-05-25 07:10 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-06-13 14:49 - 2018-05-25 06:44 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-06-13 14:49 - 2018-05-25 06:38 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-06-13 14:49 - 2018-05-25 06:34 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-06-13 14:49 - 2018-05-25 06:32 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-06-13 14:49 - 2018-05-25 06:16 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-06-13 14:49 - 2018-05-25 06:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-06-13 14:49 - 2018-05-25 06:03 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-06-13 14:49 - 2018-05-25 05:56 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-06-13 14:49 - 2018-05-25 05:55 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-06-13 14:49 - 2018-05-25 05:55 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-06-13 14:49 - 2018-05-25 05:53 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-06-13 14:49 - 2018-05-25 05:53 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-06-13 14:49 - 2018-05-25 05:44 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-06-13 14:49 - 2018-05-25 05:42 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-06-13 14:49 - 2018-05-25 05:39 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-06-13 14:49 - 2018-05-25 05:39 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-06-13 14:49 - 2018-05-25 05:38 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-06-13 14:49 - 2018-05-25 05:38 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-06-13 14:49 - 2018-05-25 05:38 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-06-13 14:49 - 2018-05-25 05:29 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-06-13 14:49 - 2018-05-25 05:19 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-06-13 14:49 - 2018-05-25 05:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-06-13 14:49 - 2018-05-25 05:15 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-06-13 14:49 - 2018-05-25 05:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-06-13 14:49 - 2018-05-23 07:56 - 007406944 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-06-13 14:49 - 2018-05-23 07:45 - 000027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\uefi.sys
2018-06-13 14:49 - 2018-05-23 07:39 - 001676064 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-06-13 14:49 - 2018-05-23 06:13 - 000251392 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2018-06-13 14:49 - 2018-05-15 07:47 - 002334624 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-06-13 14:49 - 2018-05-15 07:47 - 000244304 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-06-13 14:49 - 2018-05-15 07:33 - 001308352 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-06-13 14:49 - 2018-05-15 06:57 - 002324752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2018-06-13 14:49 - 2018-05-15 06:17 - 000032640 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2018-06-13 14:49 - 2018-05-15 06:04 - 000240128 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2018-06-13 14:49 - 2018-05-15 05:05 - 000517120 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2018-06-13 14:49 - 2018-05-15 04:57 - 000672768 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2018-06-13 14:49 - 2018-05-15 04:51 - 000561152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2018-06-13 14:49 - 2018-05-12 23:11 - 000532664 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-06-13 14:49 - 2018-05-12 23:06 - 000567152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-06-13 14:49 - 2018-05-12 22:51 - 002014040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2018-06-13 14:49 - 2018-05-12 22:51 - 000923480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\refs.sys
2018-06-13 14:49 - 2018-05-12 21:08 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-06-13 14:49 - 2018-05-11 05:04 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-06-13 14:49 - 2018-05-05 21:05 - 001543800 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2018-06-13 14:49 - 2018-05-05 20:15 - 001178136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webservices.dll
2018-06-13 14:49 - 2018-05-05 18:38 - 000358912 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2018-06-13 14:49 - 2018-05-05 18:23 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2018-06-13 14:49 - 2018-04-07 18:48 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-06-13 14:49 - 2018-04-07 18:47 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-06-13 14:49 - 2018-04-07 18:43 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-06-13 14:49 - 2018-04-07 18:09 - 000170496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-06-13 14:49 - 2018-04-07 17:34 - 002255360 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2018-06-13 14:49 - 2018-04-07 17:15 - 001942016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2018-06-13 14:49 - 2018-04-05 19:47 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netvsc63.sys
2018-06-13 14:49 - 2018-04-05 19:38 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\NetVscCoinstall.dll
2018-06-13 14:49 - 2018-03-29 03:33 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2018-06-13 14:49 - 2018-03-29 03:21 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2018-06-13 14:49 - 2018-03-29 03:06 - 002608640 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2018-06-13 14:49 - 2018-03-29 03:05 - 000285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2018-06-13 14:49 - 2018-03-29 02:26 - 002170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2018-06-13 14:49 - 2018-03-29 02:24 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2018-06-13 13:40 - 2018-06-13 13:40 - 000384676 _____ C:\ProgramData\cl.1528889586.bdinstall.bin
2018-06-13 13:40 - 2018-06-13 13:40 - 000057423 _____ C:\ProgramData\cl.kit.1528889568.bdinstall.bin
2018-06-13 13:38 - 2018-06-13 13:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender Security
2018-06-13 13:38 - 2018-06-13 13:38 - 000002376 _____ C:\Users\Public\Desktop\Bitdefender VPN.lnk
2018-06-13 13:38 - 2018-06-13 13:38 - 000002294 _____ C:\Users\Public\Desktop\Bitdefender.lnk
2018-06-13 13:37 - 2018-04-19 08:37 - 000023032 _____ (Bitdefender) C:\Windows\system32\Drivers\bdelam.sys
2018-06-13 13:36 - 2018-05-04 16:19 - 000191592 _____ (Bitdefender) C:\Windows\system32\Drivers\ignis.sys
2018-06-13 13:36 - 2018-04-27 08:45 - 000096448 _____ (BitDefender) C:\Windows\system32\Drivers\bdvedisk.sys
2018-06-13 13:36 - 2018-04-20 08:25 - 000045104 _____ (© Bitdefender SRL) C:\Windows\system32\Drivers\bdprivmon.sys
2018-06-13 13:36 - 2018-04-17 11:27 - 001723552 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2018-06-13 13:36 - 2018-04-17 08:43 - 001177008 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\Windows\system32\Drivers\atc.sys
2018-06-13 13:35 - 2018-06-13 13:35 - 000000000 ____D C:\Users\beats_000\AppData\Roaming\Bitdefender
2018-06-13 13:34 - 2018-06-13 14:48 - 000607640 _____ (Bitdefender) C:\Windows\system32\Drivers\trufos.sys
2018-06-13 13:34 - 2018-04-18 08:09 - 000189544 _____ (BitDefender LLC) C:\Windows\system32\Drivers\gzflt.sys
2018-06-13 13:33 - 2018-06-13 13:34 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2018-06-13 13:33 - 2018-06-13 13:33 - 000000000 ____D C:\Program Files\Bitdefender
2018-06-13 13:32 - 2018-07-09 10:50 - 000003648 _____ C:\Windows\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2018-06-13 13:30 - 2018-06-13 13:30 - 000042730 _____ C:\ProgramData\agent.1528889440.bdinstall.bin
2018-06-13 12:23 - 2018-06-13 12:37 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-06-13 12:21 - 2018-06-13 14:51 - 000000000 ____D C:\ProgramData\Norton
2018-06-13 11:55 - 2018-07-09 10:47 - 000007971 _____ C:\bdlog.txt
2018-06-13 11:53 - 2018-06-13 22:22 - 000000000 ____D C:\Users\beats_000\AppData\Local\BlackDesertOnline
2018-06-13 11:53 - 2018-06-13 11:53 - 000038440 _____ C:\ProgramData\dm.uninstall.1528883574.bdinstall.bin
2018-06-13 11:52 - 2018-06-14 00:27 - 000000000 ____D C:\Program Files (x86)\Black Desert Online
2018-06-13 11:52 - 2018-06-13 11:52 - 000001990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Black Desert Online.lnk
2018-06-13 11:52 - 2018-06-13 11:52 - 000001984 _____ C:\Users\Public\Desktop\Black Desert Online.lnk
2018-06-13 11:52 - 2018-06-13 11:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black Desert Online
2018-06-13 11:38 - 2018-06-13 11:48 - 052395976 _____ (Kakao Games Europe B.V.) C:\Users\beats_000\Downloads\BlackDesertOnlineSetup_20180524_10010.exe
2018-06-12 16:10 - 2018-06-12 16:10 - 000041472 _____ (Cisco Systems, Inc.) C:\Windows\SysWOW64\vpnevents.dll
2018-06-12 16:10 - 2018-06-12 16:10 - 000017920 _____ (Cisco Systems, Inc.) C:\Windows\SysWOW64\vpncategories.dll
2018-06-12 15:36 - 2018-06-12 15:36 - 000073616 _____ (Cisco Systems, Inc.) C:\Windows\system32\Drivers\vpnva64-6.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-07-09 11:04 - 2016-11-16 13:55 - 000000000 ____D C:\Users\beats_000\AppData\LocalLow\Mozilla
2018-07-09 10:55 - 2014-06-29 11:07 - 000759378 _____ C:\Windows\system32\perfh007.dat
2018-07-09 10:55 - 2014-06-29 11:07 - 000156604 _____ C:\Windows\system32\perfc007.dat
2018-07-09 10:55 - 2014-04-17 08:05 - 001769264 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-09 10:55 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-07-09 10:53 - 2016-11-01 12:05 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3751807267-4179795327-3503721674-1001
2018-07-09 10:48 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-09 10:47 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-07-09 09:57 - 2017-06-08 14:45 - 000000000 ____D C:\Program Files (x86)\Steam
2018-07-09 07:08 - 2017-09-25 01:20 - 000002151 _____ C:\Users\beats_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2018-07-09 07:08 - 2017-03-28 17:14 - 000003906 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{683E2C7D-5414-4CE1-998C-C50612A63520}
2018-07-08 13:22 - 2014-12-26 16:44 - 001185280 ___SH C:\Users\beats_000\Downloads\Thumbs.db
2018-07-08 12:35 - 2014-11-21 18:50 - 000000000 ____D C:\Users\beats_000\AppData\Local\Packages
2018-07-08 11:51 - 2014-11-22 00:14 - 000000000 ____D C:\Users\beats_000\Desktop\Mein
2018-07-08 11:49 - 2014-11-22 00:14 - 000000000 ____D C:\Users\beats_000\Desktop\Uni
2018-07-08 09:16 - 2014-11-22 01:52 - 026283008 ___SH C:\Users\beats_000\Desktop\Thumbs.db
2018-07-08 09:15 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2018-07-07 14:26 - 2014-11-21 18:50 - 000000000 ____D C:\Users\beats_000
2018-07-07 08:58 - 2017-03-15 20:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-07-07 08:58 - 2015-07-04 21:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-06 18:29 - 2015-02-03 18:30 - 000001139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-07-06 15:55 - 2017-12-28 12:17 - 713198400 _____ C:\Windows\MEMORY.DMP
2018-06-29 18:49 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-29 18:47 - 2016-09-16 01:55 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-06-29 18:47 - 2016-09-16 01:55 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-06-29 18:47 - 2016-09-16 01:55 - 000002465 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-06-29 18:47 - 2016-09-16 01:55 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2018-06-29 18:47 - 2016-09-16 01:55 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-06-29 18:47 - 2016-09-16 01:55 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-06-29 18:47 - 2016-09-16 01:55 - 000002404 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-06-29 18:47 - 2016-09-16 01:55 - 000002376 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-06-29 18:46 - 2016-09-16 01:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-06-27 15:25 - 2014-11-21 22:53 - 000000000 ____D C:\Users\beats_000\AppData\Local\CrashDumps
