Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 30.10.2018, 12:58   #1
Twinny2001
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Icon32

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Hallo mein PC hat sich einen Trojaner eingefangen. GData findet Ihn kann Ihn aber nicht entfernen. Mein Email. Konto ist geknakt worden und Ebey wurde auch schon geentert. Passwörter sind getauscht. Aber mein Pc muss erst mal wieder sauber werden.
Ich bitte um Hilfe

Code:
ATTFilter
 Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018
durchgeführt von WALTERGMBH (Administrator) auf WALTER-SRV01 (30-10-2018 13:08:10)
Gestartet von C:\Users\WALTERGMBH\Downloads
Geladene Profile: WALTERGMBH & MSSQL$MSOFT (Verfügbare Profile: WALTERGMBH & Backup & MSSQL$MSOFT)
Platform: Windows 10 Pro Version 1803 17134.345 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxCUIService.exe
(AVM Berlin) C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\IntelCpHDCPSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\IntelCpHeciSvc.exe
(Veeam Software AG) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.MSOFT\MSSQL\Binn\sqlservr.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\110\LocalDB\Binn\sqlservr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFirewallTray.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(M-SOFT Organisationsberatung GmbH) \\walter-srv01\mswin.net\MSMenue.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Veeam Software AG) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe
(Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(M-SOFT Organisationsberatung GmbH) \\walter-srv01\mswin.net\MSTermin.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Amazon Services LLC) C:\Users\WALTERGMBH\AppData\Local\Amazon Music\Amazon Music Helper.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltSur64.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\GUI\GDSC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\WebProtection\NativeMessagingWP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(G DATA Software AG) C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVK.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(M-SOFT Organisationsberatung GmbH) \\walter-srv01\mswin.net\Stamm.exe
(M-SOFT Organisationsberatung GmbH) \\walter-srv01\mswin.net\Bestell.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\backgroundTaskHost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-03-29] (Intel Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Greenshot)
HKLM\...\Run: [Veeam.EndPoint.Tray.exe] => C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe [961800 2018-06-15] (Veeam Software AG)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [757184 2018-06-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [656360 2018-06-05] (G DATA Software AG)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [3932672 2018-07-06] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [3932672 2018-07-06] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-21-67226549-1051496405-660625408-1001\...\Run: [WhatsApp] => C:\Users\WALTERGMBH\AppData\Local\WhatsApp\Update.exe [2204160 2018-10-27] ()
HKU\S-1-5-21-67226549-1051496405-660625408-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [3932672 2018-07-06] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-80-970798690-3469772507-30737694-4116737687-753453404\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-80-970798690-3469772507-30737694-4116737687-753453404\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [3932672 2018-07-06] (Microsoft Corporation) <==== ACHTUNG
HKU\S-1-5-18\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [3932672 2018-07-06] (Microsoft Corporation) <==== ACHTUNG
Startup: C:\Users\WALTERGMBH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2018-09-21]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c3705265-7131-487e-94bd-252d8df41aa4}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-67226549-1051496405-660625408-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://oem17win10.msn.com/?pc=NMTE
HKU\S-1-5-21-67226549-1051496405-660625408-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem17win10.msn.com/?pc=NMTE
SearchScopes: HKU\S-1-5-21-67226549-1051496405-660625408-1001 -> DefaultScope {04158977-A99D-417C-9F2C-5F01C3476FB1} URL = 
SearchScopes: HKU\S-1-5-21-67226549-1051496405-660625408-1001 -> {04158977-A99D-417C-9F2C-5F01C3476FB1} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-23] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: Kein Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Keine Datei
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-05] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: jhmynd6r.default
FF ProfilePath: C:\Users\WALTERGMBH\AppData\Roaming\Mozilla\Firefox\Profiles\jhmynd6r.default [2017-09-21]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-08-10] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2017-08-10] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-08-10] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-11] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-08-10] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-67226549-1051496405-660625408-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2017-08-10] (Tracker Software Products (Canada) Ltd.)

Chrome: 
=======
CHR Profile: C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default [2018-10-30]
CHR Extension: (Präsentationen) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-21]
CHR Extension: (Adobe Acrobat) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-27]
CHR Extension: (Tabellen) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-15]
CHR Extension: (G DATA WebProtection) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\iokapgenfjiafbmphhhcgmgkobiiomcp [2018-09-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Google Mail) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-21]
CHR Extension: (Chrome Media Router) - C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-17]
CHR Profile: C:\Users\WALTERGMBH\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-29]
CHR HKU\S-1-5-21-67226549-1051496405-660625408-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5389040 2018-06-15] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3749016 2018-06-05] (G Data Software AG)
R2 avmident; C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe [76288 2011-09-27] (AVM Berlin) [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9683736 2018-10-14] (Microsoft Corporation)
S3 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [4632040 2018-06-13] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3607592 2018-06-05] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [1361304 2018-06-05] (G DATA Software AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2017-03-29] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [732448 2017-02-24] (Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [548648 2017-02-24] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [196712 2017-04-24] (Intel Corporation)
R2 MSSQL$MSOFT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSOFT\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation)
S2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [432776 2018-02-27] (Geek Software GmbH)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [757184 2018-06-28] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 SQLAgent$MSOFT; C:\Program Files\Microsoft SQL Server\MSSQL12.MSOFT\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2017-08-08] ()
R2 VeeamEndpointBackupSvc; C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe [120584 2018-06-15] (Veeam Software AG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [166912 2018-05-07] (G DATA Software AG)
R3 GDKBB; C:\windows\system32\drivers\GDKBB64.sys [46104 2017-09-26] (G Data Software AG)
R3 GDKBFlt; C:\windows\system32\drivers\GDKBFlt64.sys [38984 2018-07-31] (G DATA Software AG)
R1 GDMnIcpt; C:\windows\system32\drivers\MiniIcpt.sys [422936 2018-07-31] (G Data Software AG)
R3 GDPkIcpt; C:\windows\system32\drivers\PktIcpt.sys [199816 2018-10-17] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2018-10-17] (G DATA Software AG)
R3 GRD; C:\windows\system32\drivers\GRD.sys [125640 2018-10-30] (G Data Software)
R1 HookCentre; C:\windows\system32\drivers\HookCentre.sys [207896 2018-07-31] (G Data Software AG)
S3 iaStorB; C:\WINDOWS\System32\drivers\iaStorB.sys [573936 2016-08-12] (Intel Corporation)
S3 iaStorS; C:\WINDOWS\System32\drivers\iaStorS.sys [657368 2015-06-02] (Intel Corporation)
S3 LSI_SAS3; C:\WINDOWS\System32\drivers\lsi_sas3.sys [110752 2016-04-10] (Avago Technologies)
S3 megasas2; C:\WINDOWS\System32\drivers\megasas2.sys [84048 2016-12-28] (Avago Technologies)
S4 RsFx0300; C:\WINDOWS\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-10-30 13:08 - 2018-10-30 13:08 - 000022670 _____ C:\Users\WALTERGMBH\Downloads\FRST.txt
2018-10-30 13:08 - 2018-10-30 13:08 - 000000000 ____D C:\FRST
2018-10-30 13:07 - 2018-10-30 13:07 - 002414592 _____ (Farbar) C:\Users\WALTERGMBH\Downloads\FRST64.exe
2018-10-29 15:19 - 2018-10-29 15:25 - 000254576 _____ C:\Users\WALTERGMBH\Documents\Einladung Weihnachtsfeier 2018.pdf
2018-10-29 14:57 - 2018-10-29 14:57 - 001009184 _____ C:\Users\WALTERGMBH\Downloads\46002_Alegra_10 E_web.pdf
2018-10-27 09:15 - 2018-10-27 09:15 - 000445422 _____ C:\Users\WALTERGMBH\Downloads\Avery-Etikett-5080 (1).avery
2018-10-27 09:10 - 2018-10-27 09:10 - 000445412 _____ C:\Users\WALTERGMBH\Downloads\Avery-Etikett-5080.avery
2018-10-25 15:30 - 2018-10-25 15:30 - 000482552 _____ C:\Users\WALTERGMBH\Downloads\kia-configurator-kia_picanto-attract-20181025.pdf
2018-10-25 14:23 - 2018-10-25 14:23 - 000342799 _____ C:\Users\WALTERGMBH\Downloads\SafetyRecordIndex.pdf
2018-10-24 08:17 - 2018-10-24 08:26 - 000208837 _____ C:\Users\WALTERGMBH\Documents\Zeitungsartikel Herbstfest Kimu.pdf
2018-10-23 09:44 - 2018-10-23 09:44 - 000001528 _____ C:\Users\WALTERGMBH\Downloads\Meier Wulf.vcf
2018-10-23 09:38 - 2018-10-23 09:38 - 000001528 _____ C:\Users\WALTERGMBH\Documents\Meier Wulf.vcf
2018-10-23 05:35 - 2018-10-23 05:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-10-22 15:54 - 2018-10-22 15:54 - 000476280 _____ C:\Users\WALTERGMBH\Downloads\MP Antragsformular Eröffnung Kundenkonto für Gewerbekunden ausfüllbar BDSG NEU 2018.pdf
2018-10-22 13:31 - 2018-10-22 13:31 - 000851853 _____ C:\Users\WALTERGMBH\Downloads\46071_Herzziegel_web.pdf
2018-10-22 10:43 - 2018-10-22 10:43 - 000000133 _____ C:\Users\WALTERGMBH\Downloads\eintrag (18).vcf
2018-10-19 12:11 - 2018-10-19 12:11 - 000114062 _____ C:\Users\WALTERGMBH\Documents\Preisanfrage.pdf
2018-10-19 12:11 - 2018-10-19 12:11 - 000114062 _____ C:\Users\WALTERGMBH\Documents\Bestellung.pdf
2018-10-18 12:48 - 2018-10-18 12:48 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Roaming\Google
2018-10-18 11:07 - 2018-10-18 11:07 - 001104338 _____ C:\Users\WALTERGMBH\Downloads\SystemanforderungenmitApplikationen.zip
2018-10-18 09:43 - 2018-10-18 09:43 - 006527785 _____ C:\Users\WALTERGMBH\Downloads\41001_PSL_Koramic_2018_screen.pdf
2018-10-17 16:12 - 2018-10-17 16:12 - 000199816 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2018-10-17 16:12 - 2018-10-17 16:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2018-10-16 14:00 - 2018-10-16 14:00 - 000025848 _____ C:\Users\WALTERGMBH\Downloads\Dach Kriche Pfarrhaus Zwingenberg 16102018 (3).ga1
2018-10-15 10:49 - 2018-10-15 10:49 - 000106095 _____ C:\Users\WALTERGMBH\Downloads\PB_ENKETOP_Chips (1).pdf
2018-10-15 10:48 - 2018-10-15 10:48 - 000921361 _____ C:\Users\WALTERGMBH\Downloads\SDB_ENKETOP_Versiegelung_1K.pdf
2018-10-15 10:48 - 2018-10-15 10:48 - 000724917 _____ C:\Users\WALTERGMBH\Downloads\SDB_ENKETOP.pdf
2018-10-15 10:46 - 2018-10-15 10:46 - 000105434 _____ C:\Users\WALTERGMBH\Downloads\PB_ENKOPUR (2).pdf
2018-10-11 10:24 - 2018-10-11 10:24 - 000002781 _____ C:\Users\WALTERGMBH\Desktop\Auschreibung Dirigint 2018.jpg - Verknüpfung.lnk
2018-10-10 17:17 - 2018-10-10 17:17 - 000350677 _____ C:\Users\WALTERGMBH\Documents\Beitrittserklärung.pdf
2018-10-10 12:52 - 2018-10-10 12:52 - 000000236 _____ C:\Users\WALTERGMBH\Downloads\eintrag (17).vcf
2018-10-10 06:16 - 2018-10-10 06:16 - 000862932 _____ C:\Users\WALTERGMBH\Downloads\46015_Tradi_15_web.pdf
2018-10-10 05:59 - 2018-09-21 10:23 - 000257848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVFileSystemMetadata.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 001786168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 001626936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 001422648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000399672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-10-10 05:59 - 2018-09-21 10:21 - 000228152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamMap.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2018-10-10 05:59 - 2018-09-21 10:21 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2018-10-10 05:59 - 2018-09-21 10:21 - 000173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVNice.exe
2018-10-10 05:59 - 2018-09-21 10:21 - 000034304 _____ C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2018-10-10 05:59 - 2018-09-21 10:18 - 021386888 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-10-10 05:59 - 2018-09-21 10:01 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-10-10 05:59 - 2018-09-21 09:22 - 020381784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-10-10 05:59 - 2018-09-21 09:12 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-10-10 05:59 - 2018-09-21 05:14 - 000661056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-10-10 05:59 - 2018-09-21 05:13 - 000480568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-10-10 05:59 - 2018-09-21 05:12 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-10-10 05:59 - 2018-09-21 05:11 - 000753056 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-10-10 05:59 - 2018-09-21 05:09 - 004790160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-10-10 05:59 - 2018-09-21 05:09 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-10-10 05:59 - 2018-09-21 05:09 - 001427968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-10-10 05:59 - 2018-09-21 05:09 - 001062920 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-10-10 05:59 - 2018-09-21 05:09 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-10-10 05:59 - 2018-09-21 05:08 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-10-10 05:59 - 2018-09-21 05:08 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-10-10 05:59 - 2018-09-21 05:08 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-10-10 05:59 - 2018-09-21 05:08 - 001456720 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-10-10 05:59 - 2018-09-21 05:08 - 001257864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-10-10 05:59 - 2018-09-21 05:08 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-10-10 05:59 - 2018-09-21 05:08 - 000982600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-10-10 05:59 - 2018-09-21 05:08 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-10-10 05:59 - 2018-09-21 05:08 - 000261008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-10-10 05:59 - 2018-09-21 05:08 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-10-10 05:59 - 2018-09-21 05:07 - 000604664 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-10-10 05:59 - 2018-09-21 04:58 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-10-10 05:59 - 2018-09-21 04:57 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-10-10 05:59 - 2018-09-21 04:57 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-10-10 05:59 - 2018-09-21 04:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-10-10 05:59 - 2018-09-21 04:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-10-10 05:59 - 2018-09-21 04:53 - 001006080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-10-10 05:59 - 2018-09-21 04:43 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-10-10 05:59 - 2018-09-21 04:42 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-10-10 05:59 - 2018-09-21 04:41 - 003396096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-10-10 05:59 - 2018-09-21 04:40 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-10-10 05:59 - 2018-09-21 04:39 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-10-10 05:59 - 2018-09-21 04:39 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-10-10 05:59 - 2018-09-21 04:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-10-10 05:59 - 2018-09-21 04:39 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-10-10 05:59 - 2018-09-21 04:38 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-10-10 05:59 - 2018-09-21 04:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-10-10 05:59 - 2018-09-21 04:37 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-10-10 05:59 - 2018-09-21 04:37 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-10-10 05:59 - 2018-09-21 04:37 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-10-10 05:59 - 2018-09-21 04:37 - 000604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-10-10 05:59 - 2018-09-21 04:36 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-10-10 05:59 - 2018-09-21 04:36 - 001034240 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-10-10 05:59 - 2018-09-21 04:36 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-10-10 05:59 - 2018-09-21 04:36 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-10-10 05:59 - 2018-09-21 04:36 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-10-10 05:59 - 2018-09-20 10:40 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-10-10 05:59 - 2018-09-20 10:37 - 001634944 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-10-10 05:59 - 2018-09-20 10:23 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-10-10 05:59 - 2018-09-20 10:22 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-10-10 05:59 - 2018-09-20 10:19 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-10-10 05:59 - 2018-09-20 10:18 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-10-10 05:59 - 2018-09-20 10:18 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-10-10 05:59 - 2018-09-20 10:18 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-10-10 05:59 - 2018-09-20 10:17 - 002874368 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2018-10-10 05:59 - 2018-09-20 10:17 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-10-10 05:59 - 2018-09-20 10:17 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-10-10 05:59 - 2018-09-20 10:17 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-10-10 05:59 - 2018-09-20 10:16 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-10-10 05:59 - 2018-09-20 09:46 - 001454440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-10-10 05:59 - 2018-09-20 09:35 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-10-10 05:59 - 2018-09-20 09:34 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-10-10 05:59 - 2018-09-20 09:30 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-10-10 05:59 - 2018-09-20 09:29 - 002891776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-10-10 05:59 - 2018-09-20 09:29 - 002824704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2018-10-10 05:59 - 2018-09-20 09:29 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-10-10 05:59 - 2018-09-20 09:28 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-10-10 05:59 - 2018-09-20 07:43 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-10-10 05:59 - 2018-09-20 06:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-10-10 05:59 - 2018-09-20 05:29 - 006569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-10-10 05:59 - 2018-09-20 05:29 - 006039368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-10-10 05:59 - 2018-09-20 05:29 - 001989232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-10-10 05:59 - 2018-09-20 05:29 - 001513032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-10-10 05:59 - 2018-09-20 05:29 - 000357056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-10-10 05:59 - 2018-09-20 05:28 - 001129544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-10-10 05:59 - 2018-09-20 05:28 - 000581792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-10-10 05:59 - 2018-09-20 05:28 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-10-10 05:59 - 2018-09-20 05:21 - 022013440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-10-10 05:59 - 2018-09-20 05:17 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-10-10 05:59 - 2018-09-20 05:15 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-10-10 05:59 - 2018-09-20 05:13 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-10-10 05:59 - 2018-09-20 05:12 - 000272200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-10-10 05:59 - 2018-09-20 05:12 - 000269128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-10-10 05:59 - 2018-09-20 05:11 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-10-10 05:59 - 2018-09-20 05:11 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-10-10 05:59 - 2018-09-20 05:11 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-10-10 05:59 - 2018-09-20 05:11 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-10-10 05:59 - 2018-09-20 05:11 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2018-10-10 05:59 - 2018-09-20 05:10 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-10-10 05:59 - 2018-09-20 05:10 - 001221128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-10-10 05:59 - 2018-09-20 05:10 - 001029432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-10-10 05:59 - 2018-09-20 05:10 - 000566800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-10-10 05:59 - 2018-09-20 05:10 - 000500536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-10-10 05:59 - 2018-09-20 05:10 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2018-10-10 05:59 - 2018-09-20 05:10 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-10-10 05:59 - 2018-09-20 05:10 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-10-10 05:59 - 2018-09-20 05:09 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-10-10 05:59 - 2018-09-20 05:09 - 007520096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-10-10 05:59 - 2018-09-20 05:09 - 007432136 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-10-10 05:59 - 2018-09-20 05:09 - 002825232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-10-10 05:59 - 2018-09-20 05:09 - 002462888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-10-10 05:59 - 2018-09-20 05:09 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-10-10 05:59 - 2018-09-20 05:09 - 001767096 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-10-10 05:59 - 2018-09-20 05:09 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2018-10-10 05:59 - 2018-09-20 05:09 - 001097744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-10-10 05:59 - 2018-09-20 05:09 - 000885952 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-10-10 05:59 - 2018-09-20 05:09 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-10-10 05:59 - 2018-09-20 05:09 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-10-10 05:59 - 2018-09-20 05:09 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-10-10 05:59 - 2018-09-20 05:08 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-10-10 05:59 - 2018-09-20 05:08 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-10-10 05:59 - 2018-09-20 04:53 - 025851392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-10-10 05:59 - 2018-09-20 04:46 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-10-10 05:59 - 2018-09-20 04:44 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-10-10 05:59 - 2018-09-20 04:44 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-10-10 05:59 - 2018-09-20 04:43 - 000052736 _____ C:\WINDOWS\system32\runexehelper.exe
2018-10-10 05:59 - 2018-09-20 04:42 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-10-10 05:59 - 2018-09-20 04:42 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-10-10 05:59 - 2018-09-20 04:42 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-10-10 05:59 - 2018-09-20 04:41 - 007577088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-10-10 05:59 - 2018-09-20 04:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-10-10 05:59 - 2018-09-20 04:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-10-10 05:59 - 2018-09-20 04:41 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-10-10 05:59 - 2018-09-20 04:41 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-10-10 05:59 - 2018-09-20 04:40 - 003090432 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-10-10 05:59 - 2018-09-20 04:40 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-10-10 05:59 - 2018-09-20 04:40 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-10-10 05:59 - 2018-09-20 04:38 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-10-10 05:59 - 2018-09-20 04:38 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2018-10-10 05:59 - 2018-09-20 04:37 - 004615680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-10-10 05:59 - 2018-09-20 04:37 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-10-10 05:59 - 2018-09-20 04:36 - 001375232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-10-10 05:59 - 2018-09-20 03:21 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-10-10 05:59 - 2018-09-20 02:28 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2018-10-10 05:59 - 2018-09-08 09:12 - 000452112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-10-10 05:59 - 2018-09-08 09:07 - 002868536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-10-10 05:59 - 2018-09-08 09:07 - 001610552 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-10-10 05:59 - 2018-09-08 09:07 - 000792376 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-10-10 05:59 - 2018-09-08 09:07 - 000689464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-10-10 05:59 - 2018-09-08 09:07 - 000612360 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-10-10 05:59 - 2018-09-08 09:07 - 000309560 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-10-10 05:59 - 2018-09-08 09:07 - 000144696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-10-10 05:59 - 2018-09-08 09:07 - 000069944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-10-10 05:59 - 2018-09-08 09:03 - 002267136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2018-10-10 05:59 - 2018-09-08 09:02 - 000645112 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2018-10-10 05:59 - 2018-09-08 09:02 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-10-10 05:59 - 2018-09-08 08:58 - 001639352 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-10-10 05:59 - 2018-09-08 08:58 - 001520744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-10-10 05:59 - 2018-09-08 08:57 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2018-10-10 05:59 - 2018-09-08 08:44 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-10-10 05:59 - 2018-09-08 08:43 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-10-10 05:59 - 2018-09-08 08:43 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-10-10 05:59 - 2018-09-08 08:42 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2018-10-10 05:59 - 2018-09-08 08:42 - 000188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-10-10 05:59 - 2018-09-08 08:42 - 000169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-10-10 05:59 - 2018-09-08 08:42 - 000114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthci.dll
2018-10-10 05:59 - 2018-09-08 08:41 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-10-10 05:59 - 2018-09-08 08:40 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-10-10 05:59 - 2018-09-08 08:40 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2018-10-10 05:59 - 2018-09-08 08:40 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2018-10-10 05:59 - 2018-09-08 08:40 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2018-10-10 05:59 - 2018-09-08 08:40 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-10-10 05:59 - 2018-09-08 08:40 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2018-10-10 05:59 - 2018-09-08 08:39 - 005505024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2018-10-10 05:59 - 2018-09-08 08:39 - 002052096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-10-10 05:59 - 2018-09-08 08:39 - 001787904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-10-10 05:59 - 2018-09-08 08:39 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-10-10 05:59 - 2018-09-08 08:38 - 001288192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-10-10 05:59 - 2018-09-08 08:38 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-10-10 05:59 - 2018-09-08 08:38 - 000986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-10-10 05:59 - 2018-09-08 08:38 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2018-10-10 05:59 - 2018-09-08 08:38 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2018-10-10 05:59 - 2018-09-08 08:37 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-10-10 05:59 - 2018-09-08 08:17 - 001540104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2018-10-10 05:59 - 2018-09-08 08:16 - 000482080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2018-10-10 05:59 - 2018-09-08 08:14 - 001328056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-10-10 05:59 - 2018-09-08 08:13 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-10-10 05:59 - 2018-09-08 08:13 - 000181288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2018-10-10 05:59 - 2018-09-08 08:03 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-10-10 05:59 - 2018-09-08 08:03 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-10-10 05:59 - 2018-09-08 08:02 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2018-10-10 05:59 - 2018-09-08 08:00 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2018-10-10 05:59 - 2018-09-08 07:59 - 001530368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-10-10 05:59 - 2018-09-08 07:59 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-10-10 05:59 - 2018-09-08 07:59 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-10-10 05:59 - 2018-09-08 07:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.XamlHost.dll
2018-10-10 05:59 - 2018-09-08 07:58 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-10-10 05:59 - 2018-09-08 07:58 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-10-10 05:59 - 2018-09-08 07:58 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-10-10 05:59 - 2018-09-08 07:57 - 005391360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2018-10-10 05:59 - 2018-09-08 07:57 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2018-10-10 05:59 - 2018-09-08 07:57 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2018-10-10 05:59 - 2018-09-08 07:57 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2018-10-10 05:59 - 2018-09-08 07:56 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-10-10 05:59 - 2018-09-08 05:08 - 000462880 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-10-10 05:59 - 2018-09-08 04:59 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-10-10 05:59 - 2018-09-08 04:59 - 000361544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2018-10-10 05:59 - 2018-09-08 04:58 - 000744976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2018-10-10 05:59 - 2018-09-08 04:58 - 000376120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-10-10 05:59 - 2018-09-08 04:58 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-10-10 05:59 - 2018-09-08 04:57 - 002571128 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-10-10 05:59 - 2018-09-08 04:57 - 001016984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-10-10 05:59 - 2018-09-08 04:57 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-10-10 05:59 - 2018-09-08 04:57 - 000482384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-10-10 05:59 - 2018-09-08 04:57 - 000368448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2018-10-10 05:59 - 2018-09-08 04:57 - 000267576 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-10-10 05:59 - 2018-09-08 04:51 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-10-10 05:59 - 2018-09-08 04:45 - 000295416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-10-10 05:59 - 2018-09-08 04:45 - 000286824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2018-10-10 05:59 - 2018-09-08 04:44 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-10-10 05:59 - 2018-09-08 04:44 - 000829752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-10-10 05:59 - 2018-09-08 04:43 - 001174448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-10-10 05:59 - 2018-09-08 04:43 - 000269104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2018-10-10 05:59 - 2018-09-08 04:32 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2018-10-10 05:59 - 2018-09-08 04:31 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-10-10 05:59 - 2018-09-08 04:31 - 000272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-10-10 05:59 - 2018-09-08 04:30 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-10-10 05:59 - 2018-09-08 04:30 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2018-10-10 05:59 - 2018-09-08 04:30 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-10-10 05:59 - 2018-09-08 04:30 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2018-10-10 05:59 - 2018-09-08 04:30 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2018-10-10 05:59 - 2018-09-08 04:29 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-10-10 05:59 - 2018-09-08 04:29 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-10-10 05:59 - 2018-09-08 04:29 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2018-10-10 05:59 - 2018-09-08 04:29 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-10-10 05:59 - 2018-09-08 04:29 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-10-10 05:59 - 2018-09-08 04:28 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2018-10-10 05:59 - 2018-09-08 04:28 - 000473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-10-10 05:59 - 2018-09-08 04:28 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-10-10 05:59 - 2018-09-08 04:28 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-10-10 05:59 - 2018-09-08 04:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-10-10 05:59 - 2018-09-08 04:27 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-10-10 05:59 - 2018-09-08 04:27 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-10-10 05:59 - 2018-09-08 04:27 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-10-10 05:59 - 2018-09-08 04:27 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2018-10-10 05:59 - 2018-09-08 04:27 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2018-10-10 05:59 - 2018-09-08 04:27 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-10-10 05:59 - 2018-09-08 04:26 - 002328064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2018-10-10 05:59 - 2018-09-08 04:26 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-10-10 05:59 - 2018-09-08 04:26 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2018-10-10 05:59 - 2018-09-08 04:26 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-10-10 05:59 - 2018-09-08 04:26 - 000387584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2018-10-10 05:59 - 2018-09-08 04:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-10-10 05:59 - 2018-09-08 04:26 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2018-10-10 05:59 - 2018-09-08 04:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2018-10-10 05:59 - 2018-09-08 04:25 - 003553792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-10-10 05:59 - 2018-09-08 04:25 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-10-10 05:59 - 2018-09-08 04:25 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2018-10-10 05:59 - 2018-09-08 04:25 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-10-10 05:59 - 2018-09-08 04:25 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-10-10 05:59 - 2018-09-08 04:25 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Proximity.dll
2018-10-10 05:59 - 2018-09-08 04:24 - 001457664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-10-10 05:59 - 2018-09-08 04:24 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2018-10-10 05:59 - 2018-09-08 04:24 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2018-10-10 05:59 - 2018-09-08 04:24 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2018-10-10 05:59 - 2018-09-08 04:23 - 001655296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2018-10-10 05:59 - 2018-09-08 04:23 - 000807936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2018-10-10 05:59 - 2018-09-08 04:23 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2018-10-10 05:59 - 2018-09-08 04:23 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Proximity.dll
2018-10-10 05:59 - 2018-09-08 04:22 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2018-10-09 12:24 - 2018-10-09 12:24 - 000000143 _____ C:\Users\WALTERGMBH\Downloads\eintrag (16).vcf
2018-10-02 13:40 - 2018-10-02 13:40 - 000014335 _____ C:\Users\WALTERGMBH\Documents\Kuchenliste.xlsx
2018-10-02 13:39 - 2018-10-02 13:39 - 000083041 _____ C:\Users\WALTERGMBH\Documents\Kuchenliste.pdf
2018-10-02 12:46 - 2018-10-02 12:46 - 000506164 _____ C:\Users\WALTERGMBH\Downloads\Übersichtsliste Allergene 2017.pdf
2018-10-02 12:08 - 2018-10-02 12:08 - 000000401 _____ C:\Users\WALTERGMBH\Downloads\admhelper (3)
2018-10-01 06:24 - 2018-10-01 06:24 - 000514850 _____ C:\Users\WALTERGMBH\Downloads\FRITZ.Box 7490 113.06.83_01.10.18_0724.export
2018-10-01 06:24 - 2018-10-01 06:24 - 000514850 _____ C:\Users\WALTERGMBH\Downloads\FRITZ.Box 7490 113.06.83_01.10.18_0724 (1).export
2018-10-01 06:23 - 2018-10-01 06:23 - 000514850 _____ C:\Users\WALTERGMBH\Downloads\FRITZ.Box 7490 113.06.83_01.10.18_0723.export
2018-09-30 17:44 - 2018-09-30 17:44 - 000321580 _____ C:\Users\WALTERGMBH\Downloads\Rheindürkheim Rückmeldung.pdf
2018-09-30 17:43 - 2018-09-30 17:43 - 001441701 _____ C:\Users\WALTERGMBH\Downloads\CCF03092018.pdf
2018-09-30 17:43 - 2018-09-30 17:43 - 001441701 _____ C:\Users\WALTERGMBH\Downloads\CCF03092018 (1).pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-10-30 13:07 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-30 13:07 - 2017-09-26 15:48 - 000000000 ____D C:\Users\WALTERGMBH\Documents\Outlook-Dateien
2018-10-30 13:06 - 2017-09-21 14:38 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Local\ClassicShell
2018-10-30 12:20 - 2017-09-26 10:58 - 000000760 _____ C:\WINDOWS\BRRBCOM.INI
2018-10-30 11:28 - 2018-04-11 22:04 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2018-10-30 10:40 - 2018-06-30 06:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-10-30 09:58 - 2017-09-27 12:19 - 000125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2018-10-30 09:05 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-10-30 09:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-10-30 06:26 - 2017-09-21 13:29 - 000000000 __SHD C:\Users\WALTERGMBH\IntelGraphicsProfiles
2018-10-29 13:44 - 2017-09-26 13:01 - 000000000 ___RD C:\Users\WALTERGMBH\Documents\Scans
2018-10-29 12:59 - 2017-09-28 06:55 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Roaming\WhatsApp
2018-10-29 12:50 - 2017-12-20 08:22 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Local\Packages
2018-10-27 08:55 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-10-27 08:55 - 2018-02-12 13:37 - 000002332 _____ C:\Users\WALTERGMBH\Desktop\WhatsApp.lnk
2018-10-27 08:55 - 2017-09-28 06:55 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-10-27 08:55 - 2017-09-28 06:55 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Local\WhatsApp
2018-10-27 08:55 - 2017-09-28 06:55 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Local\SquirrelTemp
2018-10-25 13:03 - 2018-06-30 06:33 - 001905898 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-25 13:03 - 2018-04-12 17:14 - 000745698 _____ C:\WINDOWS\system32\perfh007.dat
2018-10-25 13:03 - 2018-04-12 17:14 - 000150814 _____ C:\WINDOWS\system32\perfc007.dat
2018-10-25 13:03 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-10-25 12:57 - 2018-06-30 06:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-25 12:57 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-10-25 12:57 - 2018-03-28 14:36 - 000000000 ____D C:\ProgramData\Veeam
2018-10-25 12:57 - 2017-10-27 08:13 - 000000690 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-67226549-1051496405-660625408-1001.job
2018-10-25 12:57 - 2017-10-27 08:13 - 000000594 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-67226549-1051496405-660625408-1001.job
2018-10-25 10:20 - 2017-10-27 08:13 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Local\GoToMeeting
2018-10-25 05:35 - 2017-08-23 06:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-25 05:22 - 2017-09-21 13:39 - 000002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-25 05:22 - 2017-09-21 13:39 - 000002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-24 10:05 - 2017-09-21 14:12 - 000000000 ____D C:\ProgramData\G Data
2018-10-24 05:45 - 2018-06-30 06:31 - 000003858 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-67226549-1051496405-660625408-1001
2018-10-24 05:45 - 2018-06-30 06:31 - 000003762 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-67226549-1051496405-660625408-1001
2018-10-23 07:14 - 2017-09-21 13:51 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Local\ElevatedDiagnostics
2018-10-23 05:35 - 2018-09-11 05:38 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-10-23 05:35 - 2017-09-21 14:29 - 000002590 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-10-23 05:35 - 2017-09-21 14:29 - 000002586 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-23 05:35 - 2017-09-21 14:29 - 000002565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-23 05:35 - 2017-09-21 14:29 - 000002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-23 05:35 - 2017-08-23 06:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-23 05:30 - 2018-04-10 12:27 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Local\Greenshot
2018-10-23 05:28 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-10-22 13:26 - 2017-09-26 16:31 - 000005063 _____ C:\Users\WALTERGMBH\Benutzerwörterbuch.dic
2018-10-22 10:06 - 2018-07-02 06:40 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Local\Deployment
2018-10-19 11:34 - 2018-04-10 12:22 - 000001167 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2018-10-19 11:34 - 2018-04-10 12:22 - 000001155 _____ C:\Users\Public\Desktop\paint.net.lnk
2018-10-19 11:34 - 2018-04-10 12:22 - 000000000 ____D C:\Program Files\paint.net
2018-10-17 16:12 - 2018-04-10 11:45 - 000002062 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2018-10-17 16:12 - 2017-09-26 11:32 - 000086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2018-10-17 05:36 - 2017-09-27 07:47 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Local\Amazon Music
2018-10-16 09:25 - 2018-06-21 05:25 - 000000000 ____D C:\ProgramData\Packages
2018-10-11 12:41 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-10-11 05:24 - 2018-03-05 15:06 - 000000000 ____D C:\Users\WALTERGMBH\AppData\Local\PlaceholderTileLogoFolder
2018-10-11 05:20 - 2017-08-23 06:42 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-10-11 05:13 - 2017-11-14 14:33 - 000000000 ___RD C:\Users\WALTERGMBH\3D Objects
2018-10-11 05:13 - 2017-05-18 09:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-10-11 05:11 - 2018-06-30 06:24 - 000398952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-10-11 05:10 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-10-11 05:10 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-10-11 05:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-10-11 05:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-10-11 05:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-10-11 05:10 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-10-11 05:10 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-10-10 06:03 - 2017-09-21 13:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-10-10 06:01 - 2017-09-21 13:45 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-10-09 05:25 - 2018-06-30 06:31 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-67226549-1051496405-660625408-1001
2018-10-09 05:25 - 2018-06-30 06:26 - 000002440 _____ C:\Users\WALTERGMBH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-09 05:25 - 2017-09-21 13:32 - 000000000 ___RD C:\Users\WALTERGMBH\OneDrive
2018-10-02 21:13 - 2018-04-12 00:41 - 000835152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-10-02 21:13 - 2018-04-12 00:41 - 000179792 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-09-26 11:31 - 2017-09-26 11:31 - 000000000 _____ () C:\Users\WALTERGMBH\AppData\Roaming\gdfw.log
2017-09-26 11:31 - 2017-09-26 11:31 - 000000779 _____ () C:\Users\WALTERGMBH\AppData\Roaming\gdscan.log
2018-06-14 09:08 - 2018-06-18 11:50 - 000007597 _____ () C:\Users\WALTERGMBH\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-06-30 06:24
         
