| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsamWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.09.2015, 05:01
| #1 |
| |  Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam Hallo, ich bin verzweifelt und hoffe sehr hier Hilfe zu erhalten. Seit Dienstag habe ich ein großes Porblem mit meinem PC. Ich kenne mich mit PCs kaum aus habe aber dennoch die Vermutung das ich einen Virus habe oder die Festplatte kaputt ist. Zum Problem: Die Datenträgerauslastung im Task Manager ist permanent bei 100% und der PC ist so langsam das man ihn praktisch nicht nutzen kann. Ich habe, bevor ich diesen Thread gestartet habe, die Anweisungen befolgt und mit den von euch empfohlenen Programmen Logdateien erstellt. Wichtig: Einen Gmer-Bericht zu erstellen war mir leider nicht möglich da der Rechner mittendrin abgestürzt ist und das anschließende Booten ungelogen 2 Stunden (!) nach mehrmaligem versuchen gedauert hat. Ich habe aber die anderen Logdateien und hoffe sie helfen weiter :-( Ich habe die Festplatte auf Fehler überprüft. Es wurden keine festgestellt. Ich habe McAfee Scnellscan drüberlaufen lassen: kein Virus gefunden. Für einen vollständigen Scan war der Rechner leider wieder zu langsam und es hätte Tage/Wochen gedauert. Hier die Logfiles: Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von Daniel (2015-09-24 22:42:58)
Gestartet von C:\Users\Daniel\Desktop
Windows 10 Home (X64) (2015-07-29 17:36:23)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3290045252-3424657786-848572120-500 - Administrator - Disabled)
Daniel (S-1-5-21-3290045252-3424657786-848572120-1000 - Administrator - Enabled) => C:\Users\Daniel
DefaultAccount (S-1-5-21-3290045252-3424657786-848572120-503 - Limited - Disabled)
Gast (S-1-5-21-3290045252-3424657786-848572120-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3290045252-3424657786-848572120-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.1 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.1 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{DA9FFDE7-5474-DE51-8729-76A31DB5682B}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Astroburn Lite (HKLM-x32\...\Astroburn Lite) (Version: 1.8.0.0182 - Disc Soft Ltd)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
Dxtory version 2.0.127 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.127 - ExKode Co. Ltd.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version: - SEIKO EPSON Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - )
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
FINAL FANTASY XIII (HKLM-x32\...\Steam App 292120) (Version: - SQUARE ENIX)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
FUSSBALL MANAGER 13 (HKLM-x32\...\{80AF0300-866F-400F-A350-D53E3C3E34E0}) (Version: 1.0.4.0 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack 10.0.0 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
MagicYUV Lossless Video Codec version 1.1 (HKLM-x32\...\{90410593-E0EB-4F9B-B984-65BEA8F07B91}_is1) (Version: 1.1 - INNOMAGIC Bt.)
MAGIX Foto Designer 7 (HKLM-x32\...\MAGIX_{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}) (Version: 7.0.1.1 - MAGIX AG)
MAGIX Foto Designer 7 (Version: 7.0.1.1 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B6B4D918-A667-48D2-9AB6-FAF34FB25223}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.4121 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.161 - McAfee, Inc.)
Microsoft Expression Web 4 (HKLM-x32\...\Web_4.0.1460.0) (Version: 4.0.1460.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.465.1 - proDAD GmbH)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.12.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.12.0 - Renesas Electronics Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Sony PC Companion 2.10.251 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.251 - Sony)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 9.0.0.0 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.014 - MSI)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Trust GXT Gaming Headset (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - )
Trust GXT Gaming Headset (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 2.0.01.13 - Trust)
Unity Web Player (HKU\S-1-5-21-3290045252-3424657786-848572120-1000\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Ut Video Codec Suite (HKLM\...\utvideo_is1) (Version: 15.2.0 - UMEZAWA Takeshi)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Winki (HKLM-x32\...\{81CF5153-38CF-41e2-AC3C-3D477C987D96}_is1) (Version: 3.2.126 - MSI)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3290045252-3424657786-848572120-1000_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-170F5F5A3E94}\InprocServer32 -> %%systemroot%%\system32\shell32.dll Keine Datei
CustomCLSID: HKU\S-1-5-21-3290045252-3424657786-848572120-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Wiederherstellungspunkte =========================
09-09-2015 13:07:07 Windows Update
11-09-2015 12:29:16 DirectX wurde installiert
20-09-2015 08:04:36 Geplanter Prüfpunkt
22-09-2015 04:01:20 Camtasia Studio 8 wird entfernt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01D02A45-F3DD-43EA-8BE3-E957A09C4CEC} - \Microsoft\Windows\Setup\GWXTriggers\Time-3xd -> Keine Datei <==== ACHTUNG