2018-06-23 16:36 - 2014-11-23 23:39 - 000000000 ____D C:\ProgramData\Cisco
2018-06-23 16:36 - 2014-11-23 23:39 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-06-17 11:48 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-06-14 16:28 - 2014-11-21 20:12 - 000000000 ____D C:\Windows\system32\MRT
2018-06-14 16:24 - 2017-10-13 00:37 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-06-14 16:24 - 2014-11-21 20:12 - 133315992 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-06-14 16:24 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-06-13 14:48 - 2018-03-05 12:31 - 000000000 ____D C:\ProgramData\Bitdefender
2018-06-13 13:40 - 2018-03-05 12:25 - 000000000 ____D C:\Program Files\Bitdefender Agent
2018-06-13 12:21 - 2015-08-21 17:07 - 000000000 ____D C:\Users\Public\Downloads\Norton
2018-06-13 11:52 - 2014-06-29 01:51 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
Einige Dateien in TEMP:
====================
2018-06-13 22:18 - 2018-06-13 22:18 - 000000180 _____ () C:\Users\beats_000\AppData\Local\Temp\6699d3ee8dd9cf775caae782c8f44f03.dll
2018-06-13 22:18 - 2018-06-14 00:28 - 000000093 _____ () C:\Users\beats_000\AppData\Local\Temp\6773f5966146c0ba274e811a2b15e89f.dll
2018-06-13 13:37 - 2018-06-13 13:37 - 001516216 _____ (Symantec Corporation) C:\Users\beats_000\AppData\Local\Temp\{397E31AA-0D78-4649-A01C-339D73A2ED35}_NSS__{170D0500-3BB6-4FAA-B3A4-44167EE70AD3}.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-07-04 11:45
==================== Ende von FRST.txt ============================
 |
|
09.07.2018, 10:39
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk Schädlinge suchen mit Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.07.2018, 10:50
| #5 |
| | Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk Es wurden keine Bedrohungen gefunden. EDIT: Falsche Datei... Geändert von Byzantisches (09.07.2018 um 11:24 Uhr) |
|
09.07.2018, 10:51
| #6 |
| | Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk EDIT: Falsche Datei... Geändert von Byzantisches (09.07.2018 um 11:25 Uhr) |
|
09.07.2018, 10:59
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk Anleitung richtig lesen und umsetzen. Der tdsskiller war falsch eingestellt.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.07.2018, 11:25
| #8 |
| | Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk Bitte: Code:
ATTFilter 12:21:37.0364 0x19f8 TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
12:21:37.0364 0x19f8 UEFI system
12:21:43.0943 0x19f8 ============================================================
12:21:43.0943 0x19f8 Current date / time: 2018/07/09 12:21:43.0943
12:21:43.0943 0x19f8 SystemInfo:
12:21:43.0943 0x19f8
12:21:43.0943 0x19f8 OS Version: 6.3.9600 ServicePack: 0.0
12:21:43.0943 0x19f8 Product type: Workstation
12:21:43.0943 0x19f8 ComputerName: JO
12:21:43.0943 0x19f8 UserName: Özgür
12:21:43.0943 0x19f8 Windows directory: C:\Windows
12:21:43.0943 0x19f8 System windows directory: C:\Windows
12:21:43.0943 0x19f8 Running under WOW64
12:21:43.0943 0x19f8 Processor architecture: Intel x64
12:21:43.0943 0x19f8 Number of processors: 4
12:21:43.0943 0x19f8 Page size: 0x1000
12:21:43.0943 0x19f8 Boot type: Normal boot
12:21:43.0943 0x19f8 CodeIntegrityOptions = 0x00000001
12:21:43.0943 0x19f8 ============================================================
12:21:44.0256 0x19f8 KLMD registered as C:\Windows\system32\drivers\45516178.sys
12:21:44.0256 0x19f8 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.19035, osProperties = 0x19
12:21:44.0381 0x19f8 System UUID: {812B418E-B1F7-3A78-4865-2553EC6963D1}
12:21:44.0709 0x19f8 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:21:44.0724 0x19f8 Drive \Device\Harddisk1\DR1 - Size: 0xF080C000 ( 3.76 Gb ), SectorSize: 0x200, Cylinders: 0x1EA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:21:44.0724 0x19f8 Drive \Device\Harddisk2\DR2 - Size: 0x39D000000 ( 14.45 Gb ), SectorSize: 0x200, Cylinders: 0x75E, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:21:44.0724 0x19f8 ============================================================
12:21:44.0724 0x19f8 \Device\Harddisk0\DR0:
12:21:44.0724 0x19f8 GPT partitions:
12:21:44.0724 0x19f8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7224D92D-355F-4C7E-B04C-EAE35CD012B6}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
12:21:44.0724 0x19f8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {16D47027-FB5C-43F2-A165-5BD6D222BB75}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
12:21:44.0724 0x19f8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FCE1BB7D-09C5-4B1A-9786-4257A886550F}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
12:21:44.0724 0x19f8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {39E757A1-76FB-43E5-A177-E51B339105E6}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x72304000
12:21:44.0724 0x19f8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BC966328-185B-44CE-825F-1B011629FC2C}, Name: Basic data partition, StartLBA 0x72506800, BlocksNum 0x2200000
12:21:44.0724 0x19f8 MBR partitions:
12:21:44.0724 0x19f8 \Device\Harddisk1\DR1:
12:21:44.0724 0x19f8 MBR partitions:
12:21:44.0724 0x19f8 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x38, BlocksNum 0x784020
12:21:44.0724 0x19f8 \Device\Harddisk2\DR2:
12:21:44.0724 0x19f8 MBR partitions:
12:21:44.0724 0x19f8 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x1CE7881
12:21:44.0724 0x19f8 ============================================================
12:21:44.0756 0x19f8 C: <-> \Device\Harddisk0\DR0\Partition4
12:21:44.0756 0x19f8 ============================================================
12:21:44.0756 0x19f8 Initialize success
12:21:44.0756 0x19f8 ============================================================
12:22:28.0065 0x1a9c ============================================================
12:22:28.0065 0x1a9c Scan started
12:22:28.0065 0x1a9c Mode: Manual; SigCheck; TDLFS;
12:22:28.0065 0x1a9c ============================================================
12:22:28.0065 0x1a9c KSN ping started
12:22:28.0143 0x1a9c KSN ping finished: true
12:22:29.0581 0x1a9c ================ Scan system memory ========================
12:22:29.0581 0x1a9c System memory - ok
12:22:29.0581 0x1a9c ================ Scan services =============================
12:22:29.0722 0x1a9c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
12:22:29.0769 0x1a9c 1394ohci - ok
12:22:29.0784 0x1a9c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
12:22:29.0800 0x1a9c 3ware - ok
12:22:29.0862 0x1a9c [ 508526EB2308D259DB8542FF50E9112C, DBF657F5D8890E2F58D3EE47B5F5A98DFB838CDD2871CE580B3FC1BDDC2A590E ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:22:29.0894 0x1a9c ACPI - ok
12:22:29.0909 0x1a9c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
12:22:29.0925 0x1a9c acpiex - ok
12:22:29.0941 0x1a9c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
12:22:29.0956 0x1a9c acpipagr - ok
12:22:29.0956 0x1a9c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
12:22:29.0987 0x1a9c AcpiPmi - ok
12:22:29.0987 0x1a9c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
12:22:30.0003 0x1a9c acpitime - ok
12:22:30.0034 0x1a9c [ 56B657CE00E0BC761206720425C1A860, 3351B16EA7D4F4220D96763ECEA6DB9261324A096B71B30032BAF1ABDFCCEEFB ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
12:22:30.0065 0x1a9c acsock - ok
12:22:30.0128 0x1a9c [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:22:30.0144 0x1a9c AdobeARMservice - ok
12:22:30.0191 0x1a9c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
12:22:30.0222 0x1a9c ADP80XX - ok
12:22:30.0253 0x1a9c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:22:30.0300 0x1a9c AeLookupSvc - ok
12:22:30.0331 0x1a9c [ B246BEE99740A2A357E21D863A18774D, CE000059C157101D6C429594E76A69C4E863A9E752015D542E4F308E8D515386 ] AFD C:\Windows\system32\drivers\afd.sys
12:22:30.0378 0x1a9c AFD - ok
12:22:30.0394 0x1a9c [ 20FFFCA6E9870E358DBE402F7DBD3E6C, 8F964219C777C86ECC572E8B340C814CA09A0B88E4F1CF3DE4D5F1FD115D73ED ] agp440 C:\Windows\system32\drivers\agp440.sys
12:22:30.0409 0x1a9c agp440 - ok
12:22:30.0425 0x1a9c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
12:22:30.0441 0x1a9c ahcache - ok
12:22:30.0472 0x1a9c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
12:22:30.0487 0x1a9c ALG - ok
12:22:30.0519 0x1a9c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
12:22:30.0534 0x1a9c AmdK8 - ok
12:22:30.0550 0x1a9c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
12:22:30.0581 0x1a9c AmdPPM - ok
12:22:30.0581 0x1a9c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:22:30.0597 0x1a9c amdsata - ok
12:22:30.0612 0x1a9c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:22:30.0628 0x1a9c amdsbs - ok
12:22:30.0644 0x1a9c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:22:30.0659 0x1a9c amdxata - ok
12:22:30.0675 0x1a9c [ 29A3E5D36112A738B354E4DF2691CE41, 135028B4ECB9C31B57CEA68B898B265EC379FF738FF924B6F412D7E5EB61C2A6 ] AppID C:\Windows\system32\drivers\appid.sys
12:22:30.0706 0x1a9c AppID - ok
12:22:30.0737 0x1a9c [ 942C8297400FCFB13CEE3F3CD89C5CE5, AFD9EC35F6C44D86DD5943A2AB0B99B0C1B1783D70FD966F6467F97F0831403F ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:22:30.0753 0x1a9c AppIDSvc - ok
12:22:30.0784 0x1a9c [ 54ACF58A59A5FD3AD29EABBECA5B5BA4, B3B7572E93ACFF3CCB08968F33B796A6FC6DDCF75F48038A0626E46997AAD2D1 ] Appinfo C:\Windows\System32\appinfo.dll
12:22:30.0816 0x1a9c Appinfo - ok
12:22:30.0862 0x1a9c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
12:22:30.0894 0x1a9c AppReadiness - ok
12:22:30.0972 0x1a9c [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
12:22:31.0034 0x1a9c AppXSvc - ok
12:22:31.0050 0x1a9c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:22:31.0066 0x1a9c arcsas - ok
12:22:31.0112 0x1a9c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
12:22:31.0112 0x1a9c atapi - ok
12:22:31.0175 0x1a9c [ 621FAADB6EC9B46802F960053A9B3457, A4A2771A89149E56E2C5AEBB8D8457A27C135E9576D0A0E19FE8D441F1702B3B ] atc C:\Windows\system32\DRIVERS\atc.sys
12:22:31.0237 0x1a9c atc - ok
12:22:31.0269 0x1a9c [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
12:22:31.0284 0x1a9c AthBTPort - ok
12:22:31.0347 0x1a9c [ BBF78A7D6F9BFF37927303ED2539FAB7, B37B2910469D0D82E4B6213F38F149DC5A7D087B89D1169B48DF0D6EA2F1A0D4 ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
12:22:31.0362 0x1a9c AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
12:22:31.0441 0x1a9c Detect skipped due to KSN trusted
12:22:31.0441 0x1a9c AtherosSvc - ok
12:22:31.0550 0x1a9c [ 506CDD8280C18029753B8AB0E9F42432, 06BA160C0465D116AB07DDFC81D6B087F05E776F0365577CB59567CBC61971FC ] athr C:\Windows\system32\DRIVERS\athwbx.sys
12:22:31.0675 0x1a9c athr - ok
12:22:31.0706 0x1a9c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
12:22:31.0738 0x1a9c AudioEndpointBuilder - ok
12:22:31.0769 0x1a9c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
12:22:31.0831 0x1a9c Audiosrv - ok
12:22:31.0972 0x1a9c [ 7F6860CBFDB509FE2A3F97C07FDFCB44, 76B9802B4B730B8D2908DA2BEACCFF55F612F68BF54281844D7BE2AAF74F7CA8 ] avc3 C:\Windows\system32\DRIVERS\avc3.sys
12:22:32.0034 0x1a9c avc3 - ok
12:22:32.0066 0x1a9c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:22:32.0097 0x1a9c AxInstSV - ok
12:22:32.0144 0x1a9c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:22:32.0175 0x1a9c b06bdrv - ok