Code:
ATTFilter
 Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24.10.2018
durchgeführt von WALTERGMBH (30-10-2018 13:08:44)
Gestartet von C:\Users\WALTERGMBH\Downloads
Windows 10 Pro Version 1803 17134.345 (X64) (2018-06-30 05:31:42)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-67226549-1051496405-660625408-500 - Administrator - Disabled)
Backup (S-1-5-21-67226549-1051496405-660625408-1006 - Administrator - Enabled) => C:\Users\Backup
DefaultAccount (S-1-5-21-67226549-1051496405-660625408-503 - Limited - Disabled)
Gast (S-1-5-21-67226549-1051496405-660625408-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-67226549-1051496405-660625408-1005 - Limited - Enabled)
WALTERGMBH (S-1-5-21-67226549-1051496405-660625408-1001 - Administrator - Enabled) => C:\Users\WALTERGMBH
WDAGUtilityAccount (S-1-5-21-67226549-1051496405-660625408-504 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G DATA INTERNET SECURITY (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-67226549-1051496405-660625408-1001\...\Amazon Amazon Music) (Version: 6.8.1.1388 - Amazon Services LLC)
AVM FRITZ!Box-Kindersicherung (HKLM-x32\...\{7497BB4F-CE23-47D4-B2CB-62548080F74F}) (Version: 4.2.3 - AVM Berlin)
Brother MFL-Pro Suite MFC-9332CDW (HKLM-x32\...\{E98A9C92-E767-475B-8BC6-8780A86DDC72}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
Canon iX6800 series Benutzerregistrierung (HKLM-x32\...\Canon iX6800 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon iX6800 series On-screen Manual (HKLM-x32\...\Canon iX6800 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon iX6800 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iX6800_series) (Version:  - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
G DATA Firewall Helper (HKLM\...\{97a7185d-397f-4652-a72c-d3a08820d734}.sdb) (Version:  - )
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.5.0.3 - G DATA Software AG)
GDR 2269 for SQL Server 2014 (KB3045324) (64-bit) (HKLM\...\KB3045324) (Version: 12.0.2269.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{351B54B2-1AFC-42A7-A8C0-9E05C26F0D1E}) (Version: 1.0.470 - LogMeIn, Inc.)
GoToMeeting 8.36.1.10903 (HKU\S-1-5-21-67226549-1051496405-660625408-1001\...\GoToMeeting) (Version: 8.36.1.10903 - LogMeIn, Inc.)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1017 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.5.0.1051 - Intel Corporation)
Meritum Client (HKU\S-1-5-21-67226549-1051496405-660625408-1001\...\168d32c3d0c5e6da) (Version: 1.14.0.0 - M-SOFT Organisationsberatung GmbH)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{7D1C6D7B-8E3F-4724-94C8-AA7EB7F60AE0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office Home and Business 2016 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 16.0.10827.20181 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-67226549-1051496405-660625408-1001\...\OneDriveSetup.exe) (Version: 18.172.0826.0010 - Microsoft Corporation)
Microsoft Report Viewer 2014-Laufzeit (HKLM-x32\...\{30956415-84C1-4F0C-B2AD-BC8944730DDA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{C3682243-2218-4F80-A94A-EB0D7B7AF739}) (Version: 11.3.6020.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2014) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2014 Setup (English) (HKLM\...\{37C44B5C-E839-4A9D-9E20-A93E1B2FD35A}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL Compiler Service  (HKLM\...\{537203CB-708E-43A3-BA16-3D5C14A587BB}) (Version: 12.0.2269.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Policies  (HKLM-x32\...\{B23A3E56-8859-4F60-B3FA-FA14DE9050B5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{99AC7F47-A4E0-4706-9C65-8948775C2652}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2014 (HKLM\...\{D390AADD-C825-4B31-8C79-83A9461D5524}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{9408684F-E1CC-4D2E-AE15-886023557682}) (Version: 12.0.2000.8 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x64 de) (HKLM\...\Mozilla Firefox 55.0.3 (x64 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10827.20181 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20181 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10827.20181 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.10827.20181 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{36C264F3-0458-42D9-A091-807B5CEB0FA8}) (Version: 4.1.1 - dotPDN LLC)
PASST.prime (HKLM\...\{dd19c857-c863-4f33-aacf-bb382dafa716}.08D504343419DFB1) (Version: 2017.c1 (5.87) - M-SOFT Organisationsberatung GmbH)
PDF24 Creator 8.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.322.7 - Tracker Software Products Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
SQL Server 2014 Client Tools (HKLM\...\{9025BE9E-B777-4A6C-A698-D38AE1146D7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Client Tools (HKLM\...\{B5ECFA5C-AC4F-45A4-A12E-A76ABDD9CCBA}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{9E83BB26-ACD3-442A-87FE-EB3B28E06AAE}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Common Files (HKLM\...\{F7012F84-80F5-4C25-852E-B1BA03276FE6}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{17531BCD-C627-46A2-9F1E-7CC920E0E94A}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Services (HKLM\...\{B3FD71B4-524A-4377-BEB2-C2DB819A304F}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{4D261997-B65F-4141-836C-0CE3D8D93431}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Database Engine Shared (HKLM\...\{ACC530B8-B6B4-40D6-B59B-152468CF47D0}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{6760DB6C-20EA-43D9-B8CB-D23EB1539650}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server 2014 Management Studio (HKLM\...\{75A54138-3B98-4705-92E4-F619825B121F}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{6476DB81-F263-4C04-8574-AAD31136C304}) (Version: 12.0.2000.8 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2014 (HKLM-x32\...\{B7312B95-77C6-497E-A63F-596A77B20F31}) (Version: 12.0.2000.8 - Microsoft Corporation)
SQLBackupAndFTP (HKLM-x32\...\SQLBackupAndFTP) (Version:  - )
sv.net (HKLM-x32\...\sv.net) (Version: 17.1 - ITSG GmbH)
sv.net comfort (HKLM\...\{B8E40DB3-6E85-4C36-8731-12277891CBFA}) (Version: 18.1.1 - ITSG) Hidden
sv.net comfort (HKLM-x32\...\sv.net comfort) (Version: 18.1.1 - ITSG GmbH)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.1-15163 - Synology)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{D8125A39-ADEE-4187-B04D-DB6CF489AF61}) (Version: 10.3.5500.0 - Microsoft Corporation)
Veeam Agent for Microsoft Windows (HKLM\...\{2A594F21-93D2-4F57-889B-8C1D9A4E60BA}) (Version: 2.2.0.589 - Veeam Software AG)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WhatsApp (HKU\S-1-5-21-67226549-1051496405-660625408-1001\...\WhatsApp) (Version: 0.3.1409 - WhatsApp)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-67226549-1051496405-660625408-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\WALTERGMBH\AppData\Local\GoToMeeting\7943\G2MOutlookAddin64.dll => Keine Datei
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
ContextMenuHandlers1: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2018-06-05] (G DATA Software AG)
ContextMenuHandlers3: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2018-06-05] (G DATA Software AG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxDTCM.dll [2018-02-28] (Intel Corporation)
ContextMenuHandlers6: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2018-06-05] (G DATA Software AG)
ContextMenuHandlers6: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2018-06-05] (G DATA Software AG)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2017-08-13] (IvoSoft)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {3F4BB6B5-D21D-4B14-A3C5-1A13C92FF55B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-21] (Google Inc.)
Task: {44DEF157-9986-4688-AC89-6322B411EAC8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-23] (Microsoft Corporation)
Task: {5D6A00EE-DE54-4EE6-8EBF-EF94EFF48A29} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {725E1E35-10F0-4B31-9757-F8095C845A8E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-23] (Microsoft Corporation)
Task: {8EDD8D34-364F-4C28-82E2-BA8855FBF95E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-02-24] (Intel(R) Corporation)
Task: {93C599D4-775B-4656-A2BA-ECBBAA35A520} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-10-23] (Microsoft Corporation)
Task: {AD461162-B203-48A6-B5CC-9E407E616DB3} - System32\Tasks\G2MUpdateTask-S-1-5-21-67226549-1051496405-660625408-1001 => C:\Users\WALTERGMBH\AppData\Local\GoToMeeting\10903\g2mupdate.exe [2018-10-24] (LogMeIn, Inc.)
Task: {BA36822A-7BC4-4DD9-BDA4-13003D49FF7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-09-21] (Google Inc.)
Task: {C226096E-EA50-42DB-BF8C-AD6D654B4277} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-14] (Microsoft Corporation)
Task: {C2592650-58E8-4F2D-BCD5-FD8772ACADD2} - System32\Tasks\SQLBackupAndFtp_Backup => C:\Program Files (x86)\Pranas.NET\SQLBackupAndFTP\SQLBackupAndFTP.exe [2016-09-22] (Pranas.NET)
Task: {C4908EA3-27AA-49C7-8354-43D624B456DB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-10-14] (Microsoft Corporation)
Task: {E471D501-9DD7-4C36-8E54-654649A65AA6} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {EE5F404F-591C-4301-B0CD-FA9AA34BF098} - System32\Tasks\G2MUploadTask-S-1-5-21-67226549-1051496405-660625408-1001 => C:\Users\WALTERGMBH\AppData\Local\GoToMeeting\10903\g2mupload.exe [2018-10-24] (LogMeIn, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-67226549-1051496405-660625408-1001.job => C:\Users\WALTERGMBH\AppData\Local\GoToMeeting\10903\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-67226549-1051496405-660625408-1001.job => C:\Users\WALTERGMBH\AppData\Local\GoToMeeting\10903\g2mupload.exe
Task: C:\WINDOWS\Tasks\SQLBackupAndFtp_Backup.job => C:\Program Files (x86)\Pranas.NET\SQLBackupAndFTP\SQLBackupAndFTP.exe-rn C:\M-SOFT\Backup.job

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-09-26 11:13 - 2005-04-22 05:36 - 000143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll
2017-08-08 10:04 - 2017-08-08 10:04 - 000248856 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-10 05:59 - 2018-09-20 04:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 12:59 - 2018-10-04 12:59 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-10-23 07:15 - 2018-10-23 07:15 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-10-23 07:15 - 2018-10-23 07:15 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-09-25 07:11 - 2018-09-25 07:11 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-25 07:11 - 2018-09-25 07:11 - 069128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-30 14:28 - 2017-09-30 14:28 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-09-25 07:11 - 2018-09-25 07:11 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-08-31 10:03 - 2018-08-31 10:04 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-04-26 05:24 - 2018-04-26 05:24 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-08-31 10:03 - 2018-08-31 10:04 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-04-05 11:29 - 2018-04-05 11:30 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-08-17 13:27 - 2018-08-17 13:27 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-08-17 13:27 - 2018-08-17 13:27 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-09-25 07:11 - 2018-09-25 07:11 - 014171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-08-31 10:03 - 2018-08-31 10:04 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-09-25 07:11 - 2018-09-25 07:11 - 002866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 10:03 - 2018-08-31 10:04 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-27 04:39 - 2018-07-27 04:39 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-16 09:25 - 2018-10-16 09:25 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-26 05:36 - 2018-09-26 05:36 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-08 05:24 - 2018-10-08 05:24 - 032535040 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-10-08 05:24 - 2018-10-08 05:24 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 07:00 - 2017-12-01 07:00 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-26 10:28 - 2017-09-26 10:28 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-08 05:24 - 2018-10-08 05:24 - 005951488 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18091.10321.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-10-25 05:22 - 2018-10-23 22:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-25 05:22 - 2018-10-23 22:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2018-10-29 06:21 - 2018-10-29 06:21 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-10-29 06:21 - 2018-10-29 06:21 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-10-29 06:21 - 2018-10-29 06:21 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 10:28 - 2017-09-26 10:28 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-29 06:21 - 2018-10-29 06:21 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-06-29 08:29 - 2018-06-29 08:29 - 001308672 _____ () c:\windows\system32\FaceProcessor.dll
2018-06-29 08:29 - 2018-06-29 08:29 - 000542888 _____ () c:\windows\system32\FaceProcessorCore.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 001348664 _____ () c:\windows\system32\FaceTrackerInternal.dll
2017-09-26 11:12 - 2009-02-27 15:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2017-04-24 10:02 - 2017-04-24 10:02 - 001243752 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-25 15:40 - 2018-03-20 13:50 - 000548864 _____ () \\walter-srv01\mswin.net\dynobj.dll
2017-09-21 14:29 - 2018-10-13 14:22 - 001072920 _____ () C:\Program Files (x86)\Microsoft Office\Root\Office16\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-67226549-1051496405-660625408-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-80-970798690-3469772507-30737694-4116737687-753453404\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.

HKU\S-1-5-21-67226549-1051496405-660625408-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-67226549-1051496405-660625408-1001\...\StartupApproved\Run: => "Amazon Music Helper"
HKU\S-1-5-21-67226549-1051496405-660625408-1001\...\StartupApproved\Run: => "WhatsApp"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [UDP Query User{E4E63C81-BAAC-46A3-9DFA-60519C2A5C20}C:\users\waltergmbh\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\waltergmbh\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [TCP Query User{64BCE274-C548-4F9B-A80E-42E208A277FC}C:\users\waltergmbh\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\waltergmbh\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{02A037B7-6A5E-47EB-9595-84CA512FE4A8}] => (Allow) C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
FirewallRules: [{A897E22C-BB48-4D54-90C6-16C0DBFEB0E1}] => (Allow) C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
FirewallRules: [{A53E4AC2-39E3-4D21-9887-C163C246D722}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D9A28195-0A70-47A2-A552-EE3EF235CDA7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AEBF7EEB-315A-49AC-BA03-5FD0301C9852}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.MSOFT\MSSQL\Binn\sqlservr.exe
FirewallRules: [{5983C435-89A7-463E-8BB6-8E79F29108C1}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.MSOFT\MSSQL\Binn\sqlservr.exe
FirewallRules: [{515CBF49-E89F-4969-8410-B4ECE42C43A2}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.MSOFT\MSSQL\Binn\sqlservr.exe
FirewallRules: [{1C247408-86F7-4D15-8493-AF8531D83D6B}] => (Allow) C:\Program Files\Microsoft SQL Server\MSSQL12.MSOFT\MSSQL\Binn\sqlservr.exe
FirewallRules: [{77786D91-2A3C-4411-B6A8-DE24C37C3FBE}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
FirewallRules: [{5093D096-0C79-4C2B-A13C-59E0EDE12155}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
FirewallRules: [{34F2C48F-9846-434B-A24D-EA7853EE8C02}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
FirewallRules: [{D70C091E-46C7-4A9F-9111-B33FCB1A62E1}] => (Allow) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
FirewallRules: [{2C68433F-DE87-4953-9E28-0E57BE2AB45D}] => (Allow) C:\Program Files (x86)\Brother\Brmfl12d\FAXRX.EXE
FirewallRules: [{8D6BFE75-37D9-4F8C-BF90-531F80962788}] => (Allow) LPort=54925
FirewallRules: [{D1571BB5-A03A-4915-8F5A-F2304CFCBB0D}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Recovery.exe
FirewallRules: [{7FF63FA4-D86B-454D-87EE-95EFCE10F81B}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
FirewallRules: [{DBF26659-9A63-4E3D-9BDC-7BDACB45B473}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
FirewallRules: [{60C9B022-5BDD-4716-9A20-F9D33B5871F2}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe
FirewallRules: [{FF66BA5D-5AF0-4B11-928A-1794836EA708}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x64\VeeamAgent.exe
FirewallRules: [{59631725-4FBB-4439-B735-44555351D2CF}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe
FirewallRules: [{78BDD04C-46A3-4969-813B-A35BCAFDB35F}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\x86\VeeamAgent.exe
FirewallRules: [{3DEECEF4-244F-46C7-8435-8D4CC4626DCB}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe
FirewallRules: [{1C130D96-D834-4926-A00D-4C5622175254}] => (Allow) C:\Program Files\Veeam\Endpoint Backup\VeeamDeploymentSvc.exe
FirewallRules: [{14FAA156-07E2-47C0-86B1-E3D303AE8116}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{D7E98707-AF9A-45A2-B5F9-43654D40FD85}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

29-10-2018 06:59:01 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/29/2018 01:37:25 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2018/10/29 13:37:25.364]: [00015128]: Initialize TwdsMain Class failed!

Error: (10/29/2018 01:37:25 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2018/10/29 13:37:25.364]: [00015128]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (10/29/2018 01:13:38 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2018/10/29 13:13:38.626]: [00015128]: Initialize TwdsMain Class failed!

Error: (10/29/2018 01:13:38 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2018/10/29 13:13:38.626]: [00015128]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (10/29/2018 12:55:50 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: WALTER-SRV01)
Description: httphttp-2147467263

Error: (10/29/2018 09:31:33 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: WALTER-SRV01)
Description: httphttp-2147467263

Error: (10/29/2018 09:29:20 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: WALTER-SRV01)
Description: httphttp-2147467263

Error: (10/26/2018 05:08:46 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2018/10/26 18:08:46.311]: [00013528]: Initialize TwdsMain Class failed!


Systemfehler:
=============
Error: (10/30/2018 10:43:59 AM) (Source: DCOM) (EventID: 10016) (User: WALTER-SRV01)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "WALTER-SRV01\WALTERGMBH" (SID: S-1-5-21-67226549-1051496405-660625408-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/30/2018 10:12:52 AM) (Source: DCOM) (EventID: 10016) (User: WALTER-SRV01)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "WALTER-SRV01\WALTERGMBH" (SID: S-1-5-21-67226549-1051496405-660625408-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/30/2018 07:12:50 AM) (Source: DCOM) (EventID: 10016) (User: WALTER-SRV01)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "WALTER-SRV01\WALTERGMBH" (SID: S-1-5-21-67226549-1051496405-660625408-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/30/2018 07:11:09 AM) (Source: DCOM) (EventID: 10016) (User: WALTER-SRV01)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "WALTER-SRV01\WALTERGMBH" (SID: S-1-5-21-67226549-1051496405-660625408-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/29/2018 12:49:53 PM) (Source: DCOM) (EventID: 10016) (User: WALTER-SRV01)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "WALTER-SRV01\WALTERGMBH" (SID: S-1-5-21-67226549-1051496405-660625408-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/29/2018 07:31:15 AM) (Source: DCOM) (EventID: 10016) (User: WALTER-SRV01)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "WALTER-SRV01\WALTERGMBH" (SID: S-1-5-21-67226549-1051496405-660625408-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/27/2018 09:16:54 AM) (Source: DCOM) (EventID: 10016) (User: WALTER-SRV01)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "WALTER-SRV01\WALTERGMBH" (SID: S-1-5-21-67226549-1051496405-660625408-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (10/27/2018 08:56:12 AM) (Source: DCOM) (EventID: 10016) (User: WALTER-SRV01)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "WALTER-SRV01\WALTERGMBH" (SID: S-1-5-21-67226549-1051496405-660625408-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================

Date: 2018-10-25 13:57:26.299
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-11 06:11:26.824
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-10-11 06:09:12.728
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-09-28 06:24:36.634
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-09-13 18:10:05.016
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-09-13 18:09:37.127
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-09-13 11:37:18.517
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\AVKScanP\BD\bdcore.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-08-16 06:26:20.544
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-7100 CPU @ 3.90GHz
Prozentuale Nutzung des RAM: 86%
Installierter physikalischer RAM: 4006.84 MB
Verfügbarer physikalischer RAM: 528.77 MB
Summe virtueller Speicher: 9382.84 MB
Verfügbarer virtueller Speicher: 2420.62 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:236.78 GB) (Free:140.51 GB) NTFS

\\?\Volume{70fdde91-807f-42b0-a79c-17123471704d}\ () (Fixed) (Total:0.47 GB) (Free:0.07 GB) NTFS
\\?\Volume{5aa21b7b-18e4-46c9-8d5b-001dd1ff178f}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.58 GB) NTFS
\\?\Volume{a7963686-2a97-4e8c-b55b-df922b9785e3}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: F9A76091)

Partition: GPT.
         

Geändert von Twinny2001 (30.10.2018 um 13:19 Uhr)

Alt 30.10.2018, 14:43   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Zitat:
durchgeführt von WALTERGMBH (30-10-2018 13:08:44)
Für gewerblich genutze Systeme sind die Firmen-Admins zuständig, nicht das Trojaner-Board.
__________________

__________________

Alt 30.10.2018, 14:56   #3
Twinny2001
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Danke für die Info, leider habe ich kein Admin, Unsere Firma besteht im Büro nur aus mir und 3 Leute auf der Baustelle. Muss ich sehen wie ich es alleine schaffe
Gruß Heike
__________________

Alt 30.10.2018, 15:03   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Sinnigerweise erklärt man so etwas gleich am Anfang. Auch das hier:

Zitat:
Hallo mein PC hat sich einen Trojaner eingefangen.
ist nicht nachvolziehbar, wenn du genau weißt, dass es einen Trojaner gibt, dann musst du auch schonmal die Logs deines Virenscanners mit den entsprechenden Funden posten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 30.10.2018, 15:09   #5
Twinny2001
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Code:
ATTFilter
Virenprüfung mit G DATA INTERNET SECURITY
Version 25.5.0.3 (13.09.2018)
Virensignaturen vom 30.10.2018
Startzeit: 30.10.2018 10:25:58
Engine(s): Engine A (AVA 25.19148), Engine B (GD 25.13560)
Heuristik: Ein
Archive: Ein
Systembereiche: Ein
RootKits prüfen: Ein

Prüfung der Systembereiche...
Prüfung aller im Speicher befindlichen Prozesse und Verweise im Autostart...
Prüfung auf RootKits...
Prüfung aller lokalen Festplatten...
Analyse vollständig durchgeführt: 30.10.2018 10:52:59
    307668 Dateien überprüft
    1 infizierte Dateien gefunden
    0 verdächtige Dateien gefunden


Archiv: OUTLOOK.PST
	Pfad: C:\Users\WALTERGMBH\Documents\Outlook-Dateien
	Status: Virus konnte nicht entfernt werden
	Virus: JS:Trojan.Emeka.249 (Engine A)
	----------------------------------------------------------------
	Objekt: [Time: 2016/03/30 10:44:38][Subject: recent bill][From: Hannah Leblanc]=>70F7D_kontakt_CAD067.zip=>54d73b.js=>(INFECTED_JS)
		In Archiv: C:\Users\WALTERGMBH\Documents\Outlook-Dateien\OUTLOOK.PST
		Status: Virus gefunden
		Virus: JS:Trojan.Emeka.249
	----------------------------------------------------------------

Der Zugriff auf die folgenden Dateien wurde verweigert:
	----------------------------------------------------------------
	C:\Program Files (x86)\Microsoft Office\root\client\AppvIsvStream32.dll
	C:\Program Files (x86)\Microsoft Office\root\client\AppvIsvStream64.dll
	C:\Program Files (x86)\Microsoft Office\root\Office16\AppvIsvStream32.dll
	C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\EQUATION\AppvIsvStream32.dll
	C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\AppvIsvStream32.dll
	C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\AppvIsvStream64.dll
	C:\WINDOWS\CSC\v2.0.6\pq
	C:\WINDOWS\CSC\v2.0.6\temp\ea-1da2ee3f-87bd-11e7-8251-1c1b0d5cb147
	C:\WINDOWS\Resources\Themes\aero\VSCache\Aero.msstyles_1031_96_01.mss
	C:\WINDOWS\Resources\Themes\aero\VSCache\Aero.msstyles_1031_144_05.mss
	C:\WINDOWS\System32\config\systemprofile\VeeamBackup.mdf
	C:\WINDOWS\System32\config\systemprofile\VeeamBackup_log.ldf
	C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTDefenderApiLogger.etl
	C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTDefenderAuditLogger.etl
	C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTDiagLog.etl
	C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTDiagtrack-Listener.etl
	C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-Application.etl
	C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventlog-Security.etl
	C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTEventLog-System.etl
	C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTUBPM.etl
	C:\WINDOWS\System32\LogFiles\WMI\RtBackup\EtwRTWFP-IPsec Diagnostics.etl
	C:\WINDOWS\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG1
	C:\WINDOWS\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG2
	C:\WINDOWS\System32\Microsoft\Protect\Recovery\Recovery.dat6438d515-a1ca-11e7-825b-1c1b0d5cb1db.TMContainer00000000000000000002.regtrans-ms
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1a7cdad98b2d1c64d9779dc294caca93_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\29ff8ae1390b6058f66441af4437d9be_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\3d75db2b782e2ad880e0c43edf93426e_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\425418c7e4d98746042a80b7b362d4e3_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\4973afbc3fe0c765c227cd02ccc29b0e_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\60cfa1a6b610add6de044b68da4c95d4_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\631440ce590e47fe817084b21c214b4f_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\8c60713d7d3d4ec6b4f50ab8988defa9_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\9c12bc8a56d127c0e110ed32164fa239_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\acd7e255f845797bb06917a54ee50065_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\afe7b19e694b3a43d31ac955eface57f_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\f686aace6942fb7f7ceb231212eef4a4_083e3af5-1b54-4c45-8fb6-c04943a0b466
	C:\ProgramData\Microsoft\Diagnosis\EventStore.db-shm
	C:\ProgramData\Microsoft\Diagnosis\EventStore.db
	C:\ProgramData\Microsoft\Diagnosis\EventStore.db-wal
	C:\ProgramData\Microsoft\Diagnosis\Events_CostDeferred.rbs
	C:\ProgramData\Microsoft\Diagnosis\Events_Normal.rbs
	C:\ProgramData\Microsoft\Diagnosis\Events_NormalCritical.rbs
	C:\ProgramData\Microsoft\Diagnosis\Events_Realtime.rbs
	C:\ProgramData\Microsoft\Diagnosis\osver.txt
	C:\ProgramData\Microsoft\Diagnosis\parse.dat
	C:\ProgramData\Microsoft\Diagnosis\VortexSchemaRequests.dat
	C:\ProgramData\Microsoft\Diagnosis\DownloadedScenarios\WINDOWS.DIAGNOSTICS.xml
	C:\ProgramData\Microsoft\Diagnosis\DownloadedScenarios\WINDOWS.PERFTRACKESCALATIONS.xml
	C:\ProgramData\Microsoft\Diagnosis\DownloadedScenarios\WINDOWS.PERFTRACKPOINTDATA.xml
	C:\ProgramData\Microsoft\Diagnosis\DownloadedScenarios\WINDOWS.SIUF.xml
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.ASM-WindowsDefault.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.ASM-WindowsDefault.json.bk
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\TELEMETRY.ASM-WINDOWSSQ.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-194626ba46434f9ab441dd7ebda2aa64-5f64bebb-ac28-4cc7-bd52-570c8fe077c9-7717.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-3a5d8522875d4c0cab910ff387cdbfb5-2c8b80ff-6a32-439d-9197-1ecda9fe5d2c-7140.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-5476d0c4a7a347909c4b8a13078d4390-f8bdcecf-243f-40f8-b7c3-b9c44a57dead-7230.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-5c65bbc4edbf480d9637ace04d62bd98-12844893-8ab9-4dde-b850-5612cb12e0f2-7822.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-70ec13d4fa0b40e6a470b0d5aaf5a827-fcdb1fbe-527a-4cf5-b799-c18287fc6282-7371.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-728e5f24cecb4c6b996523fba41888e3-2f50983b-4d96-44f4-8ab2-bd7b608671ed-7872.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-9b9b073d5a43495fae37f003b99e8ce3-4845ea41-8177-4f0f-884e-de09a0b35bf3-6838.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-9fccaa595c22491b96c122336b6d67a9-71719c08-ddec-44ab-8d87-73aa53641fe3-6739.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-c274b3e05ac5448dae8fbb7466da6acb-fd6dc8de-18b7-409c-a696-4bd66f7a5322-7902.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-d5a8f02229be41efb047bd8f883ba799-59258264-451c-4459-8c09-75d7d721219a-7112.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-e6e58d16cfb94942b795b4918258153a-765be17b-66ea-435e-8b55-5a128f3decd3-6873.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\telemetry.P-ARIA-f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.app.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.cert.json
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.app.json.bk
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.cert.json.bk
	C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings\utc.privacy.json
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\28d383db-274f-4dd3-a486-3a6fd8dfbb7f_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\28d383db-274f-4dd3-a486-3a6fd8dfbb7f_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\318acc0f-b35a-4b0e-8466-c44567ab5baa_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\318acc0f-b35a-4b0e-8466-c44567ab5baa_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\3fb8acaa-57b9-4043-a91d-0a94159eb088_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\3fb8acaa-57b9-4043-a91d-0a94159eb088_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\4d0a8659-6f6e-4c95-96d7-802364f89fbd_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\4d0a8659-6f6e-4c95-96d7-802364f89fbd_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\4e39eb2e-0651-4108-94aa-74bac567e384_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\4e39eb2e-0651-4108-94aa-74bac567e384_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\51c80bef-1108-4ba7-9465-fa0193979570_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\51c80bef-1108-4ba7-9465-fa0193979570_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\636fe8da-ee57-4652-b60f-c8ce2e840de3_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\636fe8da-ee57-4652-b60f-c8ce2e840de3_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\7141b10d-7f39-4470-8a97-26423f86c562_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\7141b10d-7f39-4470-8a97-26423f86c562_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\bb8c09e0-fe5a-4d36-8e1d-26bf29084e84_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\bb8c09e0-fe5a-4d36-8e1d-26bf29084e84_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\e9d21752-8fc9-4793-b42e-33105b078a51_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\e9d21752-8fc9-4793-b42e-33105b078a51_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\f963861e-1ac1-49a6-9e4c-e17e97e38a32_show.xml
	C:\ProgramData\Microsoft\Diagnosis\SoftLanding\f963861e-1ac1-49a6-9e4c-e17e97e38a32_withdraw.xml
	C:\ProgramData\Microsoft\Diagnosis\TenantStorage\P-ARIA\EventStore.db
	C:\ProgramData\Microsoft\Diagnosis\TenantStorage\P-ARIA\EventStore.db-shm
	C:\ProgramData\Microsoft\Diagnosis\TenantStorage\P-ARIA\EventStore.db-wal
	C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-67226549-1051496405-660625408-1006\ReadOnly\LockScreen_O\LockScreen___1920_1080_notdimmed.jpg
	C:\ProgramData\Microsoft\Windows\SystemData\S-1-5-21-67226549-1051496405-660625408-1006\ReadOnly\LockScreen_W\LockScreen___1920_1080_notdimmed.jpg
	C:\ProgramData\Veeam\EndpointData\VeeamBackup.mdf
	C:\ProgramData\Veeam\EndpointData\VeeamBackup_log.ldf
	C:\System Volume Information\IndexerVolumeGuid
	C:\System Volume Information\MountPointManagerRemoteDatabase
	C:\System Volume Information\Wcifs.md
	C:\System Volume Information\3808876b-c176-4e48-b7ae-04046e6cc752
	C:\System Volume Information\4c4a8983-db85-11e8-8285-1c1b0d5cb1db3808876b-c176-4e48-b7ae-04046e6cc752
	C:\System Volume Information\4c4a8d37-db85-11e8-8285-1c1b0d5cb1db3808876b-c176-4e48-b7ae-04046e6cc752
	C:\System Volume Information\4c4a9a12-db85-11e8-8285-1c1b0d5cb1db3808876b-c176-4e48-b7ae-04046e6cc752
	C:\System Volume Information\b8141e98-d939-11e8-8285-1c1b0d5cb1db3808876b-c176-4e48-b7ae-04046e6cc752
	C:\System Volume Information\b814211a-d939-11e8-8285-1c1b0d5cb1db3808876b-c176-4e48-b7ae-04046e6cc752
	C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\39a22b65-056a-400b-8ec1-340cff57e9bb
	C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\57138bb0-309d-4584-84a9-90807c3d685e
	C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\702662d1-27c5-46b1-9b0c-6818cbc38b53
	C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\7a3dfb5c-c1aa-47de-8df7-490612610cfd
	C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\8d66fecd-cc21-4c8e-aa54-9bfc1525dd0e
	C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\9a3e3000-f46c-4610-9717-e66efbb34107
	C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\b368ae19-e397-4dac-8a31-29a998514b43
	C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\e82e4704-a0c8-4c77-b488-291c1692163e
	C:\System Volume Information\WindowsImageBackup\SPPMetadataCache\f1645201-a34f-4156-9ad0-73f60b30574a
	C:\Users\WALTERGMBH\AppData\Local\Microsoft\WindowsApps\MicrosoftEdge.exe
	C:\Users\WALTERGMBH\AppData\Local\Microsoft\WindowsApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
	----------------------------------------------------------------
         


Alt 30.10.2018, 15:13   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Das ist aber kein Befall. Da wurde nur eine virulente E-Mail gefunden. Das macht noch lange kein infiziertes System. Ist das wirklich der einzige Fund?
__________________
--> Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen

Alt 30.10.2018, 15:14   #7
Twinny2001
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Ja ist es. Dh. meine Emal wurde anderweitig gehackt?

Alt 30.10.2018, 15:19   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Gut möglich, muss aber nicht sein. Virenscanner sind nicht perfekt.