Task: {03CF71D3-D2AD-4CEE-8070-2E26393AD3CC} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {0AD464AC-960D-4B17-A7E3-A991FCA4FEDA} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {0CEC1E40-BD1F-4A22-B723-A42E93796902} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {0F3543F2-DE58-4975-9865-FCACF8C3B244} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {107B77E2-0288-413F-AF65-B72757EDFEC6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {16D8FA47-823F-4D48-9F42-F238A8D95683} - System32\Tasks\{896C1BCB-A3AA-4D80-AC1D-E73311EE3822} => D:\Driver\USB\CmDrvRmU.exe
Task: {18F8FEB5-D0A3-4AF2-B053-7A60721154AE} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1BC29554-7EFC-4A33-B53D-577F548F87A4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {1E04F520-04C0-4496-BC9E-4B3FE88FA846} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {26FB93D1-B16A-4261-B478-87FDD73DD0D0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2B514A46-E01E-41B0-B0BC-564B54D88041} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {330C7902-B64E-4916-A02F-E12BD3DAE997} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {4E56B8CF-3A52-4AE1-8EA4-D9693CFB538E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {4EBF3510-EF4D-4A3A-8D46-ED3077CCE6E2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5B6D8C6E-F7C0-47BD-82EB-39B5261A21C7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5B79F223-5600-4E37-868B-A07AAFAAD690} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {68C30FED-1875-4136-BF2B-A066415F3D81} - System32\Tasks\{5AEBB083-66D0-4188-8A98-55DED5109C6A} => C:\Program Files (x86)\T-Mobile\InternetManager_H\Internet Manager.exe
Task: {7B0F9A2B-DBB1-417B-BC0E-9FB6DADB9F68} - System32\Tasks\{39181EFE-83CC-4966-8021-BCB6A8223EEF} => C:\Program Files (x86)\Aspyr\Star Wars The Force Unleashed\SWTFU Launcher.exe
Task: {819F4BC5-A441-43AF-9922-CC46BF16CF6C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {8E36BFCE-D687-462F-B4BC-4E103FB33EC7} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {8EE3FAEF-99FC-4170-AC20-7DB0D89BEB92} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {92B9EE41-FEF0-4337-86BB-6EBF24EF9A02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {9429FDDE-5804-497B-ABC5-B54D3C8B68B3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9511C7F6-8B85-449B-B200-1F895B5032F0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {99AEC417-C468-4387-BFD9-C01560327DCA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {A26692E1-C809-4D4C-BBB1-E018D9FDE85A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {A7A42C3B-1E96-44B3-BC61-89304BC44EDB} - System32\Tasks\{86FED63A-7419-4FB4-8598-6531F225CE53} => pcalua.exe -a C:\Users\Daniel\Desktop\GTAIV_TU5.exe -d C:\Users\Daniel\Desktop
Task: {B23D5CEE-7026-4407-8CC0-97C67E5983D8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {B372339B-C720-4D6F-9046-7B515D632C4A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {B4AE252C-87C2-4A1B-B964-2669F6993774} - System32\Tasks\{57FF362F-D869-49CF-8A86-33A2ACB3701B} => C:\Program Files (x86)\Mass Effect\MassEffectLauncher.exe
Task: {B653080C-CD19-4E55-B5A6-A0A582057486} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {B9B87874-3F93-4AE8-887D-699B43F6C092} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-daniel.blumberg@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated)
Task: {C3715D10-8E88-470D-9B46-FFF0A4269AD8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C52774E4-FCD7-4931-80C8-8C8863B1305B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CF81A715-72C0-412F-A591-5609AE62B7B4} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D2F6270C-444D-4192-BF02-5A635EB48976} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {DE5E067E-5CAC-42A8-B8D9-87DBD2C7E313} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {EE35B613-E8E0-431B-8D4A-26D8750B49F8} - System32\Tasks\{A21E56D4-E5D5-4B6B-ACB3-CAD5E554F166} => D:\Setup.exe
Task: {EEA520E2-3EE7-4303-8243-7665C8B83240} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {F2EECCF6-411A-45DC-9E62-A43C712A89B7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F414D98A-790B-45F3-9ED1-95B54C3A638B} - System32\Tasks\{639E8D91-B320-4FA2-B163-9FC4D1807C92} => C:\Program Files (x86)\Mass Effect\MassEffectLauncher.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-29 20:01 - 2015-07-29 20:01 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 17:38 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-28 22:45 - 2015-07-28 22:45 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-08-29 11:26 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 11:26 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-12 12:34 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 17:38 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 12:34 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-08-03 15:59 - 2015-08-03 15:59 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-08-19 17:38 - 2015-08-11 11:10 - 00293376 _____ () C:\WINDOWS\SYSTEM32\textinputframework.dll
2015-03-29 12:29 - 2015-03-29 12:29 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-07-22 15:32 - 2015-07-22 15:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-09-22 02:51 - 2015-09-19 00:13 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libglesv2.dll
2015-09-22 02:51 - 2015-09-19 00:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\0c0755adde552fb7ac6db5bb33:Win32App
AlternateDataStreams: C:\1464926e2d0f8d8f0c03a8f07b:Win32App
AlternateDataStreams: C:\3dc5cf3ae27a35ab3bbf2eaa7807:Win32App
AlternateDataStreams: C:\3e94fee5040caf58dfaed29561bf6b:Win32App
AlternateDataStreams: C:\5fe2d935482ad67561aba9e5f1f20b91:Win32App