12:22:32.0191 0x1a9c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
12:22:32.0206 0x1a9c BasicDisplay - ok
12:22:32.0269 0x1a9c [ BF002CF6CA41491665F7D3DCA51B7EFB, 4925B7689B47C583901CD75E7AB9160100838D5E33B829EB3CA4F71F7514958B ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
12:22:32.0284 0x1a9c BasicRender - ok
12:22:32.0300 0x1a9c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
12:22:32.0331 0x1a9c bcmfn2 - ok
12:22:32.0363 0x1a9c [ 87ACE65EBFF5F6E7BE9E2556EA04E20F, 84D471D34DF1D05D9B2BC8ED0EB4CB32F18161FFF2F4F59352D40BED456D0766 ] bdelam C:\Windows\system32\drivers\bdelam.sys
12:22:32.0394 0x1a9c bdelam - ok
12:22:32.0425 0x1a9c [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\Windows\System32\bdesvc.dll
12:22:32.0456 0x1a9c BDESVC - ok
12:22:32.0581 0x1a9c [ A8B16CDD1C2A6E31BC14D59FA45B2844, 2BB07AB719F63E054CAB0E00B48E1DCD6ECA10F51FEF25D15F43122DDE995B5A ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
12:22:32.0597 0x1a9c bdfwfpf - ok
12:22:32.0628 0x1a9c [ 1BA05F74C4CAC0B7DFDB23F8D555FC67, 62D96185CFF1E8EF586681B35413706D6EA71D480B60AAE0EC4E292617A231B9 ] bdprivmon C:\Windows\system32\DRIVERS\bdprivmon.sys
12:22:32.0644 0x1a9c bdprivmon - ok
12:22:32.0738 0x1a9c [ 2450E4E97F1D7170CEA3D33B47004015, B1F54DF44BAA89AFA9A608BBC47E41F70F2297A4D90A9512E0FD06178C1FAF55 ] bdredline C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe
12:22:32.0816 0x1a9c bdredline - ok
12:22:32.0847 0x1a9c [ EE67E4649B1A618F7EC54F99E2E86AD3, 33F1B07E91B042EE8DA8AB768ECD302FF70B6255230D9490C3035617CCCB8662 ] BDVEDISK C:\Windows\system32\DRIVERS\bdvedisk.sys
12:22:32.0863 0x1a9c BDVEDISK - ok
12:22:32.0878 0x1a9c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
12:22:32.0894 0x1a9c Beep - ok
12:22:33.0113 0x1a9c [ 615C34C71FA4637849BB61DE4193C462, A091970578884E12763968CBD876578D3598AFCA784A43A07B1773F006DFB348 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
12:22:33.0347 0x1a9c BEService - ok
12:22:33.0425 0x1a9c [ 4BA5C192E77375B62D603B38B9D99128, E1BF8646DA927EF81A9B940D0FAE7E49116A713F335625C5E18224BBB79F165E ] BFE C:\Windows\System32\bfe.dll
12:22:33.0503 0x1a9c BFE - ok
12:22:33.0566 0x1a9c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
12:22:33.0644 0x1a9c BITS - ok
12:22:33.0691 0x1a9c [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:22:33.0722 0x1a9c bowser - ok
12:22:33.0753 0x1a9c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
12:22:33.0800 0x1a9c BrokerInfrastructure - ok
12:22:33.0831 0x1a9c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
12:22:33.0863 0x1a9c Browser - ok
12:22:33.0894 0x1a9c [ DE8D825D9D45108CC7640C7944E68D60, 554F473BB5CC5DABB125E821BC57A62026E996A6405E8724464B5ABCE50B626F ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
12:22:33.0910 0x1a9c BTATH_A2DP - ok
12:22:33.0925 0x1a9c [ 30609197DBF90028615E9CE312C60A14, F7FCA3DB15A02D5EB583DA50132A6C30D59A7D521EA548AD5AACF8D2E2F41E72 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
12:22:33.0941 0x1a9c btath_avdt - ok
12:22:33.0956 0x1a9c [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
12:22:33.0972 0x1a9c BTATH_BUS - ok
12:22:33.0988 0x1a9c [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\Windows\System32\drivers\btath_hcrp.sys
12:22:34.0019 0x1a9c BTATH_HCRP - ok
12:22:34.0019 0x1a9c [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
12:22:34.0035 0x1a9c BTATH_LWFLT - ok
12:22:34.0050 0x1a9c [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys
12:22:34.0066 0x1a9c BTATH_RCP - ok
12:22:34.0097 0x1a9c [ 8434237E1EC39E85D8ACE6FA694A5733, CE4261DC6AE5393327DC43D97F35FC9AE86665F89D17CC5708AA3D387B4FFFA5 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
12:22:34.0128 0x1a9c BtFilter - ok
12:22:34.0144 0x1a9c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
12:22:34.0160 0x1a9c BthAvrcpTg - ok
12:22:34.0191 0x1a9c [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
12:22:34.0222 0x1a9c BthEnum - ok
12:22:34.0238 0x1a9c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
12:22:34.0269 0x1a9c BthHFEnum - ok
12:22:34.0269 0x1a9c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
12:22:34.0285 0x1a9c bthhfhid - ok
12:22:34.0332 0x1a9c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
12:22:34.0363 0x1a9c BthHFSrv - ok
12:22:34.0394 0x1a9c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\System32\drivers\BthLEEnum.sys
12:22:34.0410 0x1a9c BthLEEnum - ok
12:22:34.0425 0x1a9c [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
12:22:34.0472 0x1a9c BTHMODEM - ok
12:22:34.0503 0x1a9c [ D0AF91AF656E25AD8617EFA5B52EF457, FD723D99A0B8466BD991648DEED1831D32FD3A5995DD0E0837390746B8A7B439 ] BthPan C:\Windows\System32\drivers\bthpan.sys
12:22:34.0535 0x1a9c BthPan - ok
12:22:34.0613 0x1a9c [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:22:34.0675 0x1a9c BTHPORT - ok
12:22:34.0706 0x1a9c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
12:22:34.0738 0x1a9c bthserv - ok
12:22:34.0785 0x1a9c [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:22:34.0800 0x1a9c BTHUSB - ok
12:22:34.0925 0x1a9c [ F9C52DE1A653C9409F7B92345186623B, 4B47DF10BD9F713EEFDFC04E03D99A11977B25D1AD5B3DD13A53F2C83CA1B058 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
12:22:35.0019 0x1a9c CCDMonitorService - ok
12:22:35.0035 0x1a9c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:22:35.0050 0x1a9c cdfs - ok
12:22:35.0097 0x1a9c [ D61EDE3D49B04E703AEC3B111C763F42, A07780B7AAA982B1971C1FE3B597840541BF9FCE9D8322807C9C12300F9D2987 ] cdrom C:\Windows\System32\drivers\cdrom.sys
12:22:35.0128 0x1a9c cdrom - ok
12:22:35.0160 0x1a9c [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc C:\Windows\System32\certprop.dll
12:22:35.0191 0x1a9c CertPropSvc - ok
12:22:35.0222 0x1a9c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
12:22:35.0238 0x1a9c circlass - ok
12:22:35.0269 0x1a9c [ 83798256E1662C64991267FB95E1149F, F94E103CF66988B8235FCA0293C5F44C1A30D6D910ADBB05A9D638E0B0F64EE8 ] CLFS C:\Windows\system32\drivers\CLFS.sys
12:22:35.0285 0x1a9c CLFS - ok
12:22:35.0597 0x1a9c [ 318D2B80F8714A3A46EB9EA1C300CE66, 68306150B18C6992BF380DDEF51968633A28FA7C050F61C8624FFF61A07EF83E ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
12:22:35.0910 0x1a9c ClickToRunSvc - ok
12:22:35.0957 0x1a9c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
12:22:35.0988 0x1a9c CmBatt - ok
12:22:36.0050 0x1a9c [ 6B3BFBC8A93CA85851CAF9C5ACF89824, 6921D52AFCCDF3B712E5192C7278B5CE141CF37D90BA9932A12F218209CE2829 ] CNG C:\Windows\system32\Drivers\cng.sys
12:22:36.0082 0x1a9c CNG - ok
12:22:36.0113 0x1a9c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
12:22:36.0144 0x1a9c CompositeBus - ok
12:22:36.0144 0x1a9c COMSysApp - ok
12:22:36.0175 0x1a9c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
12:22:36.0191 0x1a9c condrv - ok
12:22:36.0285 0x1a9c [ 61BE76F05BDC068B30FEE5B0F19212F0, 3EABFBF31E8498C8AFEA384E9A86C7063DC4E1255874A8E049D1CC99E51B2AD8 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:22:36.0300 0x1a9c cphs - ok
12:22:36.0332 0x1a9c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:22:36.0379 0x1a9c CryptSvc - ok
12:22:36.0379 0x1a9c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
12:22:36.0394 0x1a9c dam - ok
12:22:36.0472 0x1a9c [ 2928249E4DD39C2ADD3E74F02427AB8B, E331028A55FFFD753BC09163F25765AA67B1FE55BD0EB2803CC50D841E14BDA6 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:22:36.0504 0x1a9c DcomLaunch - ok
12:22:36.0550 0x1a9c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
12:22:36.0582 0x1a9c defragsvc - ok
12:22:36.0613 0x1a9c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
12:22:36.0660 0x1a9c DeviceAssociationService - ok
12:22:36.0691 0x1a9c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
12:22:36.0722 0x1a9c DeviceInstall - ok
12:22:36.0754 0x1a9c [ D1049D4D1311D43F6FCF180CAA5BF78B, E32D3B0FB3CFE2E9C243E7540B9A534B6B5B53759A3883A231EB69F4A8C823C1 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
12:22:36.0769 0x1a9c Dfsc - ok
12:22:36.0800 0x1a9c [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
12:22:36.0816 0x1a9c dg_ssudbus - ok
12:22:36.0847 0x1a9c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
12:22:36.0894 0x1a9c Dhcp - ok
12:22:36.0972 0x1a9c [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\Windows\system32\diagtrack.dll
12:22:37.0050 0x1a9c DiagTrack - ok
12:22:37.0097 0x1a9c [ BF6D8575DDF30384939B2D5251F27C1F, 1605530BC61FB726F1095C5B5C8E27B18C06BCE01948550988E9EDCEBBCC0B3D ] disk C:\Windows\system32\drivers\disk.sys
12:22:37.0113 0x1a9c disk - ok
12:22:37.0129 0x1a9c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
12:22:37.0160 0x1a9c dmvsc - ok
12:22:37.0207 0x1a9c [ D9F407D006C916B7EC167858F88F13EB, 0D0FF69F9C695A2371DF798429EA2AA7B96F1C552EDC70DA4DD61EC8BD5563A3 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:22:37.0238 0x1a9c Dnscache - ok
12:22:37.0285 0x1a9c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
12:22:37.0316 0x1a9c dot3svc - ok
12:22:37.0347 0x1a9c [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:22:37.0363 0x1a9c dot4 - ok
12:22:37.0410 0x1a9c [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\Windows\System32\drivers\Dot4Prt.sys
12:22:37.0425 0x1a9c Dot4Print - ok
12:22:37.0457 0x1a9c [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:22:37.0472 0x1a9c dot4usb - ok
12:22:37.0504 0x1a9c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
12:22:37.0519 0x1a9c DPS - ok
12:22:37.0566 0x1a9c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:22:37.0582 0x1a9c drmkaud - ok
12:22:37.0613 0x1a9c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
12:22:37.0644 0x1a9c DsmSvc - ok
12:22:37.0722 0x1a9c [ C8104980940704E2F86A6448C601FD06, 0EBA7901DB97AE6D09A12B7A82FF56587E7BA2772B59BE711CF1F216EAC4D3AE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:22:37.0785 0x1a9c DXGKrnl - ok
12:22:37.0832 0x1a9c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
12:22:37.0863 0x1a9c Eaphost - ok
12:22:37.0972 0x1a9c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:22:38.0129 0x1a9c ebdrv - ok
12:22:38.0160 0x1a9c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
12:22:38.0191 0x1a9c EFS - ok
12:22:38.0207 0x1a9c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
12:22:38.0222 0x1a9c EhStorClass - ok
12:22:38.0238 0x1a9c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
12:22:38.0254 0x1a9c EhStorTcgDrv - ok
12:22:38.0379 0x1a9c [ 93F194B160AD93B776D8DAED3D76A2C5, A6089D65459F09DC69368A68E898824327B064DEB8BC47D192B7F71D4A5252EE ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
12:22:38.0472 0x1a9c ePowerSvc - ok
12:22:38.0504 0x1a9c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
12:22:38.0519 0x1a9c ErrDev - ok
12:22:38.0582 0x1a9c [ 1E01F509048BEF78831AC89401B172BD, 34558F56D9AEA8527B84B2BE2A752D181A5D825622EB4B90D454F6D4F971BFED ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
12:22:38.0597 0x1a9c ESProtectionDriver - ok
12:22:38.0644 0x1a9c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
12:22:38.0676 0x1a9c EventSystem - ok
12:22:38.0691 0x1a9c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
12:22:38.0722 0x1a9c exfat - ok
12:22:38.0754 0x1a9c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:22:38.0769 0x1a9c fastfat - ok
12:22:38.0816 0x1a9c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
12:22:38.0863 0x1a9c Fax - ok
12:22:38.0879 0x1a9c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
12:22:38.0894 0x1a9c fdc - ok
12:22:38.0910 0x1a9c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
12:22:38.0941 0x1a9c fdPHost - ok
12:22:38.0972 0x1a9c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
12:22:38.0988 0x1a9c FDResPub - ok