Schädlinge suchen mit Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 30.10.2018, 15:28   #9
Twinny2001
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Hat nichts gefunden
Code:
ATTFilter
15:21:00.0534 0x2c04  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
15:21:00.0534 0x2c04  UEFI system
15:21:17.0141 0x2c04  ============================================================
15:21:17.0141 0x2c04  Current date / time: 2018/10/30 15:21:17.0141
15:21:17.0142 0x2c04  SystemInfo:
15:21:17.0142 0x2c04  
15:21:17.0142 0x2c04  OS Version: 10.0.17134 ServicePack: 0.0
15:21:17.0142 0x2c04  Product type: Workstation
15:21:17.0142 0x2c04  ComputerName: WALTER-SRV01
15:21:17.0142 0x2c04  UserName: WALTERGMBH
15:21:17.0142 0x2c04  Windows directory: C:\WINDOWS
15:21:17.0142 0x2c04  System windows directory: C:\WINDOWS
15:21:17.0142 0x2c04  Running under WOW64
15:21:17.0142 0x2c04  Processor architecture: Intel x64
15:21:17.0142 0x2c04  Number of processors: 4
15:21:17.0142 0x2c04  Page size: 0x1000
15:21:17.0142 0x2c04  Boot type: Normal boot
15:21:17.0142 0x2c04  CodeIntegrityOptions = 0x0000C001
15:21:17.0142 0x2c04  ============================================================
15:21:17.0182 0x2c04  KLMD registered as C:\WINDOWS\system32\drivers\13090757.sys
15:21:17.0182 0x2c04  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
15:21:17.0722 0x2c04  System UUID: {C018CEA5-A26F-7537-04DE-9C7024AC5AD5}
15:21:18.0009 0x2c04  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:21:18.0013 0x2c04  ============================================================
15:21:18.0013 0x2c04  \Device\Harddisk0\DR0:
15:21:18.0013 0x2c04  GPT partitions:
15:21:18.0013 0x2c04  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A7963686-2A97-4E8C-B55B-DF922B9785E3}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
15:21:18.0013 0x2c04  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F4F5DFA7-3BB4-451E-9AA4-04D131195BBC}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
15:21:18.0013 0x2c04  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9186710E-8E48-417D-B1BD-AD2C9D1F3CCA}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x1D98D764
15:21:18.0014 0x2c04  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {70FDDE91-807F-42B0-A79C-17123471704D}, Name: , StartLBA 0x1DA00000, BlocksNum 0xF2800
15:21:18.0014 0x2c04  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5AA21B7B-18E4-46C9-8D5B-001DD1FF178F}, Name: Basic data partition, StartLBA 0x1DAF3000, BlocksNum 0x200000
15:21:18.0014 0x2c04  MBR partitions:
15:21:18.0014 0x2c04  ============================================================
15:21:18.0014 0x2c04  C: <-> \Device\Harddisk0\DR0\Partition3
15:21:18.0014 0x2c04  ============================================================
15:21:18.0014 0x2c04  Initialize success
15:21:18.0014 0x2c04  ============================================================
15:21:23.0647 0x289c  ============================================================
15:21:23.0647 0x289c  Scan started
15:21:23.0647 0x289c  Mode: Manual; 
15:21:23.0647 0x289c  ============================================================
15:21:23.0647 0x289c  KSN ping started
15:21:24.0781 0x289c  KSN ping finished: true
15:21:25.0407 0x289c  ================ Scan system memory ========================
15:21:25.0407 0x289c  System memory - ok
15:21:25.0407 0x289c  ================ Scan services =============================
15:21:25.0437 0x289c  [ 4B45A2D37CCE3CC0F161B7C7286081A6, DF4EBAA12E083AE45411AABD3EDE916E2CC6963FBA664861AC9B2351B5E042DC ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
15:21:25.0442 0x289c  1394ohci - ok
15:21:25.0454 0x289c  [ F5E5BA493B7C497F1F769942E2EA4CE2, 4AD54DA24142BCE49FB64CFF2CB28764FAA93827E7DB02925090B68F8C73B1FB ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
15:21:25.0457 0x289c  3ware - ok
15:21:25.0473 0x289c  [ CA51BB1B81F97E896E116C839B92D9D8, 09F73D8FB93EA524D3C9A9C264F62340560DC7042589597A318626A0A198F91F ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
15:21:25.0485 0x289c  ACPI - ok
15:21:25.0489 0x289c  [ 75795E4B19BB3ED8D3C25A17CD15DC30, 22A13064E0B472A0A2258D61A889B73EE3F537DA7796CCE39DF973AFA8FA1567 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
15:21:25.0492 0x289c  AcpiDev - ok
15:21:25.0498 0x289c  [ DDA0FC1400A24988A7D3E746AEDF2C0F, 3A703A204FDE46C67017C274CA1F50F591D909EE182A82697E89442D4A5569CE ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
15:21:25.0501 0x289c  acpiex - ok
15:21:25.0504 0x289c  [ 1F2EC25DA23D1DF3ADA12FE5A26D321C, B165D72949E43F04312C95BF0FF5C25CFE5CA0CDF43415E01AB2B1550D06C737 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
15:21:25.0507 0x289c  acpipagr - ok
15:21:25.0511 0x289c  [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
15:21:25.0513 0x289c  AcpiPmi - ok
15:21:25.0519 0x289c  [ 0FC8673FAFC7D78C1CDC000F892CAC64, 33FB109ABD18FBF4DA5047BAA9FAF63E88D5BA1826442DB02F9130DAD11D15F2 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
15:21:25.0522 0x289c  acpitime - ok
15:21:25.0528 0x289c  [ 696A8431DD22EDE385D7AB84E0EAF4C9, E5892B346904C7A392A0B1C8F4C9066BC535A2C70307123C8E1F2157353333F0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:21:25.0530 0x289c  AdobeARMservice - ok
15:21:25.0553 0x289c  [ A3D4CF2F3A433BE18CD4AD3E6665DC63, 9D62A7E2DDA15B2E75490CCB9C8E10A41030F496A93631EDED5F1003DF368290 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:21:25.0571 0x289c  ADP80XX - ok
15:21:25.0585 0x289c  [ 4DCCC3E02A22ED4A4ADB11386F226071, 40BB183049DE3ADCC7A5B1B269620C8534291BB7A956157434C857DE249559EE ] AFD             C:\WINDOWS\system32\drivers\afd.sys
15:21:25.0596 0x289c  AFD - ok
15:21:25.0600 0x289c  [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix          C:\WINDOWS\system32\drivers\afunix.sys
15:21:25.0602 0x289c  afunix - ok
15:21:25.0609 0x289c  [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:21:25.0614 0x289c  ahcache - ok
15:21:25.0619 0x289c  [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
15:21:25.0623 0x289c  AJRouter - ok
15:21:25.0629 0x289c  [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG             C:\WINDOWS\System32\alg.exe
15:21:25.0633 0x289c  ALG - ok
15:21:25.0640 0x289c  [ 6DF48AD26E6285FB137F11328B64A376, 76FF9A753C262065E819E862E7950127472C5E6AB7E97B57977C6DCE6180760A ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
15:21:25.0644 0x289c  AmdK8 - ok
15:21:25.0650 0x289c  [ D8804032BCDE4077A6D8D431D12AC6CC, F017A3FEAB2919A9662A9BFEF31AE7B7EC19F1136C9D0DC6C48A415B540A8062 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
15:21:25.0655 0x289c  AmdPPM - ok
15:21:25.0661 0x289c  [ A88F5E24B65228FB25F2051B3408A0E4, C124B486839EA15D6806EB51E91EBF99401CD7D226541320A7A4934A8477DCEF ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
15:21:25.0664 0x289c  amdsata - ok
15:21:25.0680 0x289c  [ AECD39E51DABC2BF045B2857F02FA2BD, 83E2AC3200B6EA1586E4E0204D81CEAF303D7C9EBE7E5D1273A41A4EC1390E56 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
15:21:25.0685 0x289c  amdsbs - ok
15:21:25.0689 0x289c  [ B4CC9943230CAEB05B46CC30C220E141, 013716E6911136EB0916A1D592198DD7953800549DA0C885093D2BA3CC9BA2A7 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
15:21:25.0691 0x289c  amdxata - ok
15:21:25.0697 0x289c  [ C3ECF8840E4EAF09A4F2AE0174D6F36A, F810A2158FAA4C6B086259125691E163696C67698BD447FE403E740131815F0B ] AppID           C:\WINDOWS\system32\drivers\appid.sys
15:21:25.0702 0x289c  AppID - ok
15:21:25.0708 0x289c  [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
15:21:25.0712 0x289c  AppIDSvc - ok
15:21:25.0718 0x289c  [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo         C:\WINDOWS\System32\appinfo.dll
15:21:25.0721 0x289c  Appinfo - ok
15:21:25.0725 0x289c  [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
15:21:25.0727 0x289c  applockerfltr - ok
15:21:25.0733 0x289c  [ 78548DB096DA7BA26BAA318FE9B0CEC1, 7B8D29C457B8677E3D4FAF0C070C373CD937E852BE28C1A8313E3E9448621E8D ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
15:21:25.0737 0x289c  AppMgmt - ok
15:21:25.0751 0x289c  [ 636575088044E7271088BB8CFA382B45, DCD2CAD626E66AF98D31B9339A4A92FD94E99F335B48649529AC327B7AF52B9A ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
15:21:25.0760 0x289c  AppReadiness - ok
15:21:25.0777 0x289c  [ 39C180F07B002F3EE652E259F16547B4, 00A013D75BEFF21E85EFF53E026E68D562501C91ED117D8404D0AE14F6F962CA ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
15:21:25.0790 0x289c  AppVClient - ok
15:21:25.0797 0x289c  [ 5CD58F779237F533D5F30C294DA04C0E, 3CFEF499310AC6444369A06E604B6335D3329E1AB6E4EFBCD09BB7CA8440BB3E ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
15:21:25.0801 0x289c  AppvStrm - ok
15:21:25.0808 0x289c  [ A4354E3EF779E4CDC6C9D705FFBD3652, BBF11800EE6014E77C1BAA8FBFE8F551338420384E72C69579A0E8690B585D46 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
15:21:25.0812 0x289c  AppvVemgr - ok
15:21:25.0818 0x289c  [ 467021D15ED33D9B8CD313C7631A89B6, 18703DBB3EF3192EDFEC4A64B2BA49CBD7197B1B181C991397A2626171E22331 ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
15:21:25.0823 0x289c  AppvVfs - ok
15:21:25.0873 0x289c  [ 873261172B22A0EDBC06C0EAD742DCE6, ECF55B884D2F8FE87BC67E19044D30A5C9B79D01E353B44F586BC96A77B501CD ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
15:21:25.0920 0x289c  AppXSvc - ok
15:21:25.0928 0x289c  [ 013E057DF3D13A4462AD912D7732E7E0, 7C89AD5799091D17EAED682058559DBAE882D0E18C347B5AECE7BCCFD0E2D21C ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
15:21:25.0931 0x289c  arcsas - ok
15:21:25.0945 0x289c  [ 44EDBC9E6F5823D2F529113C26368A9E, DD8739523C24078B90E9B00C994C1A7793539E4C945A1F728828F48ACE608005 ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
15:21:25.0955 0x289c  AssignedAccessManagerSvc - ok
15:21:25.0959 0x289c  [ B25ACCD9BE5F5798E9DD8FFB04D7BE4C, 87577AD2E4A47518B8101C67F1025CB3CD2ABBA678774A5926192FCD56EF1350 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
15:21:25.0962 0x289c  AsyncMac - ok
15:21:25.0966 0x289c  [ 90AB4ED8EBD72A1C096A40CC35404B91, C343466D439552D154BBD1A5F9D391CDD3FA298A712594EA27C3049E3516D1AF ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
15:21:25.0968 0x289c  atapi - ok
15:21:25.0982 0x289c  [ 49C40F52EB06F9E9C8A14436F97AAEB8, F98E04CD9674C99BA1D1C63177AA81C628D505AED1DE4110500FC33A5C494864 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:21:25.0992 0x289c  AudioEndpointBuilder - ok
15:21:26.0021 0x289c  [ 50DE2E82D65B6006360660D085E80B8B, C279E90A975D71E193048BA324C99685CFF977A0D3B171B6BDFBDEF7FF7A084B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
15:21:26.0051 0x289c  Audiosrv - ok
15:21:26.0134 0x289c  [ D52FBC5E0C8CE39C8F9664F6A4566DA1, 9A2CD08F1EA238770B8954348E3BEE6475B7C1B1190216519560A9E5849B14C3 ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
15:21:26.0217 0x289c  AVKProxy - ok
15:21:26.0287 0x289c  [ 7411A8205EC2D07478EB61B5D5099FF4, 34E05BFDD0CA08860DB19111CA8562B9893C34738FC10D1387D7527DEF56FA73 ] AVKWCtl         C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
15:21:26.0340 0x289c  AVKWCtl - ok
15:21:26.0349 0x289c  [ CE7793573FA4E70033D907DD919FF648, 3785CB15F95DAEA28ADE80A911C58D092499A116761AF9C8356ED0F2D19130E8 ] avmident        C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
15:21:26.0352 0x289c  avmident - ok
15:21:26.0357 0x289c  [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
15:21:26.0361 0x289c  AxInstSV - ok
15:21:26.0373 0x289c  [ F10E4C9444A9FC6DCBAB2C42F6999FA1, 4238B6DD49CBADFE2C737AC1B211AE045F458DDF1693EE54608455C1ECE1BCCA ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
15:21:26.0384 0x289c  b06bdrv - ok
15:21:26.0389 0x289c  [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam             C:\WINDOWS\system32\drivers\bam.sys
15:21:26.0391 0x289c  bam - ok
15:21:26.0397 0x289c  [ FA4973E379E872C61D0CF4E39F807833, 3320FAB0CF16BB1ABBBA222CC31D20B5AC7A4259DE4323B109A8F2FECC28C8A4 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:21:26.0399 0x289c  BasicDisplay - ok
15:21:26.0405 0x289c  [ F024B80EA0076A318598DAB795F9C3D0, 6225A5FCD2B750A0E4FFFCCB1CDF49BAA7809A4B4AD7AB625A585CF4971CDE25 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
15:21:26.0408 0x289c  BasicRender - ok
15:21:26.0434 0x289c  [ 72DBB66464FCF20AA33C1CF2768C39A5, C1A8A76EC96E0A5EA05A6A759CE3420B332A60356B8C03C2E79BF99AC56601F1 ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
15:21:26.0453 0x289c  BcastDVRUserService - ok
15:21:26.0461 0x289c  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
15:21:26.0463 0x289c  bcmfn2 - ok
15:21:26.0474 0x289c  [ E3C52508E764B710C6EC9C7E06E5966A, 1D8DDE92918C17C405C462A19456DFA1BD62EE9DF45E182921E22A1031C89734 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
15:21:26.0481 0x289c  BDESVC - ok
15:21:26.0487 0x289c  [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:21:26.0489 0x289c  Beep - ok
15:21:26.0507 0x289c  [ 0B9B6D7A2F31FBD63301D19B1B08238E, 7EF63C87FB2B9E0971B633BC86F99B12F8BBE188D53E0B105E44766A0657A67E ] BFE             C:\WINDOWS\System32\bfe.dll
15:21:26.0519 0x289c  BFE - ok
15:21:26.0527 0x289c  [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt         C:\WINDOWS\system32\drivers\bindflt.sys
15:21:26.0529 0x289c  bindflt - ok
15:21:26.0556 0x289c  [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS            C:\WINDOWS\System32\qmgr.dll
15:21:26.0578 0x289c  BITS - ok
15:21:26.0590 0x289c  [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
15:21:26.0598 0x289c  BluetoothUserService - ok
15:21:26.0605 0x289c  [ 85B874696CC64AFE22DEAD2B87498621, 7832A2CB92BB743C4EA855A2BC1AB2E129FFA723D71E98C2A81E7A4267F25A99 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
15:21:26.0608 0x289c  bowser - ok
15:21:26.0624 0x289c  [ 0E1A0E81EF4B33FFDE8EDA46EE38F0D4, F92E7FC14264F58EF79A10025D8375B7455A339B556AEE72A32FFE29278FAF23 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:21:26.0634 0x289c  BrokerInfrastructure - ok
15:21:26.0640 0x289c  [ 3E4BF0145201239E0BBD0A937431C14C, 1DDC27C89B16ADD9346EB30AA9E17330FE0181BE96DC6F06C455493FBDCB1113 ] Browser         C:\WINDOWS\System32\browser.dll
15:21:26.0643 0x289c  Browser - ok
15:21:26.0649 0x289c  [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
15:21:26.0657 0x289c  BrYNSvc - ok
15:21:26.0668 0x289c  [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService     C:\WINDOWS\System32\BTAGService.dll
15:21:26.0677 0x289c  BTAGService - ok
15:21:26.0690 0x289c  [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc     C:\WINDOWS\System32\BthAvctpSvc.dll
15:21:26.0697 0x289c  BthAvctpSvc - ok
15:21:26.0704 0x289c  [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
15:21:26.0707 0x289c  BthHFEnum - ok
15:21:26.0712 0x289c  [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
15:21:26.0715 0x289c  BTHMODEM - ok
15:21:26.0724 0x289c  [ ABE4A379B5AC9DCFC005F64AE2ACB57D, B6F9AF6AE23614326D2FA7017536D1C008ABF411D527DE4076A2C9907E15D9F2 ] bthserv         C:\WINDOWS\system32\bthserv.dll
15:21:26.0728 0x289c  bthserv - ok
15:21:26.0733 0x289c  [ E3786BEBB7E4003DE324A18069DDA081, 4DDA70CCB011D74811BA51686E6ED9A404EBE549AE6B3CE0DDBCB83D09E8AABA ] bttflt          C:\WINDOWS\system32\drivers\bttflt.sys
15:21:26.0737 0x289c  bttflt - ok
15:21:26.0741 0x289c  [ 5A458422B4312BAEEFA3E64D321596E6, 1213D86B9B6FBB1414D1D3E5F4B0ED0C68D05EB98C902395AB0F0FC3D8A29AD5 ] busenum         C:\WINDOWS\System32\drivers\busenum.sys
15:21:26.0743 0x289c  busenum - ok
15:21:26.0747 0x289c  [ 03C13BB635635B9152DBF49AA07B728C, F6141576EB54EFE5E329762EC548C7D256EFB57C42A46BB3426B779413F0C975 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
15:21:26.0750 0x289c  buttonconverter - ok
15:21:26.0754 0x289c  [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
15:21:26.0758 0x289c  CAD - ok
15:21:26.0765 0x289c  [ B405F59CF690653105600F85C9B576B9, BEB313DF7D343B2A421EF76E908FCDB64C62AB2ABB7A3188F48A6CACA9644D97 ] camsvc          C:\WINDOWS\system32\CapabilityAccessManager.dll
15:21:26.0770 0x289c  camsvc - ok
15:21:26.0775 0x289c  [ 407B33DE151A3DFCF564AC4270E44B1D, 8B1419FEDDCEF9F9F239B4C1A629F4F2748FC09CF3E38CA01D8D6D1D32252346 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
15:21:26.0779 0x289c  CapImg - ok
15:21:26.0785 0x289c  [ 1200CA82E0D59510F69B6839540A76AA, A24E0098D279B04734558032A95EEBED0F20422AF8C62783E46FDEE0DA39F94E ] CaptureService  C:\WINDOWS\System32\CaptureService.dll
15:21:26.0789 0x289c  CaptureService - ok
15:21:26.0796 0x289c  [ D3CBC6DE5955D014407C7BD1FFE80F00, 9D185AED383FCBF16EE63192452DE888D8485D7BD9C0257BF92A68C42120A1B8 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:21:26.0799 0x289c  cdfs - ok
15:21:26.0824 0x289c  [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
15:21:26.0835 0x289c  CDPSvc - ok
15:21:26.0846 0x289c  [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
15:21:26.0853 0x289c  CDPUserSvc - ok
15:21:26.0862 0x289c  [ 6834DBBA2A1DBA5B9B6360D0B9A3CBB5, 637331058347D94FBDEE0D47E56723C98BDBBE8E044A225CCE7B3592AA562021 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
15:21:26.0866 0x289c  cdrom - ok
15:21:26.0873 0x289c  [ 6C6FAAB1BC8D63BF8CB6B5EFCEF4E351, D2AF0A5B3C4BBC4FD19D96D111FB1A694483E91B926C9BC093C114B94BE42CBC ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
15:21:26.0877 0x289c  CertPropSvc - ok
15:21:26.0887 0x289c  [ 4A08B239F92B319AD31E3916D27AD4B9, 948772689F14090E9E096CF7423CE5D994E3F9964775AD5B2F78C37A987EE980 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
15:21:26.0894 0x289c  cht4iscsi - ok
15:21:26.0924 0x289c  [ C8EA9376E4D284F9DF24B27AC6E3AB85, DAD3B00A37797E7C80E0C359BA735B65BBBE5DC25480910737D86D2711A6FF8C ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
15:21:26.0950 0x289c  cht4vbd - ok
15:21:26.0957 0x289c  [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
15:21:26.0960 0x289c  circlass - ok
15:21:26.0969 0x289c  [ 4C9CDDE070A9A005CC11CF17483720A4, F2F95125A52B13F34A9DC5473CEF777D6D85C4D810FA0102553EBF72560F6CAA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
15:21:26.0976 0x289c  CldFlt - ok
15:21:26.0985 0x289c  [ DB26170CF6555B9AFF76CFA067ABCF90, A066E89267783A5E54A36D1CF193916218BE2E1D177F0ACA82E2B86211629806 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
15:21:26.0992 0x289c  CLFS - ok
15:21:27.0150 0x289c  [ 13DED573464BA7F43FE640479B309E09, 28A81821A0078F04FE5C22510750C5C7B55CEF9FA0223C2AEEF4F41385A98CD3 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
15:21:27.0298 0x289c  ClickToRunSvc - ok
15:21:27.0344 0x289c  [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
15:21:27.0360 0x289c  ClipSVC - ok
15:21:27.0374 0x289c  [ 66CBF6F8FE6F436B315D7FEAF5D2BB40, 0F6AE6412EF73C74EF0EB1866E8CD85AACE4373D5C24F3D0121F5A7420E5A03B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
15:21:27.0376 0x289c  CmBatt - ok
15:21:27.0391 0x289c  [ 0311316193488348F2AEBDBBE73E4865, F7411BF8B0DEB8A1E25FD78A6198B18876A8DCF9D5FBF056C9962D1355A8A750 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
15:21:27.0404 0x289c  CNG - ok
15:21:27.0410 0x289c  [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
15:21:27.0412 0x289c  cnghwassist - ok
15:21:27.0422 0x289c  [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
15:21:27.0425 0x289c  CompositeBus - ok
15:21:27.0428 0x289c  COMSysApp - ok
15:21:27.0433 0x289c  [ 3799A9DFB162D9AAD6AC12CB8185FD19, 942F2777049166EC43F93177F0084EA08B06CE9107AF55337124FE25CCB158C4 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
15:21:27.0437 0x289c  condrv - ok
15:21:27.0455 0x289c  [ E472712D39E2F3093688C59689C1DF3B, B41DD321315ACA1EADA7F3DC34B389438BE500D1FA3CB3E684F6ED2650D02F83 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
15:21:27.0468 0x289c  CoreMessagingRegistrar - ok
15:21:27.0485 0x289c  [ 8A900579C0327CE5F041479DB9575D06, 6814077085568669460B5DCCF1E640F299D07E1574360FEF26260FAF7CBEE213 ] cphs            C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\IntelCpHeciSvc.exe
15:21:27.0492 0x289c  cphs - ok
15:21:27.0508 0x289c  [ BDB81264E6231D146E5AA8AD7EE3CE19, 9A60CF0FF23C2A93D742EE49D423E74DF25D2F2F20E4B99DD7A7CC65A5295BCA ] cplspcon        C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\IntelCpHDCPSvc.exe
15:21:27.0515 0x289c  cplspcon - ok
15:21:27.0523 0x289c  [ 6C6073B45D65887A6035F1A8D073274A, F002B25E05D0894CD12BA3D046E11D4AD6F0BCE8796618B0EE54851223A65C15 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
15:21:27.0525 0x289c  CryptSvc - ok
15:21:27.0537 0x289c  [ 3D4C5DCB65E56C3F961E1773A5728825, A9AB783E1ACBD75A0DAC11B382AA1EAB19A9F2599968F4FCDA3A21B03A515451 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
15:21:27.0552 0x289c  CSC - ok
15:21:27.0572 0x289c  [ E20EC7EA6EEF16B5780B459FBA86C521, 52CAAB13F1B1E99097E4996432943260417F519E6F4D232A0CFE0259C8BCAECF ] CscService      C:\WINDOWS\System32\cscsvc.dll
15:21:27.0589 0x289c  CscService - ok
15:21:27.0594 0x289c  [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam             C:\WINDOWS\system32\drivers\dam.sys
15:21:27.0597 0x289c  dam - ok
15:21:27.0626 0x289c  [ CABE63E881D5A9719EBB5B3CFD754F0C, 3CF6B088BA8A6E055E79A38C15FD61B45105F9024519282D5FC027C4849B3A99 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:21:27.0645 0x289c  DcomLaunch - ok
15:21:27.0658 0x289c  [ 94FC38FADA032862E579044C123C0D58, C4A7DF6EE20BE3F2784FE66AF37AC01D0DBBD8A6C15BF03A6AC78CA9D2403F3D ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
15:21:27.0666 0x289c  defragsvc - ok
15:21:27.0681 0x289c  [ BF443F7BE4BBA1A2F345474D74953A42, 5FA1312B01C055573A0FEE65E56AD22B452EE69D2F7CC0CFFF8CE0F09406CA19 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:21:27.0688 0x289c  DeviceAssociationService - ok
15:21:27.0694 0x289c  [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
15:21:27.0698 0x289c  DeviceInstall - ok
15:21:27.0711 0x289c  [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
15:21:27.0721 0x289c  DevicePickerUserSvc - ok
15:21:27.0741 0x289c  [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
15:21:27.0756 0x289c  DevicesFlowUserSvc - ok
15:21:27.0763 0x289c  [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
15:21:27.0767 0x289c  DevQueryBroker - ok
15:21:27.0773 0x289c  [ 8A1C10410FDA4287A76EC5A64371E221, 66CE271DDAD9CD82D2DF220247D91CCB906FA4B5508ABE0DC4A56D1C0C008BCA ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
15:21:27.0778 0x289c  Dfsc - ok
15:21:27.0784 0x289c  [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
15:21:27.0789 0x289c  dg_ssudbus - ok
15:21:27.0800 0x289c  [ A25AA328816454FA5CCD054343CADAFC, BA2524E443213DF65DF923C58D5C6A99681F102917C1AFD94B31196F4838DB8A ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
15:21:27.0806 0x289c  Dhcp - ok
15:21:27.0812 0x289c  [ 1A468A999C05ACA23C8F5A52C996AEDA, 84A4FF952516CB2F3A40378D530710E00AF9161A736A8F3877E2F66BDDE32BEE ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
15:21:27.0816 0x289c  diagnosticshub.standardcollector.service - ok
15:21:27.0826 0x289c  [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc         C:\WINDOWS\system32\DiagSvc.dll
15:21:27.0832 0x289c  diagsvc - ok
15:21:27.0889 0x289c  [ 0C09D403928525E5BDE06602A49D9545, BA932370F5376CCE69872FC0D6CC5BCB0DB947781A9E0A5E833DC92B1CCC1085 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
15:21:27.0933 0x289c  DiagTrack - ok
15:21:27.0941 0x289c  [ A79FCB89805FA9EA9F48B671A4591D4E, 13CA8B9CB35DF9F8EFFF8E6ECC0F65E4F179FA9BEF4B68F3382CA4A6BF14FA54 ] Disk            C:\WINDOWS\system32\drivers\disk.sys
15:21:27.0945 0x289c  Disk - ok
15:21:27.0964 0x289c  [ EAA267FAABDBE6194985DC6A0AC96664, 604908384B503AD7E14F15776C1B3DC58A278149145C2811B5B5300EA597A50C ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
15:21:27.0978 0x289c  DmEnrollmentSvc - ok
15:21:27.0985 0x289c  [ F69D7A5D7EDEE16B85F08040836FB09C, 944730FA6CA6ED0ECA85848A2F00EE1E647F7DD4CC37E557A812ECE8A92B3999 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
15:21:27.0989 0x289c  dmvsc - ok
15:21:27.0993 0x289c  [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
15:21:27.0995 0x289c  dmwappushservice - ok
15:21:28.0005 0x289c  [ E65844BC31FE3687A745C2E48C845CBC, 826845A9FC00E4D68CDE5FA5C293DF6D41DB0E8D15B43647A1335F0A79AFD4D6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:21:28.0011 0x289c  Dnscache - ok
15:21:28.0027 0x289c  [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
15:21:28.0034 0x289c  dot3svc - ok
15:21:28.0041 0x289c  [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS             C:\WINDOWS\system32\dps.dll
15:21:28.0045 0x289c  DPS - ok
15:21:28.0051 0x289c  [ AD1BEFBF96C0273925EDC9282557D984, E23B1B043E9EE25054DCEFB10C1C69009DCB1E12675DAE60B00A646735B03D99 ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
15:21:28.0054 0x289c  drmkaud - ok
15:21:28.0063 0x289c  [ E7D1636EEA6F9A941573CA426F214054, 7730C82E808C80BAFB59A6AD140B11C2269A62F2396783CB063E58D8EA624BDD ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
15:21:28.0068 0x289c  DsmSvc - ok
15:21:28.0075 0x289c  [ 4323DDFF8CB51FD74B241810CFA6CDBB, D9CDE22055C6D139DC3E21C3D92112704426D60F5EF83E3E338B68D885BD3D30 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
15:21:28.0079 0x289c  DsSvc - ok
15:21:28.0091 0x289c  [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
15:21:28.0098 0x289c  DusmSvc - ok
15:21:28.0145 0x289c  [ 5D14FF5C1FD8925D4F9AB1C7CA1D8827, 5116ADF2DE72A259D869389AA013361ACD8D8939C760F0835A58E447FD537A27 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:21:28.0190 0x289c  DXGKrnl - ok
15:21:28.0199 0x289c  [ 7E9A1608894297B133AF5EE18E404208, 9E2E4B4F6133375DB8E490337594BEFB86BA964223FB272A23ADD02FA8065253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
15:21:28.0205 0x289c  Eaphost - ok
15:21:28.0257 0x289c  [ 75CA88887850A74DDAAAF92500B6D9B9, 1C413719D0E659E20C66B0762B2FC708E55536961A1D9F21906ADBE9CF431489 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
15:21:28.0302 0x289c  ebdrv - ok
15:21:28.0309 0x289c  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] EFS             C:\WINDOWS\System32\lsass.exe
15:21:28.0311 0x289c  EFS - ok
15:21:28.0315 0x289c  [ 7E838D857FC55535710C316441459C38, C4673014D3ED3E68E02DB5BE6DB53E45B1E4A3CE2B04B15BFD507AF703A60134 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
15:21:28.0319 0x289c  EhStorClass - ok
15:21:28.0324 0x289c  [ 49023DD6F646B8C70AE1C105415F3E2B, 16EC2920A2CB71C17BFA7A0E22EDAE1C0E7004C986BEBCA9435F6FDB5D8E64CF ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:21:28.0328 0x289c  EhStorTcgDrv - ok
15:21:28.0334 0x289c  [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
15:21:28.0338 0x289c  embeddedmode - ok
15:21:28.0346 0x289c  [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
15:21:28.0353 0x289c  EntAppSvc - ok
15:21:28.0357 0x289c  [ 1DF19D7A941CB06F8EADF89FA0BF59AD, 0A8891AD73AF277B764FA5CF163E6BC29DFFA0E35388A941AE27E001289C0A4A ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
15:21:28.0359 0x289c  ErrDev - ok
15:21:28.0374 0x289c  [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem     C:\WINDOWS\system32\es.dll
15:21:28.0381 0x289c  EventSystem - ok
15:21:28.0391 0x289c  [ F03D76FD609F3490AD8661F175024CED, 127DC686FDAFFCF2404DDB8A55B9B82979D87E862539F34B7AB4AB6D3A707C14 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
15:21:28.0397 0x289c  exfat - ok
15:21:28.0407 0x289c  [ 7EB91BCA4FAC626098300885E6914BE4, F0954D9F632A87CFB5569FD07C728169D275D37F38B561B2ADF2EA03DA864DD1 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
15:21:28.0414 0x289c  fastfat - ok
15:21:28.0428 0x289c  [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax             C:\WINDOWS\system32\fxssvc.exe
15:21:28.0442 0x289c  Fax - ok
15:21:28.0447 0x289c  [ 6701B9973DE98578A491721B4BDE0926, 48D07092E6B44CAA529559DF620BDAA4DFCC16430DBA8178B461E556AC526DE1 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
15:21:28.0449 0x289c  fdc - ok
15:21:28.0454 0x289c  [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
15:21:28.0456 0x289c  fdPHost - ok
15:21:28.0460 0x289c  [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
15:21:28.0464 0x289c  FDResPub - ok
15:21:28.0471 0x289c  [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
15:21:28.0476 0x289c  fhsvc - ok
15:21:28.0480 0x289c  [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
15:21:28.0484 0x289c  FileCrypt - ok
15:21:28.0489 0x289c  [ A0AF205465482EE0FC6261782629566B, E0C0E9EB327F4DEEDF3E32EB5573A74436829078331A8EA1B795438892EE81B8 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
15:21:28.0493 0x289c  FileInfo - ok
15:21:28.0497 0x289c  [ 01D83D284E6B37902DB3C4D4DB0649E0, 4376F872575013DE87CA8173FABAD367FFF907086864C106A4C82933EF9DA308 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
15:21:28.0500 0x289c  Filetrace - ok
15:21:28.0505 0x289c  [ CE9CB1DB00B5007ABFFF0717E748E919, 314E1FA6B0CD9416894EED93ADF3DCB273FF37F6E56EF64C9E7B55E174EB3226 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
15:21:28.0507 0x289c  flpydisk - ok
15:21:28.0516 0x289c  [ C5374BA2CAE89DE7269EC61A969EF5D5, 520D7A4C50A9FFF308599C6EADDCADD3D9E398718786D82F02F7EE5C30E7D6A2 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
15:21:28.0526 0x289c  FltMgr - ok
15:21:28.0559 0x289c  [ 8F528FD267C55ABE2A156C5F6EA6B867, 540A852F250783553E042FC31D3F2D695DADA4777FF31F1BA8B60E3407333277 ] FontCache       C:\WINDOWS\system32\FntCache.dll
15:21:28.0592 0x289c  FontCache - ok
15:21:28.0604 0x289c  [ CE9456F925ADA70ED5A4158F103F9A26, 89753CCCB2E8B1553F077B8F13C63FBEC2EABE7093A6B847477542483347C827 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:21:28.0607 0x289c  FontCache3.0.0.0 - ok
15:21:28.0626 0x289c  [ B6BC6E6731FB1E02F0B3C73A87E1C35E, D9CA56006C1D995568A557E53DCCD7802D152CADE535BDB5DBBFC66F3F2EE236 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
15:21:28.0644 0x289c  FrameServer - ok
15:21:28.0653 0x289c  [ 835F9C7193B6F9A796DE76897DC56968, 62D6CF40CD6B798E79FF3274DB156DAB17724EDEEC85F6602F3C0EDCDD2DBA11 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
15:21:28.0657 0x289c  FsDepends - ok
15:21:28.0662 0x289c  [ A01BA0506E07F316483E99D7AD9B6E75, B2CFB3AAE0E49C539C743A7F416CFC0DE2E0CFC2D5AE685F8B1BECBDB95C4308 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:21:28.0667 0x289c  Fs_Rec - ok
15:21:28.0687 0x289c  [ DC47EDC682C099EF47776313287F1801, 19DB3BB15230870A55E8A9496C950B0384081FBD6B2D17DCF8A1084A1590E23F ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:21:28.0705 0x289c  fvevol - ok
15:21:28.0787 0x289c  [ D344F6389E8E2B439E1BA5A8E679F971, 438EC2FDFA4C859C86D2B67E6CD6E5166A310FA3638D79B79D886577FC65A4D9 ] GDBackupSvc     C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
15:21:28.0848 0x289c  GDBackupSvc - ok
15:21:28.0858 0x289c  [ D8884ACB2F2B41202F70315BFC053345, A6BBC6A29E408E2BADC2B54E40672A1FAA5FF39ECDC1FB9E7D7CB67DDF734C54 ] GDElam          C:\WINDOWS\system32\DRIVERS\GDElam.sys
15:21:28.0863 0x289c  GDElam - ok
15:21:28.0920 0x289c  [ F90246BF0D35D77A296A677C8DEA5C03, 0393B2B609B59D7F4802BF7AC939D501F3737E6A03B00C41FBDC79FC0E781F6E ] GDFwSvc         C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
15:21:28.0973 0x289c  GDFwSvc - ok
15:21:28.0982 0x289c  [ D48DAF24329226E8797CE4AF53D90FBC, 5F0B25F55CA27647FA24558B55DCD267889DCA29DC6F8857C820F45913F28D06 ] GDKBB           C:\windows\system32\drivers\GDKBB64.sys
15:21:28.0985 0x289c  GDKBB - ok
15:21:28.0989 0x289c  [ FC20CC3F6B87E9C26B01D8A6DDE6D847, C62B802E217160996073CDEBE7010C1C89FE26B89A09FF9F236642CDEDF2D19B ] GDKBFlt         C:\windows\system32\drivers\GDKBFlt64.sys
15:21:28.0991 0x289c  GDKBFlt - ok
15:21:29.0001 0x289c  [ 83ECA67C84BEF67C3C3FEDD1487DE4B0, 9D37C35129348B05076798F1D653ABC504BCB465C3E34D2027C8FFE92CD607C9 ] GDMnIcpt        C:\windows\system32\drivers\MiniIcpt.sys
15:21:29.0008 0x289c  GDMnIcpt - ok
15:21:29.0014 0x289c  [ 4FFBAEDFCBD0EF1363BF6521F2727FF3, 6544B8CDC3081083E7C0E03D9D37EA4F2312A42E588409A0A7AC59F33106B951 ] GDPkIcpt        C:\windows\system32\drivers\PktIcpt.sys
15:21:29.0018 0x289c  GDPkIcpt - ok
15:21:29.0022 0x289c  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\windows\gdrv.sys
15:21:29.0027 0x289c  gdrv - ok
15:21:29.0050 0x289c  [ 3372264D6C0F86406378133465C84850, A4FBCD33037CD7BCEC3DF32698ED4B23835F8D753FB504B4165D50B230F03D15 ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
15:21:29.0070 0x289c  GDScan - ok
15:21:29.0076 0x289c  [ 7D9BBF500FE0C59434C73588A592BFA7, B9B7EB8B7BCB06188A7671574611247286E0EFBD620245EAD17D41DEA0CBC2DF ] gdwfpcd         C:\WINDOWS\system32\drivers\gdwfpcd64.sys
15:21:29.0079 0x289c  gdwfpcd - ok
15:21:29.0084 0x289c  [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
15:21:29.0088 0x289c  gencounter - ok
15:21:29.0093 0x289c  [ EA5EE5EF9765A9157B346DF671952F18, FD0A8DBA6EA3E47D454B877CEC74B7B6BEC8B7A98BE37E9E1110D867009D9EA1 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
15:21:29.0096 0x289c  genericusbfn - ok
15:21:29.0106 0x289c  [ 6BE6550F1A32796A11EBC58BBC72C44D, 99DC4058EC1B3BF316F1470BF1208F0A2FC72A508BCC9E7548D91BB0FF04376A ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:21:29.0111 0x289c  GPIOClx0101 - ok
15:21:29.0140 0x289c  [ 3FC2377994D9D63FC128B6C48B22B68F, B47D6BE6FF596A23BBDB7261B1CA9CA67CD138CBF89AEA7A68882E62C0087561 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
15:21:29.0160 0x289c  gpsvc - ok
15:21:29.0171 0x289c  [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
15:21:29.0173 0x289c  GpuEnergyDrv - ok
15:21:29.0180 0x289c  [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
15:21:29.0185 0x289c  GraphicsPerfSvc - ok
15:21:29.0192 0x289c  [ 7F2DEAC8C1F91EA86FD0E50A340C3348, 5FB43B9AEC482AF95E71E11E9A96E65BDE9D1A25F9B42EE7051866D2A3EF0098 ] GRD             C:\windows\system32\drivers\GRD.sys
15:21:29.0196 0x289c  GRD - ok
15:21:29.0204 0x289c  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:21:29.0208 0x289c  gupdate - ok
15:21:29.0214 0x289c  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:21:29.0217 0x289c  gupdatem - ok
         