AlternateDataStreams: C:\713c7990491c6178d504:Win32App
AlternateDataStreams: C:\737c0df51a666679a5e716d6:Win32App
AlternateDataStreams: C:\7da3071c344592fe1ee34caec404:Win32App
AlternateDataStreams: C:\a391f7ef64caeec4f7a346d5:Win32App
AlternateDataStreams: C:\a9029ce0333f022f1558:Win32App
AlternateDataStreams: C:\b7807027b5804b4fc79a9127e30e8793:Win32App
AlternateDataStreams: C:\ba2dc272ccbee51de7ef05:Win32App
AlternateDataStreams: C:\de54bf7a44920f2bdbf6926ad7ff9b:Win32App
AlternateDataStreams: C:\winki:Win32App
AlternateDataStreams: C:\Program Files\AMD:Win32App
AlternateDataStreams: C:\Program Files\ATI Technologies:Win32App
AlternateDataStreams: C:\Program Files\McAfee:Win32App
AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
AlternateDataStreams: C:\Program Files\proDAD:Win32App
AlternateDataStreams: C:\Program Files\TeamSpeak 3 Client:Win32App
AlternateDataStreams: C:\Program Files\utvideo:Win32App
AlternateDataStreams: C:\Program Files\WinRAR:Win32App
AlternateDataStreams: C:\Program Files (x86)\AC3Filter:Win32App
AlternateDataStreams: C:\Program Files (x86)\AMD:Win32App
AlternateDataStreams: C:\Program Files (x86)\AMD APP:Win32App
AlternateDataStreams: C:\Program Files (x86)\ATI Technologies:Win32App
AlternateDataStreams: C:\Program Files (x86)\Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\Ffmpeg For Audacity:Win32App
AlternateDataStreams: C:\Program Files (x86)\FileZilla FTP Client:Win32App
AlternateDataStreams: C:\Program Files (x86)\K-Lite Codec Pack:Win32App
AlternateDataStreams: C:\Program Files (x86)\MagicYUV:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft Expression:Win32App
AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
AlternateDataStreams: C:\Program Files (x86)\MSXML 4.0:Win32App
AlternateDataStreams: C:\Program Files (x86)\OpenOffice.org 3:Win32App
AlternateDataStreams: C:\Program Files (x86)\Origin:Win32App
AlternateDataStreams: C:\Program Files (x86)\QuickTime:Win32App
AlternateDataStreams: C:\Program Files (x86)\Trust GXT Gaming Headset:Win32App
AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App
AlternateDataStreams: C:\WINDOWS\SysWOW64:Win32App
AlternateDataStreams: C:\ProgramData\MAGIX:Win32App
AlternateDataStreams: C:\Users\Daniel\AppData\Local\JDownloader v2.0:Win32App
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\New-Star-Wars-1920x1080.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: Facebook Update => "C:\Users\Daniel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk"
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{8BB32414-22B0-42F9-87FA-C600477CAE2A}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{7FA290FF-76B0-45F4-BA28-F4C387CCDC97}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0A269937-A588-41B1-89CE-FAD43EF9D2B7}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{56D266B9-92B6-4194-B08D-CBAF2C8CDEB4}] => (Allow) C:\Games\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{ACA25A2F-98CB-4C81-82EE-12C12E1F9D01}] => (Allow) C:\Program Files (x86)\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{90826C90-5496-4404-B260-0F4E61C4E0B5}] => (Allow) C:\Users\Daniel\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{D835A564-FC0C-49A0-B3B2-36ECA18F9A1A}] => (Allow) C:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{2EAA7623-4ED1-4EF7-AC34-0F8DD15B8246}] => (Allow) C:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{B4522B06-0D7B-4CE1-8C42-378944E2C631}] => (Allow) C:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{242F7449-D839-4C7C-A68B-80B15C6C35C8}] => (Allow) C:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{8268CBAE-084A-432E-A472-CCB2D91A2A9F}] => (Allow) C:\Program Files (x86)\Warframe\Downloaded\Public\Tools\RemoteCrashSender.exe
FirewallRules: [{A3F8283A-0DFC-46B1-B6B3-60AB3131F772}] => (Allow) C:\Users\Daniel\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe
FirewallRules: [{83CC8F61-4C88-4557-A6BC-30D0B4212872}] => (Allow) C:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{60E3BB8A-461B-4416-A5DB-05B98F19C078}] => (Allow) C:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{4D60BB19-E6BE-407B-9710-81FFA6D2E4FB}] => (Allow) C:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.x64.exe
FirewallRules: [{D47E8992-3A30-4269-A9B7-624845A61E61}] => (Allow) C:\Program Files (x86)\Warframe\Downloaded\Public\Warframe.exe
FirewallRules: [{793E9647-FEEA-483C-AFED-ABF776A474A4}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{7ADFBB91-481D-4E12-AFFF-48166C22341B}] => (Allow) C:\Program Files\Rockstar Games\Grand Theft Auto V\GTA5.exe
FirewallRules: [{0E1A7ABE-5A2A-4B16-B1CB-1E331957AF57}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{748009C7-402A-4AFC-BB51-83FBF7BFD0DF}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{EC436F28-395D-4E23-B4FC-ED4374D3B4E9}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{FEE96E08-BD65-4881-9EEB-BC4BA332731D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{6F6A659D-DCF8-4460-A9D4-8A860D19A79E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{4F9ECF1F-7367-4E9F-846C-5A1901F029A0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [UDP Query User{FAA1FAD4-3292-46EA-8D8B-967E2EEC377A}C:\program files (x86)\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2015\pes2015.exe
FirewallRules: [TCP Query User{4164E278-3EE2-4E19-A6EA-25CDA5AC0BE2}C:\program files (x86)\pro evolution soccer 2015\pes2015.exe] => (Allow) C:\program files (x86)\pro evolution soccer 2015\pes2015.exe