12:22:39.0004 0x1a9c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
12:22:39.0051 0x1a9c fhsvc - ok
12:22:39.0082 0x1a9c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:22:39.0113 0x1a9c FileInfo - ok
12:22:39.0129 0x1a9c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:22:39.0160 0x1a9c Filetrace - ok
12:22:39.0176 0x1a9c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
12:22:39.0207 0x1a9c flpydisk - ok
12:22:39.0269 0x1a9c [ E8F02B7A595B9E7F0A38BDB1C40C60A5, 64E64BA029B798739C38E524E24530EE570897E327B72854A8CBCE4FAD7AD1E5 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:22:39.0301 0x1a9c FltMgr - ok
12:22:39.0379 0x1a9c [ 223CD19D2F84B7B42081F4FB530B658F, 4A9D1A6688C3C8F0B866B0FE2715C9FBA62BE66D4ADCC327A8CABF9EA876A664 ] FontCache C:\Windows\system32\FntCache.dll
12:22:39.0457 0x1a9c FontCache - ok
12:22:39.0519 0x1a9c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:22:39.0535 0x1a9c FontCache3.0.0.0 - ok
12:22:39.0551 0x1a9c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:22:39.0566 0x1a9c FsDepends - ok
12:22:39.0598 0x1a9c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:22:39.0598 0x1a9c Fs_Rec - ok
12:22:39.0644 0x1a9c [ B25A3FD917CB8F77CA5A70861D84671A, E0855AFB1B876BC390D2341198702C4728C264F116EA37277D667DB094263B5A ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:22:39.0676 0x1a9c fvevol - ok
12:22:39.0691 0x1a9c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
12:22:39.0707 0x1a9c FxPPM - ok
12:22:39.0723 0x1a9c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:22:39.0723 0x1a9c gagp30kx - ok
12:22:39.0754 0x1a9c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
12:22:39.0769 0x1a9c gencounter - ok
12:22:39.0785 0x1a9c [ 641A4353C4943CFEF7CB6CC9AC9947EF, 017E889970769DB549EB9CA16B6FB10E2BFC2B0A01DEE02FACA678214A4D30B2 ] GeneStor C:\Windows\System32\drivers\GeneStor.sys
12:22:39.0801 0x1a9c GeneStor - ok
12:22:39.0816 0x1a9c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
12:22:39.0832 0x1a9c GPIOClx0101 - ok
12:22:39.0894 0x1a9c [ 2DAFF4F76A90E3C523C2FE50338537E9, 625745E538208B50E8F5A9A2C09C6CD03D51E424BB16BC6C5B156CBC25373B6D ] gpsvc C:\Windows\System32\gpsvc.dll
12:22:39.0973 0x1a9c gpsvc - ok
12:22:39.0988 0x1a9c [ 254E3726727911DD0DAC049D871B934F, D35538E537A9A0E0C606FDA1B208061FD37CA92E964749E029A12308E453B0B5 ] gzflt C:\Windows\system32\DRIVERS\gzflt.sys
12:22:40.0019 0x1a9c gzflt - ok
12:22:40.0051 0x1a9c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:22:40.0082 0x1a9c HdAudAddService - ok
12:22:40.0113 0x1a9c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
12:22:40.0129 0x1a9c HDAudBus - ok
12:22:40.0144 0x1a9c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
12:22:40.0160 0x1a9c HidBatt - ok
12:22:40.0191 0x1a9c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
12:22:40.0207 0x1a9c HidBth - ok
12:22:40.0223 0x1a9c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
12:22:40.0238 0x1a9c hidi2c - ok
12:22:40.0254 0x1a9c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
12:22:40.0269 0x1a9c HidIr - ok
12:22:40.0316 0x1a9c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
12:22:40.0332 0x1a9c hidserv - ok
12:22:40.0379 0x1a9c [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\Windows\System32\drivers\hidusb.sys
12:22:40.0394 0x1a9c HidUsb - ok
12:22:40.0441 0x1a9c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
12:22:40.0473 0x1a9c hkmsvc - ok
12:22:40.0504 0x1a9c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:22:40.0535 0x1a9c HomeGroupListener - ok
12:22:40.0582 0x1a9c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:22:40.0644 0x1a9c HomeGroupProvider - ok
12:22:40.0676 0x1a9c [ 2E77870884971534E89E4670D0FE9AFC, 38124BD5F39BB856C065C09BC8156737264DB48BAFD1228F89F8185739A90403 ] HPKBx64 C:\Windows\system32\DRIVERS\HPKBx64.sys
12:22:40.0691 0x1a9c HPKBx64 - ok
12:22:40.0723 0x1a9c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:22:40.0738 0x1a9c HpSAMD - ok
12:22:40.0801 0x1a9c [ E45EB7AE6C890F2C8DE8F160AC641C8A, 3637D1FCE42A5600BD7FCC1F602C926968B327097CB36EE5FAC9140DD99EEC2D ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:22:40.0848 0x1a9c HTTP - ok
12:22:40.0926 0x1a9c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:22:40.0941 0x1a9c hwpolicy - ok
12:22:40.0957 0x1a9c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
12:22:40.0973 0x1a9c hyperkbd - ok
12:22:40.0988 0x1a9c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
12:22:41.0004 0x1a9c HyperVideo - ok
12:22:41.0051 0x1a9c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
12:22:41.0082 0x1a9c i8042prt - ok
12:22:41.0082 0x1a9c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
12:22:41.0098 0x1a9c iaLPSSi_GPIO - ok
12:22:41.0113 0x1a9c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
12:22:41.0129 0x1a9c iaLPSSi_I2C - ok
12:22:41.0160 0x1a9c [ 5CC64394DECD35104418773F0C103C8A, 37294D958FE0717ACB93D153319A772745699CADD7100E51BE7F26CD7B80B435 ] iaLPSS_GPIO C:\Windows\System32\drivers\iaLPSS_GPIO.sys
12:22:41.0176 0x1a9c iaLPSS_GPIO - ok
12:22:41.0207 0x1a9c [ 5CF1951E406FB5795CBAF97DFB816445, 2E7D3C37EA0CBA0D4070E1D327520AC641CFD00759F37C0DD8DED4020C44B67D ] iaLPSS_I2C C:\Windows\System32\drivers\iaLPSS_I2C.sys
12:22:41.0223 0x1a9c iaLPSS_I2C - ok
12:22:41.0270 0x1a9c [ 25555186E4FBDF0E30A5DBFC9B9A73F9, 4A9DAC2B56389C5955C343E202C6E81CD3A608E78A4BB7E6ED560719DF02C955 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys
12:22:41.0301 0x1a9c iaStorA - ok
12:22:41.0350 0x1a9c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
12:22:41.0387 0x1a9c iaStorAV - ok
12:22:41.0417 0x1a9c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:22:41.0459 0x1a9c iaStorV - ok
12:22:41.0465 0x1a9c IEEtwCollectorService - ok
12:22:41.0686 0x1a9c [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:22:41.0833 0x1a9c igfx - ok
12:22:41.0861 0x1a9c [ 9CD9723D813232FFFFFBC82BC8EDA77E, EE465ADE4BB4594305AC4D9B0856AE9C0FCA981F80EAD400354F50F555446B4D ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
12:22:41.0882 0x1a9c igfxCUIService1.0.0.0 - ok
12:22:41.0921 0x1a9c [ E534F72990059135E8D91E8A2F836360, 11E2F5D5C60F039E9300C329DDD857AA1A9A4C260FDE216CBAC4E73AB6B4AE1F ] Ignis C:\Windows\system32\DRIVERS\ignis.sys
12:22:41.0942 0x1a9c Ignis - ok
12:22:41.0983 0x1a9c [ 3B6E74B3BE0CA74525A37B5C8E510084, BEA54067BAA524A13A2F67EB76C6B206546BA06567446725CF8BA0D7F6A30311 ] IKEEXT C:\Windows\System32\ikeext.dll
12:22:42.0046 0x1a9c IKEEXT - ok
12:22:42.0077 0x1a9c [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
12:22:42.0077 0x1a9c intaud_WaveExtensible - ok
12:22:42.0218 0x1a9c [ 867D7EBF7A01FB0ABC72CBC18CCA8A2F, 697C899C95BD7C35294B42685156C553B5C80B3648FFE4ED666BD476B478D998 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:22:42.0358 0x1a9c IntcAzAudAddService - ok
12:22:42.0405 0x1a9c [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:22:42.0436 0x1a9c IntcDAud - ok
12:22:42.0499 0x1a9c [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:22:42.0535 0x1a9c Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
12:22:42.0628 0x1a9c Detect skipped due to KSN trusted
12:22:42.0628 0x1a9c Intel(R) Capability Licensing Service Interface - ok
12:22:42.0664 0x1a9c [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:22:42.0702 0x1a9c Intel(R) Capability Licensing Service TCP IP Interface - ok
12:22:42.0728 0x1a9c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
12:22:42.0744 0x1a9c intelide - ok
12:22:42.0768 0x1a9c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
12:22:42.0783 0x1a9c intelpep - ok
12:22:42.0824 0x1a9c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
12:22:42.0843 0x1a9c intelppm - ok
12:22:42.0866 0x1a9c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:22:42.0887 0x1a9c IpFilterDriver - ok
12:22:43.0006 0x1a9c [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:22:43.0100 0x1a9c iphlpsvc - ok
12:22:43.0116 0x1a9c [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
12:22:43.0162 0x1a9c IPMIDRV - ok
12:22:43.0209 0x1a9c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:22:43.0241 0x1a9c IPNAT - ok
12:22:43.0256 0x1a9c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:22:43.0272 0x1a9c IRENUM - ok
12:22:43.0319 0x1a9c [ 00AD710037F4A4F00CDDD94CBA7BABEA, 234FD60D659D9338C9FA0A54D176840BFDDEEB358DAF67A8B13F7699D442CAC0 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:22:43.0334 0x1a9c isapnp - ok
12:22:43.0412 0x1a9c [ 6205F494094FC3DB755CB1139917D058, EFD5CBE86D4523F9693E26F78292A52B211B25451B47B26B8C3CBC00B3C86C25 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
12:22:43.0444 0x1a9c iScsiPrt - ok
12:22:43.0459 0x1a9c [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
12:22:43.0491 0x1a9c iwdbus - ok
12:22:43.0569 0x1a9c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:22:43.0584 0x1a9c jhi_service - ok
12:22:43.0616 0x1a9c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
12:22:43.0631 0x1a9c kbdclass - ok
12:22:43.0678 0x1a9c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
12:22:43.0694 0x1a9c kbdhid - ok
12:22:43.0709 0x1a9c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
12:22:43.0741 0x1a9c kdnic - ok
12:22:43.0756 0x1a9c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
12:22:43.0772 0x1a9c KeyIso - ok
12:22:43.0803 0x1a9c [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:22:43.0819 0x1a9c KSecDD - ok
12:22:43.0850 0x1a9c [ A9C617281ECE2711C02F3B7C951A1882, AD871D3C2A9EA9F4D1809C93093EC314DFFFF8CBCD176E96941F26AF9DB7AF4E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:22:43.0881 0x1a9c KSecPkg - ok
12:22:43.0897 0x1a9c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:22:43.0928 0x1a9c ksthunk - ok
12:22:43.0944 0x1a9c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
12:22:43.0975 0x1a9c KtmRm - ok
12:22:44.0022 0x1a9c [ B75ADC97905F43C7C946F1465A8697BD, AF50E3F5DBF222DB095B40FD4896650B5F8DD47153CB9A1ADE54D17FCE85C529 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:22:44.0069 0x1a9c LanmanServer - ok
12:22:44.0100 0x1a9c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:22:44.0131 0x1a9c LanmanWorkstation - ok
12:22:44.0178 0x1a9c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
12:22:44.0225 0x1a9c lfsvc - ok
12:22:44.0241 0x1a9c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:22:44.0256 0x1a9c lltdio - ok
12:22:44.0303 0x1a9c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:22:44.0319 0x1a9c lltdsvc - ok
12:22:44.0350 0x1a9c [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver C:\Windows\System32\drivers\LMDriver.sys
12:22:44.0350 0x1a9c LMDriver - ok
12:22:44.0381 0x1a9c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:22:44.0413 0x1a9c lmhosts - ok
12:22:44.0444 0x1a9c [ E2952760B05A256FB1412D20A41C89C1, B5AF47DF90D5DC8E6549DE1AFF897669E8200D08083D43DF86E34F6EE19C59DA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:22:44.0459 0x1a9c LMS - ok
12:22:44.0491 0x1a9c [ 5259A9DAB76FFBCE3CD94C710FF49621, 80DF535A44D002CB5D2634C1EDA81F9E50E4220C3A86082C365024AC7F774C5A ] LMSvc C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
12:22:44.0506 0x1a9c LMSvc - ok
12:22:44.0522 0x1a9c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:22:44.0553 0x1a9c LSI_SAS - ok
12:22:44.0569 0x1a9c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:22:44.0584 0x1a9c LSI_SAS2 - ok
12:22:44.0600 0x1a9c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
12:22:44.0616 0x1a9c LSI_SAS3 - ok
12:22:44.0631 0x1a9c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
12:22:44.0647 0x1a9c LSI_SSS - ok
12:22:44.0694 0x1a9c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
12:22:44.0756 0x1a9c LSM - ok