Alt 30.10.2018, 15:37   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Bitte Anleitungen richtig lesen!
tdsskiller wurde falsch eingestellt und das Log ist zudem auch noch unvollständig!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 30.10.2018, 15:56   #11
Twinny2001
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Ich hoffe es ist jetzt richtig
Code:
ATTFilter
15:44:04.0252 0x3e0c  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
15:44:04.0252 0x3e0c  UEFI system
15:44:17.0841 0x3e0c  ============================================================
15:44:17.0841 0x3e0c  Current date / time: 2018/10/30 15:44:17.0841
15:44:17.0841 0x3e0c  SystemInfo:
15:44:17.0841 0x3e0c  
15:44:17.0841 0x3e0c  OS Version: 10.0.17134 ServicePack: 0.0
15:44:17.0841 0x3e0c  Product type: Workstation
15:44:17.0841 0x3e0c  ComputerName: WALTER-SRV01
15:44:17.0841 0x3e0c  UserName: WALTERGMBH
15:44:17.0841 0x3e0c  Windows directory: C:\WINDOWS
15:44:17.0841 0x3e0c  System windows directory: C:\WINDOWS
15:44:17.0841 0x3e0c  Running under WOW64
15:44:17.0841 0x3e0c  Processor architecture: Intel x64
15:44:17.0841 0x3e0c  Number of processors: 4
15:44:17.0841 0x3e0c  Page size: 0x1000
15:44:17.0841 0x3e0c  Boot type: Normal boot
15:44:17.0841 0x3e0c  CodeIntegrityOptions = 0x0000C001
15:44:17.0841 0x3e0c  ============================================================
15:44:17.0896 0x3e0c  KLMD registered as C:\WINDOWS\system32\drivers\14951199.sys
15:44:17.0896 0x3e0c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 17134.1, osProperties = 0x19
15:44:17.0914 0x3e0c  System UUID: {C018CEA5-A26F-7537-04DE-9C7024AC5AD5}
15:44:17.0983 0x3e0c  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:44:17.0985 0x3e0c  ============================================================
15:44:17.0985 0x3e0c  \Device\Harddisk0\DR0:
15:44:17.0985 0x3e0c  GPT partitions:
15:44:17.0986 0x3e0c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A7963686-2A97-4E8C-B55B-DF922B9785E3}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
15:44:17.0986 0x3e0c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {F4F5DFA7-3BB4-451E-9AA4-04D131195BBC}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
15:44:17.0986 0x3e0c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9186710E-8E48-417D-B1BD-AD2C9D1F3CCA}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x1D98D764
15:44:17.0986 0x3e0c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {70FDDE91-807F-42B0-A79C-17123471704D}, Name: , StartLBA 0x1DA00000, BlocksNum 0xF2800
15:44:17.0986 0x3e0c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5AA21B7B-18E4-46C9-8D5B-001DD1FF178F}, Name: Basic data partition, StartLBA 0x1DAF3000, BlocksNum 0x200000
15:44:17.0986 0x3e0c  MBR partitions:
15:44:17.0986 0x3e0c  ============================================================
15:44:17.0986 0x3e0c  C: <-> \Device\Harddisk0\DR0\Partition3
15:44:17.0986 0x3e0c  ============================================================
15:44:17.0986 0x3e0c  Initialize success
15:44:17.0986 0x3e0c  ============================================================
15:44:30.0045 0x1ec4  ============================================================
15:44:30.0046 0x1ec4  Scan started
15:44:30.0046 0x1ec4  Mode: Manual; SigCheck; TDLFS; 
15:44:30.0046 0x1ec4  ============================================================
15:44:30.0046 0x1ec4  KSN ping started
15:44:30.0869 0x1ec4  KSN ping finished: true
15:44:31.0027 0x1ec4  ================ Scan system memory ========================
15:44:31.0027 0x1ec4  System memory - ok
15:44:31.0027 0x1ec4  ================ Scan services =============================
15:44:31.0055 0x1ec4  [ 4B45A2D37CCE3CC0F161B7C7286081A6, DF4EBAA12E083AE45411AABD3EDE916E2CC6963FBA664861AC9B2351B5E042DC ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
15:44:31.0087 0x1ec4  1394ohci - ok
15:44:31.0095 0x1ec4  [ F5E5BA493B7C497F1F769942E2EA4CE2, 4AD54DA24142BCE49FB64CFF2CB28764FAA93827E7DB02925090B68F8C73B1FB ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
15:44:31.0104 0x1ec4  3ware - ok
15:44:31.0118 0x1ec4  [ CA51BB1B81F97E896E116C839B92D9D8, 09F73D8FB93EA524D3C9A9C264F62340560DC7042589597A318626A0A198F91F ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
15:44:31.0137 0x1ec4  ACPI - ok
15:44:31.0141 0x1ec4  [ 75795E4B19BB3ED8D3C25A17CD15DC30, 22A13064E0B472A0A2258D61A889B73EE3F537DA7796CCE39DF973AFA8FA1567 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
15:44:31.0153 0x1ec4  AcpiDev - ok
15:44:31.0160 0x1ec4  [ DDA0FC1400A24988A7D3E746AEDF2C0F, 3A703A204FDE46C67017C274CA1F50F591D909EE182A82697E89442D4A5569CE ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
15:44:31.0173 0x1ec4  acpiex - ok
15:44:31.0179 0x1ec4  [ 1F2EC25DA23D1DF3ADA12FE5A26D321C, B165D72949E43F04312C95BF0FF5C25CFE5CA0CDF43415E01AB2B1550D06C737 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
15:44:31.0194 0x1ec4  acpipagr - ok
15:44:31.0200 0x1ec4  [ 6AFFD57803BBB6FBCB483F983900A5C4, A3A87984E70C8B47F919D2633E6378F3AACCBF3E74DB3B35BB2E15D036DB36E2 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
15:44:31.0214 0x1ec4  AcpiPmi - ok
15:44:31.0220 0x1ec4  [ 0FC8673FAFC7D78C1CDC000F892CAC64, 33FB109ABD18FBF4DA5047BAA9FAF63E88D5BA1826442DB02F9130DAD11D15F2 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
15:44:31.0234 0x1ec4  acpitime - ok
15:44:31.0241 0x1ec4  [ 696A8431DD22EDE385D7AB84E0EAF4C9, E5892B346904C7A392A0B1C8F4C9066BC535A2C70307123C8E1F2157353333F0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:44:31.0252 0x1ec4  AdobeARMservice - ok
15:44:31.0280 0x1ec4  [ A3D4CF2F3A433BE18CD4AD3E6665DC63, 9D62A7E2DDA15B2E75490CCB9C8E10A41030F496A93631EDED5F1003DF368290 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:44:31.0318 0x1ec4  ADP80XX - ok
15:44:31.0337 0x1ec4  [ 4DCCC3E02A22ED4A4ADB11386F226071, 40BB183049DE3ADCC7A5B1B269620C8534291BB7A956157434C857DE249559EE ] AFD             C:\WINDOWS\system32\drivers\afd.sys
15:44:31.0356 0x1ec4  AFD - ok
15:44:31.0361 0x1ec4  [ F267095A11A461BEF39FB180750BE801, CF90798C46892FF5225155D2C7BCC469A4A631E22919CBEDA2F4FEEF4F05E301 ] afunix          C:\WINDOWS\system32\drivers\afunix.sys
15:44:31.0374 0x1ec4  afunix - ok
15:44:31.0382 0x1ec4  [ 0CD0F0C62414217DE9EA7EC8D425277E, FD211157B85B841D0C94B36776572FADC7425F1B0B49EACC910D3E175208A7EC ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:44:31.0398 0x1ec4  ahcache - ok
15:44:31.0403 0x1ec4  [ 2BF4DA8EC5F1A0D88D2DDE1E6821076B, B9F4D499DB4CB91576ACE4847B96F2FC770B9BCC223B5E2261B2DEC22D7651E7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
15:44:31.0414 0x1ec4  AJRouter - ok
15:44:31.0418 0x1ec4  [ 9E9D78D1C179EB2E3E2282A1DC409D93, EA7486B4425A87FDDD60542AAF0812A8DB868F569886B894883702B362A05D2C ] ALG             C:\WINDOWS\System32\alg.exe
15:44:31.0433 0x1ec4  ALG - ok
15:44:31.0439 0x1ec4  [ 6DF48AD26E6285FB137F11328B64A376, 76FF9A753C262065E819E862E7950127472C5E6AB7E97B57977C6DCE6180760A ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
15:44:31.0451 0x1ec4  AmdK8 - ok
15:44:31.0457 0x1ec4  [ D8804032BCDE4077A6D8D431D12AC6CC, F017A3FEAB2919A9662A9BFEF31AE7B7EC19F1136C9D0DC6C48A415B540A8062 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
15:44:31.0469 0x1ec4  AmdPPM - ok
15:44:31.0473 0x1ec4  [ A88F5E24B65228FB25F2051B3408A0E4, C124B486839EA15D6806EB51E91EBF99401CD7D226541320A7A4934A8477DCEF ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
15:44:31.0483 0x1ec4  amdsata - ok
15:44:31.0491 0x1ec4  [ AECD39E51DABC2BF045B2857F02FA2BD, 83E2AC3200B6EA1586E4E0204D81CEAF303D7C9EBE7E5D1273A41A4EC1390E56 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
15:44:31.0503 0x1ec4  amdsbs - ok
15:44:31.0508 0x1ec4  [ B4CC9943230CAEB05B46CC30C220E141, 013716E6911136EB0916A1D592198DD7953800549DA0C885093D2BA3CC9BA2A7 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
15:44:31.0515 0x1ec4  amdxata - ok
15:44:31.0523 0x1ec4  [ C3ECF8840E4EAF09A4F2AE0174D6F36A, F810A2158FAA4C6B086259125691E163696C67698BD447FE403E740131815F0B ] AppID           C:\WINDOWS\system32\drivers\appid.sys
15:44:31.0533 0x1ec4  AppID - ok
15:44:31.0538 0x1ec4  [ F1A04835C7FA75C8215961C1095D5EBF, 45D153404E601C0CE247058B78F328DD9F7F4F6A9480132F7CE6D9A7092F63CF ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
15:44:31.0551 0x1ec4  AppIDSvc - ok
15:44:31.0556 0x1ec4  [ 48EA4B4CCC920D130529A1EF85388B6A, 31F69543682E70DF0A6B2A70FC7553ECEE643C554E7F8FF18A2DD09359360F8E ] Appinfo         C:\WINDOWS\System32\appinfo.dll
15:44:31.0574 0x1ec4  Appinfo - ok
15:44:31.0577 0x1ec4  [ 769316CA5884FBBD02D45C28FE105922, 117168BFB2D8DBF1258EBA53DCE09E74000B35B7B7460251B4C46BDB9CEA709A ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
15:44:31.0587 0x1ec4  applockerfltr - ok
15:44:31.0593 0x1ec4  [ 78548DB096DA7BA26BAA318FE9B0CEC1, 7B8D29C457B8677E3D4FAF0C070C373CD937E852BE28C1A8313E3E9448621E8D ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
15:44:31.0606 0x1ec4  AppMgmt - ok
15:44:31.0619 0x1ec4  [ 636575088044E7271088BB8CFA382B45, DCD2CAD626E66AF98D31B9339A4A92FD94E99F335B48649529AC327B7AF52B9A ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
15:44:31.0646 0x1ec4  AppReadiness - ok
15:44:31.0663 0x1ec4  [ 39C180F07B002F3EE652E259F16547B4, 00A013D75BEFF21E85EFF53E026E68D562501C91ED117D8404D0AE14F6F962CA ] AppVClient      C:\WINDOWS\system32\AppVClient.exe
15:44:31.0686 0x1ec4  AppVClient - ok
15:44:31.0692 0x1ec4  [ 5CD58F779237F533D5F30C294DA04C0E, 3CFEF499310AC6444369A06E604B6335D3329E1AB6E4EFBCD09BB7CA8440BB3E ] AppvStrm        C:\WINDOWS\system32\drivers\AppvStrm.sys
15:44:31.0701 0x1ec4  AppvStrm - ok
15:44:31.0708 0x1ec4  [ A4354E3EF779E4CDC6C9D705FFBD3652, BBF11800EE6014E77C1BAA8FBFE8F551338420384E72C69579A0E8690B585D46 ] AppvVemgr       C:\WINDOWS\system32\drivers\AppvVemgr.sys
15:44:31.0718 0x1ec4  AppvVemgr - ok
15:44:31.0724 0x1ec4  [ 467021D15ED33D9B8CD313C7631A89B6, 18703DBB3EF3192EDFEC4A64B2BA49CBD7197B1B181C991397A2626171E22331 ] AppvVfs         C:\WINDOWS\system32\drivers\AppvVfs.sys
15:44:31.0732 0x1ec4  AppvVfs - ok
15:44:31.0787 0x1ec4  [ 873261172B22A0EDBC06C0EAD742DCE6, ECF55B884D2F8FE87BC67E19044D30A5C9B79D01E353B44F586BC96A77B501CD ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
15:44:31.0884 0x1ec4  AppXSvc - ok
15:44:31.0892 0x1ec4  [ 013E057DF3D13A4462AD912D7732E7E0, 7C89AD5799091D17EAED682058559DBAE882D0E18C347B5AECE7BCCFD0E2D21C ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
15:44:31.0902 0x1ec4  arcsas - ok
15:44:31.0914 0x1ec4  [ 44EDBC9E6F5823D2F529113C26368A9E, DD8739523C24078B90E9B00C994C1A7793539E4C945A1F728828F48ACE608005 ] AssignedAccessManagerSvc C:\WINDOWS\System32\assignedaccessmanagersvc.dll
15:44:31.0946 0x1ec4  AssignedAccessManagerSvc - ok
15:44:31.0951 0x1ec4  [ B25ACCD9BE5F5798E9DD8FFB04D7BE4C, 87577AD2E4A47518B8101C67F1025CB3CD2ABBA678774A5926192FCD56EF1350 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
15:44:31.0965 0x1ec4  AsyncMac - ok
15:44:31.0970 0x1ec4  [ 90AB4ED8EBD72A1C096A40CC35404B91, C343466D439552D154BBD1A5F9D391CDD3FA298A712594EA27C3049E3516D1AF ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
15:44:31.0977 0x1ec4  atapi - ok
15:44:31.0991 0x1ec4  [ 49C40F52EB06F9E9C8A14436F97AAEB8, F98E04CD9674C99BA1D1C63177AA81C628D505AED1DE4110500FC33A5C494864 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:44:32.0017 0x1ec4  AudioEndpointBuilder - ok
15:44:32.0047 0x1ec4  [ 50DE2E82D65B6006360660D085E80B8B, C279E90A975D71E193048BA324C99685CFF977A0D3B171B6BDFBDEF7FF7A084B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
15:44:32.0102 0x1ec4  Audiosrv - ok
15:44:32.0191 0x1ec4  [ D52FBC5E0C8CE39C8F9664F6A4566DA1, 9A2CD08F1EA238770B8954348E3BEE6475B7C1B1190216519560A9E5849B14C3 ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
15:44:32.0295 0x1ec4  AVKProxy - ok
15:44:32.0367 0x1ec4  [ 7411A8205EC2D07478EB61B5D5099FF4, 34E05BFDD0CA08860DB19111CA8562B9893C34738FC10D1387D7527DEF56FA73 ] AVKWCtl         C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe
15:44:32.0441 0x1ec4  AVKWCtl - ok
15:44:32.0451 0x1ec4  [ CE7793573FA4E70033D907DD919FF648, 3785CB15F95DAEA28ADE80A911C58D092499A116761AF9C8356ED0F2D19130E8 ] avmident        C:\Program Files (x86)\FRITZ!Box-Kindersicherung\avmident.exe
15:44:32.0457 0x1ec4  avmident - detected UnsignedFile.Multi.Generic ( 1 )
15:44:32.0888 0x1ec4  Detect skipped due to KSN trusted
15:44:32.0888 0x1ec4  avmident - ok
15:44:32.0893 0x1ec4  [ D7BFD86F7A9ABE39351199869D093110, 90BB2C0A8185D3982FEFAC7C1E18783AF949EBECA3B9E44DCF89E2FD5FD6AA0C ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
15:44:32.0906 0x1ec4  AxInstSV - ok
15:44:32.0918 0x1ec4  [ F10E4C9444A9FC6DCBAB2C42F6999FA1, 4238B6DD49CBADFE2C737AC1B211AE045F458DDF1693EE54608455C1ECE1BCCA ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
15:44:32.0937 0x1ec4  b06bdrv - ok
15:44:32.0941 0x1ec4  [ 982FAA5686F67BFEF3E6094705C2621F, 02456312B0FD0ABE7B7EEC0FB385268AF34DDB5F13AF934F96FCA7C32EA51447 ] bam             C:\WINDOWS\system32\drivers\bam.sys
15:44:32.0948 0x1ec4  bam - ok
15:44:32.0953 0x1ec4  [ FA4973E379E872C61D0CF4E39F807833, 3320FAB0CF16BB1ABBBA222CC31D20B5AC7A4259DE4323B109A8F2FECC28C8A4 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:44:32.0963 0x1ec4  BasicDisplay - ok
15:44:32.0968 0x1ec4  [ F024B80EA0076A318598DAB795F9C3D0, 6225A5FCD2B750A0E4FFFCCB1CDF49BAA7809A4B4AD7AB625A585CF4971CDE25 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
15:44:32.0977 0x1ec4  BasicRender - ok
15:44:33.0003 0x1ec4  [ 72DBB66464FCF20AA33C1CF2768C39A5, C1A8A76EC96E0A5EA05A6A759CE3420B332A60356B8C03C2E79BF99AC56601F1 ] BcastDVRUserService C:\WINDOWS\System32\BcastDVRUserService.dll
15:44:33.0046 0x1ec4  BcastDVRUserService - ok
15:44:33.0054 0x1ec4  [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
15:44:33.0062 0x1ec4  bcmfn2 - ok
15:44:33.0072 0x1ec4  [ E3C52508E764B710C6EC9C7E06E5966A, 1D8DDE92918C17C405C462A19456DFA1BD62EE9DF45E182921E22A1031C89734 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
15:44:33.0090 0x1ec4  BDESVC - ok
15:44:33.0094 0x1ec4  [ 9B068DF7B7B3DDF768D06DFD69B49FD0, DC2CD3A70506AEB1BCEB207A9B06657806E72C5432FA605FF9C6F11516F38132 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:44:33.0108 0x1ec4  Beep - ok
15:44:33.0123 0x1ec4  [ 0B9B6D7A2F31FBD63301D19B1B08238E, 7EF63C87FB2B9E0971B633BC86F99B12F8BBE188D53E0B105E44766A0657A67E ] BFE             C:\WINDOWS\System32\bfe.dll
15:44:33.0150 0x1ec4  BFE - ok
15:44:33.0156 0x1ec4  [ BC1E5F20251E0AFDB955E7D91093B619, 5642E6B6CA6DBC8585834790A70CFF54252A631A9EA06D28F28EF7430FA42BE5 ] bindflt         C:\WINDOWS\system32\drivers\bindflt.sys
15:44:33.0164 0x1ec4  bindflt - ok
15:44:33.0190 0x1ec4  [ 97F4C0B9741E06BAC6AD2D93ABCEAED8, 25FD58F4BA2F8EC99241A580352D1EC49924829C61D89353B30CCEEE2CEBADE7 ] BITS            C:\WINDOWS\System32\qmgr.dll
15:44:33.0233 0x1ec4  BITS - ok
15:44:33.0244 0x1ec4  [ 30D75769E23CCFBE13DB41FC54243BB1, 4ED018F1DB103D3F354D8EF7DFE797028DBDF22294D355F6D38DF9C6AF61B69E ] BluetoothUserService C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll
15:44:33.0269 0x1ec4  BluetoothUserService - ok
15:44:33.0276 0x1ec4  [ 85B874696CC64AFE22DEAD2B87498621, 7832A2CB92BB743C4EA855A2BC1AB2E129FFA723D71E98C2A81E7A4267F25A99 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
15:44:33.0287 0x1ec4  bowser - ok
15:44:33.0303 0x1ec4  [ 0E1A0E81EF4B33FFDE8EDA46EE38F0D4, F92E7FC14264F58EF79A10025D8375B7455A339B556AEE72A32FFE29278FAF23 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:44:33.0332 0x1ec4  BrokerInfrastructure - ok
15:44:33.0339 0x1ec4  [ 3E4BF0145201239E0BBD0A937431C14C, 1DDC27C89B16ADD9346EB30AA9E17330FE0181BE96DC6F06C455493FBDCB1113 ] Browser         C:\WINDOWS\System32\browser.dll
15:44:33.0350 0x1ec4  Browser - ok
15:44:33.0357 0x1ec4  [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
15:44:33.0368 0x1ec4  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
15:44:33.0723 0x1ec4  Detect skipped due to KSN trusted
15:44:33.0723 0x1ec4  BrYNSvc - ok
15:44:33.0736 0x1ec4  [ 85F5808D19879E1803E46405090F29C8, E22E73BCE3B76BFBAC712DF1E5D7D38E189B80D1CE6E9A9AB3C94733CF18F04B ] BTAGService     C:\WINDOWS\System32\BTAGService.dll
15:44:33.0757 0x1ec4  BTAGService - ok
15:44:33.0768 0x1ec4  [ 063E91CD2CB1C372459FD6FBC02509E7, 29319290F73D8D87323584D938FBC86400AB37455E7E058A543A77F9BBF4579D ] BthAvctpSvc     C:\WINDOWS\System32\BthAvctpSvc.dll
15:44:33.0787 0x1ec4  BthAvctpSvc - ok
15:44:33.0793 0x1ec4  [ 02FEC31842DD153D966AC227B6DDF8BB, 90EEEA049212E5FE8EFA2ACED45DFB6ABAFEA6D40FB4E1E2681F65A417237163 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
15:44:33.0805 0x1ec4  BthHFEnum - ok
15:44:33.0809 0x1ec4  [ A0EC1D5C937995A2C5F1179538A8A6B4, CBFBDF2D8305BD72FFF64AAAB31EB5D5B8ADE537C35AC63DC3F6ADCBF96B3659 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
15:44:33.0820 0x1ec4  BTHMODEM - ok
15:44:33.0828 0x1ec4  [ ABE4A379B5AC9DCFC005F64AE2ACB57D, B6F9AF6AE23614326D2FA7017536D1C008ABF411D527DE4076A2C9907E15D9F2 ] bthserv         C:\WINDOWS\system32\bthserv.dll
15:44:33.0842 0x1ec4  bthserv - ok
15:44:33.0846 0x1ec4  [ E3786BEBB7E4003DE324A18069DDA081, 4DDA70CCB011D74811BA51686E6ED9A404EBE549AE6B3CE0DDBCB83D09E8AABA ] bttflt          C:\WINDOWS\system32\drivers\bttflt.sys
15:44:33.0854 0x1ec4  bttflt - ok
15:44:33.0858 0x1ec4  [ 5A458422B4312BAEEFA3E64D321596E6, 1213D86B9B6FBB1414D1D3E5F4B0ED0C68D05EB98C902395AB0F0FC3D8A29AD5 ] busenum         C:\WINDOWS\System32\drivers\busenum.sys
15:44:33.0864 0x1ec4  busenum - ok
15:44:33.0869 0x1ec4  [ 03C13BB635635B9152DBF49AA07B728C, F6141576EB54EFE5E329762EC548C7D256EFB57C42A46BB3426B779413F0C975 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
15:44:33.0880 0x1ec4  buttonconverter - ok
15:44:33.0885 0x1ec4  [ 9983FF8D9834F2E67787F4BDC42A8E36, 85260F4A657D657ACD394339DFDDE814AD6BCA65712EAD943833BE7AB0937C8D ] CAD             C:\WINDOWS\System32\drivers\CAD.sys
15:44:33.0893 0x1ec4  CAD - ok
15:44:33.0901 0x1ec4  [ B405F59CF690653105600F85C9B576B9, BEB313DF7D343B2A421EF76E908FCDB64C62AB2ABB7A3188F48A6CACA9644D97 ] camsvc          C:\WINDOWS\system32\CapabilityAccessManager.dll
15:44:33.0918 0x1ec4  camsvc - ok
15:44:33.0924 0x1ec4  [ 407B33DE151A3DFCF564AC4270E44B1D, 8B1419FEDDCEF9F9F239B4C1A629F4F2748FC09CF3E38CA01D8D6D1D32252346 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
15:44:33.0936 0x1ec4  CapImg - ok
15:44:33.0941 0x1ec4  [ 1200CA82E0D59510F69B6839540A76AA, A24E0098D279B04734558032A95EEBED0F20422AF8C62783E46FDEE0DA39F94E ] CaptureService  C:\WINDOWS\System32\CaptureService.dll
15:44:33.0956 0x1ec4  CaptureService - ok
15:44:33.0961 0x1ec4  [ D3CBC6DE5955D014407C7BD1FFE80F00, 9D185AED383FCBF16EE63192452DE888D8485D7BD9C0257BF92A68C42120A1B8 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:44:33.0981 0x1ec4  cdfs - ok
15:44:33.0995 0x1ec4  [ 0942C87ED45B1E227032AD154105F79B, A0A40589B9C399061C1C46247609CA514DCD21DDF1E7FCEE19F0CE75D0FC7996 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
15:44:34.0021 0x1ec4  CDPSvc - ok
15:44:34.0032 0x1ec4  [ 9FBF5849A6F51E3B3F8AF2A4171648DA, 7422BC5C87075F5008E6364C8AFAA794AB17CA2DC238DC00F377B942B6FCDC11 ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
15:44:34.0053 0x1ec4  CDPUserSvc - ok
15:44:34.0061 0x1ec4  [ 6834DBBA2A1DBA5B9B6360D0B9A3CBB5, 637331058347D94FBDEE0D47E56723C98BDBBE8E044A225CCE7B3592AA562021 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
15:44:34.0074 0x1ec4  cdrom - ok
15:44:34.0080 0x1ec4  [ 6C6FAAB1BC8D63BF8CB6B5EFCEF4E351, D2AF0A5B3C4BBC4FD19D96D111FB1A694483E91B926C9BC093C114B94BE42CBC ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
15:44:34.0093 0x1ec4  CertPropSvc - ok
15:44:34.0101 0x1ec4  [ 4A08B239F92B319AD31E3916D27AD4B9, 948772689F14090E9E096CF7423CE5D994E3F9964775AD5B2F78C37A987EE980 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
15:44:34.0113 0x1ec4  cht4iscsi - ok
15:44:34.0143 0x1ec4  [ C8EA9376E4D284F9DF24B27AC6E3AB85, DAD3B00A37797E7C80E0C359BA735B65BBBE5DC25480910737D86D2711A6FF8C ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
15:44:34.0187 0x1ec4  cht4vbd - ok
15:44:34.0193 0x1ec4  [ 3AA86DA04A561E8162C2DBBF92D12074, 9CB67299BEC25F2B357DDAA5A36B3464193B8BDAB4DCFAE0CD4315911027E409 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
15:44:34.0203 0x1ec4  circlass - ok
15:44:34.0213 0x1ec4  [ 4C9CDDE070A9A005CC11CF17483720A4, F2F95125A52B13F34A9DC5473CEF777D6D85C4D810FA0102553EBF72560F6CAA ] CldFlt          C:\WINDOWS\system32\drivers\cldflt.sys
15:44:34.0232 0x1ec4  CldFlt - ok
15:44:34.0242 0x1ec4  [ DB26170CF6555B9AFF76CFA067ABCF90, A066E89267783A5E54A36D1CF193916218BE2E1D177F0ACA82E2B86211629806 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
15:44:34.0256 0x1ec4  CLFS - ok
15:44:34.0398 0x1ec4  [ 13DED573464BA7F43FE640479B309E09, 28A81821A0078F04FE5C22510750C5C7B55CEF9FA0223C2AEEF4F41385A98CD3 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
15:44:34.0558 0x1ec4  ClickToRunSvc - ok
15:44:34.0587 0x1ec4  [ 5BD85187D6A6A37D2A4563F33D7A76E4, 6FF434BE93259229E0EA64EC1B6E09B1B814C2A467FC2859B94C79549E2F114C ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
15:44:34.0613 0x1ec4  ClipSVC - ok
15:44:34.0624 0x1ec4  [ 66CBF6F8FE6F436B315D7FEAF5D2BB40, 0F6AE6412EF73C74EF0EB1866E8CD85AACE4373D5C24F3D0121F5A7420E5A03B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
15:44:34.0632 0x1ec4  CmBatt - ok
15:44:34.0646 0x1ec4  [ 0311316193488348F2AEBDBBE73E4865, F7411BF8B0DEB8A1E25FD78A6198B18876A8DCF9D5FBF056C9962D1355A8A750 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
15:44:34.0671 0x1ec4  CNG - ok
15:44:34.0676 0x1ec4  [ 037DCC7A71938729CB12E8174E03031C, 1BA2F74F639BF8D5BB38AA658A6D847BAE8D85CF72C4AD5F13BBA1D53145789F ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
15:44:34.0683 0x1ec4  cnghwassist - ok
15:44:34.0692 0x1ec4  [ E40C99A3E0FFF49687F2187BF3E3050D, 30723EC5767C3F6FAA3CF299440B71B5973F890FB54B9737B96FA0359E7D90FA ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_bcb89b3386563bd7\CompositeBus.sys
15:44:34.0706 0x1ec4  CompositeBus - ok
15:44:34.0709 0x1ec4  COMSysApp - ok
15:44:34.0713 0x1ec4  [ 3799A9DFB162D9AAD6AC12CB8185FD19, 942F2777049166EC43F93177F0084EA08B06CE9107AF55337124FE25CCB158C4 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
15:44:34.0720 0x1ec4  condrv - ok
15:44:34.0738 0x1ec4  [ E472712D39E2F3093688C59689C1DF3B, B41DD321315ACA1EADA7F3DC34B389438BE500D1FA3CB3E684F6ED2650D02F83 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
15:44:34.0761 0x1ec4  CoreMessagingRegistrar - ok
15:44:34.0777 0x1ec4  [ 8A900579C0327CE5F041479DB9575D06, 6814077085568669460B5DCCF1E640F299D07E1574360FEF26260FAF7CBEE213 ] cphs            C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\IntelCpHeciSvc.exe
15:44:34.0792 0x1ec4  cphs - ok
15:44:34.0808 0x1ec4  [ BDB81264E6231D146E5AA8AD7EE3CE19, 9A60CF0FF23C2A93D742EE49D423E74DF25D2F2F20E4B99DD7A7CC65A5295BCA ] cplspcon        C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\IntelCpHDCPSvc.exe
15:44:34.0822 0x1ec4  cplspcon - ok
15:44:34.0829 0x1ec4  [ 6C6073B45D65887A6035F1A8D073274A, F002B25E05D0894CD12BA3D046E11D4AD6F0BCE8796618B0EE54851223A65C15 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
15:44:34.0846 0x1ec4  CryptSvc - ok
15:44:34.0858 0x1ec4  [ 3D4C5DCB65E56C3F961E1773A5728825, A9AB783E1ACBD75A0DAC11B382AA1EAB19A9F2599968F4FCDA3A21B03A515451 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
15:44:34.0881 0x1ec4  CSC - ok
15:44:34.0896 0x1ec4  [ E20EC7EA6EEF16B5780B459FBA86C521, 52CAAB13F1B1E99097E4996432943260417F519E6F4D232A0CFE0259C8BCAECF ] CscService      C:\WINDOWS\System32\cscsvc.dll
15:44:34.0922 0x1ec4  CscService - ok
15:44:34.0928 0x1ec4  [ 8711386E9B04357F8F58166760759F3A, 8912CFD220645002C9D3F9E49717D8B0B98704380B45F53D45D5674537B496FF ] dam             C:\WINDOWS\system32\drivers\dam.sys
15:44:34.0936 0x1ec4  dam - ok
15:44:34.0958 0x1ec4  [ CABE63E881D5A9719EBB5B3CFD754F0C, 3CF6B088BA8A6E055E79A38C15FD61B45105F9024519282D5FC027C4849B3A99 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:44:34.0997 0x1ec4  DcomLaunch - ok
15:44:35.0008 0x1ec4  [ 94FC38FADA032862E579044C123C0D58, C4A7DF6EE20BE3F2784FE66AF37AC01D0DBBD8A6C15BF03A6AC78CA9D2403F3D ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
15:44:35.0028 0x1ec4  defragsvc - ok
15:44:35.0039 0x1ec4  [ BF443F7BE4BBA1A2F345474D74953A42, 5FA1312B01C055573A0FEE65E56AD22B452EE69D2F7CC0CFFF8CE0F09406CA19 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:44:35.0058 0x1ec4  DeviceAssociationService - ok
15:44:35.0063 0x1ec4  [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
15:44:35.0077 0x1ec4  DeviceInstall - ok
15:44:35.0087 0x1ec4  [ 38D6ED38A46F815C24C5656E8A5AB083, 730DD6D85771A60E5C089BF5D810E3AEA335BF7DD14FD72924A1A4FCF021A59D ] DevicePickerUserSvc C:\WINDOWS\System32\Windows.Devices.Picker.dll
15:44:35.0110 0x1ec4  DevicePickerUserSvc - ok
15:44:35.0126 0x1ec4  [ 372BD821867225F32DE87A6B3FEC8A2E, 20389A1861B5A451EE3383F68FC59B3C9A75D3123B2DF1669CBB5CC37A0128B0 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
15:44:35.0154 0x1ec4  DevicesFlowUserSvc - ok
15:44:35.0160 0x1ec4  [ C48C4D6B8D9C53F0399DEDA402A6FAE5, 25FBE2A51DCF7DB95AD2707502F8A9661B94FC61DFC405DA5BF23BED1BA123D2 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
15:44:35.0176 0x1ec4  DevQueryBroker - ok
15:44:35.0181 0x1ec4  [ 8A1C10410FDA4287A76EC5A64371E221, 66CE271DDAD9CD82D2DF220247D91CCB906FA4B5508ABE0DC4A56D1C0C008BCA ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
15:44:35.0193 0x1ec4  Dfsc - ok
15:44:35.0199 0x1ec4  [ 5F78930AAB3900102EA8ACDD38F97324, 49CAE29CC7B1B846BDE603B1A411833162ACC1A9D1608BFDF67C2EA3A0EE0F85 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
15:44:35.0207 0x1ec4  dg_ssudbus - ok
15:44:35.0215 0x1ec4  [ A25AA328816454FA5CCD054343CADAFC, BA2524E443213DF65DF923C58D5C6A99681F102917C1AFD94B31196F4838DB8A ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
15:44:35.0235 0x1ec4  Dhcp - ok
15:44:35.0240 0x1ec4  [ 1A468A999C05ACA23C8F5A52C996AEDA, 84A4FF952516CB2F3A40378D530710E00AF9161A736A8F3877E2F66BDDE32BEE ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
15:44:35.0251 0x1ec4  diagnosticshub.standardcollector.service - ok
15:44:35.0257 0x1ec4  [ 6EC6BB6EF31C85FD72D14BE4A1BD1B03, E027124AD492ED22F0D604030CB0E2C3778331879FC73A614644FA8C8606ADD3 ] diagsvc         C:\WINDOWS\system32\DiagSvc.dll
15:44:35.0274 0x1ec4  diagsvc - ok
15:44:35.0320 0x1ec4  [ 0C09D403928525E5BDE06602A49D9545, BA932370F5376CCE69872FC0D6CC5BCB0DB947781A9E0A5E833DC92B1CCC1085 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
15:44:35.0402 0x1ec4  DiagTrack - ok
15:44:35.0410 0x1ec4  [ A79FCB89805FA9EA9F48B671A4591D4E, 13CA8B9CB35DF9F8EFFF8E6ECC0F65E4F179FA9BEF4B68F3382CA4A6BF14FA54 ] Disk            C:\WINDOWS\system32\drivers\disk.sys
15:44:35.0417 0x1ec4  Disk - ok
15:44:35.0433 0x1ec4  [ EAA267FAABDBE6194985DC6A0AC96664, 604908384B503AD7E14F15776C1B3DC58A278149145C2811B5B5300EA597A50C ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
15:44:35.0462 0x1ec4  DmEnrollmentSvc - ok
15:44:35.0498 0x1ec4  [ F69D7A5D7EDEE16B85F08040836FB09C, 944730FA6CA6ED0ECA85848A2F00EE1E647F7DD4CC37E557A812ECE8A92B3999 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
15:44:35.0507 0x1ec4  dmvsc - ok
15:44:35.0511 0x1ec4  [ 8B3601E34BD1D693598F968D70361C37, 897C5AEB5ED6AC9DAB2E8E638A42FF588AF3A94EE4C731E97DFAB89BD3B658BC ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
15:44:35.0522 0x1ec4  dmwappushservice - ok
15:44:35.0529 0x1ec4  [ E65844BC31FE3687A745C2E48C845CBC, 826845A9FC00E4D68CDE5FA5C293DF6D41DB0E8D15B43647A1335F0A79AFD4D6 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:44:35.0545 0x1ec4  Dnscache - ok
15:44:35.0554 0x1ec4  [ C79E79CD4DE45EC0EC0ECB5C76D6CB11, C1AFCA79A104EDF5C59C3E6A113467C7F73E84AACEDE97A22BCBA5B25563E163 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
15:44:35.0572 0x1ec4  dot3svc - ok
15:44:35.0577 0x1ec4  [ 5B1EF28DE7302A6BD5DF8459E2C598EF, F2292B8ED8FBFFA681942D5566BF1932D1E9B4F44C2D13329B60E5A8B9386CC9 ] DPS             C:\WINDOWS\system32\dps.dll
15:44:35.0589 0x1ec4  DPS - ok
15:44:35.0593 0x1ec4  [ AD1BEFBF96C0273925EDC9282557D984, E23B1B043E9EE25054DCEFB10C1C69009DCB1E12675DAE60B00A646735B03D99 ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
15:44:35.0600 0x1ec4  drmkaud - ok
15:44:35.0607 0x1ec4  [ E7D1636EEA6F9A941573CA426F214054, 7730C82E808C80BAFB59A6AD140B11C2269A62F2396783CB063E58D8EA624BDD ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
15:44:35.0622 0x1ec4  DsmSvc - ok
15:44:35.0628 0x1ec4  [ 4323DDFF8CB51FD74B241810CFA6CDBB, D9CDE22055C6D139DC3E21C3D92112704426D60F5EF83E3E338B68D885BD3D30 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
15:44:35.0640 0x1ec4  DsSvc - ok
15:44:35.0649 0x1ec4  [ 974BC06C0EC847EA4DC8D9002D394FEB, 4952FEADD7A3EF541FD537EBBCD56ED573D712755798C42428E78267E50BAB34 ] DusmSvc         C:\WINDOWS\System32\dusmsvc.dll
15:44:35.0670 0x1ec4  DusmSvc - ok
15:44:35.0713 0x1ec4  [ 5D14FF5C1FD8925D4F9AB1C7CA1D8827, 5116ADF2DE72A259D869389AA013361ACD8D8939C760F0835A58E447FD537A27 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:44:35.0773 0x1ec4  DXGKrnl - ok
15:44:35.0780 0x1ec4  [ 7E9A1608894297B133AF5EE18E404208, 9E2E4B4F6133375DB8E490337594BEFB86BA964223FB272A23ADD02FA8065253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
15:44:35.0793 0x1ec4  Eaphost - ok
15:44:35.0843 0x1ec4  [ 75CA88887850A74DDAAAF92500B6D9B9, 1C413719D0E659E20C66B0762B2FC708E55536961A1D9F21906ADBE9CF431489 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
15:44:35.0914 0x1ec4  ebdrv - ok
15:44:35.0923 0x1ec4  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] EFS             C:\WINDOWS\System32\lsass.exe
15:44:35.0931 0x1ec4  EFS - ok
15:44:35.0936 0x1ec4  [ 7E838D857FC55535710C316441459C38, C4673014D3ED3E68E02DB5BE6DB53E45B1E4A3CE2B04B15BFD507AF703A60134 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
15:44:35.0944 0x1ec4  EhStorClass - ok
15:44:35.0949 0x1ec4  [ 49023DD6F646B8C70AE1C105415F3E2B, 16EC2920A2CB71C17BFA7A0E22EDAE1C0E7004C986BEBCA9435F6FDB5D8E64CF ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:44:35.0959 0x1ec4  EhStorTcgDrv - ok
15:44:35.0964 0x1ec4  [ 80D5BD4804C587B21A121566549A63FB, 9BDC1DEB8805E06851F2E2A8B8762265FDC6B12B873D391BFCB8300BDF425B36 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
15:44:35.0978 0x1ec4  embeddedmode - ok
15:44:35.0987 0x1ec4  [ 8BDB4EB138A93B9C4242D5ADC068899A, 528C0D16CE5D9A69EA75C43DC53D14F7BD2D8BB0B0B0F32BB1F36AC6659C6A27 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
15:44:36.0004 0x1ec4  EntAppSvc - ok
15:44:36.0007 0x1ec4  [ 1DF19D7A941CB06F8EADF89FA0BF59AD, 0A8891AD73AF277B764FA5CF163E6BC29DFFA0E35388A941AE27E001289C0A4A ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
15:44:36.0015 0x1ec4  ErrDev - ok
15:44:36.0028 0x1ec4  [ 9B538A1E44E1D61FA80E80EA75A085FA, 6431BBC533895BD466879C407B9BE7EB50345D666FEE69CAB0813283F07DBE82 ] EventSystem     C:\WINDOWS\system32\es.dll
15:44:36.0046 0x1ec4  EventSystem - ok
15:44:36.0055 0x1ec4  [ F03D76FD609F3490AD8661F175024CED, 127DC686FDAFFCF2404DDB8A55B9B82979D87E862539F34B7AB4AB6D3A707C14 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
15:44:36.0073 0x1ec4  exfat - ok
15:44:36.0081 0x1ec4  [ 7EB91BCA4FAC626098300885E6914BE4, F0954D9F632A87CFB5569FD07C728169D275D37F38B561B2ADF2EA03DA864DD1 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
15:44:36.0094 0x1ec4  fastfat - ok
15:44:36.0107 0x1ec4  [ BBD6407DA3DA4FC718710587E253C7BF, 8C9995A86EF9FC1FB47ADA1367A67A9829E0E3CE191D11E0AFB0F85E325D48DC ] Fax             C:\WINDOWS\system32\fxssvc.exe
15:44:36.0131 0x1ec4  Fax - ok
         