FirewallRules: [{0387CE19-EA89-4515-BD27-06389FC148BB}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{B73E6719-43B5-42C3-BE33-869637A69C08}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{BE7763D4-1F63-4382-811E-A61CC4DDCA76}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{D0F5BB53-21F6-4259-BEE2-DBA43B354265}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{86C14710-832F-4D7F-BFF7-7732B757D86D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{05E01BCC-0A5D-4456-8918-4F5C2CBD9E14}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E6F8195-3C5C-4505-BC07-B68E9DB2426F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B4A16793-DF20-494C-BE7A-DF9681DE08D0}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [UDP Query User{0BFE05D4-2952-4E9F-8274-6E0880A67207}C:\program files (x86)\arma iii\arma3.exe] => (Allow) C:\program files (x86)\arma iii\arma3.exe
FirewallRules: [TCP Query User{11049CDF-0C7F-4FD3-A419-97C0A3A132BA}C:\program files (x86)\arma iii\arma3.exe] => (Allow) C:\program files (x86)\arma iii\arma3.exe
FirewallRules: [UDP Query User{82916218-0049-434C-962D-AD71901FC20E}C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe
FirewallRules: [TCP Query User{B1B89488-9831-472E-99A6-AF85547B7AE8}C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe
FirewallRules: [{641C44DF-396F-40A2-B21E-7D3599B77F8F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [UDP Query User{59EE68FE-0C3D-4B11-9532-34726CAB8720}C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe
FirewallRules: [TCP Query User{83589CDA-5BE1-42F7-A8E5-E5E22D5F5008}C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe] => (Allow) C:\program files (x86)\konami\pro evolution soccer 2014\pes2014.exe
FirewallRules: [{DAE7D97B-4D8A-4514-87EF-F44E7BD2F893}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{84B1BDB0-F5CD-48BF-8728-0A7589C2AF6C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{B1F91F36-4C4E-4A4F-B6EB-97FB0A5833D9}C:\users\daniel\desktop\leechftp.exe] => (Allow) C:\users\daniel\desktop\leechftp.exe
FirewallRules: [TCP Query User{397D690A-1B22-452E-9BAA-8D488D121F8C}C:\users\daniel\desktop\leechftp.exe] => (Allow) C:\users\daniel\desktop\leechftp.exe
FirewallRules: [UDP Query User{C662AD77-FF16-4759-ACDE-FB9A10AF40AD}C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe
FirewallRules: [TCP Query User{92B5C138-BB80-47BB-AA40-3FE7FD86FC30}C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe] => (Allow) C:\users\public\games\cryptic studios\star trek online\live\gameclient.exe
FirewallRules: [{49CA7979-B218-4558-8960-65D8AB1B15F1}] => (Allow) LPort=1900
FirewallRules: [{F71B24F1-B013-49EC-B0B5-E43D50AC7968}] => (Allow) LPort=2869
FirewallRules: [{EDF53615-11E3-4281-BE15-DF4C494F7C50}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{94AA646F-349F-4D65-A857-0D9B449DBB54}] => (Allow) C:\Program Files (x86)\Origin Games\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{F6904F80-423F-4910-A36D-D3045B30BA63}] => (Allow) C:\Program Files (x86)\Origin Games\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{6323BC8C-8CC3-4B8F-A9AC-503E1075E948}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{BBCCBA59-BFFD-42A5-9F1A-C0AAD591C1FB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FINAL FANTASY XIII\FFXiiiLauncher.exe
FirewallRules: [{A1BA0DFE-44D5-42CD-9A50-FF7BED6EF9DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{BF8CCAB3-83C7-4511-B333-1DC1780EF7F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{378725FF-C70A-4C50-A21F-469159C04CDC}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{CC4119B2-08B5-4BDB-91FC-9A01984B4E93}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA Manager 13\Manager13.exe
FirewallRules: [{D6D1907A-9C78-4C64-BCAE-FE26362AE8FD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/24/2015 09:39:43 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/23/2015 11:30:06 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/23/2015 07:06:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/23/2015 05:24:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/23/2015 05:16:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/22/2015 06:35:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DANIEL-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/22/2015 04:01:26 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (09/21/2015 07:16:53 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8088) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (09/21/2015 07:16:53 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (8088) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (09/21/2015 07:16:43 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (8088) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Systemfehler:
=============
Error: (09/24/2015 07:02:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Geräteinstallations-Manager" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (09/24/2015 07:02:36 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst DsmSvc erreicht.
Error: (09/24/2015 07:02:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (09/24/2015 07:00:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (09/24/2015 06:59:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (09/24/2015 06:57:19 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Die Initialisierung des Speicherabbildes ist fehlgeschlagen.
Error: (09/24/2015 06:59:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.09.2015 um 09:12:16 unerwartet heruntergefahren.