12:22:44.0788 0x1a9c [ B0AF753AF28303BB69C67BD85F06FFC9, 6B6805C17BC39F972BB7FF52BDF798B0B57EC5D5F3CE1C97415E86110235C603 ] luafv C:\Windows\system32\drivers\luafv.sys
12:22:44.0819 0x1a9c luafv - ok
12:22:44.0866 0x1a9c [ 0B4A62420642B842DF8656DBFF663B0C, ACB7961ECA32A50FCBD51B194488DDF40E610C2384EDFD06235AE427BCB80C96 ] MBAMChameleon C:\Windows\System32\Drivers\MbamChameleon.sys
12:22:44.0881 0x1a9c MBAMChameleon - ok
12:22:44.0897 0x1a9c [ 58B7AEBBF191EEE2DBE7E939A56CFBDA, 9C76A1D92AD6C3464AA5FA0CD75F790F7A32801A01EA129C35C62110CFC19591 ] MBAMFarflt C:\Windows\system32\DRIVERS\farflt.sys
12:22:44.0913 0x1a9c MBAMFarflt - ok
12:22:44.0928 0x1a9c [ 0987B4BB03FA1F3C0C7D37347B707D4E, EDEA667695A680B955F42024AD349A9B795A2365C59312EDCC3FE5BF362F59E6 ] MBAMProtection C:\Windows\system32\DRIVERS\mbam.sys
12:22:44.0944 0x1a9c MBAMProtection - ok
12:22:45.0210 0x1a9c [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
12:22:45.0350 0x1a9c MBAMService - ok
12:22:45.0413 0x1a9c [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy C:\Windows\System32\Drivers\mbamswissarmy.sys
12:22:45.0444 0x1a9c MBAMSwissArmy - ok
12:22:45.0460 0x1a9c [ 91716A734D4D015D364ECB551BDAB0F2, C6836E2E7ACADDB7A19707FC87C5CC04B32663D20F841D674CDEDA2E35FC4B2B ] MBAMWebProtection C:\Windows\system32\DRIVERS\mwac.sys
12:22:45.0475 0x1a9c MBAMWebProtection - ok
12:22:45.0491 0x1a9c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
12:22:45.0506 0x1a9c megasas - ok
12:22:45.0553 0x1a9c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
12:22:45.0600 0x1a9c megasr - ok
12:22:45.0631 0x1a9c [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
12:22:45.0663 0x1a9c MEIx64 - ok
12:22:45.0710 0x1a9c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
12:22:45.0725 0x1a9c MMCSS - ok
12:22:45.0741 0x1a9c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
12:22:45.0772 0x1a9c Modem - ok
12:22:45.0788 0x1a9c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
12:22:45.0803 0x1a9c monitor - ok
12:22:45.0819 0x1a9c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
12:22:45.0835 0x1a9c mouclass - ok
12:22:45.0866 0x1a9c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
12:22:45.0881 0x1a9c mouhid - ok
12:22:45.0913 0x1a9c [ E5E8665272EBCD87A0A632314F0D221D, 37FDC4CEB8E5FC39C10DE875676863D090CFEA708AC3A8415114DCDD94BD7A1D ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:22:45.0928 0x1a9c mountmgr - ok
12:22:45.0975 0x1a9c [ 2EDD920BD669C571E3EEFCAAE4FD4C37, D029269D17BC2D2D4B98F331D9F69A973813FBBEF433E260858309D43C09AC09 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:22:45.0991 0x1a9c MozillaMaintenance - ok
12:22:46.0038 0x1a9c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:22:46.0069 0x1a9c mpsdrv - ok
12:22:46.0131 0x1a9c [ 4D33C8B6159B61C7F13984ED10EA2A82, 2E6B8C104F34BFED3C521062F0F12B8D9B4A602221256C41791932771EB79B2C ] MpsSvc C:\Windows\system32\mpssvc.dll
12:22:46.0210 0x1a9c MpsSvc - ok
12:22:46.0241 0x1a9c [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:22:46.0288 0x1a9c MRxDAV - ok
12:22:46.0319 0x1a9c [ CF49856813FFDF2EB251762BB8B675C8, 5976D21C6B0A1FF489B406108DBE6ACDB22D706F437B12F58552A6EAA9D3BFD7 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:22:46.0335 0x1a9c mrxsmb - ok
12:22:46.0382 0x1a9c [ AFE6DC2E57E876175BA074AD2CB5594F, 004873302BA0BF1B1359A90A5399915BE00A9ED800F60E477A5AE4682C70A708 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:22:46.0413 0x1a9c mrxsmb10 - ok
12:22:46.0460 0x1a9c [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:22:46.0475 0x1a9c mrxsmb20 - ok
12:22:46.0522 0x1a9c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
12:22:46.0538 0x1a9c MsBridge - ok
12:22:46.0600 0x1a9c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
12:22:46.0616 0x1a9c MSDTC - ok
12:22:46.0647 0x1a9c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:22:46.0663 0x1a9c Msfs - ok
12:22:46.0678 0x1a9c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
12:22:46.0694 0x1a9c msgpiowin32 - ok
12:22:46.0710 0x1a9c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:22:46.0725 0x1a9c mshidkmdf - ok
12:22:46.0741 0x1a9c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
12:22:46.0757 0x1a9c mshidumdf - ok
12:22:46.0772 0x1a9c [ 15552CD43BD9DA6C00659167403D19E6, B93BAE0FB5A132FA3F0218B07284117D424175DB0A69C4FB3E3C2E33F122207F ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:22:46.0788 0x1a9c msisadrv - ok
12:22:46.0819 0x1a9c [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:22:46.0850 0x1a9c MSiSCSI - ok
12:22:46.0866 0x1a9c msiserver - ok
12:22:46.0897 0x1a9c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:22:46.0913 0x1a9c MSKSSRV - ok
12:22:46.0944 0x1a9c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
12:22:46.0975 0x1a9c MsLldp - ok
12:22:46.0991 0x1a9c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:22:47.0022 0x1a9c MSPCLOCK - ok
12:22:47.0053 0x1a9c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:22:47.0069 0x1a9c MSPQM - ok
12:22:47.0116 0x1a9c [ 493AA78266AA041593DB24155556B8BF, CBAF7FAD5215957D8B8C5956DB423249BB630FCFD03A10B9734E889D594F8EBD ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:22:47.0132 0x1a9c MsRPC - ok
12:22:47.0147 0x1a9c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
12:22:47.0147 0x1a9c mssmbios - ok
12:22:47.0178 0x1a9c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:22:47.0194 0x1a9c MSTEE - ok
12:22:47.0210 0x1a9c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
12:22:47.0225 0x1a9c MTConfig - ok
12:22:47.0241 0x1a9c [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\Windows\system32\Drivers\mup.sys
12:22:47.0257 0x1a9c Mup - ok
12:22:47.0288 0x1a9c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
12:22:47.0303 0x1a9c mvumis - ok
12:22:47.0335 0x1a9c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
12:22:47.0366 0x1a9c napagent - ok
12:22:47.0413 0x1a9c [ F3A70F2C79D91B7C95F78E959DEDAD0E, CB1826614D1EEC1C2E8E6F8D2B8DE486CE7AF628DAC6969655E57EC4BAF70C9D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:22:47.0444 0x1a9c NativeWifiP - ok
12:22:47.0522 0x1a9c [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
12:22:47.0553 0x1a9c NAUpdate - ok
12:22:47.0600 0x1a9c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
12:22:47.0616 0x1a9c NcaSvc - ok
12:22:47.0663 0x1a9c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
12:22:47.0694 0x1a9c NcbService - ok
12:22:47.0725 0x1a9c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
12:22:47.0757 0x1a9c NcdAutoSetup - ok
12:22:47.0803 0x1a9c [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:22:47.0866 0x1a9c NDIS - ok
12:22:47.0897 0x1a9c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:22:47.0913 0x1a9c NdisCap - ok
12:22:47.0944 0x1a9c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
12:22:47.0975 0x1a9c NdisImPlatform - ok
12:22:48.0007 0x1a9c [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:22:48.0038 0x1a9c NdisTapi - ok
12:22:48.0054 0x1a9c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:22:48.0085 0x1a9c Ndisuio - ok
12:22:48.0100 0x1a9c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
12:22:48.0116 0x1a9c NdisVirtualBus - ok
12:22:48.0147 0x1a9c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:22:48.0163 0x1a9c NdisWan - ok
12:22:48.0194 0x1a9c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
12:22:48.0210 0x1a9c NdisWanLegacy - ok
12:22:48.0241 0x1a9c [ 4F5178EEF4CC259F0A8CF56C2F16ADDB, 1940275E4AB0A863B146736A189F797EE06841DD74376AF6E09033FB1EEB6643 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:22:48.0272 0x1a9c NDProxy - ok
12:22:48.0304 0x1a9c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
12:22:48.0335 0x1a9c Ndu - ok
12:22:48.0366 0x1a9c [ AD6A78E25BBC916354753A500C4E73C8, 52D10B07CA52B90E6934EC8916715B1BA78711A12600980A3A7A16EA5408F99A ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:22:48.0397 0x1a9c NetBIOS - ok
12:22:48.0429 0x1a9c [ 0FE750800DEEE91D22399D081371BA79, 7E1E01A5D5BAE68F975070D1676BD830ADF010E42A8046D4074D17B710230CD9 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:22:48.0460 0x1a9c NetBT - ok
12:22:48.0475 0x1a9c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
12:22:48.0491 0x1a9c Netlogon - ok
12:22:48.0522 0x1a9c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
12:22:48.0538 0x1a9c Netman - ok
12:22:48.0585 0x1a9c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
12:22:48.0616 0x1a9c netprofm - ok
12:22:48.0663 0x1a9c [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:22:48.0679 0x1a9c NetTcpPortSharing - ok
12:22:48.0710 0x1a9c [ 39935F3D3582A8B3387E9A2ED4C85413, 4B0629CA22B9AEF90425991BC800043DBE18007AC90445809A8D5D122B41218D ] netvsc C:\Windows\System32\drivers\netvsc63.sys
12:22:48.0741 0x1a9c netvsc - ok
12:22:48.0772 0x1a9c [ A0D7A655BC61C2421CB33F3A1CD97B8A, EF87D3CDB01789195E83FB629B0871ED03211C624BCF814260D86DDA57BD9B33 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:22:48.0804 0x1a9c NlaSvc - ok
12:22:48.0819 0x1a9c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:22:48.0835 0x1a9c Npfs - ok
12:22:48.0850 0x1a9c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
12:22:48.0882 0x1a9c npsvctrig - ok
12:22:48.0897 0x1a9c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
12:22:48.0929 0x1a9c nsi - ok
12:22:48.0960 0x1a9c [ 018510D88536798852DAE12F9BA6E138, C0D89C36F8737FD139CEA80BED65D1DB4248E667804645FF71C39BA92FEC4109 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:22:48.0975 0x1a9c nsiproxy - ok
12:22:49.0054 0x1a9c [ 9E60AD04B25D39986599D4397FD96FF8, F4004443A7982EDE01F6069F0601BBAB452B62F1D1F954AFFDA2FE8DA13BFCE5 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:22:49.0132 0x1a9c Ntfs - ok
12:22:49.0163 0x1a9c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
12:22:49.0179 0x1a9c Null - ok
12:22:49.0491 0x1a9c [ E482565FC5C438BE967B02461C28B721, 0F7E5D6E54AD93900F3B968D99C95346E2A71BDAA478C071155B6D52FFA66FD3 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:22:49.0851 0x1a9c nvlddmkm - ok
12:22:49.0913 0x1a9c [ 00125DFDCCB26B5D8187A84E2786AF26, EAB4B0734273125CD0D1DAEDD7F356B18702AB5554A908FB7CA5782A92E21FAD ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:22:49.0976 0x1a9c NvNetworkService - ok
12:22:49.0991 0x1a9c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:22:50.0007 0x1a9c nvraid - ok
12:22:50.0038 0x1a9c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:22:50.0054 0x1a9c nvstor - ok
12:22:50.0101 0x1a9c [ B92F37758F368220715A36568B77BB38, BFC6653560BA915D2E9CB7E2FACC09EA388C6E48174B175E635CDB4702808DD8 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:22:50.0163 0x1a9c nvsvc - ok
12:22:50.0194 0x1a9c [ 9D1D5F4A66790A6B6B83B49497DB7A9F, CEFB57674BB681A0F446307E6D10D141DC2F5C5650A481FCF4D7FA877F421D0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:22:50.0210 0x1a9c nv_agp - ok
12:22:50.0288 0x1a9c [ CC1DA528558DF556D164E30170441026, E49E4FFA4B7ABD5DF09B51EE489BBE747D1C3308A1518D2CC541144DB338AEE8 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:22:50.0304 0x1a9c ose - ok
12:22:50.0335 0x1a9c [ B0D4F47A4D74F6E6A3FF6B2D109D6734, B34F0AF0EAE3A39FCE8BF3871310A7308E2C0BEF3E2F4CAB5852F8D2B2A8B457 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:22:50.0366 0x1a9c p2pimsvc - ok
12:22:50.0397 0x1a9c [ 0B100C336809C1D7DBD108A75DAFFEF5, F8E5B7EBB5F751FD5BBBD0A5CE5CD60F2EE32CC75EFA68DAAD17E2B26B71AF4E ] p2psvc C:\Windows\system32\p2psvc.dll
12:22:50.0444 0x1a9c p2psvc - ok
12:22:50.0460 0x1a9c [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\Windows\System32\drivers\parport.sys
12:22:50.0491 0x1a9c Parport - ok