Code:
ATTFilter
15:44:36.0135 0x1ec4  [ 6701B9973DE98578A491721B4BDE0926, 48D07092E6B44CAA529559DF620BDAA4DFCC16430DBA8178B461E556AC526DE1 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
15:44:36.0144 0x1ec4  fdc - ok
15:44:36.0148 0x1ec4  [ A2037943CCC079307A383C5543607CEF, 2FAC5F76526A8E4D7D7FAE80F9A0AF31D37DD12FF597769C87912B973C339BF4 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
15:44:36.0161 0x1ec4  fdPHost - ok
15:44:36.0167 0x1ec4  [ C11A1A9CF331B7AA2F04974EE262EC07, AA1C79FCCDEC3C7236B7BE73E6888D7DD5642EB16E13B4633C98EE34CB72A644 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
15:44:36.0179 0x1ec4  FDResPub - ok
15:44:36.0185 0x1ec4  [ 71CECDA2DCF81E0AD8C30440C77966E2, E26313CD895579A9F3380A648E6FC271EFED0E82C0FCFB287049C5C2D0CC35A9 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
15:44:36.0197 0x1ec4  fhsvc - ok
15:44:36.0202 0x1ec4  [ 9BC7FE262AF52B341048234809AA7D91, DF95BBEB59821357C69797AC659380C9F27C11B8A60A599C9A2C5623B7CBB6DB ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
15:44:36.0211 0x1ec4  FileCrypt - ok
15:44:36.0215 0x1ec4  [ A0AF205465482EE0FC6261782629566B, E0C0E9EB327F4DEEDF3E32EB5573A74436829078331A8EA1B795438892EE81B8 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
15:44:36.0224 0x1ec4  FileInfo - ok
15:44:36.0228 0x1ec4  [ 01D83D284E6B37902DB3C4D4DB0649E0, 4376F872575013DE87CA8173FABAD367FFF907086864C106A4C82933EF9DA308 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
15:44:36.0238 0x1ec4  Filetrace - ok
15:44:36.0241 0x1ec4  [ CE9CB1DB00B5007ABFFF0717E748E919, 314E1FA6B0CD9416894EED93ADF3DCB273FF37F6E56EF64C9E7B55E174EB3226 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
15:44:36.0250 0x1ec4  flpydisk - ok
15:44:36.0259 0x1ec4  [ C5374BA2CAE89DE7269EC61A969EF5D5, 520D7A4C50A9FFF308599C6EADDCADD3D9E398718786D82F02F7EE5C30E7D6A2 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
15:44:36.0273 0x1ec4  FltMgr - ok
15:44:36.0303 0x1ec4  [ 8F528FD267C55ABE2A156C5F6EA6B867, 540A852F250783553E042FC31D3F2D695DADA4777FF31F1BA8B60E3407333277 ] FontCache       C:\WINDOWS\system32\FntCache.dll
15:44:36.0359 0x1ec4  FontCache - ok
15:44:36.0365 0x1ec4  [ CE9456F925ADA70ED5A4158F103F9A26, 89753CCCB2E8B1553F077B8F13C63FBEC2EABE7093A6B847477542483347C827 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:44:36.0372 0x1ec4  FontCache3.0.0.0 - ok
15:44:36.0398 0x1ec4  [ B6BC6E6731FB1E02F0B3C73A87E1C35E, D9CA56006C1D995568A557E53DCCD7802D152CADE535BDB5DBBFC66F3F2EE236 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
15:44:36.0424 0x1ec4  FrameServer - ok
15:44:36.0429 0x1ec4  [ 835F9C7193B6F9A796DE76897DC56968, 62D6CF40CD6B798E79FF3274DB156DAB17724EDEEC85F6602F3C0EDCDD2DBA11 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
15:44:36.0438 0x1ec4  FsDepends - ok
15:44:36.0441 0x1ec4  [ A01BA0506E07F316483E99D7AD9B6E75, B2CFB3AAE0E49C539C743A7F416CFC0DE2E0CFC2D5AE685F8B1BECBDB95C4308 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:44:36.0448 0x1ec4  Fs_Rec - ok
15:44:36.0464 0x1ec4  [ DC47EDC682C099EF47776313287F1801, 19DB3BB15230870A55E8A9496C950B0384081FBD6B2D17DCF8A1084A1590E23F ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:44:36.0489 0x1ec4  fvevol - ok
15:44:36.0561 0x1ec4  [ D344F6389E8E2B439E1BA5A8E679F971, 438EC2FDFA4C859C86D2B67E6CD6E5166A310FA3638D79B79D886577FC65A4D9 ] GDBackupSvc     C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe
15:44:36.0647 0x1ec4  GDBackupSvc - ok
15:44:36.0657 0x1ec4  [ D8884ACB2F2B41202F70315BFC053345, A6BBC6A29E408E2BADC2B54E40672A1FAA5FF39ECDC1FB9E7D7CB67DDF734C54 ] GDElam          C:\WINDOWS\system32\DRIVERS\GDElam.sys
15:44:36.0666 0x1ec4  GDElam - ok
15:44:36.0718 0x1ec4  [ F90246BF0D35D77A296A677C8DEA5C03, 0393B2B609B59D7F4802BF7AC939D501F3737E6A03B00C41FBDC79FC0E781F6E ] GDFwSvc         C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe
15:44:36.0782 0x1ec4  GDFwSvc - ok
15:44:36.0789 0x1ec4  [ D48DAF24329226E8797CE4AF53D90FBC, 5F0B25F55CA27647FA24558B55DCD267889DCA29DC6F8857C820F45913F28D06 ] GDKBB           C:\windows\system32\drivers\GDKBB64.sys
15:44:36.0794 0x1ec4  GDKBB - ok
15:44:36.0798 0x1ec4  [ FC20CC3F6B87E9C26B01D8A6DDE6D847, C62B802E217160996073CDEBE7010C1C89FE26B89A09FF9F236642CDEDF2D19B ] GDKBFlt         C:\windows\system32\drivers\GDKBFlt64.sys
15:44:36.0804 0x1ec4  GDKBFlt - ok
15:44:36.0813 0x1ec4  [ 83ECA67C84BEF67C3C3FEDD1487DE4B0, 9D37C35129348B05076798F1D653ABC504BCB465C3E34D2027C8FFE92CD607C9 ] GDMnIcpt        C:\windows\system32\drivers\MiniIcpt.sys
15:44:36.0825 0x1ec4  GDMnIcpt - ok
15:44:36.0831 0x1ec4  [ 4FFBAEDFCBD0EF1363BF6521F2727FF3, 6544B8CDC3081083E7C0E03D9D37EA4F2312A42E588409A0A7AC59F33106B951 ] GDPkIcpt        C:\windows\system32\drivers\PktIcpt.sys
15:44:36.0839 0x1ec4  GDPkIcpt - ok
15:44:36.0842 0x1ec4  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\windows\gdrv.sys
15:44:36.0847 0x1ec4  gdrv - ok
15:44:36.0868 0x1ec4  [ 3372264D6C0F86406378133465C84850, A4FBCD33037CD7BCEC3DF32698ED4B23835F8D753FB504B4165D50B230F03D15 ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
15:44:36.0892 0x1ec4  GDScan - ok
15:44:36.0898 0x1ec4  [ 7D9BBF500FE0C59434C73588A592BFA7, B9B7EB8B7BCB06188A7671574611247286E0EFBD620245EAD17D41DEA0CBC2DF ] gdwfpcd         C:\WINDOWS\system32\drivers\gdwfpcd64.sys
15:44:36.0904 0x1ec4  gdwfpcd - ok
15:44:36.0909 0x1ec4  [ 71DBED7FB264DB60341BC796EC2E8135, DBD29794A45AEFB16A5765D03962B311CB061D1EB8A281C5F34DABF39C66A3B2 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
15:44:36.0920 0x1ec4  gencounter - ok
15:44:36.0923 0x1ec4  [ EA5EE5EF9765A9157B346DF671952F18, FD0A8DBA6EA3E47D454B877CEC74B7B6BEC8B7A98BE37E9E1110D867009D9EA1 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
15:44:36.0935 0x1ec4  genericusbfn - ok
15:44:36.0941 0x1ec4  [ 6BE6550F1A32796A11EBC58BBC72C44D, 99DC4058EC1B3BF316F1470BF1208F0A2FC72A508BCC9E7548D91BB0FF04376A ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:44:36.0954 0x1ec4  GPIOClx0101 - ok
15:44:36.0978 0x1ec4  [ 3FC2377994D9D63FC128B6C48B22B68F, B47D6BE6FF596A23BBDB7261B1CA9CA67CD138CBF89AEA7A68882E62C0087561 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
15:44:37.0023 0x1ec4  gpsvc - ok
15:44:37.0028 0x1ec4  [ 508614CAC7BF8AEE4FB9002A413919B1, F60DE0236B0453FC99473A09A7FAC1140831E581C08F3F5C440F5EFCD30943AB ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
15:44:37.0038 0x1ec4  GpuEnergyDrv - ok
15:44:37.0042 0x1ec4  [ 248739BB0F3A1156A2C0AF51F39A9EA2, A94C43658BCCC88C2D229F40F5C03CA5839A2EAFD57CA088E3E85EB9264CCA3E ] GraphicsPerfSvc C:\WINDOWS\System32\GraphicsPerfSvc.dll
15:44:37.0057 0x1ec4  GraphicsPerfSvc - ok
15:44:37.0062 0x1ec4  [ 7F2DEAC8C1F91EA86FD0E50A340C3348, 5FB43B9AEC482AF95E71E11E9A96E65BDE9D1A25F9B42EE7051866D2A3EF0098 ] GRD             C:\windows\system32\drivers\GRD.sys
15:44:37.0071 0x1ec4  GRD - ok
15:44:37.0076 0x1ec4  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:44:37.0085 0x1ec4  gupdate - ok
15:44:37.0091 0x1ec4  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:44:37.0098 0x1ec4  gupdatem - ok
15:44:37.0104 0x1ec4  [ DED74127C7A2266715C0B8EA2EE75214, 999507BECB4BAAC61317D98311962D446844CAC6271BFFE181F6CD6DFE221465 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
15:44:37.0115 0x1ec4  HDAudBus - ok
15:44:37.0120 0x1ec4  [ 95888B85956AF97320D1F5C354632957, C0218271A17897D4682192AB431658523EC87CB13551B2BDA40576BF766BB26C ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
15:44:37.0126 0x1ec4  HidBatt - ok
15:44:37.0131 0x1ec4  [ 104124D3EB9D10608F80D621FA1B4525, 293B2F2D2326E4B03591267BC9CC763D57719EF08392337E80B42C31A1F28FA0 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
15:44:37.0142 0x1ec4  HidBth - ok
15:44:37.0146 0x1ec4  [ 6D767FEB02DF712F783BEEFF09E06431, AB64C61E5729FB27BF9564CA8308D895CFFB992CE8606FDC31EFF01BB1FF8FFE ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
15:44:37.0157 0x1ec4  hidi2c - ok
15:44:37.0160 0x1ec4  [ 542AB7A14235C5227A9307ACF1636F0B, E54C4C4511727F4E70CB1C9259C56D4AC62E70BAB2F42E9AB402C1DF4AF3FA25 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
15:44:37.0170 0x1ec4  hidinterrupt - ok
15:44:37.0174 0x1ec4  [ 1553DF41F4EE4F60B4BEEEC62264BE71, 46AE8357E8038D35ADB82A51ED421293D7AB18C926C713F19149B97400D4C65E ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
15:44:37.0183 0x1ec4  HidIr - ok
15:44:37.0187 0x1ec4  [ 3030F19C6A73367D6D5EEDD157F5D01A, B1F13C2AE334C8CDF15BD96B70E92A81487308D841196A29AE3D1164CDAF9AA2 ] hidserv         C:\WINDOWS\system32\hidserv.dll
15:44:37.0201 0x1ec4  hidserv - ok
15:44:37.0206 0x1ec4  [ 6E3FB2047B8AE72E1B5F1C00A5F3E475, A5F791BECA43925D410751C114BCF2FC4A46D7A44BE80B02CD3259C6E271FF31 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
15:44:37.0216 0x1ec4  HidUsb - ok
15:44:37.0229 0x1ec4  [ F9B084CD85EE41FD7C9F1335AAF38B81, 985199A99191641D65B8089F6F417E3929677FC52C036631A69E5409A8F59EA0 ] HookCentre      C:\windows\system32\drivers\HookCentre.sys
15:44:37.0239 0x1ec4  HookCentre - ok
15:44:37.0243 0x1ec4  [ 621B1FFB2E4E4745484EA01B013BF1D2, 6F6761922EF931DB95D6597A5884DEB3CC127FB9D763A5A27369F7881DE64B8D ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
15:44:37.0251 0x1ec4  HpSAMD - ok
15:44:37.0267 0x1ec4  [ 87B74C28D0A841D920B05184554C41BB, 5E51CCBFD5E7F00E9DB9A1322B99C50C0AC62150ED1E3FBBD6CCACB5494C5778 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
15:44:37.0292 0x1ec4  HTTP - ok
15:44:37.0297 0x1ec4  [ 9E1F3BA540DB9F4942A3F50A92E5754F, 3FF53B60DC52886D6F2EC7F9D8C12009A4BECE5A046D827BC8C941E7401ED000 ] hvcrash         C:\WINDOWS\System32\drivers\hvcrash.sys
15:44:37.0304 0x1ec4  hvcrash - ok
15:44:37.0308 0x1ec4  [ EBFCD9B6431859F529CE9BB66E723D37, 2D693E8B44D0A9564CF515A00F6079F4D06B2E2E3C297A048E40B20CFCC0F7B1 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
15:44:37.0317 0x1ec4  HvHost - ok
15:44:37.0321 0x1ec4  [ C43E389B4052D8C428B3F61231F8EF72, 23721D91D9165C29C613DAC66012BB3068EFFF5EBCB40C1ED6FF31C31149F996 ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
15:44:37.0329 0x1ec4  hvservice - ok
15:44:37.0335 0x1ec4  [ B149905CD7451160B6BFA2191A3F6182, A706E4F12963A20F9767D8730973282B5830D97A087ADA8CA9B7D219513C127F ] HwNClx0101      C:\WINDOWS\system32\Drivers\mshwnclx.sys
15:44:37.0345 0x1ec4  HwNClx0101 - ok
15:44:37.0348 0x1ec4  [ FE36689912DEC37D45B7A6C6414046FE, 3AE4E52B4ECD50ABEF67DCD1E30E409908F53624D9854BDD472352E8B280F19D ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
15:44:37.0357 0x1ec4  hwpolicy - ok
15:44:37.0360 0x1ec4  [ A1133368F47D514D73DD7FB4C4FD2B75, 6019DABCAB9E2941D76EC62F4352FA76DDCD964671C490730BF725CA2234CA3D ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
15:44:37.0369 0x1ec4  hyperkbd - ok
15:44:37.0372 0x1ec4  [ B68252C53556FFB52CCE18FF30FACA99, 0463FB8661A9EF338EFBBE43EE76C63DE170510D0E9B612D62009D7D85669365 ] HyperVideo      C:\WINDOWS\System32\drivers\HyperVideo.sys
15:44:37.0380 0x1ec4  HyperVideo - ok
15:44:37.0386 0x1ec4  [ DA179667B8CEC22E4ECBBF4210DC0E35, 70CDB592E1775919B9AB1810A7BA18FE4851FBD493E4772741F36FC11A4CA47E ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
15:44:37.0398 0x1ec4  i8042prt - ok
15:44:37.0403 0x1ec4  [ B5EC43755E62591197DE5CBBDAA9FEB7, 1B4E0EAB677B09A050925879ECDA311404270DCF020AAD390692427198C73C9F ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
15:44:37.0411 0x1ec4  iagpio - ok
15:44:37.0416 0x1ec4  [ D8CA23F9C5FEF44296FDE1E005C06EC0, 0D7B03EF9E19B9B2A28C3318560488B3F9573CF364A533A9B4A2CD0A7FFA4F84 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
15:44:37.0427 0x1ec4  iai2c - ok
15:44:37.0431 0x1ec4  [ 7B769C9D19C013F94874C4B15D59A005, 53A15F0480AEC43B5A01CFB17360188885B6ECBFFF6E566D27E5B6D4C7737243 ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
15:44:37.0441 0x1ec4  iaLPSS2i_GPIO2 - ok
15:44:37.0445 0x1ec4  [ E0F1B3A2A70FABE3BE1C9140BB55E607, 34E5B055619F3A26B7BB6054EA49D40B7D6DAFE234F57F358FE7C8EE83E10618 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
15:44:37.0456 0x1ec4  iaLPSS2i_GPIO2_BXT_P - ok
15:44:37.0462 0x1ec4  [ 89A869BCC0588A3009ECB875B09ECD39, 5ECC2C6E661B326511682D8EA1C82F942C63835890687285FEF455C5C9DC2476 ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
15:44:37.0475 0x1ec4  iaLPSS2i_I2C - ok
15:44:37.0481 0x1ec4  [ 2E693DF3C02A0859DB8DE25772751100, 3EFFDA44B247E04258429ADC85E88E23F926FD487A3A85BF879E6E5802197B3F ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
15:44:37.0493 0x1ec4  iaLPSS2i_I2C_BXT_P - ok
15:44:37.0497 0x1ec4  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:44:37.0503 0x1ec4  iaLPSSi_GPIO - ok
15:44:37.0508 0x1ec4  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:44:37.0521 0x1ec4  iaLPSSi_I2C - ok
15:44:37.0537 0x1ec4  [ C98182E3E243FC69F468F051C8AEE071, 31425CC5970C2B654A8A455FFE327465A8DD9D81A011E679D6D3D7CEFFBECA2A ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
15:44:37.0555 0x1ec4  iaStorA - ok
15:44:37.0572 0x1ec4  [ 26405FA714257E449581DE5D6E6200E6, 1C3055AF6BB53308B7E6268A11929881263767619FF524674C51C03B7990C0A8 ] iaStorAVC       C:\WINDOWS\system32\drivers\iaStorAVC.sys
15:44:37.0595 0x1ec4  iaStorAVC - ok
15:44:37.0609 0x1ec4  [ A357ECE3F632992061F8F06392344B34, 08DDE94ADF516BFEAD4C486F1D5F7F71814D5D769E7AB5B81CE55EEF5C20A18A ] iaStorB         C:\WINDOWS\System32\drivers\iaStorB.sys
15:44:37.0625 0x1ec4  iaStorB - ok
15:44:37.0630 0x1ec4  [ 27A2B1B8F5959BDA3F952A538977096C, A242145A7AB1E2D6FAA4A9308469A7F4A5CE233AB74C0D22F1AAA32BD325FCBB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:44:37.0639 0x1ec4  IAStorDataMgrSvc - ok
15:44:37.0652 0x1ec4  [ 414CD8EF8034FC54112813CF85E1A59F, 9811DBBAF16F6772CF1F4C303449F43C4F20D51A2E827791A305727A8B9B7656 ] iaStorS         C:\WINDOWS\System32\drivers\iaStorS.sys
15:44:37.0668 0x1ec4  iaStorS - ok
15:44:37.0677 0x1ec4  [ 11AC0355FE52CC8813EE6864DE7531E4, 4D77C451C230395E03B3DB592B1BDCDB8B2142961906A25F0FD070D3A8B670EB ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
15:44:37.0693 0x1ec4  iaStorV - ok
15:44:37.0706 0x1ec4  [ 62CD9FA7394BCDF7784CCEFC9D00C9AA, 2A09A921EBD998EC45470675FC8D803EAE5F9E2E16B9313591987AA574835CFE ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
15:44:37.0723 0x1ec4  ibbus - ok
15:44:37.0731 0x1ec4  [ F8CFDD8FED56E1261367A81A731BC1C0, 408187B2E7B403B47AF0D4BF089439D9BA3B3090A430983F77A55DEF2AB381DB ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
15:44:37.0751 0x1ec4  icssvc - ok
15:44:37.0936 0x1ec4  [ DE4DC38DB00470169C2CF6014FB86DCC, 5BE065A0732909C75FE7D2494CF6AAC3A3A12493BF5E57E44ECC19FA954168AC ] igfx            C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igdkmd64.sys
15:44:38.0166 0x1ec4  igfx - ok
15:44:38.0191 0x1ec4  [ FDD4A80116BE1B878EADD02AFA6DC896, 0821BE3E993CD2AADE030145875BD09A7B9D94826BD4E59E2047CA30BD5DB6EB ] igfxCUIService2.0.0.0 C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_250db833a1cd577e\igfxCUIService.exe
15:44:38.0203 0x1ec4  igfxCUIService2.0.0.0 - ok
15:44:38.0221 0x1ec4  [ 37D673A961E21BFF0143AE43C3E41DAC, 8F049E0CBCE994C17D12A6BE4EBBF2D0BF47FB96BA40C482232E9D77BBF6F88A ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
15:44:38.0251 0x1ec4  IKEEXT - ok
15:44:38.0256 0x1ec4  [ AA38C19A3D65E8228D822EB18037E19D, 54943929E398C67A5A9C72EA65F0FD7A06BB43F03A2291CAEA29443CD10C5169 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
15:44:38.0266 0x1ec4  IndirectKmd - ok
15:44:38.0291 0x1ec4  [ 310C18A371002983E7BF25BEB0333480, 2A251FDD552F2757059B49441BD6AC683FAEB254D828A792EA382B0D4070F1F8 ] InstallService  C:\WINDOWS\system32\InstallService.dll
15:44:38.0335 0x1ec4  InstallService - ok
15:44:38.0414 0x1ec4  [ 69FE611FEFE57AD7DAA9627D1F47AAE2, BC66AFFBC8354D4BC3D7BD91DCCF265EFAE202F296D581D8B782EC8E6F916C36 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
15:44:38.0514 0x1ec4  IntcAzAudAddService - ok
15:44:38.0537 0x1ec4  [ 9A8079FED84BA98E471102FA21DC339D, 2B0D55BFAE0822A0F75314D5B7DC3315BE74C5DAE802B61CAEA4942844B1CAA2 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
15:44:38.0557 0x1ec4  IntcDAud - ok
15:44:38.0573 0x1ec4  [ A0B66872DCF1BD5FDF5E26595D3A4A51, 76243493FB7CEAB10B540B693BB7E887F1F78B060FB339A99D4D5741A834B9D8 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
15:44:38.0594 0x1ec4  Intel(R) Capability Licensing Service TCP IP Interface - ok
15:44:38.0605 0x1ec4  [ D087B3CE15760ACEE7C09E99052DF197, 0C636DF08D58E319E570DFF961DD7D23985DD6A8E3008F13693A4BAA79B925F7 ] Intel(R) TPM Provisioning Service C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe
15:44:38.0622 0x1ec4  Intel(R) TPM Provisioning Service - ok
15:44:38.0627 0x1ec4  [ F1B552F7ACDF6E3E4DDDB76118CAFDE3, C4047BAAECF6FA3B73EB684F53C7F81A08AA39F42F8DC7C31BF35DFA93B7C647 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
15:44:38.0636 0x1ec4  intelide - ok
15:44:38.0640 0x1ec4  [ E6CC7C1E7CEDC81D6B15BF2CF4C99109, 1B181F55CD2E500468FE07C9BA6F20B207FA4B601C4971D1551B80A480D42EBD ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
15:44:38.0651 0x1ec4  intelpep - ok
15:44:38.0657 0x1ec4  [ 2CEF9DEB97B2CA327175EE8AD5F195A1, 1D6A3B47A844A235B73F8DC2BF872A943FE980480480843EDD5935307C115B3E ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
15:44:38.0670 0x1ec4  intelppm - ok
15:44:38.0674 0x1ec4  [ 917931A6116F03DB3CA56CFCE8634667, 27B661B6143F4AE94BF28DE1133001F95A451C18804F6DFED1D7D1F36B5E5350 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
15:44:38.0681 0x1ec4  iorate - ok
15:44:38.0688 0x1ec4  [ FB72A49FAD5C343C8C38948F92D87BBF, 3947D9393D6F4F104D2D07D5FBA61041A8D6006BE2497F2A6337462F8B04A124 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:44:38.0702 0x1ec4  IpFilterDriver - ok
15:44:38.0717 0x1ec4  [ 9064A49C03F1CED42EAC2B4636C87192, CF388E05EA782BC0645FD0B42A41C9334C074BE6D7C193FA4F9819905CBCEA9C ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
15:44:38.0747 0x1ec4  iphlpsvc - ok
15:44:38.0753 0x1ec4  [ 5C58142E0F1F8AA379748CC123BA7527, 1D6D42F2595DF3C0EE8FEF751F13119951A2D040D2B22A7F0CBD6083B49F8A37 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:44:38.0760 0x1ec4  IPMIDRV - ok
15:44:38.0767 0x1ec4  [ 7408B83959A4B8271EF67FD06A6B366B, C22DDB76AC3351A50B889AD7D2756EF8612450AC8EE72C88A1044691A0071BE5 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
15:44:38.0781 0x1ec4  IPNAT - ok
15:44:38.0786 0x1ec4  [ 7BEA2228C81FB6E1EADDD54D615B4C7E, 8640865C98F951B1B8D99E841D9A3FDC6E0251AFAC6B02F815DC409627A50112 ] IPT             C:\WINDOWS\System32\drivers\ipt.sys
15:44:38.0795 0x1ec4  IPT - ok
15:44:38.0801 0x1ec4  [ AD0574F12AA812340BD39071FD30AD1E, 765F1EDFEDEA1F2728108D7A1187A468F529A883886006F74DB9EAD0BFE7B1B6 ] IpxlatCfgSvc    C:\WINDOWS\System32\IpxlatCfg.dll
15:44:38.0813 0x1ec4  IpxlatCfgSvc - ok
15:44:38.0820 0x1ec4  [ 030AE3773151CFA728C67E38416FAD8D, 167E698035F2F07E822B430B31F02FABF3997BAC93039786747053344CE6E6D3 ] irda            C:\WINDOWS\system32\drivers\irda.sys
15:44:38.0831 0x1ec4  irda - ok
15:44:38.0836 0x1ec4  [ 79D02DC54AB4F85D2C13A728A0E36193, 3B6BA678ED269195D506D29EBD9E070603F02AC0FAA92364E7C553B8856C3EDB ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
15:44:38.0845 0x1ec4  IRENUM - ok
15:44:38.0849 0x1ec4  [ 6ADE9DCAF71DCD888320CA47DB8B05EF, 6FA1EBB3D025546AAD14D968DF7CABD3002598F2F561CCC1D4F07A9B0322DE02 ] irmon           C:\WINDOWS\System32\irmon.dll
15:44:38.0860 0x1ec4  irmon - ok
15:44:38.0863 0x1ec4  [ 38A6EC08D0067DECF7B5BA4C871B846C, 0FAB8EACA2BB4A0BF3895B6BB7CA9BCF74447CF640535A57998C6A4A35EAC030 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
15:44:38.0871 0x1ec4  isapnp - ok
15:44:38.0879 0x1ec4  [ 5529131AAB75E07D9295B19E20C54DAE, C2F2C7D33945C13DDC5EF540581772CEF73EFB23F19E6BCDBB6A99D8C96A302B ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
15:44:38.0891 0x1ec4  iScsiPrt - ok
15:44:38.0897 0x1ec4  [ C35FD802C800F3CBB4FD426D5A542A22, B2325956DB68222C5FBB43DFA0BF5EEC073470010E13997F2A5635CC89D66872 ] ItSas35i        C:\WINDOWS\system32\drivers\ItSas35i.sys
15:44:38.0906 0x1ec4  ItSas35i - ok
15:44:38.0912 0x1ec4  [ B358C0D03C59E31E646BE29C041119CC, 6EE98EE4A76275840154975F2CCE57C02C0660156B6550BA9CC4076FF48EAC6C ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:44:38.0923 0x1ec4  jhi_service - ok
15:44:38.0927 0x1ec4  [ 17F3B012B28F27E7B813A7B037A3D790, DADE75BB016438B7E0A11A1CF1FFA596C27246EF7F4E04D96366029C9F65F0C5 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
15:44:38.0935 0x1ec4  kbdclass - ok
15:44:38.0939 0x1ec4  [ 843B4BBD15DD0340C5C293CD419D4A76, F6D17CCE13697669DA4EF1F83E394F5496C437496E0E09307F8B615DE3216CC5 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
15:44:38.0950 0x1ec4  kbdhid - ok
15:44:38.0954 0x1ec4  [ 5BBB86F3F1700E0ACE1DF10F0EF7B227, 348FE61522F8C24F407F87D2966F62BD816DF27CD824AC103699CA66EE799640 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
15:44:38.0965 0x1ec4  kdnic - ok
15:44:38.0970 0x1ec4  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] KeyIso          C:\WINDOWS\system32\lsass.exe
15:44:38.0977 0x1ec4  KeyIso - ok
15:44:38.0982 0x1ec4  [ 65EF1DBF0132AE84A71B555E97445D4E, 5B48E8E469EA81B58DA11AF79006752A689089467320E5CC19E9DAFFFB60A6DD ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
15:44:38.0992 0x1ec4  KSecDD - ok
15:44:38.0997 0x1ec4  [ AF0FF52BDD15B6A60E71FC36975F26F7, 65ED8A570CA8AE8F72A7906427AEE83070BAD0BE200D68F0F3DAD56C6EB356D7 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:44:39.0007 0x1ec4  KSecPkg - ok
15:44:39.0011 0x1ec4  [ 10F2EBC1F1C4549C355781715DE47B66, 9D23CBA56245532D88396DF99C62A26E71A7EEEF7CD8BA98FFF9FD2804DDF946 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
15:44:39.0021 0x1ec4  ksthunk - ok
15:44:39.0029 0x1ec4  [ C4151271434A490707B4FD4E6AAE9EED, DDB809D002039645CDED08322B9CDCA04C483A119380098FF9EBA998A1A3811D ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
15:44:39.0050 0x1ec4  KtmRm - ok
15:44:39.0057 0x1ec4  [ 081D030BC669BDEDC68B8FE81A67E6A7, B5C1FA89ACAE1683A524CD14E2D7D6C3C1FAE0ABCD330841D493FC6DB0843798 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
15:44:39.0076 0x1ec4  LanmanServer - ok
15:44:39.0083 0x1ec4  [ 514E8BD07F42D95667F54777D57403D0, 3D024A18F7AC70A846FAB3255AA1048F8DD1DC4301F1B70B647B71F5E7A1AA24 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:44:39.0101 0x1ec4  LanmanWorkstation - ok
15:44:39.0106 0x1ec4  [ C2A49E8EEE7C3D06ECA80847A42F65D5, E1559EF96E6F2146E4AC0BE46CBFF5FA29829812A64A6F09803C00E3E0AAB1F0 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
15:44:39.0117 0x1ec4  lfsvc - ok
15:44:39.0121 0x1ec4  [ DB8F10ED986BFE0A5B663A1D067F2CCC, 88EE540F545C8838E9F855094A2A4AAC096BD24F77103E06464CCD77C3FCFFFD ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
15:44:39.0131 0x1ec4  LicenseManager - ok
15:44:39.0137 0x1ec4  [ 3CF979AFF0196DF3DF5E54DFC049EB1F, FEA82EF2AA4222171E80548EB00A4F0FBD27363B84AA9E6B8F82147C568BADEE ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
15:44:39.0147 0x1ec4  lltdio - ok
15:44:39.0154 0x1ec4  [ D6DD748EAC3BC540CFE65C73FE20C099, 8A79E1F1834D949D027B4D3471297ADFB539B9282DE5DF5FDBE60AE171F3CFFC ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
15:44:39.0173 0x1ec4  lltdsvc - ok
15:44:39.0177 0x1ec4  [ BD35F484DA59014D091736F8F10BFB42, 7004408EEE281BA707248369910483928A15F3304F4A8F594EA2E04D43929926 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
15:44:39.0190 0x1ec4  lmhosts - ok
15:44:39.0200 0x1ec4  [ E8CFAAEEED77EF4BDC0C213610CCF42D, 473A4006C793CF4061998F7C3FB330E88E23499B94AB9B6665C50768575B30B2 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:44:39.0213 0x1ec4  LMS - ok
15:44:39.0220 0x1ec4  [ 48380096385DB46E43D85CD92B9500DB, D93F4FDAA5A665E09004F7676E821AEAD0ED059F0E006FF73F02BB8FF1C0F9FC ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
15:44:39.0228 0x1ec4  LSI_SAS - ok
15:44:39.0234 0x1ec4  [ F708223E5829510DF0D5AF209D11C8B8, DE82ACC6D04092C22BA4E63CF527814467870A10B93D7E9B061DBA23CEF9424B ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
15:44:39.0242 0x1ec4  LSI_SAS2i - ok
15:44:39.0248 0x1ec4  [ 29C6CE40B2F724E9349D84486C53E6F9, EF11526F3333E71D4C09AE20C7A4BCEBC463962401E6F02D8DC361D55874504F ] LSI_SAS3        C:\WINDOWS\System32\drivers\lsi_sas3.sys
15:44:39.0255 0x1ec4  LSI_SAS3 - ok
15:44:39.0261 0x1ec4  [ B91BCC8F670F128A4BB826ACF2C2B9D5, D905232E3E49EA6CACE04CDB241D12CA9E84F106D15340C921B980610C1080FB ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
15:44:39.0270 0x1ec4  LSI_SAS3i - ok
15:44:39.0275 0x1ec4  [ FA31CDF977CD31AF9AEAAA422966ACC1, 705761786930A2534CD1B797F5F16F56F58647192175F5D19E13642A89462CAA ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
15:44:39.0283 0x1ec4  LSI_SSS - ok
15:44:39.0296 0x1ec4  [ 52B6D805C60127F0456DF019775F5740, 3005C49349072EDD68DBFC6DBF884FC75E060920EA3FA90A60C39F5A83939595 ] LSM             C:\WINDOWS\System32\lsm.dll
15:44:39.0324 0x1ec4  LSM - ok
15:44:39.0330 0x1ec4  [ E86400D7B6E095E89CF63667D94D3F50, 4E30374B82FB1D8904B9803109C4557C565023FA94C7AE61BB2ADAAACAE0E179 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
15:44:39.0343 0x1ec4  luafv - ok
15:44:39.0349 0x1ec4  [ 07514F5635999D7DDB5F3A62B5C5AEB3, D3717437D14C36873E2D0C1AA65F29EB9A5DB1DE60A7EE86A093FD126B7EBC05 ] LxpSvc          C:\WINDOWS\System32\LanguageOverlayServer.dll
15:44:39.0365 0x1ec4  LxpSvc - ok
15:44:39.0370 0x1ec4  [ 1CA48E995EE9BDAE7EE3601C792D8DA4, DC4EE789810D3993343F7085DBCFBE1E74B10A31B32C60964582E2F27B5D716B ] MapsBroker      C:\WINDOWS\System32\moshost.dll
15:44:39.0381 0x1ec4  MapsBroker - ok
15:44:39.0392 0x1ec4  [ BD3D311802427608403C5E73A8D6137D, C85DCB557E931E302AF90270731C3F5AA820CDF14D7DBACA95284FD9E4BF5F3D ] mausbhost       C:\WINDOWS\System32\drivers\mausbhost.sys
15:44:39.0409 0x1ec4  mausbhost - ok
15:44:39.0413 0x1ec4  [ 61C2D9790943D8E3AD05AE35E4A313EF, 96BBA5333F4AEEE41FAD28124DD448CFECD8111F931758CAB60FCB1DAA05E239 ] mausbip         C:\WINDOWS\System32\drivers\mausbip.sys
15:44:39.0421 0x1ec4  mausbip - ok
15:44:39.0425 0x1ec4  [ 61BCE12529E96E6F0335A2A8DEB83C61, BFDD1E52736311CF53AE9C778C664D37B5B711B544BC41BDFB137F7A9789AD2A ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
15:44:39.0432 0x1ec4  megasas - ok
15:44:39.0437 0x1ec4  [ 9A3412C550E64A0E6C3E0C8C3D733A5F, B66B4DF743DBA5AA8C0A0DE37669385A3914031E23FBE1B22545772BA19247EE ] megasas2        C:\WINDOWS\System32\drivers\megasas2.sys
15:44:39.0444 0x1ec4  megasas2 - ok
15:44:39.0447 0x1ec4  [ CA22763F12783A9C81C512ED747CECDD, 8D2403364D5479D89479FA0C23BB9511A4360F51504F78AA1675220CDCD21398 ] megasas2i       C:\WINDOWS\system32\drivers\MegaSas2i.sys
15:44:39.0455 0x1ec4  megasas2i - ok
15:44:39.0459 0x1ec4  [ FDB06D857FC43D654547BBB31D039DB4, 4CBE0F0FBDD88A5DB4F333466BB4E1C886E0742D41B4ED418587B40C4F59B307 ] megasas35i      C:\WINDOWS\system32\drivers\megasas35i.sys
15:44:39.0467 0x1ec4  megasas35i - ok
15:44:39.0479 0x1ec4  [ 230361AF74DDB91705284E024A22DF4F, 82F13E3E4A8B3CB6AE65C1C9F878702D16D101B0DCC79B9FF8368F9B87E0F285 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
15:44:39.0499 0x1ec4  megasr - ok
15:44:39.0506 0x1ec4  [ 0AC256421B38CEF110FD2C6A22421E65, 5D8AF9775DF9A1C3BA0AF87A042621B0587CA2F36BFCACEDF10F4CDCB0F0A2AB ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
15:44:39.0518 0x1ec4  MEIx64 - ok
15:44:39.0522 0x1ec4  [ 69259AFDF347B5F4AF06E900C4A1F62E, 167FF155F3E1B362A5D5FDB010A5F539F5E13CAD7E64E6F105CC770DA3639EEB ] MessagingService C:\WINDOWS\System32\MessagingService.dll
15:44:39.0534 0x1ec4  MessagingService - ok
15:44:39.0553 0x1ec4  [ A8931C3820D5F392D89176E0628E766E, 0F035833B1CBABDF9E5142F3E5EB6413DC7DDBF3A0562170018A8EBA20992CA4 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
15:44:39.0580 0x1ec4  mlx4_bus - ok
15:44:39.0592 0x1ec4  [ EB4D7C9354CB88DE4B085EA3EEA5BC76, DD842967ED5A9232AF34E68548C98F9760487D5626C9628A44598A97B28F24D3 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
15:44:39.0607 0x1ec4  MMCSS - ok
15:44:39.0618 0x1ec4  [ CA25F2D78FDD0D36E3F3071B4B317BD4, 21B5902EF802FAFA7DC6FD737CE9888C74526983FDCE31CDFAB11630E1476FD1 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
15:44:39.0635 0x1ec4  Modem - ok
15:44:39.0645 0x1ec4  [ 13142B3B30F633F407D5256B2FFCCEF0, 0A8DD229FD752E8B7E1D11E1A066BCF8B3E2023068AD731FF23ACBF4D182D23D ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
15:44:39.0664 0x1ec4  monitor - ok
15:44:39.0675 0x1ec4  [ 66C9CCC6A100ACF7A4514BD3091CE566, 1423EC39D4203D717B79BF2E5F4A89A0541CCEA2162351A670EA46AA69A0859D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
15:44:39.0689 0x1ec4  mouclass - ok
15:44:39.0701 0x1ec4  [ 6BE61DAF4CDC0E13940096EAC4A9F490, 954DA0C9FE3881030EC0B9A428C2C2BBC86353EC9421009AC48FDC047315160F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
15:44:39.0723 0x1ec4  mouhid - ok
15:44:39.0731 0x1ec4  [ 2CFB54C638F75E39FBB22723401A8A56, 5E4B1107534AF4ADCD031FC4931B6819B8371720A3D68B5C9788C2AB34DA2C21 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
15:44:39.0746 0x1ec4  mountmgr - ok
15:44:39.0768 0x1ec4  [ FDC3192A7C459D79F89EA6D00C382D5F, 519FF3A9EDB5DBDF00271B578C13E0A57A6867BCAC685C7705BD55748DCE0E4C ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:44:39.0780 0x1ec4  MozillaMaintenance - ok
15:44:39.0797 0x1ec4  [ BC7C041E5AB2D7F157731456188BFCF5, 8E2FDB34BD25A0D92692F584AD30419E54DE4349DC2ECF9B1FB15DB6C475A7C1 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
15:44:39.0827 0x1ec4  mpsdrv - ok
15:44:39.0875 0x1ec4  [ 9C7CE5CF0CDB6F41FDB96EF03754D283, A9A8B755EAF20C13FA32240FF71134020F21EF1EB7F033F385AA1F7FDB3CEF14 ] mpssvc          C:\WINDOWS\system32\mpssvc.dll
15:44:39.0911 0x1ec4  mpssvc - ok
15:44:39.0946 0x1ec4  [ C12373EC998C6F17C0FE2D6C3CBB9C04, 5F41757D6774B2DCADB340430B26C2C1BA93D7A47948DA92023622B66BB7B482 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
15:44:39.0967 0x1ec4  MRxDAV - ok
15:44:39.0979 0x1ec4  [ 6C321DB795F5EF5FF870737177825FC9, A8E0049A0E3FF273383383E397F5E8C3D3D3462C4C699E92D012B3EA1590BAC1 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:44:39.0995 0x1ec4  mrxsmb - ok
15:44:40.0004 0x1ec4  [ E59589471F58AF1413B18A6817769B15, E49BCE14F3FF07BDA72C1AE6AD51B9C7982E61DED3CEEA8BA3AF3F54885918CF ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:44:40.0027 0x1ec4  mrxsmb10 - ok
15:44:40.0033 0x1ec4  [ 42FE3D84EFE835443151DC2A50D05643, 3582EA0CAA2A02AA9A6FDECF9DE0F962BF10FB1C2E7E804A3F0D62C4A4C365B1 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:44:40.0044 0x1ec4  mrxsmb20 - ok
15:44:40.0049 0x1ec4  [ F14DE177087F9E990EDE95ACE1F94662, E0B8C7DAF8C13CAD08B974D681981038E33ED8871717C550477EDCFD05A3B96D ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
15:44:40.0062 0x1ec4  MsBridge - ok
15:44:40.0069 0x1ec4  [ 9A94F32C1DC90A7E5A35D0F820A8FB1D, 4CAFCE804D9135BE9CBF80307D570F24E4A102890DAB504E3DEFF3B335C9B80E ] MSDTC           C:\WINDOWS\System32\msdtc.exe
15:44:40.0084 0x1ec4  MSDTC - ok
15:44:40.0090 0x1ec4  [ 128E1D8C23F690DF1DD7AFDB214DB6ED, 9A04B77E91956B76B2FA2FE5F192C794E0C1DA708AE99B64B3B3D39902452E39 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:44:40.0101 0x1ec4  Msfs - ok
15:44:40.0105 0x1ec4  [ 5A5ABA987943317300A4E55A5C5EB8C4, 9AC863F537BBB2D776C3F240B510DEE94BD84A7675C695D1270770609E77F65B ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:44:40.0112 0x1ec4  msgpiowin32 - ok
15:44:40.0117 0x1ec4  [ D727DEA75E316C80793C7098225D3F56, F6E7F01DDDED03E29BE64796873875A4CC7215B3C8152192A465EE2E76FFC8A1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:44:40.0126 0x1ec4  mshidkmdf - ok
15:44:40.0130 0x1ec4  [ E12A703CE10B068727499276340D5296, 67F513A83D896DBF014D7446D66F1A1F9F0D03ADB23B57FD1A3CCC880ED50299 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
15:44:40.0141 0x1ec4  mshidumdf - ok
15:44:40.0145 0x1ec4  [ 8E42D6B92CB4567467E29F58F2E31715, F1EEB6811526C079EF8C3702A535B23FA14C5A33CA2B14C9A65BAE136568B724 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
15:44:40.0154 0x1ec4  msisadrv - ok
15:44:40.0160 0x1ec4  [ C9930B9F2ABF42C732202813951A9A26, FFCE4E4FEC9F8393C75828C1D5CC380A666D4606891789D3A6923CE6701D5D99 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
15:44:40.0179 0x1ec4  MSiSCSI - ok
15:44:40.0183 0x1ec4  msiserver - ok
15:44:40.0188 0x1ec4  [ 2F3B9A23F8DEE9C3AD58CB3D966D83DD, C030A6376B392AA2D9CB8FF16196A4F71F4E7A3E32124B4B30D714D75B6583B2 ] MSKSSRV         C:\WINDOWS\System32\drivers\MSKSSRV.sys
15:44:40.0200 0x1ec4  MSKSSRV - ok
15:44:40.0206 0x1ec4  [ AECFFBE104D428E8A74BCABF5B3B9912, EA94A7FA1F9BE357311E411293F4D3CC8F80ED1523BFE362DA56A3C2AC65DF58 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
15:44:40.0220 0x1ec4  MsLldp - ok
15:44:40.0224 0x1ec4  [ 83364A92271339D8042C9DD5FD938A84, 23B9A90411DEF1ABA0A9EBFA6CC39F7EA2BFABD578F3783AD398551816AFEC2A ] MSPCLOCK        C:\WINDOWS\System32\drivers\MSPCLOCK.sys
15:44:40.0240 0x1ec4  MSPCLOCK - ok
15:44:40.0244 0x1ec4  [ AE5A4B89CDFF544B6481970BFD48A056, 6BE9ABE33305387AA61B29AB075C2C72CCFC01A7E86C573B6BE9B4A0FFA9D3EC ] MSPQM           C:\WINDOWS\System32\drivers\MSPQM.sys
15:44:40.0255 0x1ec4  MSPQM - ok
15:44:40.0264 0x1ec4  [ 999433544A4136A9B879C98049821EE6, 757B1EEE1BE010E06140D3F99F755F482782940D829BD7E00877775D9263C534 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
15:44:40.0280 0x1ec4  MsRPC - ok
15:44:40.0291 0x1ec4  [ 234715501CF129ECD718D70FDA074C57, C2FB3ACE1CA3EB6BAB907B2452422C9C79C0BDDD6F4AF093E9F5144AE639AB83 ] MsSecFlt        C:\WINDOWS\system32\drivers\mssecflt.sys
15:44:40.0304 0x1ec4  MsSecFlt - ok
15:44:40.0309 0x1ec4  [ 4566CB65F176CE5CD8FCA487D2E3A64B, C058E431ED6D3F83A6C923648A79664A61A25F8797DA83C4AE25B491CC195F30 ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
15:44:40.0318 0x1ec4  mssmbios - ok
15:44:40.0328 0x1ec4  [ 19A4299BE5BFA4288D31A2847AC7BF1B, 6E8DBDBFFDA5EB5BC8D42B6015F2A62CF328D6131431493FB1329C1B5869DE6E ] MSSQL$MSOFT     C:\Program Files\Microsoft SQL Server\MSSQL12.MSOFT\MSSQL\Binn\sqlservr.exe
15:44:40.0341 0x1ec4  MSSQL$MSOFT - ok
15:44:40.0346 0x1ec4  [ 8A11E03B32840C0B73C14D16794F1A8A, A003C44F5234522454E285D388E506B7880CCE5FCE5622618F97C2DFFC6EA9DB ] MSTEE           C:\WINDOWS\System32\drivers\MSTEE.sys
15:44:40.0356 0x1ec4  MSTEE - ok
15:44:40.0360 0x1ec4  [ 794285C4F166B8108292E63FEA3C41E3, 69BB7DDB7D6F3D21395432384FB06E114B2C343664CD62A5DE1A95FBC0F5AEDD ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
15:44:40.0369 0x1ec4  MTConfig - ok
15:44:40.0374 0x1ec4  [ EEB9D3E90B83546864211D63C1A0A74A, E67118F7B91A192B50C9C2DC159B4276BBD8BF9CC935ABADA459E4DF4191066A ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
15:44:40.0384 0x1ec4  Mup - ok
15:44:40.0389 0x1ec4  [ 69CECA6726FAD321F5643B16A1FF3934, 8F43BEC668DD0A1D65D3B545B78AF4324AE36DCC3524B7CF3385FE2B19CB6B07 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
15:44:40.0397 0x1ec4  mvumis - ok
15:44:40.0410 0x1ec4  [ 84E984CE780DDAFDC1460C0DDBDE0DF3, DDDACF273B2D2FCF4D64E44149CBBD1437FB4545F86A11CDC6DCBCCB75C8D8C5 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:44:40.0431 0x1ec4  NativeWifiP - ok
15:44:40.0447 0x1ec4  [ B281FAC1C60FE21ED3F635ECF673A981, 6641CCBD38AEF3FA5D9EDD24F01AAB6509AD6D3927371CD7938C04B3BBC92FD1 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
15:44:40.0478 0x1ec4  NaturalAuthentication - ok
15:44:40.0485 0x1ec4  [ 6FEC83EDC4A3D1E99039CA1D96AD720D, F6DB011FBED10EAF8CCDC9EDDCB47F728B6B17A6A3CA5D6DB5DE50EEFE7DDD4D ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
15:44:40.0501 0x1ec4  NcaSvc - ok
15:44:40.0510 0x1ec4  [ C3D3E2DFBD52C48EA787604F49060A5C, 0F5E3C9E63F6421398154EF942182FE67CCCCE6DE25B1EE2A30A8E6E3C17145A ] NcbService      C:\WINDOWS\System32\ncbservice.dll
15:44:40.0530 0x1ec4  NcbService - ok
15:44:40.0535 0x1ec4  [ 9AB04C4C14B32D127DB6E7D3DF79FF26, DAC84CBDF605C43657CDA1B95A86DC0D55E236A75BFDA3041472C5D6222EB025 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
15:44:40.0546 0x1ec4  NcdAutoSetup - ok
15:44:40.0553 0x1ec4  [ AB9EB3CADF4D415B598487397476A23A, EA48BC5CCD9814F6CA50485818BA150A1066D462306764C197935A926DF0565E ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
15:44:40.0562 0x1ec4  ndfltr - ok
15:44:40.0585 0x1ec4  [ B789E690ECC436F61F91BD7160C2115C, A8EE584CEAEF48BA549AC32C5DCB09D459555BCA74FA12C0738B27225EC2BC97 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
15:44:40.0617 0x1ec4  NDIS - ok
15:44:40.0622 0x1ec4  [ AF73B18F3096B165A6F4417C5ED36B01, B0FA9E52D7208F756103E2E853F1D17F594C9FDD2E76304743C581613E612449 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
15:44:40.0632 0x1ec4  NdisCap - ok
15:44:40.0637 0x1ec4  [ 1A9B1F5B8B131CE461A01C9424E149D7, 66E3F49308DF111B5D5DBF57F11A05E0B9492530587E37C6729C46AED17647D3 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
15:44:40.0649 0x1ec4  NdisImPlatform - ok
15:44:40.0653 0x1ec4  [ 4C8BBD7EE829CE9BFB8E21134AC477E0, ED8E0D603AFFA4BD7C7057B7B10FEB811B89CB8C6D66EC8212AC24062D58CEDB ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:44:40.0663 0x1ec4  NdisTapi - ok
15:44:40.0669 0x1ec4  [ 76DB7B344F90A29A16CB6B7C67B87CF6, 921E6AF5B22CF3A9E153F6A6F5E3FFE64BE49959AD705F865D2734B0F8A07517 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
15:44:40.0683 0x1ec4  Ndisuio - ok
15:44:40.0687 0x1ec4  [ A76D79B71300EB3FEDD3D12D4C6F1D76, 9B20C3716DDD9EECCDDFA2C4F1A9ACA512B612A8CDFC8C22B2F867280AE51A3B ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:44:40.0696 0x1ec4  NdisVirtualBus - ok
15:44:40.0704 0x1ec4  [ DA9896F6ED9EAFDAC19177ADF99DD932, A89EA83567059A59058C0330951B292C1FD98A829276618703570293C73E2FFE ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
15:44:40.0719 0x1ec4  NdisWan - ok
15:44:40.0724 0x1ec4  [ DA9896F6ED9EAFDAC19177ADF99DD932, A89EA83567059A59058C0330951B292C1FD98A829276618703570293C73E2FFE ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:44:40.0738 0x1ec4  ndiswanlegacy - ok
15:44:40.0743 0x1ec4  [ 934E4A5CFD9CB891CD338052FA3467C6, 0D7C1709E6C818E2DA969220C888BF3A28D0952E73322EDDFF66AFEEB03A3103 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
15:44:40.0757 0x1ec4  ndproxy - ok
15:44:40.0763 0x1ec4  [ 0E3B0F3645D1BAE79397C66FE8AF6402, 6568FD9646FE7C7D61D280C26097583EFA2FB9F59D43340A7283BEAD3A5CC206 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
15:44:40.0783 0x1ec4  Ndu - ok
15:44:40.0791 0x1ec4  [ A704515CF3038668E9E2CA66E31A0700, 0F5A75AC5FF8E021D15D89ACE4C4D215825D931097E1BB633F46177E36F40157 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
15:44:40.0808 0x1ec4  NetAdapterCx - ok
15:44:40.0814 0x1ec4  [ DD09E3115DF2CDB36FED21E67149EB91, F2FAD5091F456E593FB25843026C5F2440D3605E5355F5FEFBFEF5E9E70DDED6 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
15:44:40.0826 0x1ec4  NetBIOS - ok
15:44:40.0839 0x1ec4  [ A6C01E478CD9ED26F6FB7ABCF9A2C773, 9524D6BC0F3360311A8C887B7987949BC1B24606BCAB92532C59AA61B364F0D7 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
15:44:40.0861 0x1ec4  NetBT - ok
15:44:40.0866 0x1ec4  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:44:40.0876 0x1ec4  Netlogon - ok
15:44:40.0883 0x1ec4  [ C3D07481FDD607F9B66B2CF1D8E26EF0, 5B20EAE39884B103F83A36E9AA55BA8932432344C7BADB11D8B827C07C7999E4 ] Netman          C:\WINDOWS\System32\netman.dll
15:44:40.0903 0x1ec4  Netman - ok
15:44:40.0916 0x1ec4  [ 9D7149C9E3487CA71036D21FE153CADF, 479E887E067319537331735AB2E29169038F61A4A3E4E58C084897DC78DF9E22 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
15:44:40.0947 0x1ec4  netprofm - ok
15:44:40.0957 0x1ec4  [ C8B1AF912319FEF251288BDD27E9576D, 0A8C2CDE353C23F076F6ED8609F3074116179B3C8BF7700324250689FDB2331C ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
15:44:40.0981 0x1ec4  NetSetupSvc - ok
15:44:40.0990 0x1ec4  [ 7EC8B56348F9298BCCA7A745C7F70E2C, F677CBD94ABE25AECF08ECFBBDA063A9C032C678327A0D105CB6B3E587C44C19 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
         