Error: (09/24/2015 09:39:43 AM) (Source: DCOM) (EventID: 10010) (User: DANIEL-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
Error: (09/24/2015 09:39:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/24/2015 09:39:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-09-11 20:04:58.354
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-09-11 20:04:58.221
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-09-11 20:03:04.138
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-09-11 20:03:04.014
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-23 08:35:13.735
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-23 08:35:13.460
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-23 08:34:14.089
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-23 08:34:13.788
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-15 14:19:37.091
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2015-08-15 14:19:36.844
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD Phenom(tm) II X4 965 Processor
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8156.2 MB
Verfügbarer physikalischer RAM: 5573.78 MB
Summe virtueller Speicher: 8556.2 MB
Verfügbarer virtueller Speicher: 5639.88 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:930.97 GB) (Free:623.44 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E4D43C21)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
==================== Ende von Addition.txt ============================
defogger_disable Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:35 on 24/09/2015 (Daniel)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von Daniel (Administrator) auf DANIEL-PC (24-09-2015 22:37:09)
Gestartet von C:\Users\Daniel\Desktop
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6208.42001.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6208.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [Cm108Sound] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502328 2012-10-23] (MSI)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\...\Policies\Explorer: [NoControlPanel] 0
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk [2015-08-27]
ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5390e291-ca48-44c4-ad1a-ec3232c359c7}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-3290045252-3424657786-848572120-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=MSD2&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EzyyD0AyEyEtDyC0EtDtDtN0D0Tzu0CyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=912537331&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=MSD2&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EzyyD0AyEyEtDyC0EtDtDtN0D0Tzu0CyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=912537331&ir=
SearchScopes: HKU\S-1-5-21-3290045252-3424657786-848572120-1000 -> DefaultScope {0B85846D-AD30-4ED0-9B5F-DC06749E9256} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE544D20140623&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3290045252-3424657786-848572120-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=MSD2&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EzyyD0AyEyEtDyC0EtDtDtN0D0Tzu0CyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=912537331&ir=
SearchScopes: HKU\S-1-5-21-3290045252-3424657786-848572120-1000 -> {0B85846D-AD30-4ED0-9B5F-DC06749E9256} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE544D20140623&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3290045252-3424657786-848572120-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CE1FD43D7E95A440&affID=121565&tt=080913_ctrl&tsp=5000
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-26] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Keine Datei
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2015-08-21] (McAfee, Inc.)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-08] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-26] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3290045252-3424657786-848572120-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-09-18]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-06-23]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://start.mysearchdial.com/?f=1&a=MSD2&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EzyyD0AyEyEtDyC0EtDtDtN0D0Tzu0CyBzztBtN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=912537331&ir="
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Trend Micro Titanium) - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll => Keine Datei
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-05-03]
CHR Extension: (Nordic Forest) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\amekpplpfocpmaimnmgfjoibodpjedie [2015-07-30]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-03]
CHR Extension: (Web Developer) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-09-15]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-03]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-03]
CHR Extension: (SiteAdvisor) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-06-23]
CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
CHR Extension: (AdBlock) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-05-03]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-03]
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Präsentationen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-10]
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-10]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-10]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-10]
CHR Extension: (Google-Suche) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-10]
CHR Extension: (Google Tabellen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-10]
CHR Extension: (SiteAdvisor) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-04-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-10]
CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-10]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <kein Path/update_url>
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-18]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - <kein Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-09-18]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-28] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-05-31] () [Datei ist nicht signiert]
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-12-08] (BitRaider, LLC)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-09-15] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [1694152 2015-07-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MSI)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-06] (Electronic Arts)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-29] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2015-07-25] (BitRaider)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-08-08] (DT Soft Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-09-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-29] (Microsoft Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
S4 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105744 2012-05-02] (Trend Micro Inc.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-24 22:37 - 2015-09-24 22:41 - 00026571 _____ C:\Users\Daniel\Desktop\FRST.txt