12:22:50.0522 0x1a9c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:22:50.0538 0x1a9c partmgr - ok
12:22:50.0585 0x1a9c [ 10D35971E29936AE422A9C728014E761, 7B1547312663D50D72B76A7C13A01E532F41132A8E108AF5C6C086B456C86ACA ] PcaSvc C:\Windows\System32\pcasvc.dll
12:22:50.0616 0x1a9c PcaSvc - ok
12:22:50.0679 0x1a9c [ 9C1015B033ABDFC59584F480207AECDD, 288011A1F5A6C6D530122210EF3CAD09DF0BDA15E490CD5C52209037B3A0714F ] pci C:\Windows\system32\drivers\pci.sys
12:22:50.0710 0x1a9c pci - ok
12:22:50.0726 0x1a9c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
12:22:50.0741 0x1a9c pciide - ok
12:22:50.0757 0x1a9c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:22:50.0772 0x1a9c pcmcia - ok
12:22:50.0788 0x1a9c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
12:22:50.0804 0x1a9c pcw - ok
12:22:50.0835 0x1a9c [ E6B3ACBA06BAF48594557FCCBFA66FD2, 44A0FAC6169D9130870456DEFBFFE563FCCC4AD7A9754B455D5A1C1A77F0699D ] pdc C:\Windows\system32\drivers\pdc.sys
12:22:50.0851 0x1a9c pdc - ok
12:22:50.0882 0x1a9c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:22:50.0929 0x1a9c PEAUTH - ok
12:22:50.0991 0x1a9c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:22:51.0007 0x1a9c PerfHost - ok
12:22:51.0069 0x1a9c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
12:22:51.0147 0x1a9c pla - ok
12:22:51.0179 0x1a9c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:22:51.0194 0x1a9c PlugPlay - ok
12:22:51.0226 0x1a9c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:22:51.0257 0x1a9c PNRPAutoReg - ok
12:22:51.0272 0x1a9c [ B0D4F47A4D74F6E6A3FF6B2D109D6734, B34F0AF0EAE3A39FCE8BF3871310A7308E2C0BEF3E2F4CAB5852F8D2B2A8B457 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:22:51.0288 0x1a9c PNRPsvc - ok
12:22:51.0335 0x1a9c [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:22:51.0382 0x1a9c PolicyAgent - ok
12:22:51.0398 0x1a9c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
12:22:51.0429 0x1a9c Power - ok
12:22:51.0554 0x1a9c [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
12:22:51.0679 0x1a9c PrintNotify - ok
12:22:51.0694 0x1a9c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
12:22:51.0726 0x1a9c Processor - ok
12:22:51.0819 0x1a9c [ 2FFBADAE8E9BDB3ED9EEAC115FF2C81D, E965445CB6FCACBB805CEFEBB137BEFFCA29075A1A9FDBC4736D8A789E594363 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
12:22:51.0866 0x1a9c ProductAgentService - ok
12:22:51.0913 0x1a9c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
12:22:51.0944 0x1a9c ProfSvc - ok
12:22:51.0991 0x1a9c [ DEF4D00D1E55B1E29138A1541D0B82D3, CB042B49BA34F501CAD5AE1277EBFC34BD7BC01C1251811733901566880FF280 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:22:52.0007 0x1a9c Psched - ok
12:22:52.0038 0x1a9c [ A5B22EACF1DA28E19CC9F80D37978657, 9543615574D540AC825DBE8D1581DFC8CC0B7A1113420903F6747E3789EEACDA ] QRDCIO C:\Windows\System32\drivers\QRDCIO.sys
12:22:52.0054 0x1a9c QRDCIO - ok
12:22:52.0085 0x1a9c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
12:22:52.0116 0x1a9c QWAVE - ok
12:22:52.0163 0x1a9c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:22:52.0179 0x1a9c QWAVEdrv - ok
12:22:52.0194 0x1a9c [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim C:\Windows\System32\drivers\RadioShim.sys
12:22:52.0210 0x1a9c RadioShim - ok
12:22:52.0226 0x1a9c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:22:52.0241 0x1a9c RasAcd - ok
12:22:52.0273 0x1a9c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
12:22:52.0288 0x1a9c RasAuto - ok
12:22:52.0335 0x1a9c [ 0A655DD285E4E1E2975CEAB8FDE75295, 023B73A71CB48578702548F8F1096BDF72BE09D836F2D324DDA869E4F0354133 ] RasMan C:\Windows\System32\rasmans.dll
12:22:52.0366 0x1a9c RasMan - ok
12:22:52.0382 0x1a9c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:22:52.0413 0x1a9c RasPppoe - ok
12:22:52.0476 0x1a9c [ 3560C2D5A5DAC09BF81F5C5CD0029192, BF07AE75CAC322304024AF2385034847F18615439894306CC96D3F6F3C088CB5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:22:52.0507 0x1a9c rdbss - ok
12:22:52.0523 0x1a9c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
12:22:52.0554 0x1a9c rdpbus - ok
12:22:52.0570 0x1a9c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:22:52.0601 0x1a9c RDPDR - ok
12:22:52.0632 0x1a9c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:22:52.0648 0x1a9c RdpVideoMiniport - ok
12:22:52.0710 0x1a9c [ 468F9F3886DD3320357ECDBFF838DBBF, B8A8198A3D7CF19D662718AC9D33AD3722D179DA88D9F3FCFFB67AAA3F95C153 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:22:52.0741 0x1a9c rdyboost - ok
12:22:52.0804 0x1a9c [ D6B1EC83A1C6B7E49074429F0E0B3A6A, A1D61E8AAFE731EECD78865102707F65C62CF1B5A45F811C877EBC72939C8202 ] ReFS C:\Windows\system32\drivers\ReFS.sys
12:22:52.0851 0x1a9c ReFS - ok
12:22:52.0898 0x1a9c [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:22:52.0929 0x1a9c RemoteAccess - ok
12:22:52.0976 0x1a9c [ 7594FEFBAD6BA4645CE7AA175C19BAD0, 32625BA39B905576F0465E261F15D222ED228A19071E3A1BC4286B5FECA0F948 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:22:53.0007 0x1a9c RemoteRegistry - ok
12:22:53.0038 0x1a9c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
12:22:53.0070 0x1a9c RFCOMM - ok
12:22:53.0163 0x1a9c [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
12:22:53.0179 0x1a9c RichVideo - ok
12:22:53.0226 0x1a9c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:22:53.0257 0x1a9c RpcEptMapper - ok
12:22:53.0304 0x1a9c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
12:22:53.0335 0x1a9c RpcLocator - ok
12:22:53.0398 0x1a9c [ 2928249E4DD39C2ADD3E74F02427AB8B, E331028A55FFFD753BC09163F25765AA67B1FE55BD0EB2803CC50D841E14BDA6 ] RpcSs C:\Windows\system32\rpcss.dll
12:22:53.0429 0x1a9c RpcSs - ok
12:22:53.0460 0x1a9c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:22:53.0491 0x1a9c rspndr - ok
12:22:53.0523 0x1a9c [ 7CC0D898D00675F14BA0C4BF056C1CF4, E9203DD2A201AEF206C1A4177FD564DDFC8E7468DC268BD99389626A2C6593D3 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
12:22:53.0570 0x1a9c RTL8168 - ok
12:22:53.0710 0x1a9c [ A5278C648EBE09D953B8F8B326C220AC, 2A46AEFA02DF801FFBE3DBA9FA81BBDB6EB9EEF35C4695D919BF86B9C1FF5C47 ] RtlWlanu C:\Windows\system32\DRIVERS\rtwlanu.sys
12:22:53.0835 0x1a9c RtlWlanu - ok
12:22:53.0866 0x1a9c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
12:22:53.0882 0x1a9c s3cap - ok
12:22:53.0913 0x1a9c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
12:22:53.0929 0x1a9c SamSs - ok
12:22:53.0945 0x1a9c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:22:53.0960 0x1a9c sbp2port - ok
12:22:54.0007 0x1a9c [ 305B725E3FC1936162FE84A0BB526F22, 341E311BAF071F630E277BA41629883D5F8DB76E820425AB898BAC13D09971DC ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:22:54.0023 0x1a9c SCardSvr - ok
12:22:54.0070 0x1a9c [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
12:22:54.0085 0x1a9c ScDeviceEnum - ok
12:22:54.0116 0x1a9c [ DEA731D96816F1F67C32F49E4EF248DD, 6A977D80164616A85BDAE437A3D50E055720E3163941259F19E8719F54BE267D ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:22:54.0132 0x1a9c scfilter - ok
12:22:54.0179 0x1a9c [ F5523FFAFFCE7937D076E4FE6F5BD9AD, 42B08D5B54C07331D3754688878122F9CD9C7C9253C5ED8C3185C4BF6F68D847 ] Schedule C:\Windows\system32\schedsvc.dll
12:22:54.0241 0x1a9c Schedule - ok
12:22:54.0273 0x1a9c [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:22:54.0288 0x1a9c SCPolicySvc - ok
12:22:54.0304 0x1a9c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
12:22:54.0335 0x1a9c sdbus - ok
12:22:54.0351 0x1a9c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
12:22:54.0366 0x1a9c sdstor - ok
12:22:54.0382 0x1a9c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:22:54.0398 0x1a9c secdrv - ok
12:22:54.0429 0x1a9c [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\Windows\system32\seclogon.dll
12:22:54.0460 0x1a9c seclogon - ok
12:22:54.0476 0x1a9c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
12:22:54.0523 0x1a9c SENS - ok
12:22:54.0570 0x1a9c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:22:54.0601 0x1a9c SensrSvc - ok
12:22:54.0616 0x1a9c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
12:22:54.0632 0x1a9c SerCx - ok
12:22:54.0663 0x1a9c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
12:22:54.0679 0x1a9c SerCx2 - ok
12:22:54.0710 0x1a9c [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\Windows\System32\drivers\serenum.sys
12:22:54.0726 0x1a9c Serenum - ok
12:22:54.0742 0x1a9c [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\Windows\System32\drivers\serial.sys
12:22:54.0757 0x1a9c Serial - ok
12:22:54.0788 0x1a9c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
12:22:54.0804 0x1a9c sermouse - ok
12:22:54.0851 0x1a9c [ 624BB76941938B9F5776DEA56004D33E, D4EE7A23665D71646622D477CA962335B4C17BAC931A728122DF8C112CD5A560 ] SessionEnv C:\Windows\system32\sessenv.dll
12:22:54.0898 0x1a9c SessionEnv - ok
12:22:54.0913 0x1a9c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
12:22:54.0929 0x1a9c sfloppy - ok
12:22:54.0992 0x1a9c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:22:55.0007 0x1a9c SharedAccess - ok
12:22:55.0242 0x1a9c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:22:55.0288 0x1a9c ShellHWDetection - ok
12:22:55.0304 0x1a9c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:22:55.0320 0x1a9c SiSRaid2 - ok
12:22:55.0335 0x1a9c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:22:55.0351 0x1a9c SiSRaid4 - ok
12:22:55.0382 0x1a9c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
12:22:55.0413 0x1a9c smphost - ok
12:22:55.0445 0x1a9c [ 961507DB02D7AC0B7A7828D457143B8E, F423BE6287C65960A955EBB3BFBAC047313BEB2F54920A6E57E51FCCE855F5E0 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:22:55.0460 0x1a9c SNMPTRAP - ok
12:22:55.0492 0x1a9c [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport C:\Windows\system32\drivers\spaceport.sys
12:22:55.0523 0x1a9c spaceport - ok
12:22:55.0523 0x1a9c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
12:22:55.0538 0x1a9c SpbCx - ok
12:22:55.0585 0x1a9c [ 851F06253BED584E39F5126EB5C2D6DD, 5144AA4C45598B0749D4F2CF477BB8E9B75DFB858385888E31E703B7C8FB6463 ] Spooler C:\Windows\System32\spoolsv.exe
12:22:55.0663 0x1a9c Spooler - ok
12:22:55.0851 0x1a9c [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\Windows\system32\sppsvc.exe
12:22:56.0023 0x1a9c sppsvc - ok
12:22:56.0054 0x1a9c [ CA62440584866C8435AF39E70C8CDDDD, 8B4C6AF1CFD628632D20C17D4D64C70BA6609382E416007DE28E542C5E5C8798 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:22:56.0070 0x1a9c srv - ok
12:22:56.0117 0x1a9c [ 1C97C5D3E9F2E4BDFE8E05231D1FC158, 41D69133D3BFC246A9572F0128BBD1EE129C5F08F8AF269D5B96073AA6CF5634 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:22:56.0164 0x1a9c srv2 - ok
12:22:56.0179 0x1a9c [ 91A5474960BB2E750FF9CCE4C16F6863, D875531D720A8A0EA7036B8B52F48E53F475D452FCDF081B085A7B0AB92F3255 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:22:56.0195 0x1a9c srvnet - ok
12:22:56.0210 0x1a9c [ 328852A3CA6C54BB6A49BF70E2573ADF, BB05D2585D589A7351C34424CBF0C3EE6AAF00605A8CC53943DF63DBE94D5198 ] ssdevfactory C:\Windows\System32\drivers\ssdevfactory.sys
12:22:56.0226 0x1a9c ssdevfactory - ok
12:22:56.0257 0x1a9c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:22:56.0289 0x1a9c SSDPSRV - ok
12:22:56.0320 0x1a9c [ E2090EBAD8D1FA9EDF70D9F617E61544, 133FD75DAE8FF183862DD7CD06CB7D3B0334F3A053209DF9433D89D2D9CFF821 ] sshid C:\Windows\System32\drivers\sshid.sys
12:22:56.0335 0x1a9c sshid - ok
12:22:56.0367 0x1a9c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:22:56.0398 0x1a9c SstpSvc - ok