Alt 30.10.2018, 15:58   #12
Twinny2001
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Code:
ATTFilter
15:44:41.0001 0x1ec4  NetTcpPortSharing - ok
15:44:41.0008 0x1ec4  [ DA8548D75434CE421BF921BAAC0916D9, 3A7E1D5EC02D6D4FD3321A1B8ADB20E99DD556E2D5FE1C98633F06EE6A023A23 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
15:44:41.0024 0x1ec4  netvsc - ok
15:44:41.0037 0x1ec4  [ 162A571ABAF9546339EE0BB482FF6AE7, E6E590B628AA65D161D7A87C9CF360D905FCC858E73EE1C4723FE217E8A91EA2 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
15:44:41.0067 0x1ec4  NgcCtnrSvc - ok
15:44:41.0085 0x1ec4  [ CA8AD24C34F990C93846D4D9DDDC9E58, 8509062782423D978CBF498731043B1464C2A84524025B08AEA2BB0A51400C31 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
15:44:41.0119 0x1ec4  NgcSvc - ok
15:44:41.0129 0x1ec4  [ BF69FF80C3975B1D1E9428A689A16CB1, 670016D59D2169B44E2EF4CBDE281A34C4E868D2465362B09FA2DBFA393A2804 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
15:44:41.0156 0x1ec4  NlaSvc - ok
15:44:41.0162 0x1ec4  [ 7190932DB00BE83B57C01B5EAC4D746B, A3C7C87874620E042EFCDF64332450ACEDD4FAB7F6C1B2DE97A1C6EDA2DA3055 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:44:41.0177 0x1ec4  Npfs - ok
15:44:41.0181 0x1ec4  [ 218DB396170D77BB94F69B526CC51B8F, 6AACC3C38E22061A210918771D3B087903CB7024AFBD013827864C02CD75A3F9 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
15:44:41.0201 0x1ec4  npsvctrig - ok
15:44:41.0206 0x1ec4  [ 457DAC0D0978F5391E0742ADCB4C2E28, AD53F2FC597E90AFF0795655A36192BA803AD1E737C86FD216CD39E2EC4F9C36 ] nsi             C:\WINDOWS\system32\nsisvc.dll
15:44:41.0222 0x1ec4  nsi - ok
15:44:41.0227 0x1ec4  [ A4952889D7C5804F17ABB9F454A371C2, 0FCE2AD4F705805D95993337915607F74CE2AA9EC92919DDE3D2569D6B9B5C13 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
15:44:41.0241 0x1ec4  nsiproxy - ok
15:44:41.0288 0x1ec4  [ 8AA13C67D70E9452B55B7A5C8B96BD36, 01E69E7E0EC4A6C2DC4736A01188348A8C5B17A6D1B443212173AE4A7D93BEDB ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
15:44:41.0358 0x1ec4  Ntfs - ok
15:44:41.0365 0x1ec4  [ C029E5408EEE26C3B4E5BA5D29738DB8, 8463A19A690304DC757E7698FCB59902B6305A0E9C48BF2FB2DF24C1EFA4A6EC ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:44:41.0382 0x1ec4  Null - ok
15:44:41.0389 0x1ec4  [ 189E5FCB96ABFEA84239A16062256EE4, F3233B1B14363CD4CD032F43368FD10A42C0BE665F4B13A7E253C327C2B832DB ] nvdimm          C:\WINDOWS\System32\drivers\nvdimm.sys
15:44:41.0405 0x1ec4  nvdimm - ok
15:44:41.0411 0x1ec4  [ 1F50ED95984009BF3634D6BD1A16FA5B, 650A25B2419331D95B1E4C26DE253AC3500374EDEFC5DB55CD5D5884A26783F0 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
15:44:41.0425 0x1ec4  nvraid - ok
15:44:41.0432 0x1ec4  [ D6C14906B78F235461EEF96A886830D4, 5D0EDE46EB9965C494B994F7071696C91C0C01352D1B000501E7B55F54F11952 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
15:44:41.0448 0x1ec4  nvstor - ok
15:44:41.0459 0x1ec4  [ 9DBC464AB85AA48C9760C6C2E591E2D3, C9D718F8BE838E13F7488F1E8DAA79809340235A5BA5BF206C1C3DBF0A5DDB48 ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
15:44:41.0484 0x1ec4  OneSyncSvc - ok
15:44:41.0493 0x1ec4  [ 73E08C979158F59DE0600AFB7AB6D81D, 96F74E675175F193F6A679D42B570EAEFB255CAF245B0A3F11810D0A4ABB8174 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:44:41.0505 0x1ec4  ose - ok
15:44:41.0516 0x1ec4  [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
15:44:41.0538 0x1ec4  p2pimsvc - ok
15:44:41.0548 0x1ec4  [ CCD10679BA0D9EF549F80C458C2AD1C4, 7B433FEE4BEA69C28A98F4BFBE5FA603DB2CE1DFCF229EBB4D9B7A0FD159FF04 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
15:44:41.0573 0x1ec4  p2psvc - ok
15:44:41.0579 0x1ec4  [ 13B175715A4391E4E5D2AB2EBC8CDBB5, 12BA91A586C5A31FBECEB2D4842E52F79EDD3E2AD4DB169C902B9A120AEC0201 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
15:44:41.0593 0x1ec4  Parport - ok
15:44:41.0600 0x1ec4  [ 428B9FAFB0EE6EF66EAAB7B49A96487A, 90892AC924B529B86B42D011B2B2F0556E204650C890FDACABD8051AD6EDB631 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
15:44:41.0612 0x1ec4  partmgr - ok
15:44:41.0627 0x1ec4  [ D0D8F07883CE4C96B41469071DA4E58B, 237B128D8B20101A6AE0BAD2689FEF58A14807A2DB87AEBB21E2F8375F082BB1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
15:44:41.0645 0x1ec4  PcaSvc - ok
15:44:41.0656 0x1ec4  [ 2F6ABEFAC455D4A5AE116CD45086E736, 4719F9C9EF0C9B475D8A09AD56EFF4F02EC4FCF6DDADEFF88903937F82A1F76B ] pci             C:\WINDOWS\system32\drivers\pci.sys
15:44:41.0670 0x1ec4  pci - ok
15:44:41.0674 0x1ec4  [ C447CDA030A3415711E4E940D2E9B399, 292888AE9D44013D8B12BB1D8803988EFF64957DE682B64FDC82E100646390DA ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
15:44:41.0681 0x1ec4  pciide - ok
15:44:41.0688 0x1ec4  [ 753174DF234EA8BBF732986D5F78FCE7, 6BE93B24DA2161DAE5ECBE393729BD4661F04CD0CDEBEBF6D92E9E212FA89D71 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
15:44:41.0701 0x1ec4  pcmcia - ok
15:44:41.0705 0x1ec4  [ 1D05B6DE437515281CD91A16C16529E6, 0FC581E40AF55D916CF428ECF4387C1E909C3361426F1D9F723F9497C9B025D8 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
15:44:41.0715 0x1ec4  pcw - ok
15:44:41.0723 0x1ec4  [ F5F1A092463D6E46E71CC709A65403D1, 9EEB499D54842667B4ECF1036E28926C8AD20515333373D2965C57BC2C7EAD4C ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
15:44:41.0735 0x1ec4  pdc - ok
15:44:41.0746 0x1ec4  [ B57E7BC6F646E6D2A1EC2CAF61F58008, 8BEACD67E31F423837148A97C419903209B909983D2CE757A81EE3DA7265FFD6 ] PDF24           C:\Program Files (x86)\PDF24\pdf24.exe
15:44:41.0759 0x1ec4  PDF24 - ok
15:44:41.0776 0x1ec4  [ 42B12A76D3C98AE69C97727E3BEC7D8A, C878A05A9817F62514432685FAA795737F628EF7258EC5C7846045E1CAB2DF6E ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
15:44:41.0813 0x1ec4  PEAUTH - ok
15:44:41.0853 0x1ec4  [ 05A0A1AC00A8653B49F94381872D47E7, 75B7E616D08D6D8BD964953B5CC342E72E35D8C660E2F97BD36ADA59130169F6 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
15:44:41.0929 0x1ec4  PeerDistSvc - ok
15:44:41.0938 0x1ec4  [ CD9BA1C279BE0E92E971C2B45A7F3D9B, EC6546868718771EE45D07E9E856E5F33DD4339C1115E4479D7DEF4394D141D0 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
15:44:41.0950 0x1ec4  percsas2i - ok
15:44:41.0957 0x1ec4  [ 6D5EA79E82A48B181E18C2C39416E8C8, 4F5EF24FFFABB82B1E9D98DE3275508D458589F729C4976FDB3C2EC51549D414 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
15:44:41.0971 0x1ec4  percsas3i - ok
15:44:41.0985 0x1ec4  [ 185100798FBD23C849DC1C00ED43D99D, 10895ADE339744BBABDFB50BE6025217C02C76B1911C2C8740A57912385B38DE ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
15:44:42.0006 0x1ec4  PerfHost - ok
15:44:42.0030 0x1ec4  [ 1206779B445417A29B33FCC7230CD28C, FCC61CF4F27F0585F267D37324CBCDE2DE20C3EB34E87256F59997F0984C8EDE ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
15:44:42.0069 0x1ec4  PhoneSvc - ok
15:44:42.0092 0x1ec4  [ 807ED476A62E79935315342BD3FAA046, FF56FC79C6B6043A10C123CF85A8DDA0B8564E03D49AD5811DDCBB99823C4836 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
15:44:42.0116 0x1ec4  PimIndexMaintenanceSvc - ok
15:44:42.0150 0x1ec4  [ 4E614DBE28B5857F70DEBCC804629E67, B93C42FB96BBA0577CB892274905352AE4A6DE257F676D6A23CE0297F945D7E7 ] pla             C:\WINDOWS\system32\pla.dll
15:44:42.0209 0x1ec4  pla - ok
15:44:42.0216 0x1ec4  [ DBD6E8A5C358AAA3B4900EFD5CF94CC8, C8261CBE358562B3F31ADA0567723E0118A8687DFC8939FABC65E61C38BFE20B ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
15:44:42.0234 0x1ec4  PlugPlay - ok
15:44:42.0239 0x1ec4  [ E8BE4041A69023B6A4D1096EE8436347, 133BAA21852D077EA600F0A09C112F6511ACB792757472891E71185E94135D5B ] pmem            C:\WINDOWS\System32\drivers\pmem.sys
15:44:42.0253 0x1ec4  pmem - ok
15:44:42.0257 0x1ec4  [ 99ECEDA6B2E1FDB6892FBD5AED1E5D99, C970DDDBDB4AF8C6A1AA92D780B82920B4922304649509075CF14A2AB86C3CCF ] PNPMEM          C:\WINDOWS\System32\drivers\pnpmem.sys
15:44:42.0268 0x1ec4  PNPMEM - ok
15:44:42.0272 0x1ec4  [ 75690F495CEDBEF3D5989828AEEAE832, 3257E7261DF8F39CA4988BBED3060B9E8A5988978F66A4B1409E08F65B262FED ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
15:44:42.0282 0x1ec4  PNRPAutoReg - ok
15:44:42.0291 0x1ec4  [ CD5ECD6470B6B235B73569A091150299, FAAE20B0F2F15ADA5B3F5F2BBBFEA000A95EC8A64B37C9364145CE04EE204352 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
15:44:42.0310 0x1ec4  PNRPsvc - ok
15:44:42.0323 0x1ec4  [ 9744ADAF8DD679D64A33D828FABA39E1, AE820E529697A2F308E6A24127B3D4A7F02C406DA46A6CB65243EC3F6B400950 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
15:44:42.0351 0x1ec4  PolicyAgent - ok
15:44:42.0359 0x1ec4  [ F39D3876C731BB01BFE8F574188837C8, 51CB5E89397D6A150A05BDD53CC9B90B419A040BE1828C2E7BBD6684FE371588 ] Power           C:\WINDOWS\system32\umpo.dll
15:44:42.0381 0x1ec4  Power - ok
15:44:42.0387 0x1ec4  [ 1FB09FD846D5030B82EB345E9970A105, 871D38DD966EDD919B2E0C51125E1834A15A0222E2452605988BFD7E7B37C5C1 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
15:44:42.0402 0x1ec4  PptpMiniport - ok
15:44:42.0465 0x1ec4  [ AD62FCEC1CB8ECD7C0E3DFD2FA79FDE4, 6372FC5E78A2DDB8AE6EB73BEB5C0D4056FB6BE9F231A36BAC37AE970F5EB247 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
15:44:42.0575 0x1ec4  PrintNotify - ok
15:44:42.0587 0x1ec4  [ A60202AE474E2173ED91118DD73ADAAD, 6AE315E1DD9E3B03E48B8848FCB0CDD506080F0012DE478BA99D102F91E968E6 ] PrintWorkflowUserSvc C:\WINDOWS\System32\PrintWorkflowService.dll
15:44:42.0602 0x1ec4  PrintWorkflowUserSvc - ok
15:44:42.0611 0x1ec4  [ E0E55CDA29C80A9520FCFC78D7F8A73D, 9DE15A73643D71183E568F8F4DD8776D935786BE46F15BFE2DFD607378FC9E58 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
15:44:42.0626 0x1ec4  Processor - ok
15:44:42.0636 0x1ec4  [ F96AA93B40D4670016DAF8C8F0D1BCB5, E8B77B271FDD6036F44EB9F7B7D270E754E69914F91E19512BF038FC3EDAC04F ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
15:44:42.0661 0x1ec4  ProfSvc - ok
15:44:42.0667 0x1ec4  [ E4BF8BE7B3711BCBBC95EE983C0236F4, A71C09D83034C96F7ED4DB58F7388F8A13C7FD1A3F41FE8EEC553C42B65DFFC6 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
15:44:42.0676 0x1ec4  Psched - ok
15:44:42.0685 0x1ec4  [ 114C1662EBF3C52B0FF52EAB1D9787BB, 6EB1871F69EF4CB1A8FBFA9D73050E5253861D4BF8DC8999B652EAAFB04DD10D ] PushToInstall   C:\WINDOWS\system32\PushToInstall.dll
15:44:42.0704 0x1ec4  PushToInstall - ok
15:44:42.0713 0x1ec4  [ 8AB5F41584C98047ABEF490FC1E31F7E, F8480F9D9C1A60901975C529CC0911ED592834AB1068FADD88B15E6497A59221 ] QWAVE           C:\WINDOWS\system32\qwave.dll
15:44:42.0736 0x1ec4  QWAVE - ok
15:44:42.0740 0x1ec4  [ 00F72861538B6C4E925A21BAE397A49D, 6847E2332CC8573850428CC7E3A73B2DA0274977F53BDDF7DBA68D223A501CC4 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
15:44:42.0755 0x1ec4  QWAVEdrv - ok
15:44:42.0759 0x1ec4  [ 0FFABEB2D06CD74DDE0BCA510EEAEEBC, 8598F39D312754C92A3776104D596F0C0312712D934B9994B2711F95FA6FE0AE ] Ramdisk         C:\WINDOWS\system32\DRIVERS\ramdisk.sys
15:44:42.0770 0x1ec4  Ramdisk - ok
15:44:42.0774 0x1ec4  [ B834761352403111D0113284D8736025, 444D05D5F4CED956AFE48CA29CD59420BDB2B14336D19BE2A28612A851EACF4E ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:44:42.0788 0x1ec4  RasAcd - ok
15:44:42.0793 0x1ec4  [ FA99CE309B66586A0AA6EF9CFF7BC467, 4684EB05828C2153FE94468E7A9A75D8C81F90E700B437C5990BC9451AD39AC7 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
15:44:42.0810 0x1ec4  RasAgileVpn - ok
15:44:42.0816 0x1ec4  [ C7CCE345D0010B3B9AC5067578436BFE, 4473E7D0492B7F0214576861A6AD90363D7F826B5E0DE15A56E93DA94BBF19E7 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
15:44:42.0835 0x1ec4  RasAuto - ok
15:44:42.0840 0x1ec4  [ 775ED7E51B58CF9EB415A1DBA540DACF, A3035A8A299D35B7A24A347FB8A2DB6B5892FD2A181D90F64CCD4806EA154395 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
15:44:42.0857 0x1ec4  Rasl2tp - ok
15:44:42.0877 0x1ec4  [ 99FBEBAA9F9B674232235794E992111A, F8737540DFFA65349A7BDF0DFA4C1AE9D65D38B16F1380906F9AAAC5F35651EF ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:44:42.0909 0x1ec4  RasMan - ok
15:44:42.0914 0x1ec4  [ E2433A620ABF4083157944E4692C500D, 126CA9F9D38FB4FA312A82FEA24C13D0693407384B1BCD55A0CBEFA8E52E1D8A ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:44:42.0926 0x1ec4  RasPppoe - ok
15:44:42.0930 0x1ec4  [ EE5D1D51FA74ECCE57CF2DB8F6A417D8, CC295366C60CAECA7CC32903E3A983635B55A5F5FD6E6BC4FEFE997B8154345C ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
15:44:42.0942 0x1ec4  RasSstp - ok
15:44:42.0952 0x1ec4  [ FAE36F13FB402CEF308D372A0F5E57C8, F1D0081332E69C42F72B30A042E258396D0A58F455968523EA22147523B55EFE ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:44:42.0967 0x1ec4  rdbss - ok
15:44:42.0972 0x1ec4  [ 206AB796793FDBD518B82E2F308A7176, ED0DBDE7106970F217F4FB1FB184B6795A16356C879C17E0910840F64F292809 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
15:44:42.0982 0x1ec4  rdpbus - ok
15:44:42.0989 0x1ec4  [ 3DE4216324BE32FC3AF7667AE2406EE5, B2E3C47983C58B32E07E251FF729670B5D481249EEDFD3A3EFB0F8734673F1F6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
15:44:43.0004 0x1ec4  RDPDR - ok
15:44:43.0011 0x1ec4  [ 0600DF60EF88FD10663EC84709E5E245, 48572DC0C644E13BD1713E29E522763EB4E00337ACA64D1392960D17EAF8923A ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:44:43.0018 0x1ec4  RdpVideoMiniport - ok
15:44:43.0026 0x1ec4  [ 65652EFAAF4A8A59E60A2D7BE15317E8, 83A9A8506EF4769625EF0EF43B93906A6FBD9133E52C12B17A68B89DAC68D026 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
15:44:43.0040 0x1ec4  rdyboost - ok
15:44:43.0071 0x1ec4  [ 3DCB3FAFE46B9FE41C9065EBBED97724, AEB08C8C1E6AB6181A5F2B540F913B59A1256AF0E6D5355C4AC7DDBA0BF0F20B ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
15:44:43.0116 0x1ec4  ReFS - ok
15:44:43.0135 0x1ec4  [ B76350D40A46DBA17205F8373528FD83, A599A9B1297B5D70632A9EF23E9771BA646672A1B0E323144EDE906CCA172EB7 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
15:44:43.0161 0x1ec4  ReFSv1 - ok
15:44:43.0176 0x1ec4  [ 980F60634FAF9C58FC468AF9AA609D68, 7BA03FE851F78D5DC9062ACEADF194ACB4F8F56C9D496B17D846CE1E4373B404 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:44:43.0199 0x1ec4  RemoteAccess - ok
15:44:43.0208 0x1ec4  [ 106E630F1B2A8BF2BBD4508D9B166406, FAFBE21EC61B97B4B825285EBA0F661382A95119E1740EE4FB9A1F6FB3C0F5F7 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
15:44:43.0223 0x1ec4  RemoteRegistry - ok
15:44:43.0238 0x1ec4  [ 53BE6D9C36A9CB95A1568C24D44A8A34, DD8245F87B9D4203F56595D6ABF9F1E74EA071D4B7BB0469A293CA9E20BDA246 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
15:44:43.0269 0x1ec4  RetailDemo - ok
15:44:43.0277 0x1ec4  [ 3D4F4CCE0364CD3F1B539D2630686F24, 620EFC53D6F5279AEF4748FAE22F7239E7855D1F5C79B85F6CB54EF51C516408 ] rhproxy         C:\WINDOWS\System32\drivers\rhproxy.sys
15:44:43.0290 0x1ec4  rhproxy - ok
15:44:43.0295 0x1ec4  [ ADA13EBD9C23C51876A5B2EADF7F2E29, D08E6A907DE5DC6F51CA71CBF7886FE7D8C6FB09154B633D86CDBE9C311361A0 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
15:44:43.0310 0x1ec4  RmSvc - ok
15:44:43.0316 0x1ec4  [ 3CD63AE6A9A1DE4CD5831AE15221C861, CB8B5FDA48D9D4E5A9F26F67859105E2769AF82B2CA1B0B35D9BFBA611445CC0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
15:44:43.0332 0x1ec4  RpcEptMapper - ok
15:44:43.0340 0x1ec4  [ 19EC4D05E01FE350B3494CEA122D64EB, 09FF60A8F22D66796257E33F4CFD6059D4A11A3173A7691718E9FE841E15ABA2 ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:44:43.0354 0x1ec4  RpcLocator - ok
15:44:43.0375 0x1ec4  [ CABE63E881D5A9719EBB5B3CFD754F0C, 3CF6B088BA8A6E055E79A38C15FD61B45105F9024519282D5FC027C4849B3A99 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
15:44:43.0408 0x1ec4  RpcSs - ok
15:44:43.0418 0x1ec4  [ FA89B6166BAB23ED5739B6BF487E8C2F, A89B5E59E335969EE98D68626802D85899798F24906E992C693455610911BF31 ] RsFx0300        C:\WINDOWS\system32\DRIVERS\RsFx0300.sys
15:44:43.0430 0x1ec4  RsFx0300 - ok
15:44:43.0436 0x1ec4  [ FFFB16EF6E0B8B5F7F19B425923E7D12, 27C2882AC7B27BAC5A4051C2C9326A6D289F297158DE7A3A93E8B09378DC91AA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
15:44:43.0447 0x1ec4  rspndr - ok
15:44:43.0463 0x1ec4  [ AB7C0639DF052528C2CB06D0EAE115EC, 5D709DE453FBC3DD880859D2B11BCB780FEA8C0618AA47622C85BD414EC540BE ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
15:44:43.0489 0x1ec4  rt640x64 - ok
15:44:43.0504 0x1ec4  [ 888FAE43EBB0BDCABA3535284D37BD4B, 6933B8428852CA49E1979F4417BF5C05CC111F4018C90749EEC79E57DBAAA6D8 ] RtkAudioUniversalService C:\WINDOWS\System32\RtkAudUService64.exe
15:44:43.0527 0x1ec4  RtkAudioUniversalService - ok
15:44:43.0535 0x1ec4  [ A2939E69027B97105014434BFBFF7195, 9DC09BE94415564D0E80431223BDA1C59E3555AB5267DD3F64E71D4A18C8553A ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
15:44:43.0543 0x1ec4  s3cap - ok
15:44:43.0548 0x1ec4  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] SamSs           C:\WINDOWS\system32\lsass.exe
15:44:43.0557 0x1ec4  SamSs - ok
15:44:43.0561 0x1ec4  [ 04C51BBD8C9F54E5F2C5D831B03B11E3, 15AD9F224CBBCAFB117574F03C6F1C02639928A95BC4533453EBAFB20F7AE671 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
15:44:43.0570 0x1ec4  sbp2port - ok
15:44:43.0577 0x1ec4  [ 2BB468B175EAC4B566954B79142CC73B, 3BD169B0F044F1E53CA4A14021CEA755D29D3F8407300B4AF4F6514DC516FB0D ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
15:44:43.0593 0x1ec4  SCardSvr - ok
15:44:43.0599 0x1ec4  [ 1B1FB3D8403E621F2B9201EF414E21D9, 5EFBEA5DC09CD5F151EF224BE2FF2C985D19301B17E5C16F5D00CB2852DAF8BF ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
15:44:43.0613 0x1ec4  ScDeviceEnum - ok
15:44:43.0617 0x1ec4  [ 0070C2DC6563C48EDA63A282748F3FCD, 12C8505DDD05994641B2B19666D7A54E12A21F6894913342A9BA5D148F193BE0 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:44:43.0626 0x1ec4  scfilter - ok
15:44:43.0643 0x1ec4  [ 645FC62D31FBAE0A0A51EA90D7EF637E, A8670AEDFF2824A6E2837A5CAAEDCFBA5902B2D6FBCE7604587529866F85857D ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:44:43.0678 0x1ec4  Schedule - ok
15:44:43.0685 0x1ec4  [ A61C34A8B6BA61E61C612CAD636C369F, 9966C5D2B4B60555BE9B9533DA62E0806767226B55EEC31030FB230DEBEC2650 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
15:44:43.0694 0x1ec4  scmbus - ok
15:44:43.0702 0x1ec4  [ 6C6FAAB1BC8D63BF8CB6B5EFCEF4E351, D2AF0A5B3C4BBC4FD19D96D111FB1A694483E91B926C9BC093C114B94BE42CBC ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
15:44:43.0716 0x1ec4  SCPolicySvc - ok
15:44:43.0726 0x1ec4  [ 495273177E87B0C34D7E431E9254FA23, 61116DA77622F5A0E931F5033C1B870A22AD3438C056FD1F320F857908E4124B ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
15:44:43.0738 0x1ec4  sdbus - ok
15:44:43.0742 0x1ec4  [ 9EF09DE84CE20B787C02395394AC2A7E, 17019B74506D26707EBC342365008A9BB5AACA381FB60ABA85F34D153FB0682C ] SDFRd           C:\WINDOWS\System32\drivers\SDFRd.sys
15:44:43.0750 0x1ec4  SDFRd - ok
15:44:43.0756 0x1ec4  [ 01607A2FAB0068450A06C90AF755D57E, 9615261063475045CBC99F17BD3A4919198D0F77CA9E4EC7B13826E514BC8543 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
15:44:43.0770 0x1ec4  SDRSVC - ok
15:44:43.0774 0x1ec4  [ F80D6C03FEA2F7DEE14023B7229DA8C2, B62AFCFCDE9C1BA0A5D80BAAC3D3D95546DB2E532C04C765FF85B27D1CBD5B8D ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
15:44:43.0783 0x1ec4  sdstor - ok
15:44:43.0788 0x1ec4  [ 44B1F4F200B4D3AE8B53290101148AFC, 34F18FEDE525BB398371329CA9F93BD3D88C30E23FCA576978D94EC67513228C ] seclogon        C:\WINDOWS\system32\seclogon.dll
15:44:43.0797 0x1ec4  seclogon - ok
15:44:43.0813 0x1ec4  [ 0F67F777705C6DC33FFE0FF459762957, 16BE999DCEC6C2C4F799025ACBFDE04CCE66B39160B6186A00F4BCFA2A1E41AA ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
15:44:43.0837 0x1ec4  SecurityHealthService - ok
15:44:43.0859 0x1ec4  [ 7D7ED932B6417D8687D1D972989B310B, A5DF3B6CEE97DD110FD1BC542CC5A5313B2F447E5FCC40DF6EFB9D7D49CD792C ] SEMgrSvc        C:\WINDOWS\system32\SEMgrSvc.dll
15:44:43.0907 0x1ec4  SEMgrSvc - ok
15:44:43.0913 0x1ec4  [ CA614C9FBC8307AB1DC937F3393899E2, 4833CC631FA30E4D4B45BBC2CE41DE72B332B6A1FFD23B7DBFD6EDD6BC1A2ED8 ] SENS            C:\WINDOWS\System32\sens.dll
15:44:43.0929 0x1ec4  SENS - ok
15:44:43.0933 0x1ec4  Sense - ok
15:44:43.0960 0x1ec4  [ 46AEFFC68BEAF89805B95CC6F9529C2E, 7A6A38A329E82F684191561479604142BBB35121822A5CDD828819C606F2A60A ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
15:44:44.0009 0x1ec4  SensorDataService - ok
15:44:44.0025 0x1ec4  [ 2B81117E9C3E20BBAA2CB5467D000F77, AC0DF8E635908026EE43EE0444DEF61481E211737A85A473D64EC8BB214D1135 ] SensorService   C:\WINDOWS\system32\SensorService.dll
15:44:44.0052 0x1ec4  SensorService - ok
15:44:44.0059 0x1ec4  [ DF94FAAEC4CDAA3886A0169E660C984B, 54BB09459D59B5DDA24D72821840FA7A71A194EA464E09DFDE021B24CB27FCAD ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
15:44:44.0072 0x1ec4  SensrSvc - ok
15:44:44.0077 0x1ec4  [ C5CF2941AA9E417B3A224601255C002E, 31E2988E13D9BB3630980E8B71AE5FB244EFB15970623C1FE76B7ACA25A4A2F2 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
15:44:44.0085 0x1ec4  SerCx - ok
15:44:44.0090 0x1ec4  [ B9C113BD9FCA4F3E23F03708A7DA07CC, 0A070BDDA956B1869D58A173B56ABA011E1F7A3C5D258343D0AEDC1EC87F4B53 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
15:44:44.0098 0x1ec4  SerCx2 - ok
15:44:44.0103 0x1ec4  [ 1845736FA47A1DFBBB642FE21095B4E0, 057E8750E8695F6B72A33BBF1C5CFCCD6BFC992E6B99A487A07F5A4921004791 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
15:44:44.0111 0x1ec4  Serenum - ok
15:44:44.0115 0x1ec4  [ F1BABF50469041797ED9928C31318832, 1A8C75F4696D4D2AA47EA33BC96069A394466953EBC3CFB2B3D6B961B8B5875A ] Serial          C:\WINDOWS\System32\drivers\serial.sys
15:44:44.0125 0x1ec4  Serial - ok
15:44:44.0129 0x1ec4  [ 340116988930B07629A2D0C2B380A365, EBAAC3DF2E8DABFB477340E79FC8E3A8B74340C389D73E51D64A97A332664113 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
15:44:44.0139 0x1ec4  sermouse - ok
15:44:44.0152 0x1ec4  [ 87340BC77470B34F11A9E558B591DB08, FD91561FE5951B4F59FEE23707E1ACE31293E508EF734A5CDB0F34D332EFDDF7 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
15:44:44.0175 0x1ec4  SessionEnv - ok
15:44:44.0178 0x1ec4  [ 77FF0A5BA023D8E8C82EACCD54EA5C78, A4A88A550419C347E369DDD29D4EB5C1BC4D980FBA9C655DF787A166FCA2497D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
15:44:44.0189 0x1ec4  sfloppy - ok
15:44:44.0193 0x1ec4  [ 1941F5CA54C469E16957587FD56ED842, D356547A9702A50AEB5F7765AC44668EEA913563A422ABBD0427EC22833A5B78 ] SgrmAgent       C:\WINDOWS\system32\drivers\SgrmAgent.sys
15:44:44.0201 0x1ec4  SgrmAgent - ok
15:44:44.0207 0x1ec4  [ D3170A3F3A9626597EEE1888686E3EA6, 9321991C441B095DF15D24C8AE58F87EE5A3242532E8C023D0F78B2F96FEE6B7 ] SgrmBroker      C:\WINDOWS\system32\SgrmBroker.exe
15:44:44.0218 0x1ec4  SgrmBroker - ok
15:44:44.0230 0x1ec4  [ AC1D97F89F2EC7E334A406603A686973, D230059C1CB400CCA62438603356F058B40E17DE4C7BD4DADDBB981E4F5E4C9C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
15:44:44.0255 0x1ec4  SharedAccess - ok
15:44:44.0269 0x1ec4  [ 7C5348D398340B5C2A77543FA966C0D3, E111E2AB4DA47C7A15797DDA2499EF93D26BB0D9103EAAF81A244C9545FC10B4 ] SharedRealitySvc C:\WINDOWS\System32\SharedRealitySvc.dll
15:44:44.0297 0x1ec4  SharedRealitySvc - ok
15:44:44.0313 0x1ec4  [ 63B104867F70F0D81125C37989146960, 468431098DD9B91F1C58551CEB4DBE6E1C456FFE845E302571B970EF05AE03A8 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:44:44.0345 0x1ec4  ShellHWDetection - ok
15:44:44.0355 0x1ec4  [ F6D90D09D2BCFA2B5E492BFECA40EDE4, 7B427335943C1EFDE482D59F3A23149FCD45BB014643BEF620A708720383C4A8 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
15:44:44.0372 0x1ec4  shpamsvc - ok
15:44:44.0377 0x1ec4  [ 1443CF919C2A3207CE7724E0A31686A2, 3F0ECC565F67638A57A23BF69C399AD638DA9F81F1660CF3E027DC057E990EA4 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:44:44.0386 0x1ec4  SiSRaid2 - ok
15:44:44.0390 0x1ec4  [ C0B1EAD6CC127CAE4E84EBF54105B3B8, 86F5C937D9DC61F262FF00B45249162F4087B6A1CA0FC24EF7950E4E77FEF26B ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
15:44:44.0400 0x1ec4  SiSRaid4 - ok
15:44:44.0406 0x1ec4  [ B7C6144293CFAD2DEDCD022C44735DC2, 75F26A8F43EED45764D50B2CCE44C453BFBBD0FA56B6AF1F2B4B8B3665C3961E ] smphost         C:\WINDOWS\System32\smphost.dll
15:44:44.0419 0x1ec4  smphost - ok
15:44:44.0432 0x1ec4  [ A3BEF2736E902B9DCA68554F4E10E08C, 5C7590D8F2D637B6D4A5F68945D8350B1C3D48EBE1B2C36658361900C9425611 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
15:44:44.0458 0x1ec4  SmsRouter - ok
15:44:44.0465 0x1ec4  [ 577EC13EB5215325E9B9FC51FB56A974, 1D7A0245A3C474BCD4EC69704040FB50C0E086DB1711C5B7FC4D9C4A7909DAB9 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
15:44:44.0477 0x1ec4  SNMPTRAP - ok
15:44:44.0490 0x1ec4  [ 5E70A578D27BCC7E37E16055669F2836, 7713A750902E1B9BA70C9F9EE8977E7C591AAE80D155657370E63FA2CEDACCAC ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
15:44:44.0510 0x1ec4  spaceport - ok
15:44:44.0514 0x1ec4  [ FE1776E587227120DC04EAEC45473245, 9DEBD997D275065481EEEDD2310479F2021D53B64AA6D5CEEA70E9BB8C9856C7 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
15:44:44.0523 0x1ec4  SpatialGraphFilter - ok
15:44:44.0527 0x1ec4  [ D05EB2BB52EC6B665D1631EC33241B80, 29598FC180020515254A9FAE7BE8077549C656EDB425059691007EEC0F9346F9 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
15:44:44.0535 0x1ec4  SpbCx - ok
15:44:44.0552 0x1ec4  [ 52A4B8C04C345434C974B9A949521BAE, 5FAA7E1BECD6FA28E4BA53E9B3301328B6E8516867BD7D76202A73B8CD530BC5 ] spectrum        C:\WINDOWS\system32\spectrum.exe
15:44:44.0585 0x1ec4  spectrum - ok
15:44:44.0601 0x1ec4  [ C05A19A38D7D203B738771FD1854656F, 3A832F3CBA33682EAA18ABB721BF2D5A6FE9AC853038C684C264700DEB52AA65 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
15:44:44.0628 0x1ec4  Spooler - ok
15:44:44.0691 0x1ec4  [ 3F4408EC9A2B29B5D7DFEC60D2E73906, E423496A4E7762BA57EF916BC12443A082F5BDD41380513E1B89F8145876F84E ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
15:44:44.0791 0x1ec4  sppsvc - ok
15:44:44.0811 0x1ec4  [ F66D45AA6853B22083611E3D7E4CF6C0, 39745729D4A34FB5CE8C21548654A8028609720CF46936DFE5C735BEFC3B1B67 ] SQLAgent$MSOFT  C:\Program Files\Microsoft SQL Server\MSSQL12.MSOFT\MSSQL\Binn\SQLAGENT.EXE
15:44:44.0832 0x1ec4  SQLAgent$MSOFT - ok
15:44:44.0847 0x1ec4  [ 774C1D27B9ED5A420E11C2343B0FFF7B, 6C291CF9C9205D6F9BA43156E1EBB370CA11DD1656694F1B434E2E7F8AFBC6A4 ] SQLBrowser      C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
15:44:44.0862 0x1ec4  SQLBrowser - ok
15:44:44.0867 0x1ec4  [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:44:44.0880 0x1ec4  SQLWriter - ok
15:44:44.0897 0x1ec4  [ D9EFD1D7829994F16141DA4FB6ACAABC, 513C5446DAEA4797049E052E95CBB798DCD8D457A8D8F4999741261150BCDE3B ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
15:44:44.0924 0x1ec4  srv2 - ok
15:44:44.0931 0x1ec4  [ 93DF24D0C33F2894429D4180145CBDA7, 763F05818AD5F348887C297FA14FB77B6F54B9A5C3C1D70CF2B7B0692961950C ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:44:44.0946 0x1ec4  srvnet - ok
15:44:44.0953 0x1ec4  [ 1AEA66706573E8CCD6038369FE37F237, A62CAFE205D5B4C9F8528EDDA4E20BA4E2D1E231F2B183FE70EFE6458B2D5460 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
15:44:44.0979 0x1ec4  SSDPSRV - ok
15:44:45.0043 0x1ec4  [ 5EE518DFADC18573E681BB78833E93FA, E98CCD3E2ADA265D6E3CF48CDBFE5C3067E0546F179F23B77C267F65CEB978EE ] ssh-agent       C:\WINDOWS\System32\OpenSSH\ssh-agent.exe
15:44:45.0094 0x1ec4  ssh-agent - ok
15:44:45.0130 0x1ec4  [ C7DF51E24DD853E7E2D3C0BCDCE57D6C, D1BFDC89F00C5B8388EB233290B6D540C246D0267B1C192C51645004A8CD8C62 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
15:44:45.0174 0x1ec4  SstpSvc - ok
15:44:45.0181 0x1ec4  [ F0B59ADCD06BCEB9D47311B7041CA2C9, 6299AB514CBE153C875F083ED789F6205C1781C0178759521F5A6D8007F5257C ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
15:44:45.0194 0x1ec4  ssudmdm - ok
15:44:45.0286 0x1ec4  [ B9E4174DFBDCA9979A92D17C2E67890E, 1717A6B7CADDDFCA8879B293C29617E194437E049308BCEDF3D07007C41FE39F ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
15:44:45.0408 0x1ec4  StateRepository - ok
15:44:45.0417 0x1ec4  [ DA82903F26AE12034CC5229F61098948, E7B5CA27C864BE95EC109D0692F44BE9F5F56AB6173AB1811F4E83A3EB5F26CA ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
15:44:45.0423 0x1ec4  stexstor - ok
15:44:45.0426 0x1ec4  [ 306FF12041780273C371794F4CBCB055, B4D04C25D5059D6BB3F14DB7649378625DFFA03C26F2A7C061E9A439BE011F30 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
15:44:45.0436 0x1ec4  StillCam - ok
15:44:45.0449 0x1ec4  [ EB2C25A3700309F3F67D9334CF33A36C, 9262778566EEEA810AD32CD660DEA841797BD9F874252CC5445D917FF159280B ] stisvc          C:\WINDOWS\System32\wiaservc.dll
15:44:45.0475 0x1ec4  stisvc - ok
15:44:45.0481 0x1ec4  [ F2D1983C7BEF5E3AB8978A7796C59A75, 39B2005F7CCEC95D2F67AE5F69C3768FEFA04AABC0723BAD8A986A036AF0629B ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
15:44:45.0490 0x1ec4  storahci - ok
15:44:45.0495 0x1ec4  [ 76C9E2AA3400C22FC7091AD2F2999F95, 0015CF42CBA603448DFD85909D5047D5F9BE9153972C3832B1CF4B92A6BF0D01 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
15:44:45.0502 0x1ec4  storflt - ok
15:44:45.0507 0x1ec4  [ 701078F20919BD635EA25F691880F651, 6D56027007EF92A72C20B9B8024FDD96E03E2B8746F39D57BD1F7CAD2FC80DB2 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
15:44:45.0515 0x1ec4  stornvme - ok
15:44:45.0521 0x1ec4  [ 47CE4211A40C2C023A8138E18757F3D2, D684D2A7DECC23418A685358EA9B4F6EB3A68C690D5ED8E82F4B4639DF022775 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
15:44:45.0530 0x1ec4  storqosflt - ok
15:44:45.0554 0x1ec4  [ DEA7BB6D3724F2FD9E61ED085E69DFA7, 5047F184894E79C31739D3C9632E43E8D2ABD70AA674DE82D6D2D0FDA137BF3F ] StorSvc         C:\WINDOWS\system32\storsvc.dll
15:44:45.0588 0x1ec4  StorSvc - ok
15:44:45.0592 0x1ec4  [ 25D7B79F80F3C2CD97D797C14D470165, 5425F98A66741BB2BC7BDC8B21C3AF859A503596D983010883BF5BE4FD999D9D ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
15:44:45.0601 0x1ec4  storufs - ok
15:44:45.0605 0x1ec4  [ 1FC7B7BE58A29DF27F5E6F6C2F061FA3, D8CD6D1BD0ACA4B851DBC85F898CB5DA8715C5AB3D62D7B0D6BBFEADC0382A8E ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
15:44:45.0612 0x1ec4  storvsc - ok
15:44:45.0616 0x1ec4  [ 0B154B033AD7F9215DED11E0CFC80A25, 383D7BF361D75A3B78E4C8E3F616E487FA6172F860AE364B1AC73F75BE38944F ] svsvc           C:\WINDOWS\system32\svsvc.dll
15:44:45.0633 0x1ec4  svsvc - ok
15:44:45.0642 0x1ec4  [ 54255DF324C621A97220EBFA832237D2, 27BAB2018BE66C67D6C2BBAA8E849E89B4150B8C81E7350DB0A1D14BEEB965D9 ] swenum          C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_ea7b19c04e7a8136\swenum.sys
15:44:45.0648 0x1ec4  swenum - ok
15:44:45.0660 0x1ec4  [ B3C113C9B784A4D296C7A7BA515F74BF, 0D20281B8AA9ED6C89E10122F3A153C2E21464686E5A3D2F907224584E6B5BCF ] swprv           C:\WINDOWS\System32\swprv.dll
15:44:45.0682 0x1ec4  swprv - ok
15:44:45.0688 0x1ec4  [ A2A42A570524C975259E3B81C4D80DCA, 4B2A6295E46DD2042B3C741D9519A0376687B30711F2DA8B9B81A039E46229F9 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
15:44:45.0698 0x1ec4  Synth3dVsc - ok
15:44:45.0717 0x1ec4  [ A8D839012996A00F3071116C529FF5D5, 9C2828C8F645F9F44B65FAC50CACD7D2699634059585DDE84D11C7F06F244060 ] SysMain         C:\WINDOWS\system32\sysmain.dll
15:44:45.0751 0x1ec4  SysMain - ok
15:44:45.0759 0x1ec4  [ 607143646829B70F7C60F4CF499AD41D, 00746AA3D0ECE27BC04FCAB4955A199C5E040F850D0129865EC8F03DD202EF7A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:44:45.0777 0x1ec4  SystemEventsBroker - ok
15:44:45.0784 0x1ec4  [ CE9975A9E0DFBEFECECE218D2674C1CD, 20ABA9B78FF40C89A757ED2B4AE2F8BE5F4C6C257AA00A324849D68ACA59A264 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:44:45.0802 0x1ec4  TabletInputService - ok
15:44:45.0809 0x1ec4  [ E38C7C4D57B1438F70A1B913870E8665, EEBE640E31F3D9126FD2F58EB93051FE4EEA591223DFAB9E918DEBE879718B95 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
15:44:45.0830 0x1ec4  TapiSrv - ok
15:44:45.0870 0x1ec4  [ 1AB6B6204AF909AA3B1D933FA2C12E4E, 46E2FD6D800ED06F31EF6CFBAF27FFDFD3F638B31F5F1EAFD347BF3258CB1BAF ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
15:44:45.0926 0x1ec4  Tcpip - ok
15:44:45.0965 0x1ec4  [ 1AB6B6204AF909AA3B1D933FA2C12E4E, 46E2FD6D800ED06F31EF6CFBAF27FFDFD3F638B31F5F1EAFD347BF3258CB1BAF ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
15:44:46.0019 0x1ec4  Tcpip6 - ok
15:44:46.0027 0x1ec4  [ 085F8A5F09E64CC27309AF160EF4F9BA, DB3DFD3059836A9FB26FE924E9F2B960E454F4B20D8862266DFDA3168D610FD8 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
15:44:46.0038 0x1ec4  tcpipreg - ok
15:44:46.0044 0x1ec4  [ 16071C42E21CE3378FA449322FB9AB1D, 44CA7FD91275546492EEF0A59261E2B1C924613515D45EFD2EF0442023B2CBE5 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
15:44:46.0054 0x1ec4  tdx - ok
15:44:46.0058 0x1ec4  [ B2C4D7CB291293CAC636748E695D111E, 5E0AA8147EFDA5D21CEE8AE254F74A974B0ADAF298F569CAA73AC4E3B758438A ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
15:44:46.0065 0x1ec4  terminpt - ok
15:44:46.0085 0x1ec4  [ 10ADC3589E50B1ED8452C86E0CBE8248, BE82341A12EA83D9EFADC9AC35CF16D327F8499C99107DCDE88DD0F5DF84523C ] TermService     C:\WINDOWS\System32\termsrv.dll
15:44:46.0123 0x1ec4  TermService - ok
15:44:46.0128 0x1ec4  [ 1A0A0F6A139148AFDC4622046D4B3CBD, 8FC2FB99B70A3A5B2F1D757A2F0E3085B1D242B792A35070E1DB3871A275329E ] Themes          C:\WINDOWS\system32\themeservice.dll
15:44:46.0143 0x1ec4  Themes - ok
15:44:46.0151 0x1ec4  [ 811910E891A6DB4A864AE119EB71218C, 2CBB6159E2ACAE4BA73892A4F7F8A3981C159083C29F1A1D548C59FB713B9D74 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
15:44:46.0172 0x1ec4  TieringEngineService - ok
15:44:46.0178 0x1ec4  [ 8BF5E2FD72E939CF68D617E273034793, EE27D070E1C4EFE902BE173C5561F5601499F835762278CC1E5987886BD8A4D1 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
15:44:46.0193 0x1ec4  TimeBrokerSvc - ok
15:44:46.0218 0x1ec4  [ 992E10F3A16C90436DFEDD3B787DE729, 4794CE27547E8CAEC1C2E3BDA7E3EAB518FF6CCC0AA3CF55B96A65C915C6D987 ] TokenBroker     C:\WINDOWS\System32\TokenBroker.dll
15:44:46.0261 0x1ec4  TokenBroker - ok
15:44:46.0269 0x1ec4  [ 330F5AA122A302F0244D918B9C92C9D1, 62D513B7357AC8CFC649BCEB4EB682B7493219957A1264BAD4E5C26086BD8F3D ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
15:44:46.0280 0x1ec4  TPM - ok
15:44:46.0287 0x1ec4  [ A5C0F857C38278A90E953A24E1701196, 1A646E47013946CCE41C798A494C6D266AEFC8A8D6EB65CD8848E72106687E38 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
15:44:46.0302 0x1ec4  TrkWks - ok
15:44:46.0306 0x1ec4  [ 4578046C54A954C917BB393B70BA0AEB, 2DFE9DE656B415CF7D81F583F33A20A74CD54C07DB8C3196AA2102431F42F74F ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:44:46.0318 0x1ec4  TrustedInstaller - ok
15:44:46.0324 0x1ec4  [ 0D721F40C179EC5737C15E551F22C69B, BBA04E11C3D9150C60F74D8B1A3F444BDE0C19857BB7C45D58448F641082DE1A ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
15:44:46.0335 0x1ec4  TsUsbFlt - ok
15:44:46.0338 0x1ec4  [ DE1296871208D1F13B7AC57C4B1FA46C, D18709F65E372A47AE114ECFD6A45E6736089B4A8E719E2FB5D831D9415E995D ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:44:46.0347 0x1ec4  TsUsbGD - ok
15:44:46.0353 0x1ec4  [ 3A84A09CBC42148A0C7D00B3E82517F1, 75E609AC991C96E31F55E723925EAF9A363DC5B3324FFD4CFCB701189369D701 ] tsusbhub        C:\WINDOWS\system32\drivers\tsusbhub.sys
15:44:46.0364 0x1ec4  tsusbhub - ok
15:44:46.0370 0x1ec4  [ BC938ABBF586272BD4063CA51F09149F, 06EB662948D212ACDF930C3CD01C6381A6FB152AC0F1628C86764F0973ABA1CB ] tunnel          C:\WINDOWS\system32\drivers\tunnel.sys
15:44:46.0382 0x1ec4  tunnel - ok
15:44:46.0388 0x1ec4  [ E94996BB8F323AF02860196C1400AD30, DE605439FC5B59C1064DF05F63C94D7C275482C1C66BEC74FA4A83F61C2051FC ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
15:44:46.0402 0x1ec4  tzautoupdate - ok
15:44:46.0406 0x1ec4  [ BDFACE024EFF2398214797143AD76C87, EF9B6CB1F6EAE4786BBDE1E0946BECC5BD2AA493FC32A8F779A757BA57238EC9 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
15:44:46.0414 0x1ec4  UASPStor - ok
15:44:46.0421 0x1ec4  [ 00C4396DE1CD3502884BB2E2B6D6861C, 39F6BF25096ACE29CAF964DCA15078F47986F645DF49FB502A2CDF2C05C89AAB ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
15:44:46.0436 0x1ec4  UcmCx0101 - ok
15:44:46.0442 0x1ec4  [ ED9CBD1541C8AFDAA9B8255A384E2B53, D970F5E976CEBE0BCDF07B9E155EDB5B3C225812991779748CD04A9C4852DF3D ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
15:44:46.0455 0x1ec4  UcmTcpciCx0101 - ok
15:44:46.0459 0x1ec4  [ F58F1BC6A6972437CE18516F8ACCEB9F, 2C619D1E2E80662FA463EE48E3D41C8437A81B0F68EE67A0839A93DEDCD2E0B2 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
15:44:46.0470 0x1ec4  UcmUcsi - ok
15:44:46.0476 0x1ec4  [ 017FB9532F54B28EFC1E37A91DB9ECC5, B753A114C644E57E3A4754836F29A6974BAADE547D3114D783070E7CDAA7CE1D ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
15:44:46.0490 0x1ec4  Ucx01000 - ok
15:44:46.0495 0x1ec4  [ 12E2B6B642360E66396502B62B048694, C9AC86BF767ED4ACE0F58BA3720369A2758BA154AFFE10CAAD5A2C4C259BA50A ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
15:44:46.0505 0x1ec4  UdeCx - ok
15:44:46.0514 0x1ec4  [ 6A442723D4D05D9F15D24C9942CDA00D, 4A60D6CF7214A3891877AC6E5A49AE49D056567162D6355C0D893510F0241DA7 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
15:44:46.0530 0x1ec4  udfs - ok
15:44:46.0535 0x1ec4  [ D30AF38971B6670C222250AC2CBB6227, 52C1C7AC29D06C701DA0E2772294CED0C1790EC7FCBD5074238B54BEB951E9D0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
15:44:46.0541 0x1ec4  UEFI - ok
15:44:46.0546 0x1ec4  [ AD58EA78772B8163CFDE9BF671B6F8F1, E8304179B6B52B143846AEF80C7B2D577125742EA2DFF09F8AC5F37F4E28793E ] UevAgentDriver  C:\WINDOWS\system32\drivers\UevAgentDriver.sys
15:44:46.0554 0x1ec4  UevAgentDriver - ok
15:44:46.0576 0x1ec4  [ F7E36C20DB953DFF4FDDB817904C0E48, 2C5EDE0807D8A5EC4B6E0FE0C308B37DBBDE12714FD9ADC4CE3EF4E0A5692207 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
15:44:46.0614 0x1ec4  UevAgentService - ok
15:44:46.0622 0x1ec4  [ 588B9212DEE84F5192C09A147AA5C316, 80C70FD489D72015FCF8AFBE649F6C77F40B613882A1F031A2DAE088B9B4F67B ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
15:44:46.0634 0x1ec4  Ufx01000 - ok
15:44:46.0639 0x1ec4  [ 78B5C069C9AA1463ACC833FD7E2A3BD5, A44BAB6AB5E071537BD37A26DAF6D0D69BBFFFF686C183BFAAB04286DD3B81BB ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
15:44:46.0647 0x1ec4  UfxChipidea - ok
15:44:46.0653 0x1ec4  [ 533BF4F456A1C6E7581E8C0A4EC59300, E5AE7EB4A8E6CE410F465C48F102797806172B5881C2CF570A9851CCDFE656FD ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
15:44:46.0662 0x1ec4  ufxsynopsys - ok
15:44:46.0670 0x1ec4  [ 360FEE6F687D98EFFE46A5433FE6182E, 1A35569DC29F45F78D705BCEDE850CAF86FD27D6253977497EB3B000CAAE0B27 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
15:44:46.0679 0x1ec4  umbus - ok
15:44:46.0682 0x1ec4  [ F6F1A9D91F684AA02951B96EE8127DAE, 351139331041BC123C9FEE3A5CE4965AFC4CDCA488080338D98C5EB85D5843D4 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
15:44:46.0693 0x1ec4  UmPass - ok
15:44:46.0702 0x1ec4  [ 0D806415E1F86E7C1C192261C247EF0D, 640CB73D9ACC3B6E0F2A2A5A4587375F05A7519081BEC510B926A8A4A496C3B9 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
15:44:46.0721 0x1ec4  UmRdpService - ok
15:44:46.0742 0x1ec4  [ EAEC69961D9D8B39FEA44D56F7FB259D, 43FEB15A32B353B6F3C8E5F1072FF9507F2FA7799A414F30FEA0B8C47999D969 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
15:44:46.0782 0x1ec4  UnistoreSvc - ok
15:44:46.0795 0x1ec4  [ 2362D5C18120FAB9CE5BD1F73EE33758, D9AB5D5BEAF95F62A204CE8A3B8B3B6C9C1E85FB5425CA2AADCBB4770EDCDF30 ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:44:46.0816 0x1ec4  upnphost - ok
15:44:46.0820 0x1ec4  [ 49A5E1B43C59DC0E363AD9C2D7D10BE4, B903C1C24DAF316AF9D8C1770687DE0A24ACDA4EFE47845E13BE99985609B7CE ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
15:44:46.0826 0x1ec4  UrsChipidea - ok
15:44:46.0831 0x1ec4  [ 53F1DA2D92D1D8CE4BB9D33E58D7DF01, CD3F4B92EDA042FE696C59D67BEB711C7AF0EB5979AD5F4110297C47454EBBFA ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
15:44:46.0839 0x1ec4  UrsCx01000 - ok
15:44:46.0843 0x1ec4  [ 09518A324B95BBC0B472BD5A472CB916, B3C6BF8C84268C02CC43E5C6B37648F9691B6038D275F4BEBA7B5E9ECA046181 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
15:44:46.0850 0x1ec4  UrsSynopsys - ok
15:44:46.0856 0x1ec4  [ B7211393225AB05324C52BA47B31FEB4, 3FFB7F1C1CA5001B95026D30ECD1991747DDAFFBE3B4929CAEDFA90E169A28AE ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
15:44:46.0865 0x1ec4  usbccgp - ok
15:44:46.0871 0x1ec4  [ 250D21958EE5F45CD13FE6BE3788EE70, C0EF097EE2ED91950BD3A6881AB08698E85C4ABABC4F7520F7E92E70CA454D4E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
15:44:46.0881 0x1ec4  usbcir - ok
15:44:46.0888 0x1ec4  [ 29F92C6FFF8D8B661742CB67595BB279, 4460872F57C0CF7B20E44A538360B3B6F7FAB9117EC9C821A79B5ED22B214AAC ] UsbClientService C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
15:44:46.0895 0x1ec4  UsbClientService - ok
15:44:46.0900 0x1ec4  [ 4269DE1EB8029D55B3BB3A8A330FCF90, 5D9081A07F91AF704D27EEE60516D6E1E0A106D1656CEF0C5C50E51C23E17F61 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
15:44:46.0908 0x1ec4  usbehci - ok
15:44:46.0919 0x1ec4  [ D67AABAE0C9EBAC9BBA2E20E0AF52EF1, FE51895BB81E5320F66C433378469092D39F325D310543AFE28A5603FA9B4F08 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
15:44:46.0935 0x1ec4  usbhub - ok
15:44:46.0948 0x1ec4  [ E9ED46769676537049BAAEC4543C7BA6, FEE591F28648E4D0D78247BC1E8604AA3F426F4EE57ADCCB4C53F3C7A24634EB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
15:44:46.0968 0x1ec4  USBHUB3 - ok
15:44:46.0973 0x1ec4  [ A547E7B1B3FB2228259AA85AC7E82698, AB18BBE30A2D149A0E10621DC8497A72DFB841B09F4E4B47FED21843C0F88D92 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
15:44:46.0983 0x1ec4  usbohci - ok
15:44:46.0987 0x1ec4  [ 692C0BA4109C8F78392A299369F51129, A675E11CD4794693D0B65A06E85F264199506A4C6EDBB68503163EED389B8D1F ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
15:44:46.0996 0x1ec4  usbprint - ok
15:44:47.0001 0x1ec4  [ 45A9E57185B79420EFEA5A4AED655809, 91D4BDBBAF1D06C404AC926357C3F20D780CF5C858B223930D69CFB17D81F3D3 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
15:44:47.0010 0x1ec4  usbser - ok
15:44:47.0015 0x1ec4  [ CEF7527514EC49EBE0C760D784643EF0, 2A4E49C5C906339C31F0A646E53773297F4B4CEAFD94CE653C37556AE243E104 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:44:47.0024 0x1ec4  USBSTOR - ok
15:44:47.0028 0x1ec4  [ A4124036C4FD2B94C6157C4588EEB4E3, 595C8BFB5E63AEA2F7DF2745F7C7CE45938B091470C921E3064E766A0E12851F ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
15:44:47.0038 0x1ec4  usbuhci - ok
15:44:47.0047 0x1ec4  [ 9F4CCFCD4B4C6008C940510E43D54AEC, CD6082E95EBA618490A2A97E258875440B3440E721B21E81608804B90DEF0D20 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:44:47.0062 0x1ec4  USBXHCI - ok
15:44:47.0087 0x1ec4  [ CE0E3BA8FC974BEE5BE20E4F43A1C583, E19DE81559FD92D1F7B0ADB4297926E6971F7FCB642E11758D361FC2A22C33BB ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
15:44:47.0134 0x1ec4  UserDataSvc - ok
15:44:47.0156 0x1ec4  [ B8D1D74FEF1F190BA4DA7E7A72D5D9CE, F467F39EE09DDC7750BF42C3FF317E0DC324897589268B4C7B63F8E176445820 ] UserManager     C:\WINDOWS\System32\usermgr.dll
15:44:47.0193 0x1ec4  UserManager - ok
15:44:47.0217 0x1ec4  [ C126860C9769EF5462301F039481C079, D485E8EEC981A5BB5F3988D97192B5C1AD494228CB87CD129916438040B9C743 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
15:44:47.0260 0x1ec4  UsoSvc - ok
15:44:47.0271 0x1ec4  [ 3E283D06357616CD4117CC15BDB7C4C3, ACE50702EE61C9F93855720037898F19E509D45982F9173643EDA455F54FB9E7 ] VacSvc          C:\WINDOWS\System32\vac.dll
15:44:47.0287 0x1ec4  VacSvc - ok
15:44:47.0291 0x1ec4  [ 317340CD278A374BCEF6A30194557227, 593DA57CDD02F4CC3A5125CE5707C222DD922F2936D16492BA21AC6C345EC6B0 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
15:44:47.0298 0x1ec4  VaultSvc - ok
15:44:47.0303 0x1ec4  [ 8DCB7E5A9497C030484E5AD9E541B85C, 1170E5C190E2B6F2966076EFF11B8476CC03D924F43144C2936E11314A89ACA6 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
15:44:47.0310 0x1ec4  vdrvroot - ok
15:44:47.0323 0x1ec4  [ 4940B49502323905B66039D0D1AB4613, 963BFD563B5A79F0AE81EB9708E85901A545545D4F25FCF37A17295EE9EDA514 ] vds             C:\WINDOWS\System32\vds.exe
15:44:47.0351 0x1ec4  vds - ok
15:44:47.0357 0x1ec4  [ 52B657683FFF1E326314348908F5C594, 38ECAC3E33112C75D0608E53A6B03CACAFE3801B1A89C06204B9F1AF90FB2BA2 ] VeeamEndpointBackupSvc C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Service.exe
15:44:47.0367 0x1ec4  VeeamEndpointBackupSvc - ok
15:44:47.0373 0x1ec4  [ 5C25C1A89650C95D15F7988D71487B08, EC42E586309B46CF51EC5DC00362ABA82A503545292CACE7B3D23BB0F5E687B9 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
15:44:47.0384 0x1ec4  VerifierExt - ok
15:44:47.0398 0x1ec4  [ E8E5F722A699EF037891D735CB588F8D, 66D0C76C668DBD5BCE2B30B1936486EC21455BE293203C41B8E3B031ED012A22 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
15:44:47.0419 0x1ec4  vhdmp - ok
15:44:47.0422 0x1ec4  [ 209A34F4BE17B0A56328C86F8CCC5577, 58F8A57233FC7DD220A6EF64FD48C2A5756B21AB30644FF6919847D13FF44F16 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
15:44:47.0431 0x1ec4  vhf - ok
15:44:47.0436 0x1ec4  [ AD63BC4A11A4FD436ED23208BB8D1A9C, 079718B9B2F57716FC50119E9893AABF2AAC6223764E8C2ACAE1016A53E069E5 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
15:44:47.0445 0x1ec4  vmbus - ok
15:44:47.0451 0x1ec4  [ E2D57FB1A62F0BB7F70570806A09CE2B, DCF1699488D913C9E94E2C74CD8606BDAFF69B995B2E3B7DE7F2E9C4D2E6ECF2 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
15:44:47.0462 0x1ec4  VMBusHID - ok
15:44:47.0465 0x1ec4  [ 7D778F1E82EBA9F5A4DD392CFD3C4224, E81D71E88C472B1631758E3C5D22A214450480C2E2DA010FDE21EC1B129C5FAD ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
15:44:47.0474 0x1ec4  vmgid - ok
15:44:47.0482 0x1ec4  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
15:44:47.0497 0x1ec4  vmicguestinterface - ok
15:44:47.0506 0x1ec4  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
15:44:47.0519 0x1ec4  vmicheartbeat - ok
15:44:47.0525 0x1ec4  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
15:44:47.0539 0x1ec4  vmickvpexchange - ok
15:44:47.0547 0x1ec4  [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
15:44:47.0562 0x1ec4  vmicrdv - ok
15:44:47.0570 0x1ec4  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
15:44:47.0584 0x1ec4  vmicshutdown - ok
15:44:47.0591 0x1ec4  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
15:44:47.0605 0x1ec4  vmictimesync - ok
15:44:47.0611 0x1ec4  [ E4F5E83951810583FE8C2423772171DF, B2C7D44AA3F578C8E5B0A6FD8002BA554BAA4492FDFCFAED9D581C3ACD05D620 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
15:44:47.0625 0x1ec4  vmicvmsession - ok
15:44:47.0633 0x1ec4  [ DB7FB1DA7E1564EACBADD436191309C5, B567DFB5828D64A2A199C16538F3557696C3381B858420F23EABC757FDC341C2 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
15:44:47.0647 0x1ec4  vmicvss - ok
15:44:47.0652 0x1ec4  [ 708410755721F94FC8939673893C2E2B, C8516DDE667614545DA076A9D034A7941D3E03953CB41576A979199363AB7A99 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
15:44:47.0660 0x1ec4  volmgr - ok
15:44:47.0669 0x1ec4  [ 1514506CA7462A64DC38C48108DDBB45, DEE5D7B79962D9EB6D92FCF870CA1B06FE68CE6AE25F82A5B449445C99E76D2A ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
15:44:47.0683 0x1ec4  volmgrx - ok
15:44:47.0692 0x1ec4  [ F0EE4E6028CCA58BEA9A04E7BEAB7DB4, 628D0E3D60256B914E46C26BCE8F512DFE0409C34EA603EB0A20C80EB469A4D2 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
15:44:47.0706 0x1ec4  volsnap - ok
15:44:47.0710 0x1ec4  [ 77FD1607F2C371ABD241EC7699C58884, A6FE00D76C615DC641A667EB9B6824C992ED752A31A89AE3FE43BAE5462F3EB7 ] volume          C:\WINDOWS\system32\drivers\volume.sys
15:44:47.0717 0x1ec4  volume - ok
15:44:47.0721 0x1ec4  [ A8E3A6BA6A1B4D1DFEC5E8D5CFF786DF, DEAE1C20AF6BBE419FDE432288C7A45B29AADA8D9E416BC428A4C2BF428D2861 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
15:44:47.0729 0x1ec4  vpci - ok
15:44:47.0735 0x1ec4  [ ED0B3436E1DE601C6C8EB86789AC8BAB, 0CD186B09903A1D3748A3258D8B84557F3674DA04FEB8EFA24AE81FFE376265C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
15:44:47.0744 0x1ec4  vsmraid - ok
15:44:47.0768 0x1ec4  [ C7053D974A35EAB81F153FF33C883613, 9D89DC644971F93931D0E59D42ADE0A4AB49A5490709B46FCBBC309041C5432D ] VSS             C:\WINDOWS\system32\vssvc.exe
15:44:47.0815 0x1ec4  VSS - ok
15:44:47.0825 0x1ec4  [ 3D706FBED35DF3B17809C6714F31F9B0, BBC337479DEB628721E651FC165EA01D986E31950189F1A81534922667101487 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
15:44:47.0837 0x1ec4  VSTXRAID - ok
15:44:47.0841 0x1ec4  [ 0B11DBB8173AD374D67893D54EBEE9F3, AB8B6FC81244729157E59D062FCC234FD7E818804D94AA6B7BF81E01B7922395 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
15:44:47.0851 0x1ec4  vwifibus - ok
15:44:47.0855 0x1ec4  [ 95540F74893235C189409C98643D7A77, 4F041301C95F55C8448C3CC5825ED9E631E770BA35BEC8498A0ABB3563584AAE ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
15:44:47.0867 0x1ec4  vwififlt - ok
15:44:47.0879 0x1ec4  [ 4F904ADE8BECDFB48CBA3F44FC0676A1, 2C3D619E9AD0D0DAEC0D170795FD6E5B7FE3FC667C947660320A9BC671B55736 ] W32Time         C:\WINDOWS\system32\w32time.dll
15:44:47.0902 0x1ec4  W32Time - ok
15:44:47.0912 0x1ec4  [ A513D44421D6556FF08CF791FDAF11FC, 0D29306CEF2AEA216088BFDA350F859317F40DF053C657F289A153F035749664 ] WaaSMedicSvc    C:\WINDOWS\System32\WaaSMedicSvc.dll
15:44:47.0930 0x1ec4  WaaSMedicSvc - ok
15:44:47.0935 0x1ec4  [ 87A01F65BD16C9FCCDD1B65F56CB93B0, E84B46DB67F2FCB22DB7130570FE7211FC96A806AC9D1D69D187899C93785CB2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
15:44:47.0943 0x1ec4  WacomPen - ok
15:44:47.0954 0x1ec4  [ 25FAB8A2CFFA21FDB472AB3AE6C17A57, C97E651111643F32FD5B94BEDA31D62E6FF83CA0644FFE8BA98463EC9EA6EF9B ] WalletService   C:\WINDOWS\system32\WalletService.dll
15:44:47.0975 0x1ec4  WalletService - ok
15:44:47.0979 0x1ec4  [ 85E187443F68F285DB78BD2279AE3701, FAC03A162CF07FCC6BDB4E45F5EDF16D48BE10D95F73A74E9BADA62EC7F24B53 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:44:47.0991 0x1ec4  wanarp - ok
15:44:47.0994 0x1ec4  [ 85E187443F68F285DB78BD2279AE3701, FAC03A162CF07FCC6BDB4E45F5EDF16D48BE10D95F73A74E9BADA62EC7F24B53 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
         