2015-09-24 22:36 - 2015-09-24 22:38 - 00000000 ____D C:\FRST
2015-09-24 22:35 - 2015-09-24 22:36 - 02192384 _____ (Farbar) C:\Users\Daniel\Desktop\FRST64.exe
2015-09-24 22:34 - 2015-09-24 22:35 - 00000474 _____ C:\Users\Daniel\Desktop\defogger_disable.log
2015-09-24 22:34 - 2015-09-24 22:34 - 00000168 _____ C:\Users\Daniel\defogger_reenable
2015-09-24 22:33 - 2015-09-24 22:33 - 00050477 _____ C:\Users\Daniel\Desktop\Defogger.exe
2015-09-24 21:31 - 2015-09-24 21:31 - 00016148 _____ C:\WINDOWS\system32\DANIEL-PC_Daniel_HistoryPrediction.bin
2015-09-24 20:02 - 2015-09-24 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-09-23 21:54 - 2015-09-23 21:55 - 00008943 _____ C:\Users\Daniel\Documents\Install STAR WARS The Old Republic.log
2015-09-14 20:25 - 2015-09-21 04:43 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2015-09-11 13:20 - 2015-09-11 13:20 - 00000000 ____D C:\Users\Daniel\Documents\BioWare
2015-09-10 08:11 - 2015-09-10 08:14 - 00000000 ____D C:\Users\Daniel\Documents\Fussball Manager 13
2015-09-10 08:09 - 2015-09-10 08:49 - 00002228 _____ C:\Users\Daniel\Desktop\FUSSBALL MANAGER 15-16.lnk
2015-09-10 08:09 - 2015-09-10 08:09 - 00000000 ____D C:\Users\Daniel\Documents\FUSSBALL MANAGER 14
2015-09-10 07:58 - 2015-09-10 07:58 - 00001293 _____ C:\Users\Public\Desktop\FUSSBALL MANAGER 13.lnk
2015-09-09 04:20 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-09 04:20 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-09 04:20 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-09 04:20 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 04:20 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 04:20 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-09 04:20 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 04:20 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 04:20 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 04:20 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 04:20 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 04:20 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 04:20 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 04:20 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 04:20 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 04:20 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 04:20 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 04:20 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-09 04:20 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 04:20 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 04:20 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 04:20 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 04:20 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 04:20 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-09 04:20 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 04:20 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 04:20 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 04:20 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 04:20 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 04:20 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 04:20 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 04:20 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-29 11:26 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-29 11:26 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-08-29 11:26 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-08-29 11:26 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-08-29 11:26 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-08-29 11:26 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-08-29 11:26 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-29 11:26 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 11:26 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-08-29 11:26 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-08-29 11:26 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-08-29 11:26 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-08-29 11:26 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-08-29 11:26 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-08-29 11:26 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-08-29 11:26 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-08-29 11:26 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-08-29 11:26 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-08-29 11:26 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-08-29 11:26 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-08-29 11:26 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-08-29 11:26 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-08-29 11:26 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-08-29 11:26 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-08-29 11:26 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-08-29 11:26 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-08-29 11:26 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-08-29 11:26 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-08-29 11:26 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-08-29 11:26 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-08-29 11:26 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-08-29 11:26 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-08-29 11:26 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-08-29 11:26 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-08-29 11:26 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-08-29 11:26 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-08-29 11:26 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-08-29 11:26 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-08-29 11:26 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-08-29 11:26 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-08-29 11:26 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-08-27 14:39 - 2015-08-27 14:39 - 00001713 _____ C:\Users\Public\Desktop\Logitech Webcam Software .lnk
2015-08-27 14:39 - 2015-08-27 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-08-27 12:27 - 2015-08-27 13:24 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\GHISLER
2015-08-27 11:54 - 2015-08-27 11:54 - 00000000 ____D C:\Users\Daniel\licman
2015-08-27 11:54 - 2015-08-27 11:54 - 00000000 ____D C:\Users\Daniel\EREnt64
2015-08-27 11:51 - 2015-08-27 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ontrack EasyRecovery Enterprise
2015-08-27 11:51 - 2015-08-27 13:24 - 00000000 ____D C:\Program Files (x86)\Kroll Ontrack
2015-08-25 09:00 - 2015-08-25 09:00 - 00003670 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-daniel.blumberg@outlook.com
2015-08-25 06:45 - 2015-08-25 06:45 - 00001847 _____ C:\Users\Daniel\Desktop\Adobe Premiere Pro.lnk
2015-08-25 06:18 - 2015-08-25 06:18 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.lnk
2015-08-25 05:59 - 2015-08-25 05:59 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2015-08-25 05:58 - 2015-08-25 06:18 - 00000000 ____D C:\Program Files\Adobe