12:22:56.0429 0x1a9c [ F0B59ADCD06BCEB9D47311B7041CA2C9, 6299AB514CBE153C875F083ED789F6205C1781C0178759521F5A6D8007F5257C ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
12:22:56.0445 0x1a9c ssudmdm - ok
12:22:56.0554 0x1a9c [ 0608A6DB82B8E6845BCC624051F31130, 9FF2993FFDC273AE8EB9F4E870620B6287024E013F778154F1A022A9370A1A34 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:22:56.0617 0x1a9c Steam Client Service - ok
12:22:56.0632 0x1a9c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:22:56.0648 0x1a9c stexstor - ok
12:22:56.0679 0x1a9c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
12:22:56.0726 0x1a9c stisvc - ok
12:22:56.0742 0x1a9c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
12:22:56.0757 0x1a9c storahci - ok
12:22:56.0789 0x1a9c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:22:56.0804 0x1a9c storflt - ok
12:22:56.0851 0x1a9c [ 1D5A045F59D216448FCDE3A8D69970E2, CEDEB0843D93339D10FE4BC209CCFCB6E12C6064FD62694DA7675082E8B8C915 ] stornvme C:\Windows\system32\drivers\stornvme.sys
12:22:56.0867 0x1a9c stornvme - ok
12:22:56.0898 0x1a9c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
12:22:56.0914 0x1a9c StorSvc - ok
12:22:56.0945 0x1a9c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:22:56.0960 0x1a9c storvsc - ok
12:22:56.0992 0x1a9c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
12:22:57.0023 0x1a9c svsvc - ok
12:22:57.0054 0x1a9c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
12:22:57.0070 0x1a9c swenum - ok
12:22:57.0101 0x1a9c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
12:22:57.0148 0x1a9c swprv - ok
12:22:57.0179 0x1a9c [ 1BCD06B8BA217CB73FDFF07E7921AC2D, 9E495715ACD48CFD3482CA022CA79A17645DA46DBB69006C69B3FC61B87EF18B ] SynRMIHID C:\Windows\system32\DRIVERS\SynRMIHID.sys
12:22:57.0195 0x1a9c SynRMIHID - ok
12:22:57.0257 0x1a9c [ 0404A539EC3D731EE42632AAFFF0666A, 5558B96C9A425ADEC69A020E0FEDB6D7562A60E403A2ECDCE58CAF2CA155549F ] SysMain C:\Windows\system32\sysmain.dll
12:22:57.0335 0x1a9c SysMain - ok
12:22:57.0382 0x1a9c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
12:22:57.0414 0x1a9c SystemEventsBroker - ok
12:22:57.0445 0x1a9c [ 54A1F83B166F1062000A0D816CB3B43A, 8A104B2141546984CFB988CC178EB1910F6B42A19CB75A30F4E74D5EE67901EB ] TabletInputService C:\Windows\System32\TabSvc.dll
12:22:57.0476 0x1a9c TabletInputService - ok
12:22:57.0539 0x1a9c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
12:22:57.0570 0x1a9c TapiSrv - ok
12:22:57.0679 0x1a9c [ 12D04D8C02F16D8D7346A494E524507D, C308B26CB90052E078A3EEAF5B76D2A88708ED14E2705A492AEAE16CB18BD189 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:22:57.0773 0x1a9c Tcpip - ok
12:22:57.0836 0x1a9c [ 12D04D8C02F16D8D7346A494E524507D, C308B26CB90052E078A3EEAF5B76D2A88708ED14E2705A492AEAE16CB18BD189 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:22:57.0898 0x1a9c TCPIP6 - ok
12:22:57.0914 0x1a9c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:22:57.0945 0x1a9c tcpipreg - ok
12:22:57.0976 0x1a9c [ 576FA545FAB846B06E79B324160DE25C, 14F1FD2769E7F5362E6452CA061564EF3DEBFDF6BC8EFF0CD4E22068A460A727 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:22:57.0992 0x1a9c tdx - ok
12:22:58.0007 0x1a9c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
12:22:58.0023 0x1a9c terminpt - ok
12:22:58.0086 0x1a9c [ 680396E9E1FA365C80CA470BEB7CEECF, C51E5E5EAD08E2CED701464C4030DD161877F9A291BC8BF12AF7A0358DCA1886 ] TermService C:\Windows\System32\termsrv.dll
12:22:58.0132 0x1a9c TermService - ok
12:22:58.0164 0x1a9c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
12:22:58.0195 0x1a9c Themes - ok
12:22:58.0226 0x1a9c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
12:22:58.0257 0x1a9c THREADORDER - ok
12:22:58.0304 0x1a9c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
12:22:58.0336 0x1a9c TimeBroker - ok
12:22:58.0367 0x1a9c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
12:22:58.0382 0x1a9c TPM - ok
12:22:58.0414 0x1a9c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
12:22:58.0445 0x1a9c TrkWks - ok
12:22:58.0476 0x1a9c [ 798BE944FC4E06614F320FC3ADC36E0F, 6D08ED41557FB821F78817A08097524E92024BB7319B77520B70C665DAC92E71 ] trufos C:\Windows\system32\DRIVERS\trufos.sys
12:22:58.0523 0x1a9c trufos - ok
12:22:58.0570 0x1a9c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:22:58.0601 0x1a9c TrustedInstaller - ok
12:22:58.0617 0x1a9c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:22:58.0632 0x1a9c TsUsbFlt - ok
12:22:58.0679 0x1a9c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
12:22:58.0695 0x1a9c TsUsbGD - ok
12:22:58.0726 0x1a9c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:22:58.0757 0x1a9c tunnel - ok
12:22:58.0789 0x1a9c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:22:58.0804 0x1a9c uagp35 - ok
12:22:58.0820 0x1a9c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
12:22:58.0836 0x1a9c UASPStor - ok
12:22:58.0851 0x1a9c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
12:22:58.0882 0x1a9c UCX01000 - ok
12:22:58.0914 0x1a9c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:22:58.0945 0x1a9c udfs - ok
12:22:58.0976 0x1a9c [ 5DFA6081BE0AE39EA5B3A38CAC6A961F, D2EC133CF68E794225DE4FAB678F9FECD20D82EC7539A450769076BA57C1914F ] UEFI C:\Windows\System32\drivers\UEFI.sys
12:22:58.0992 0x1a9c UEFI - ok
12:22:59.0054 0x1a9c [ B4EE7221F45468EF27DED05568A54AD7, DA9ECA510B631CDE6C6B0964376279423BE62F15D2042EA472D7E553E70881E5 ] UEIPSvc C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
12:22:59.0070 0x1a9c UEIPSvc - ok
12:22:59.0101 0x1a9c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:22:59.0132 0x1a9c UI0Detect - ok
12:22:59.0148 0x1a9c [ 4EF2D1DCFFC75ADFFFDD471BD9EBEDCC, 9B47DB34537B08D2F934C5FA0503B3441F718F0F8CEDF2483F77C684BD2D63E5 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:22:59.0164 0x1a9c uliagpkx - ok
12:22:59.0226 0x1a9c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
12:22:59.0242 0x1a9c umbus - ok
12:22:59.0258 0x1a9c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
12:22:59.0273 0x1a9c UmPass - ok
12:22:59.0320 0x1a9c [ 87743CF5FF2FB3F2B424F0D8DFF8FD8C, C14C979612426D4449274C109FCF25D3BE170DC5CD7EF8E230C7E8D5681904D3 ] UmRdpService C:\Windows\System32\umrdp.dll
12:22:59.0336 0x1a9c UmRdpService - ok
12:22:59.0398 0x1a9c [ CDE21361BB5E8AE4D6FD3C1F9FFF1DB2, E763A18FB863673422AF81C17CFCA044B58DCC2438BA3C3994748865B80905D4 ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender Security\updatesrv.exe
12:22:59.0414 0x1a9c UPDATESRV - ok
12:22:59.0461 0x1a9c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
12:22:59.0492 0x1a9c upnphost - ok
12:22:59.0523 0x1a9c [ 621317D14B93CBFBD5694767EFB6B40A, 84D3F4AA2CAFA11DF5EAD178889ACCAA2FF50D48AFE9518F63FBB862928630FB ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
12:22:59.0539 0x1a9c usbccgp - ok
12:22:59.0570 0x1a9c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
12:22:59.0586 0x1a9c usbcir - ok
12:22:59.0633 0x1a9c [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\Windows\System32\drivers\usbehci.sys
12:22:59.0648 0x1a9c usbehci - ok
12:22:59.0664 0x1a9c [ E30B159760053C5A1297D2CD08046CD7, E45472CEEC31616DBE2B38C4FD9B90179ED7FF29041F21FB124334B4A53AE48C ] usbhub C:\Windows\System32\drivers\usbhub.sys
12:22:59.0711 0x1a9c usbhub - ok
12:22:59.0758 0x1a9c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
12:22:59.0804 0x1a9c USBHUB3 - ok
12:22:59.0836 0x1a9c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys
12:22:59.0867 0x1a9c usbohci - ok
12:22:59.0883 0x1a9c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
12:22:59.0898 0x1a9c usbprint - ok
12:22:59.0929 0x1a9c [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\Windows\System32\drivers\usbscan.sys
12:22:59.0945 0x1a9c usbscan - ok
12:22:59.0976 0x1a9c [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
12:22:59.0992 0x1a9c USBSTOR - ok
12:23:00.0039 0x1a9c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
12:23:00.0054 0x1a9c usbuhci - ok
12:23:00.0086 0x1a9c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:23:00.0117 0x1a9c usbvideo - ok
12:23:00.0148 0x1a9c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
12:23:00.0179 0x1a9c USBXHCI - ok
12:23:00.0179 0x1a9c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
12:23:00.0195 0x1a9c VaultSvc - ok
12:23:00.0226 0x1a9c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:23:00.0242 0x1a9c vdrvroot - ok
12:23:00.0304 0x1a9c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
12:23:00.0367 0x1a9c vds - ok
12:23:00.0398 0x1a9c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
12:23:00.0414 0x1a9c VerifierExt - ok
12:23:00.0461 0x1a9c [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
12:23:00.0492 0x1a9c vhdmp - ok
12:23:00.0523 0x1a9c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
12:23:00.0539 0x1a9c viaide - ok
12:23:00.0570 0x1a9c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:23:00.0586 0x1a9c vmbus - ok
12:23:00.0586 0x1a9c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
12:23:00.0601 0x1a9c VMBusHID - ok
12:23:00.0648 0x1a9c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
12:23:00.0695 0x1a9c vmicguestinterface - ok
12:23:00.0711 0x1a9c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
12:23:00.0773 0x1a9c vmicheartbeat - ok
12:23:00.0789 0x1a9c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
12:23:00.0804 0x1a9c vmickvpexchange - ok
12:23:00.0820 0x1a9c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
12:23:00.0851 0x1a9c vmicrdv - ok
12:23:00.0867 0x1a9c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
12:23:00.0898 0x1a9c vmicshutdown - ok
12:23:00.0914 0x1a9c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
12:23:00.0929 0x1a9c vmictimesync - ok
12:23:00.0945 0x1a9c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
12:23:00.0976 0x1a9c vmicvss - ok
12:23:01.0008 0x1a9c [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:23:01.0023 0x1a9c volmgr - ok
12:23:01.0070 0x1a9c [ 7DD4EAE2E680948D9AFF3E1B5234C1D3, 7B893CEF2B72458F5C716C811A24E4A8856E12E2AC9F551606A64B59C9DCF272 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:23:01.0086 0x1a9c volmgrx - ok
12:23:01.0117 0x1a9c [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:23:01.0148 0x1a9c volsnap - ok
12:23:01.0180 0x1a9c [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\Windows\System32\drivers\vpci.sys
12:23:01.0195 0x1a9c vpci - ok
12:23:01.0258 0x1a9c [ 1F025A63C8ADE6B528CFB2C45008B07A, 22B01CAABBB07DE7712AAB990D4FEF0BF2F3A88E292EEF9002021C3C61F534CD ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
12:23:01.0289 0x1a9c vpnagent - ok
12:23:01.0336 0x1a9c [ FB6FF38D27F1E1518F0880CE60F03B0F, 6BCA527352556223FC8B45AF246B6CFC10E59D5152557DC40032247EBCCF3876 ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
12:23:01.0351 0x1a9c vpnva - ok
12:23:01.0383 0x1a9c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:23:01.0398 0x1a9c vsmraid - ok
12:23:01.0461 0x1a9c [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\Windows\system32\vssvc.exe
12:23:01.0539 0x1a9c VSS - ok
12:23:01.0601 0x1a9c [ 3BB352464F241F64F9AB3ACE2BED3B4D, 47FE525EE2FB9E27584B1833867C3B4AECC9316DD1E94C64BFF170C0E3067AB6 ] VSSERV C:\Program Files\Bitdefender\Bitdefender Security\vsserv.exe
12:23:01.0648 0x1a9c VSSERV - ok
12:23:01.0664 0x1a9c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
12:23:01.0680 0x1a9c VSTXRAID - ok
12:23:01.0726 0x1a9c [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:23:01.0758 0x1a9c vwifibus - ok
12:23:01.0789 0x1a9c [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:23:01.0805 0x1a9c vwififlt - ok
12:23:01.0820 0x1a9c [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:23:01.0836 0x1a9c vwifimp - ok