Code:
ATTFilter
15:44:48.0005 0x1ec4  wanarpv6 - ok
15:44:48.0009 0x1ec4  [ 395447583F42FD840520EE87AE439D74, 984AE1EE8BA3B8926C6FC94BC22DE9061C90C15135EA56D0F16C1D3C4EF8DAF8 ] WarpJITSvc      C:\WINDOWS\System32\Windows.WARP.JITService.dll
15:44:48.0021 0x1ec4  WarpJITSvc - ok
15:44:48.0046 0x1ec4  [ 6E235F75DF84C387388D23D697D6540B, 7113DD02243E9368EF3265CF5A7F991F9B4D69CAB70B1A446062F8DD714AFC8E ] wbengine        C:\WINDOWS\system32\wbengine.exe
15:44:48.0091 0x1ec4  wbengine - ok
15:44:48.0110 0x1ec4  [ 960FA25C6CAA9082A4DE0A2C81628287, 3DE39C2E28038F9B900319EAF2BC0E2EA5E7415E89AB6FB03E22354AB07A06DD ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
15:44:48.0143 0x1ec4  WbioSrvc - ok
15:44:48.0150 0x1ec4  [ 8A304D6CDC067922448CBA1EBB9FFCA8, DE40DD3A32DFF22C477F38B5E2224D55B8CCF2499EFFE0A8E9923728295BAEC1 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
15:44:48.0159 0x1ec4  wcifs - ok
15:44:48.0178 0x1ec4  [ C479E8EC94A23112B7EF14D5F1DF83CE, 0F40594FF9C329090A9980F31795C90850C2D2F819236ABD680D27C98FE9BC97 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
15:44:48.0209 0x1ec4  Wcmsvc - ok
15:44:48.0220 0x1ec4  [ B797B163EDCA46B5244F4E083BE7A7E7, 18D977A8015380A87EC9962273B90806145186A69F3455B3445A0FE1FE431219 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
15:44:48.0240 0x1ec4  wcncsvc - ok
15:44:48.0245 0x1ec4  [ FCA1B5465213EF4DE373A1F7E76D260E, 2548A9D11027871AD0290FDADF1E42E828E6120ECE925B12BAB3F09E25172489 ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
15:44:48.0256 0x1ec4  wcnfs - ok
15:44:48.0259 0x1ec4  [ 9BD1C97BAED4B916C95D4E107B3D9812, 722456319EBA63AC6EB21B6A99F4FC928F58AA972DF227EDF0982BC51F4DE86D ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
15:44:48.0268 0x1ec4  WdBoot - ok
15:44:48.0285 0x1ec4  [ 152926023B401D1F5F8852929572F5C3, 61D0FDB0E3A4D16FFA6852174B3824F6294502E331BB0831BCF99F049B09C328 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
15:44:48.0307 0x1ec4  Wdf01000 - ok
15:44:48.0316 0x1ec4  [ D25D9930BFD78A09B8FD4A7504C6F57A, 9D94BC1368A73B06312ED9016482534EA64F7005C85AAB240ED619FDD19E7F4C ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
15:44:48.0328 0x1ec4  WdFilter - ok
15:44:48.0333 0x1ec4  [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
15:44:48.0347 0x1ec4  WdiServiceHost - ok
15:44:48.0351 0x1ec4  [ 067D1A81B4708CA97523709FDF57B728, CA331223250B37E7D2D8B04640EDF279F7FD7336017181ECF2D3E4F82E370F97 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
15:44:48.0363 0x1ec4  WdiSystemHost - ok
15:44:48.0379 0x1ec4  [ 5DDA2C4B9AAED51E73DD6D580406F07A, 5C103E442ED4A9CC3C4E81D6C4E6BEE2FD14E4DBE57EC46DA0EF4C539D42756B ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
15:44:48.0405 0x1ec4  wdiwifi - ok
15:44:48.0410 0x1ec4  [ EAF4FB729E94561EE31BDE5BEF869C65, 73290250B565E0A3F453BC45E69FF16A1D964E372A15401A2D3E2CDEB4670B38 ] WdmCompanionFilter C:\WINDOWS\system32\drivers\WdmCompanionFilter.sys
15:44:48.0417 0x1ec4  WdmCompanionFilter - ok
15:44:48.0423 0x1ec4  [ 54E97FEADEEFF973797EB878DC0D2850, A7ABD9E8B94DA19328BB9BF498D64603C6147BE998C40A6F0F8C2E0716CBFC95 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:44:48.0433 0x1ec4  WdNisDrv - ok
15:44:48.0435 0x1ec4  WdNisSvc - ok
15:44:48.0443 0x1ec4  [ BDCC510E85F7AF152E2DFF030A526EA2, 67830B42DE20EBB30DD33093F30FBA166B27D3C1F25B52DABE1BC436671A1882 ] WebClient       C:\WINDOWS\System32\webclnt.dll
15:44:48.0458 0x1ec4  WebClient - ok
15:44:48.0467 0x1ec4  [ 506F0A1CCABF4428733CF854BCBB6832, 859A7E21ABB93A0AD538AAF93D32E31B961EA6012C24567B4C76A9ED8FD4AD46 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
15:44:48.0485 0x1ec4  Wecsvc - ok
15:44:48.0489 0x1ec4  [ D8D727E8311C86B2A993A9006A453BAC, AD6C93F5ED51C621841DF68A25D5932578FADB83689FB668D056F316A8AA749D ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
15:44:48.0503 0x1ec4  WEPHOSTSVC - ok
15:44:48.0509 0x1ec4  [ 30B4568D058E17500E7BF88AECEDF3F1, 612597DFAF63E55ACB80789483CBCF0E5AC5FF7607C478C61E5A86D77B169E9E ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
15:44:48.0523 0x1ec4  wercplsupport - ok
15:44:48.0530 0x1ec4  [ 5DDB06B07A60E7AEA69837931373C159, 4E0A3260058B19F414B5053701C4723C27735818212AB3D297F896BF4C39E536 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
15:44:48.0547 0x1ec4  WerSvc - ok
15:44:48.0562 0x1ec4  [ 690537B9569F770ED81CE9C19FD7358A, FF780EBCD8C0B91E99BB2451F08D7826130781136E08FCB4571C3DD0C01B616F ] WFDSConMgrSvc   C:\WINDOWS\System32\wfdsconmgrsvc.dll
15:44:48.0590 0x1ec4  WFDSConMgrSvc - ok
15:44:48.0596 0x1ec4  [ EB0B154F12F78DE232F38EF61BCDEEA2, D4BC28969C94F9A3906339B42FC3638E8BFF575C28C709461D48A84821A89A21 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
15:44:48.0606 0x1ec4  WFPLWFS - ok
15:44:48.0611 0x1ec4  [ 752F5931696914DF2EC0B27275C38458, 83415E7BE50D9548785FBF6550FA679E425B5990F303E2D74513275A5E1DC828 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
15:44:48.0625 0x1ec4  WiaRpc - ok
15:44:48.0629 0x1ec4  [ 3AE28A996C9EB8A6F2AC12BC55035126, E54227B97F42800D445241EA638EFE86A7FEC664E96A0FA38BC48DDF7DA182AD ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
15:44:48.0637 0x1ec4  WIMMount - ok
15:44:48.0639 0x1ec4  WinDefend - ok
15:44:48.0648 0x1ec4  [ 2BB82BABE32D41F430D290239ABC0E87, 2D519F0B86F7B87B7028E404821EDE8B7BDA18288EF32CF81C25B9C1E629FFB1 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
15:44:48.0657 0x1ec4  WindowsTrustedRT - ok
15:44:48.0662 0x1ec4  [ 5F0EDDA201630E132C2251BC9DA85023, 842B5CBA8C33616345EDC2F91B560416AAEAAB15A8CE1F36978B251CE4CBDA16 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
15:44:48.0669 0x1ec4  WindowsTrustedRTProxy - ok
15:44:48.0685 0x1ec4  [ 939AA47A32AFE2BC17EB39FB2ED1DDC2, 7BBE6FE475FF7971EBB59682872003059AC9B27D51898BA4C094C70534E057B6 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:44:48.0712 0x1ec4  WinHttpAutoProxySvc - ok
15:44:48.0717 0x1ec4  [ 762D8D839C44C5A0BE0449AA84034522, E6602D0FDB501081DF165CE904DA0FEC75F3FE29C3B07B44DED6268612742F9C ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
15:44:48.0725 0x1ec4  WinMad - ok
15:44:48.0734 0x1ec4  [ 72D83880FEF0C788C5F305F330744208, 3126C2907170BBA47421D61CD6ED04DA3A3FCC66B4DBFCB4E3B56001B3BF6045 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
15:44:48.0750 0x1ec4  Winmgmt - ok
15:44:48.0757 0x1ec4  [ 80086471CD4D8BF61C757E8EDFDB01DD, EDB58B6C634B3189929867DE4D47764CD35E4E0ED6BBDE98DC1372E9058EA99E ] WinNat          C:\WINDOWS\system32\drivers\winnat.sys
15:44:48.0771 0x1ec4  WinNat - ok
15:44:48.0812 0x1ec4  [ C57185CC62AA13E4F5A989D904CC9A16, 993F27F710148335C4244AB74D4B1D232DEDB0E3D82E39093A1E422C72283D31 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
15:44:48.0887 0x1ec4  WinRM - ok
15:44:48.0898 0x1ec4  [ 6FA3D810FE082001B16ADE19829F1E8E, 64B420FC14AB3194D4D2907EA5BE741456928E7E3CB9CBA50FEB8677A43B1971 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
15:44:48.0909 0x1ec4  WINUSB - ok
15:44:48.0913 0x1ec4  [ D2D6DB37E06608A5AF5B68D8E677B219, C7AAFEE7AAF76A4DCFF4FD2EE7232501832A57E3EE92CE20FA4A5D22F03FBE45 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
15:44:48.0922 0x1ec4  WinVerbs - ok
15:44:48.0939 0x1ec4  [ 08BEB7851B4B8AA07325C23A657233F1, 6D7A4D194D342A5BC3EE9738765B2F5D6B75165954CA6B0D9CD4B40B262C300E ] wisvc           C:\WINDOWS\system32\flightsettings.dll
15:44:48.0970 0x1ec4  wisvc - ok
15:44:49.0010 0x1ec4  [ 2490E373EC18869BA4FE435CFDE3ADEE, 5A3A9D11B426E5F13040758A1BE2284851C3E653E49340C1C75CF9EC3CE418B7 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
15:44:49.0079 0x1ec4  WlanSvc - ok
15:44:49.0117 0x1ec4  [ 28A32E1F7A46A833DE104EF43E389F5F, 5A88C409DD9CC74ED6CEBEB5DFC8DDADFAB9D1CBDFD4EB78D7CBB6D55749C235 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
15:44:49.0182 0x1ec4  wlidsvc - ok
15:44:49.0209 0x1ec4  [ 6DF8049EC9A5AEFE99F753162D9681D4, A97FFC784617D0B45ECB7AB86AF363E6E9EC86D6E27EA90C8016DAEA27DD8183 ] wlpasvc         C:\WINDOWS\System32\lpasvc.dll
15:44:49.0249 0x1ec4  wlpasvc - ok
15:44:49.0254 0x1ec4  [ EAEF2A087812BB7110C744446AB731D5, F5571D3C47564DFB6182DC43CC28124892323B60C3F389599DFEC94D227B4A86 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
15:44:49.0262 0x1ec4  WmiAcpi - ok
15:44:49.0270 0x1ec4  [ ABAC310F5E01CBA9B33AE694F99D0977, 700CDC85479CDBF765FB1A6A389DC991FC4D2A77851A81FF80BEED921250DBF6 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:44:49.0284 0x1ec4  wmiApSrv - ok
15:44:49.0287 0x1ec4  WMPNetworkSvc - ok
15:44:49.0294 0x1ec4  [ E122AD60BF4D7E4B28CCBABF33B28C1F, 1ABABE62FCC1B1A837540EE66F3EB0CE062962F05247002D61CFDE6ABB8E7E87 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
15:44:49.0305 0x1ec4  Wof - ok
15:44:49.0341 0x1ec4  [ 0D3303BDBC591ECF113601D7853A1AA7, 437CF89541696E0B1A8056F4A5189642FC76D762113ED4F71458AF4D72FC3E9A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
15:44:49.0390 0x1ec4  workfolderssvc - ok
15:44:49.0418 0x1ec4  [ 58DA02D34C964C00AF9140C07CCFF8F0, 6A02F326251A790F76E59737E20CB6C38190F671766E56CE6C7FB33D1A4588B9 ] WpcMonSvc       C:\WINDOWS\System32\WpcDesktopMonSvc.dll
15:44:49.0461 0x1ec4  WpcMonSvc - ok
15:44:49.0467 0x1ec4  [ 7412ECE8BD5590881FA9780B68BD70C5, 52329B5BF78E2F5792369FE5A72CF4E3E216D4F0670507D10F3DB8383FA5E0BC ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
15:44:49.0483 0x1ec4  WPDBusEnum - ok
15:44:49.0488 0x1ec4  [ 15C1131EA0216F799C86B03EDAE0BE45, 39F50C084407BC3B498714B74DDA5D63E0539681F324A18ABBED3CD0DE5D52AA ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:44:49.0494 0x1ec4  WpdUpFltr - ok
15:44:49.0503 0x1ec4  [ 096969606BB5C4822AB020081EA07FC5, 522F372834B0497215F45ACBC417DA10DCE45C6D3C7099E47BBA18700C294B22 ] WpnService      C:\WINDOWS\system32\WpnService.dll
15:44:49.0522 0x1ec4  WpnService - ok
15:44:49.0527 0x1ec4  [ 8B694BC50D2D2B98311283CFE5B40EE6, 734F8985CAD99E8635ACF09309D958D2B7FB05C6FF54DBE3623DC071BECE3413 ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
15:44:49.0543 0x1ec4  WpnUserService - ok
15:44:49.0549 0x1ec4  [ C1C2E769FCD3B00A59FF876FB2AD4336, B4D9065268A8B3C509E9160E6F30C20F80D14876C9F6C1057245F09CEB6B0F36 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:44:49.0566 0x1ec4  ws2ifsl - ok
15:44:49.0580 0x1ec4  [ DCB549367EB94CD8AFAA28E3F77F6493, 9FD2C6E03F398E76403502CFC94EB8EBD2F90ED5E95ABA5E86C1B7F63601C43C ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
15:44:49.0606 0x1ec4  wscsvc - ok
15:44:49.0611 0x1ec4  [ A3317B8C6765C18F3BD9FE9DD352B05D, 8312D05F32909933FA692B893D5F6E1DC2E5908C8E590D4B6A51EA724DF4744C ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
15:44:49.0624 0x1ec4  WSDPrintDevice - ok
15:44:49.0628 0x1ec4  [ 3C15A5AC47B1CA4D9A9F8680E224996F, F95EC4E4E5FDFF1D68179205430AAD01A0124DBD682FAFF6270B99B4AACC793F ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
15:44:49.0641 0x1ec4  WSDScan - ok
15:44:49.0644 0x1ec4  WSearch - ok
15:44:49.0693 0x1ec4  [ F212DCE9435C5B9396945429813836CF, 749E0BB1156E92F4D894D912312CA52D02103C3018B93C119495A41745A10D71 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
15:44:49.0791 0x1ec4  wuauserv - ok
15:44:49.0799 0x1ec4  [ 813DC18CC654CFB1875074139B0FEFD3, 87901841AFD9224BFEC06A712BE3C2371E16D3571210D4792F91034A2B926A06 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
15:44:49.0815 0x1ec4  WudfPf - ok
15:44:49.0829 0x1ec4  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
15:44:49.0848 0x1ec4  WUDFRd - ok
15:44:49.0860 0x1ec4  [ FB64BAD6DEDB27EA39B03685AC0A8EB4, CEDCB71F5FC8BAFF69948960F69A46E3A41CDF81304495AFF41088E5B4E9EB1D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:44:49.0873 0x1ec4  WUDFWpdMtp - ok
15:44:49.0900 0x1ec4  [ FAFE3B08208AA28C82BC42731B4EEBE8, 333D9CBE6B3492BC30A7B64C1F83494B38AD2CE7C832C1D68FEBD2EB8029230D ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
15:44:49.0948 0x1ec4  WwanSvc - ok
15:44:49.0954 0x1ec4  [ 51D3A1E2285E2E931A553281BBA10E81, 8B371AF5E7717C53780A5C2F68400412C4DB0F01AC6551476FF062B83A7D0AC8 ] xbgm            C:\WINDOWS\system32\xbgmsvc.exe
15:44:49.0962 0x1ec4  xbgm - ok
15:44:49.0983 0x1ec4  [ DB952AD196A9548CF5235A71E5197F3F, 6C51EB14B2808665FCB999F376A97018F6B0A91EE6E63A25C044EA59A5713EE1 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
15:44:50.0021 0x1ec4  XblAuthManager - ok
15:44:50.0045 0x1ec4  [ 8C0DD7BFFF5A81AEC26AD720057F5451, 4503D4DD540DB9977BBFF3BF7E92BE9778578B769972CF8A54AF0F1FF5C79BF5 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
15:44:50.0087 0x1ec4  XblGameSave - ok
15:44:50.0097 0x1ec4  [ 93352403D9E6B71C275996690672488F, A012D907679B29988D18C71928BDF528506DC05A2DEF01F472B7F0CC043A0340 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
15:44:50.0111 0x1ec4  xboxgip - ok
15:44:50.0116 0x1ec4  [ C7FEC5C0377E5598BA919B29731CA45F, C153C62742B6F981905AEF7C464761E5894260F26EE164968B21D93979376378 ] XboxGipSvc      C:\WINDOWS\System32\XboxGipSvc.dll
15:44:50.0127 0x1ec4  XboxGipSvc - ok
15:44:50.0147 0x1ec4  [ 3A94BD93CD2D9C34725D924230B502A5, 87AF2061D348FFFA190D0E50E6860903BED46968CF64B7765D8D80127C702E6A ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
15:44:50.0187 0x1ec4  XboxNetApiSvc - ok
15:44:50.0192 0x1ec4  [ CE1F78B5C1F14F74242008B2B3153FA2, 682D1F32DD1BBEB031D5129CE40D9C77D3C6CF4FB5979F1918B2482AF617B5BE ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
15:44:50.0202 0x1ec4  xinputhid - ok
15:44:50.0204 0x1ec4  ================ Scan global ===============================
15:44:50.0208 0x1ec4  [ 44D259E3B8F950D123CBE21893CEF1AB, 94FEA350B54D1581FF07D078D25A27FE3C9F815E24D299A0504FB1153E68A903 ] C:\WINDOWS\system32\basesrv.dll
15:44:50.0213 0x1ec4  [ 1C346B5D7E5336246604A9FCFCB092BC, BD0C56C943A8F23CA9CD1CE1FE4F9D2183F752B469A72D14B713301A867AE776 ] C:\WINDOWS\system32\winsrv.dll
15:44:50.0219 0x1ec4  [ FE8D1AB6D6711BE791A01C17EDEBD0D6, EECE3A16DFA0BE1BB1E7B882D33FB926C90A1DCA89805DD3514FABF7C9F05253 ] C:\WINDOWS\system32\sxssrv.dll
15:44:50.0232 0x1ec4  [ 2FC61B2CF84792516D543CA94139A92C, BE42E4A901D6AC8885882D2CD9372A64023794428E0AC8CC87EE3121DD5DC402 ] C:\WINDOWS\system32\services.exe
15:44:50.0243 0x1ec4  [ Global ] - ok
15:44:50.0244 0x1ec4  ================ Scan MBR ==================================
15:44:50.0245 0x1ec4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:44:50.0264 0x1ec4  \Device\Harddisk0\DR0 - ok
15:44:50.0265 0x1ec4  ================ Scan VBR ==================================
15:44:50.0267 0x1ec4  [ D51D79B63621FC8E7474218307C1AF3B ] \Device\Harddisk0\DR0\Partition1
15:44:50.0267 0x1ec4  \Device\Harddisk0\DR0\Partition1 - ok
15:44:50.0270 0x1ec4  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
15:44:50.0270 0x1ec4  \Device\Harddisk0\DR0\Partition2 - ok
15:44:50.0273 0x1ec4  [ 647C2B999E1F450E7C9FC5F7B010632E ] \Device\Harddisk0\DR0\Partition3
15:44:50.0274 0x1ec4  \Device\Harddisk0\DR0\Partition3 - ok
15:44:50.0275 0x1ec4  [ 4743C74DE9B45D53CC1FB035F88046FC ] \Device\Harddisk0\DR0\Partition4
15:44:50.0276 0x1ec4  \Device\Harddisk0\DR0\Partition4 - ok
15:44:50.0279 0x1ec4  [ 6978EBE777DB5A100F3AA63B07E9872C ] \Device\Harddisk0\DR0\Partition5
15:44:50.0280 0x1ec4  \Device\Harddisk0\DR0\Partition5 - ok
15:44:50.0281 0x1ec4  ================ Scan generic autorun ======================
15:44:50.0281 0x1ec4  SecurityHealth - ok
15:44:50.0286 0x1ec4  [ A77C9F8124AA43623F4AA644D1002894, E586D87CE6986AEC8E9BB458AF6E6EBA9E1BBD83328D77C2DAD23F3781C6D10E ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
15:44:50.0291 0x1ec4  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
15:44:50.0695 0x1ec4  Detect skipped due to KSN trusted
15:44:50.0695 0x1ec4  IAStorIcon - ok
15:44:50.0701 0x1ec4  [ F3C8882DC5151B81CB444E7E93320A61, 2B77BFB12E57CC1A2CFAF511BF3C3B62ACFA2820910B968EA7EEACC15396638C ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
15:44:50.0711 0x1ec4  Classic Start Menu - detected UnsignedFile.Multi.Generic ( 1 )
15:44:51.0055 0x1ec4  Detect skipped due to KSN trusted
15:44:51.0055 0x1ec4  Classic Start Menu - ok
15:44:51.0066 0x1ec4  [ 346D22939E3079901F0DFAC7ADD71C94, FDC3900DA9CF5B4B7F4B461EB54F2F7ABF2AF104DE8BFDD0B7F6A46F092F9CC6 ] C:\Program Files\Greenshot\Greenshot.exe
15:44:51.0080 0x1ec4  Greenshot - ok
15:44:51.0099 0x1ec4  [ 0EDE325A8F1C55CAC65B53D8A56C685B, 59D5725BCE59CB1191BA800910AF73F4A972E788EF487A808CC48AD881090495 ] C:\Program Files\Veeam\Endpoint Backup\Veeam.EndPoint.Tray.exe
15:44:51.0121 0x1ec4  Veeam.EndPoint.Tray.exe - ok
15:44:51.0135 0x1ec4  [ 888FAE43EBB0BDCABA3535284D37BD4B, 6933B8428852CA49E1979F4417BF5C05CC111F4018C90749EEC79E57DBAAA6D8 ] C:\WINDOWS\System32\RtkAudUService64.exe
15:44:51.0151 0x1ec4  RtkAudUService - ok
15:44:51.0158 0x1ec4  [ 2D0DCEE9E12C986D1ABDFD4ED456F542, 0F59D776C8D1148A845B56EB8B3C4D40CAB82CF3767F07C9444EAF7044B16A2E ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
15:44:51.0167 0x1ec4  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
15:44:51.0519 0x1ec4  Detect skipped due to KSN trusted
15:44:51.0519 0x1ec4  ControlCenter4 - ok
15:44:51.0589 0x1ec4  [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
15:44:51.0706 0x1ec4  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
15:44:52.0043 0x1ec4  Detect skipped due to KSN trusted
15:44:52.0043 0x1ec4  BrStsMon00 - ok
15:44:52.0068 0x1ec4  [ 8A32FF690135458F5563C836D6AC9A10, FDEF87A07B4AFCC0C8D230197A5D6E3313A82FCC3A7BE4EDDAF96E1C189213FF ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
15:44:52.0097 0x1ec4  CanonQuickMenu - ok
15:44:52.0111 0x1ec4  [ 5E6F1152C8EB916F7AD666A5B044A99F, 6C0262D7599DF3FE9002DDB9076AF5882BFD9C6E5B0B76CABD0E7A592F719655 ] C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe
15:44:52.0126 0x1ec4  G Data ASM - ok
15:44:52.0418 0x1ec4  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:44:52.0814 0x1ec4  OneDriveSetup - ok
15:44:52.0840 0x1ec4  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
15:44:52.0864 0x1ec4  WAB Migrate - ok
15:44:53.0144 0x1ec4  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:44:53.0436 0x1ec4  OneDriveSetup - ok
15:44:53.0464 0x1ec4  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
15:44:53.0485 0x1ec4  WAB Migrate - ok
15:44:53.0511 0x1ec4  [ 4DBF6B19F88792D89BD5E0DAD593F20C, 5497B08E317921F28756C114EB5534011FA2D44F24AEC4311FF6C802490372ED ] C:\Users\WALTERGMBH\AppData\Local\Microsoft\OneDrive\OneDrive.exe
15:44:53.0550 0x1ec4  OneDrive - ok
15:44:53.0582 0x1ec4  [ 81CCF40404A50684A3CC2331E98F63E7, 08499666899C5CFBB64AD26C2C98681D8EEF900AAA55CE1FD5C175204B6F7EEE ] C:\Users\WALTERGMBH\AppData\Local\WhatsApp\Update.exe
15:44:53.0631 0x1ec4  WhatsApp - ok
15:44:53.0911 0x1ec4  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:44:54.0247 0x1ec4  OneDriveSetup - ok
15:44:54.0306 0x1ec4  [ 00F30FDFDE3E276C1A731C2DF951D67E, 018E6933882FCC41EE96E198E6F7ECEFB53EC650B1044A58876B26EDE011158B ] C:\Users\Backup\AppData\Local\Microsoft\OneDrive\OneDrive.exe
15:44:54.0346 0x1ec4  OneDrive - ok
15:44:54.0362 0x1ec4  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
15:44:54.0381 0x1ec4  WAB Migrate - ok
15:44:54.0709 0x1ec4  [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
15:44:55.0053 0x1ec4  OneDriveSetup - ok
15:44:55.0082 0x1ec4  [ FC7536F076D2F1660AC072E54A86B2F1, B36F3E9976F59EC137F8618C7EDF4ED0B35AC65497CA27D69835048E6E277040 ] C:\Program Files (x86)\Windows Mail\wab.exe
15:44:55.0103 0x1ec4  WAB Migrate - ok
15:44:55.0104 0x1ec4  Waiting for KSN requests completion. In queue: 297
15:44:56.0152 0x1ec4  AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G DATA\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
15:44:56.0155 0x1ec4  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.13.17134.1 ), 0x60100 ( disabled : updated )
15:44:56.0156 0x1ec4  FW detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G DATA\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled )
15:44:56.0450 0x1ec4  ============================================================
15:44:56.0450 0x1ec4  Scan finished
15:44:56.0450 0x1ec4  ============================================================
15:44:56.0459 0x1dc8  Detected object count: 0
15:44:56.0459 0x1dc8  Actual detected object count: 0
         