2015-08-25 05:57 - 2015-08-25 06:18 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-25 05:35 - 2015-08-27 17:28 - 00000000 ___RD C:\Users\Daniel\Creative Cloud Files
2015-08-25 05:34 - 2015-09-24 19:00 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-08-25 05:34 - 2015-08-25 05:34 - 00001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-08-25 05:34 - 2015-08-25 05:34 - 00001286 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2015-08-25 03:43 - 2015-08-27 14:39 - 00000585 _____ C:\WINDOWS\setupact.log
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\Program Files (x86)\Trust GXT Gaming Headset
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\de54bf7a44920f2bdbf6926ad7ff9b
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\ba2dc272ccbee51de7ef05
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\b7807027b5804b4fc79a9127e30e8793
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\a9029ce0333f022f1558
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\a391f7ef64caeec4f7a346d5
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\7da3071c344592fe1ee34caec404
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\737c0df51a666679a5e716d6
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\713c7990491c6178d504
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\5fe2d935482ad67561aba9e5f1f20b91
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\3e94fee5040caf58dfaed29561bf6b
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\3dc5cf3ae27a35ab3bbf2eaa7807
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\1464926e2d0f8d8f0c03a8f07b
2015-08-25 00:54 - 2015-08-25 00:54 - 00000000 _____ C:\0c0755adde552fb7ac6db5bb33
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-24 22:34 - 2015-07-29 19:13 - 00000000 ____D C:\Users\Daniel
2015-09-24 22:02 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-24 21:50 - 2013-05-03 15:18 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-24 21:01 - 2015-08-01 04:07 - 00006658 _____ C:\WINDOWS\system32\lvcoinst.log
2015-09-24 20:59 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-24 19:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-24 19:04 - 2015-07-29 19:12 - 02075858 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-24 19:04 - 2015-07-10 18:34 - 00883662 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-24 19:04 - 2015-07-10 18:34 - 00195796 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-24 19:02 - 2013-05-03 15:18 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-24 18:59 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-24 18:58 - 2015-07-29 19:06 - 00030868 _____ C:\WINDOWS\PFRO.log
2015-09-24 02:00 - 2013-05-31 12:30 - 00000000 ____D C:\Users\Daniel\AppData\Local\Adobe
2015-09-23 22:54 - 2013-05-31 23:53 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\vlc
2015-09-23 22:37 - 2013-10-09 05:03 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Audacity
2015-09-23 21:55 - 2015-07-23 20:34 - 00000000 _____ C:\end
2015-09-23 05:24 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-09-23 05:10 - 2014-06-23 13:34 - 00000000 ____D C:\Program Files (x86)\McAfee
2015-09-22 18:35 - 2015-07-29 19:40 - 00000000 ____D C:\Users\Daniel\OneDrive
2015-09-22 17:05 - 2013-05-03 20:00 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-09-22 04:02 - 2013-05-03 15:45 - 00000000 ____D C:\ProgramData\Skype
2015-09-21 20:59 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-20 06:12 - 2015-07-29 19:40 - 00002396 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-20 06:12 - 2013-07-02 05:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\CrashDumps
2015-09-20 00:02 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-16 10:55 - 2015-07-29 19:36 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2015-09-15 12:11 - 2013-05-03 15:45 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Skype
2015-09-15 01:45 - 2013-05-03 15:18 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 01:45 - 2013-05-03 15:18 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-14 20:27 - 2014-06-23 13:26 - 00000000 ____D C:\ProgramData\McAfee
2015-09-14 20:26 - 2014-06-23 13:26 - 00000000 ____D C:\Program Files\Common Files\McAfee
2015-09-13 18:28 - 2014-04-15 10:37 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2015-09-13 15:40 - 2014-06-01 00:16 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\TS3Client
2015-09-12 07:26 - 2015-06-08 07:15 - 00024005 _____ C:\Users\Daniel\Desktop\tags.odt
2015-09-12 07:09 - 2014-12-30 06:11 - 00000000 ____D C:\Users\Daniel\Desktop\Sonstiges
2015-09-11 16:26 - 2013-10-05 23:09 - 00000000 ____D C:\Users\Daniel\Documents\Camtasia Studio
2015-09-11 13:43 - 2015-07-10 14:20 - 05058568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 13:42 - 2013-07-15 11:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-11 13:42 - 2013-07-15 11:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-11 13:41 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 13:41 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-11 13:28 - 2013-05-03 19:58 - 00000000 ____D C:\ProgramData\Origin
2015-09-11 12:30 - 2013-05-03 16:15 - 00455717 _____ C:\WINDOWS\DirectX.log
2015-09-11 01:06 - 2013-05-03 15:18 - 00000000 ____D C:\Users\Daniel\AppData\Local\Google
2015-09-10 14:10 - 2013-07-15 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-10 06:08 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-10 01:00 - 2013-12-19 05:48 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-09 13:13 - 2013-08-15 08:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 19:11 - 2013-05-03 19:58 - 00000000 ____D C:\Program Files (x86)\Origin
2015-09-06 17:25 - 2014-02-21 12:41 - 00000000 ____D C:\Users\Daniel\AppData\Local\JDownloader v2.0
2015-09-05 18:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-05 01:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-08-29 12:25 - 2013-05-03 19:33 - 00000000 ____D C:\Fraps
2015-08-29 12:13 - 2013-08-31 16:24 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\dvdcss
2015-08-27 14:39 - 2015-08-01 04:16 - 00060658 _____ C:\WINDOWS\LDPINST.LOG
2015-08-27 14:39 - 2015-08-01 04:16 - 00000000 ____D C:\Program Files (x86)\Logitech
2015-08-27 13:25 - 2013-05-03 19:31 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-08-27 09:30 - 2015-08-01 04:07 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-08-27 09:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2015-08-27 09:30 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-08-27 09:30 - 2013-05-03 15:20 - 00000000 ___HD C:\SuperChargerProfile
2015-08-27 09:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\registration
2015-08-26 18:37 - 2013-05-03 17:23 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-25 08:45 - 2015-07-30 06:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2015-08-25 06:18 - 2013-05-03 17:44 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Adobe
2015-08-25 06:05 - 2014-08-03 09:25 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-08-25 05:57 - 2015-07-29 19:10 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-25 05:35 - 2014-08-01 04:32 - 00000000 ___RD C:\Users\Daniel\Creative Cloud Files (1)
2015-08-25 05:35 - 2013-05-03 19:27 - 00000000 ____D C:\ProgramData\Adobe