12:23:01.0867 0x1a9c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
12:23:01.0914 0x1a9c W32Time - ok
12:23:01.0945 0x1a9c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
12:23:01.0961 0x1a9c WacomPen - ok
12:23:02.0039 0x1a9c [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\Windows\system32\wbengine.exe
12:23:02.0133 0x1a9c wbengine - ok
12:23:02.0180 0x1a9c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:23:02.0226 0x1a9c WbioSrvc - ok
12:23:02.0258 0x1a9c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
12:23:02.0289 0x1a9c Wcmsvc - ok
12:23:02.0336 0x1a9c [ A7F2B008F038EFFED5A847029852BC27, EC6C6DEC559AA0DD4307F87880939A84A4CFB13C73C92C444E9B53EBBDE80F79 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:23:02.0367 0x1a9c wcncsvc - ok
12:23:02.0383 0x1a9c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:23:02.0414 0x1a9c WcsPlugInService - ok
12:23:02.0445 0x1a9c [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
12:23:02.0461 0x1a9c WdBoot - ok
12:23:02.0508 0x1a9c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:23:02.0539 0x1a9c Wdf01000 - ok
12:23:02.0586 0x1a9c [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
12:23:02.0602 0x1a9c WdFilter - ok
12:23:02.0633 0x1a9c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:23:02.0648 0x1a9c WdiServiceHost - ok
12:23:02.0664 0x1a9c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:23:02.0680 0x1a9c WdiSystemHost - ok
12:23:02.0711 0x1a9c [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
12:23:02.0727 0x1a9c WdNisDrv - ok
12:23:02.0742 0x1a9c WdNisSvc - ok
12:23:02.0773 0x1a9c [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\Windows\System32\webclnt.dll
12:23:02.0805 0x1a9c WebClient - ok
12:23:02.0836 0x1a9c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:23:02.0852 0x1a9c Wecsvc - ok
12:23:02.0883 0x1a9c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
12:23:02.0914 0x1a9c WEPHOSTSVC - ok
12:23:02.0945 0x1a9c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:23:02.0977 0x1a9c wercplsupport - ok
12:23:03.0008 0x1a9c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
12:23:03.0039 0x1a9c WerSvc - ok
12:23:03.0070 0x1a9c [ B3E08E32BD082100928C6BA18AE5E526, 1D93EB34B5A6DE9CEF3A0F41C346E2172CA43A3EEDD9230CB24DB1AC6F1974DF ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
12:23:03.0102 0x1a9c WFPLWFS - ok
12:23:03.0148 0x1a9c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
12:23:03.0164 0x1a9c WiaRpc - ok
12:23:03.0195 0x1a9c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:23:03.0227 0x1a9c WIMMount - ok
12:23:03.0227 0x1a9c WinDefend - ok
12:23:03.0305 0x1a9c [ A083D80E73C2186C63A973971BD6E76D, 921BF84860F75FBDC841789B88E7C2835ADAB3DDCE7E7A7E61DE23D3376CAF96 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
12:23:03.0367 0x1a9c WinHttpAutoProxySvc - ok
12:23:03.0430 0x1a9c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:23:03.0461 0x1a9c Winmgmt - ok
12:23:03.0555 0x1a9c [ F81B96E455847919D2382098157DC20A, EDB286730D4F3D535F1F0B738DB39230B05B133FAFDD2F4904AD5B57C2705106 ] WinRM C:\Windows\system32\WsmSvc.dll
12:23:03.0648 0x1a9c WinRM - ok
12:23:03.0680 0x1a9c [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\Windows\System32\drivers\WinUsb.sys
12:23:03.0695 0x1a9c WinUsb - ok
12:23:03.0773 0x1a9c [ 2A4A54CB5198AEF84DF56560C679EDD9, 829BED307F9E57EEC38CEF91978034CC6846493AE33E51E76A1AC36EB5B1F197 ] WlanSvc C:\Windows\System32\wlansvc.dll
12:23:03.0836 0x1a9c WlanSvc - ok
12:23:03.0930 0x1a9c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
12:23:04.0008 0x1a9c wlidsvc - ok
12:23:04.0023 0x1a9c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
12:23:04.0039 0x1a9c WmiAcpi - ok
12:23:04.0086 0x1a9c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:23:04.0102 0x1a9c wmiApSrv - ok
12:23:04.0117 0x1a9c WMPNetworkSvc - ok
12:23:04.0148 0x1a9c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
12:23:04.0164 0x1a9c Wof - ok
12:23:04.0242 0x1a9c [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
12:23:04.0320 0x1a9c workfolderssvc - ok
12:23:04.0367 0x1a9c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
12:23:04.0383 0x1a9c wpcfltr - ok
12:23:04.0414 0x1a9c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:23:04.0445 0x1a9c WPCSvc - ok
12:23:04.0477 0x1a9c [ 25BE82B325AC22FE563A58A1AC29F4C1, 4247BAA9A44C964446F81ED44F18B28F1F730F46851EC2B756BAC57FB9D86700 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:23:04.0508 0x1a9c WPDBusEnum - ok
12:23:04.0524 0x1a9c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
12:23:04.0555 0x1a9c WpdUpFltr - ok
12:23:04.0570 0x1a9c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:23:04.0586 0x1a9c ws2ifsl - ok
12:23:04.0649 0x1a9c [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\Windows\System32\wscsvc.dll
12:23:04.0664 0x1a9c wscsvc - ok
12:23:04.0680 0x1a9c WSearch - ok
12:23:04.0805 0x1a9c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
12:23:04.0961 0x1a9c WSService - ok
12:23:05.0107 0x1a9c [ D9FFD9E4DECC180ECFD85C44B5459D7B, 863BB388B855407BFE45A71EB64EF683C72332C6B948888BD9953D644C044F85 ] wuauserv C:\Windows\system32\wuaueng.dll
12:23:05.0261 0x1a9c wuauserv - ok
12:23:05.0276 0x1a9c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:23:05.0292 0x1a9c WudfPf - ok
12:23:05.0339 0x1a9c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:23:05.0370 0x1a9c WUDFRd - ok
12:23:05.0370 0x1a9c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\Windows\System32\drivers\WUDFRd.sys
12:23:05.0401 0x1a9c WUDFSensorLP - ok
12:23:05.0417 0x1a9c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:23:05.0433 0x1a9c wudfsvc - ok
12:23:05.0448 0x1a9c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
12:23:05.0464 0x1a9c WUDFWpdFs - ok
12:23:05.0464 0x1a9c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys
12:23:05.0495 0x1a9c WUDFWpdMtp - ok
12:23:05.0526 0x1a9c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:23:05.0558 0x1a9c WwanSvc - ok
12:23:05.0558 0x1a9c xhunter1 - ok
12:23:05.0573 0x1a9c ================ Scan global ===============================
12:23:05.0620 0x1a9c [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
12:23:05.0651 0x1a9c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
12:23:05.0683 0x1a9c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
12:23:05.0714 0x1a9c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
12:23:05.0730 0x1a9c [ Global ] - ok
12:23:05.0730 0x1a9c ================ Scan MBR ==================================
12:23:05.0745 0x1a9c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:23:05.0823 0x1a9c \Device\Harddisk0\DR0 - ok
12:23:05.0823 0x1a9c [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR1
12:23:05.0964 0x1a9c \Device\Harddisk1\DR1 - ok
12:23:05.0980 0x1a9c [ DDAE9D649DB12F6AFF24483F2C298989 ] \Device\Harddisk2\DR2
12:23:06.0089 0x1a9c \Device\Harddisk2\DR2 - ok
12:23:06.0089 0x1a9c ================ Scan VBR ==================================
12:23:06.0089 0x1a9c [ 6C8E6DBF570F67BD05E8CEB22AE84BB6 ] \Device\Harddisk0\DR0\Partition1
12:23:06.0089 0x1a9c \Device\Harddisk0\DR0\Partition1 - ok
12:23:06.0105 0x1a9c [ BDA4A7B1D61F489685F7023A33C20625 ] \Device\Harddisk0\DR0\Partition2
12:23:06.0105 0x1a9c \Device\Harddisk0\DR0\Partition2 - ok
12:23:06.0120 0x1a9c [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
12:23:06.0120 0x1a9c \Device\Harddisk0\DR0\Partition3 - ok
12:23:06.0136 0x1a9c [ FA38B2E593745B96FDCB599D19D60DDF ] \Device\Harddisk0\DR0\Partition4
12:23:06.0136 0x1a9c \Device\Harddisk0\DR0\Partition4 - ok
12:23:06.0167 0x1a9c [ 57CA65B64FD614D3FDB50867E2EA5773 ] \Device\Harddisk0\DR0\Partition5
12:23:06.0167 0x1a9c \Device\Harddisk0\DR0\Partition5 - ok
12:23:06.0167 0x1a9c [ A8013B618BE37A3228136370E959428C ] \Device\Harddisk1\DR1\Partition1
12:23:06.0167 0x1a9c \Device\Harddisk1\DR1\Partition1 - ok
12:23:06.0167 0x1a9c [ 5ED0E134EE3B83A823DFD70F4C2B47B6 ] \Device\Harddisk2\DR2\Partition1
12:23:06.0167 0x1a9c \Device\Harddisk2\DR2\Partition1 - ok
12:23:06.0167 0x1a9c ================ Scan generic autorun ======================
12:23:06.0261 0x1a9c [ 35C543789F1A4010761C29B67E7C2E82, 7DABFF8E8EB35B75411D0DD8E91FDEB1A7169CAF364DA05F082494F301666C4D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:23:06.0339 0x1a9c NvBackend - ok
12:23:06.0714 0x1a9c [ 89AA8AC9B4E101E4173455D4620C5117, 746A6EA06A980EE29E6A401AA19313F13ECBF0F0EDFB6E7E6BD8C46ACCF9DA0B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:23:07.0058 0x1a9c RTHDVCPL - ok
12:23:07.0105 0x1a9c [ 80B6305A499A55C700661CE6636387A6, 69A07A902DCDB26EB14200AB383D4883FC7EDE6BF9C125ECF730AA5525F39710 ] C:\Program Files\Bitdefender\Bitdefender Security\bdagent.exe
12:23:07.0136 0x1a9c Bdagent - ok
12:23:07.0183 0x1a9c [ 9BC475FB1CCA59A1A164E024210633FC, 6343335124C0F31E3E4C7AB8C9DF55DD08AE2CDE529EF414D3BEC35E407DA7A0 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
12:23:07.0245 0x1a9c Cisco AnyConnect Secure Mobility Agent for Windows - ok
12:23:07.0245 0x1a9c GoogleDriveSync - ok
12:23:07.0464 0x1a9c [ 62305D013F4E1538FA071846BD62FF52, E3DE76A994F2CCF17F443EFC928532FA6114469BC2C4B21D43B1DCE677D5D112 ] C:\Users\beats_000\AppData\Local\FluxSoftware\Flux\flux.exe
12:23:07.0511 0x1a9c f.lux - ok
12:23:07.0527 0x1a9c Waiting for KSN requests completion. In queue: 166
12:23:08.0558 0x1a9c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x60100 ( disabled : updated )
12:23:08.0558 0x1a9c AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.167 ), 0x61000 ( enabled : updated )
12:23:08.0558 0x1a9c AV detected via SS2: Bitdefender Virenschutz, C:\Program Files\Bitdefender\Bitdefender Security\wscfix.exe ( 22.0.21.291 ), 0x41000 ( enabled : updated )
12:23:08.0574 0x1a9c Win FW state via NFP2: enabled ( trusted )
12:23:08.0699 0x1a9c ============================================================
12:23:08.0699 0x1a9c Scan finished
12:23:08.0699 0x1a9c ============================================================
12:23:08.0714 0x12cc Detected object count: 0
12:23:08.0714 0x12cc Actual detected object count: 0
|
|
09.07.2018, 11:30
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk Da ist nix. Lass nochmal adwCleaner laufen: Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! adwCleaner v7.x Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
09.07.2018, 11:53
| #10 |
| | Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk Bitte: Code:
ATTFilter # -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build: 07-04-2018
# Database: 2018-07-04.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-09-2018
# Duration: 00:00:03
# OS: Windows 8.1
# Cleaned: 0
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
No malicious registry entries cleaned.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Windows Firewall
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [1835 octets] - [09/07/2018 10:46:04]
AdwCleaner[C00].txt - [2054 octets] - [09/07/2018 10:46:59]
AdwCleaner[S01].txt - [1360 octets] - [09/07/2018 12:46:40]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########
|
|
09.07.2018, 12:22
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk Auch da ist nix. Ich halte die Meldung für einen Fehlalarm.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Die Anwendung svchost.exe greift auf die Web-Ressource http://crl.comodoca.com/COMODORSACertificationAuthority.crl zu, die als infiziert erk |
| andere, anderen, anwendung, blockiert, datei, erfolgreich, erhalte, erhalten, erkannt, folge, folgende, greift, infiziert, meldung, morgen, nachricht, nicht mehr, polen, stunden, svchost.exe, thread, troja, trojanerboard, versucht, zugriff |
Linear-Darstellung