Alt 30.10.2018, 16:22   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!




adwCleaner v7.x

Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Einstellungen, scrolle nach unten und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Tracing Schlüssel löschen
    • Prefetch-Dateien löschen
    • Proxy wiederherstellen
    • IE-Policies wiederherstellen
    • Chrome-Policies wiederherstellen
    • Winsock wiederherstellen
  • Klicke nun auf Dashboard, dann auf Jetzt scannen und warte bis der Suchlauf abgeschlossen ist.
  • Klicke nun auf Bereinigen & Reparieren und bestätige mit Jetzt bereinigen.
  • WICHTIG:
    Sollte AdwCleaner nichts finden, klicke auf Grundlegende Reparatur ausführen und anschließend auf Jetzt bereinigen.
  • Nach dem Neustart öffnet sich AdwCleaner automatisch. Klicke auf Log-Datei ansehen.
  • Poste mir deren Inhalt der Log-Datei mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt. (xx = fortlaufende Nummer).
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 30.10.2018, 17:53   #14
Twinny2001
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Adwcleaner lok
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-09-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    10-30-2018
# Duration: 00:00:01
# OS:       Windows 10 Pro
# Cleaned:  1
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.
         
Code:
ATTFilter
 Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-09-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-30-2018
# Duration: 00:00:11
# OS:       Windows 10 Pro
# Scanned:  42056
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

PUP.Optional.Legacy             izito.de

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
         
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build:    09-25-2018
# Database: 2018-09-21.1 (Local)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    10-30-2018
# Duration: 00:00:13
# OS:       Windows 10 Pro
# Scanned:  42056
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1256 octets] - [30/10/2018 17:40:33]
AdwCleaner[C00].txt - [1521 octets] - [30/10/2018 17:41:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
         

Alt 30.10.2018, 20:09   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Standard

Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen



Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: Malwarebytes Version 3

Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



2. Schritt: ESET

Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
  • Starte die Installationsdatei.
  • Akzeptiere die Nutzungsbedingungen.
  • Wähle Erkennung evtl. unerwünschter Anwendungen aktivieren aus und klicke auf Scannen.
  • Zuerst werden die notwendigen Signaturen heruntergeladen, anschließend startet ESET automatisch den Suchlauf.
  • Am Ende des Suchlaufs werden gegebenenfalls die gefundenen Elemente aufgelistet.
  • Schließe den ESET Online Scanner rechts oben [ X ] und klicke anschließend auf Schließen.
  • Drücke bitte die Tastenkombination WIN+R zum Ausführen und kopiere folgenden Text in die Zeile und drücke im Anschluss auf OK:
    Code:
    ATTFilter
    notepad "%tmp%\log.txt"
             
  • Kopiere den gesamten Text mittels STRG+A und STRG+C hier in deine Antwort in CODE-Tags



3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen
bitte um hilfe, data, eingefangen, entferne, entfernen, g data, gdata, gefangen, gen, hilfe, konto, nicht, passwörter, sauber, troja, trojaner, trojaner emeka249, windowsapps




Ähnliche Themen: Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen


  1. Win8.1, G-Data findet Trojaner GenericKD.2194715 - kann nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 18.03.2015 (10)
  2. Awesomeph eingefangen und kann ihn nicht entfernen....
    Plagegeister aller Art und deren Bekämpfung - 25.02.2014 (9)
  3. Sers zusammen hab mir leider einen Trojaner auf dem Rechner eingefangen den ich auch nicht genau beschreiben kann
    Log-Analyse und Auswertung - 23.12.2013 (24)
  4. ein Problem gefunden,,hkey data manager toolbar,,kann es nicht löschen
    Log-Analyse und Auswertung - 01.09.2013 (27)
  5. GVU Trojaner eingefangen-kann nicht mehr auf den Desktop zugreifen
    Plagegeister aller Art und deren Bekämpfung - 30.07.2013 (11)
  6. stolen.data virus system 32 xmldm kann nicht entfernt werden
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (23)
  7. 100 eur Trojaner eingefangen...kann offline aber nicht online arbeiten...
    Plagegeister aller Art und deren Bekämpfung - 08.09.2012 (1)
  8. Data Recovery Virus lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (7)
  9. Trojaner, 69482745, Kann nur mehr Verknüpfungen am USB Data Traveler erstellen
    Plagegeister aller Art und deren Bekämpfung - 12.07.2012 (1)
  10. Data Recovery lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 03.02.2012 (3)
  11. G Data Virenfund "printuie.dll" nach Redirect Virus -kann nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 29.01.2012 (4)
  12. Data Restore Virus kann nicht entfernt werden
    Log-Analyse und Auswertung - 21.10.2011 (22)
  13. Trojaner eingefangen, Trojan.win32.buzus.dajg, Kaspersky kann es nicht beseitigen
    Log-Analyse und Auswertung - 03.10.2010 (1)
  14. VundoFix kann Trojaner nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 29.05.2008 (3)
  15. kann den Trojaner nicht entfernen!!! pls help!!!
    Plagegeister aller Art und deren Bekämpfung - 30.10.2007 (2)
  16. Kann 2 Trojaner nicht entfernen Hilfe
    Log-Analyse und Auswertung - 04.06.2005 (4)
  17. Kann Trojaner nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 12.03.2005 (1)

Zum Thema Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen - Hallo mein PC hat sich einen Trojaner eingefangen. GData findet Ihn kann Ihn aber nicht entfernen. Mein Email. Konto ist geknakt worden und Ebey wurde auch schon geentert. Passwörter sind - Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen...
Archiv
Du betrachtest: Trojaner emeka 249 eingefangen G Data kann ihn nicht entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.