2015-08-25 05:34 - 2015-05-08 12:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-25 01:52 - 2014-08-31 17:00 - 00000000 ____D C:\Program Files\OBS
2015-08-25 01:52 - 2014-08-31 17:00 - 00000000 ____D C:\Program Files (x86)\OBS
2015-08-25 01:50 - 2015-05-01 01:31 - 00000000 ____D C:\Users\Daniel\Documents\Rockstar Games
2015-08-25 01:50 - 2015-04-30 23:46 - 00000000 ____D C:\Program Files\Rockstar Games
2015-08-25 01:50 - 2013-05-11 21:20 - 00000000 ____D C:\Users\Daniel\AppData\Local\Rockstar Games
2015-08-25 01:50 - 2013-05-03 15:18 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-25 01:41 - 2014-07-29 00:10 - 00007605 _____ C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
2015-08-25 00:54 - 2015-05-01 01:30 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-08-29 05:16 - 2008-05-07 12:54 - 0043586 _____ () C:\Program Files (x86)\DDLanguage.xml
2013-08-29 05:18 - 2008-05-15 11:42 - 0389120 _____ (Electronic Arts) C:\Program Files (x86)\setup.exe
2013-08-29 05:18 - 2008-05-16 09:33 - 0000085 _____ () C:\Program Files (x86)\setup.ini
2015-08-25 00:54 - 2015-08-25 00:54 - 0000000 _____ () C:\Program Files (x86)\Trust GXT Gaming Headset
2015-08-25 00:54 - 2015-08-25 00:54 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD
2014-07-29 01:15 - 2014-07-29 02:35 - 0001442 _____ () C:\Users\Daniel\AppData\Roaming\BreakingPoint_Options.ini
2013-05-18 16:42 - 2013-05-18 16:42 - 0000046 _____ () C:\Users\Daniel\AppData\Roaming\Camdata.ini
2013-05-18 16:42 - 2013-05-18 16:42 - 0000408 _____ () C:\Users\Daniel\AppData\Roaming\CamLayout.ini
2013-05-18 16:42 - 2013-05-18 16:42 - 0000408 _____ () C:\Users\Daniel\AppData\Roaming\CamShapes.ini
2013-05-18 16:42 - 2013-05-18 16:42 - 0004510 _____ () C:\Users\Daniel\AppData\Roaming\CamStudio.cfg
2014-02-21 12:41 - 2014-02-21 12:41 - 0000047 _____ () C:\Users\Daniel\AppData\Roaming\WB.CFG
2013-12-23 07:26 - 2014-04-09 08:34 - 0005120 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-05-03 15:24 - 2013-05-03 15:24 - 0000036 _____ () C:\Users\Daniel\AppData\Local\housecall.guid.cache
2015-04-04 08:49 - 2015-04-04 08:49 - 28579392 _____ (Sony Mobile Communications ) C:\Users\Daniel\AppData\Local\pcc.exe
2014-07-29 00:10 - 2015-08-25 01:41 - 0007605 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
2015-07-29 19:10 - 2015-07-29 19:10 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\proxy_vole1567800462510171404.dll
C:\Users\Daniel\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Daniel\AppData\Local\Temp\tmp4117.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-21 07:27
==================== Ende von FRST.txt ============================
Eine Frage habe ich: Ist es möglich den Virus (falls es einer ist) per Systemwiederherstellung loszuwerden? Besitze mehrere Wiederherstellungspunkte und würde den 20.09.2015 nehmen. Geändert von Daniel300 (25.09.2015 um 01:32 Uhr) |
|
25.09.2015, 06:07
| #2 |
| /// the machine /// TB-Ausbilder    | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
25.09.2015, 09:21
| #3 |
| | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam mbar.exe hat keine Malware gefunden:
__________________Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.09.24.05
rootkit: v2015.09.22.01
Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16431
Daniel :: DANIEL-PC [administrator]
25.09.2015 07:28:20
mbar-log-2015-09-25 (07-28-20).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 420818
Time elapsed: 1 hour(s), 36 minute(s), 12 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 09:08:06.0076 0x1e6c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
09:08:11.0673 0x1e6c ============================================================
09:08:11.0673 0x1e6c Current date / time: 2015/09/25 09:08:11.0673
09:08:11.0673 0x1e6c SystemInfo:
09:08:11.0673 0x1e6c
09:08:11.0673 0x1e6c OS Version: 10.0.10240 ServicePack: 0.0
09:08:11.0673 0x1e6c Product type: Workstation
09:08:11.0673 0x1e6c ComputerName: DANIEL-PC
09:08:11.0673 0x1e6c UserName: Daniel
09:08:11.0673 0x1e6c Windows directory: C:\WINDOWS
09:08:11.0673 0x1e6c System windows directory: C:\WINDOWS
09:08:11.0673 0x1e6c Running under WOW64
09:08:11.0673 0x1e6c Processor architecture: Intel x64
09:08:11.0673 0x1e6c Number of processors: 4
09:08:11.0673 0x1e6c Page size: 0x1000
09:08:11.0673 0x1e6c Boot type: Normal boot
09:08:11.0673 0x1e6c ============================================================
09:08:12.0007 0x1e6c KLMD registered as C:\WINDOWS\system32\drivers\68594133.sys
09:08:12.0574 0x1e6c System UUID: {7E4B34DB-5D9D-5568-A2BE-EA0FDC84C3A8}
09:08:13.0253 0x1e6c Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:08:13.0265 0x1e6c ============================================================
09:08:13.0265 0x1e6c \Device\Harddisk0\DR0:
09:08:13.0265 0x1e6c MBR partitions:
09:08:13.0265 0x1e6c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:08:13.0265 0x1e6c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x745F2800
09:08:13.0265 0x1e6c ============================================================
09:08:13.0286 0x1e6c C: <-> \Device\Harddisk0\DR0\Partition2
09:08:13.0286 0x1e6c ============================================================
09:08:13.0286 0x1e6c Initialize success
09:08:13.0286 0x1e6c ============================================================
09:09:40.0775 0x1d28 ============================================================
09:09:40.0775 0x1d28 Scan started
09:09:40.0775 0x1d28 Mode: Manual; SigCheck; TDLFS;
09:09:40.0775 0x1d28 ============================================================
09:09:40.0775 0x1d28 KSN ping started
09:09:43.0622 0x1d28 KSN ping finished: true
09:11:39.0137 0x1d28 ================ Scan system memory ========================
09:11:39.0137 0x1d28 System memory - ok
09:11:39.0137 0x1d28 ================ Scan services =============================
09:11:42.0116 0x1d28 0061951443143649mcinstcleanup - ok
09:11:51.0848 0x1d28 [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
09:11:52.0281 0x1d28 1394ohci - ok
09:11:52.0347 0x1d28 [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
09:11:52.0361 0x1d28 3ware - ok
09:11:52.0821 0x1d28 [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
09:11:52.0838 0x1d28 acedrv11 - ok
09:11:52.0909 0x1d28 [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
09:11:52.0935 0x1d28 ACPI - ok
09:11:52.0984 0x1d28 [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
09:11:52.0998 0x1d28 acpiex - ok
09:11:53.0062 0x1d28 [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
09:11:53.0923 0x1d28 acpipagr - ok
09:11:54.0332 0x1d28 [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
09:11:54.0743 0x1d28 AcpiPmi - ok
09:11:55.0157 0x1d28 [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
09:11:55.0578 0x1d28 acpitime - ok
09:11:58.0225 0x1d28 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:11:58.0235 0x1d28 AdobeARMservice - ok
09:11:59.0864 0x1d28 [ 0F6A17DC2DA7CFF449C9293CB772DAD5, 74A88837F8BBD0B6A17E863FAC7B9DAA36968DAF0032EA349D0B39BC11531E91 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
09:11:59.0885 0x1d28 AdobeUpdateService - ok
09:12:00.0114 0x1d28 [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:12:00.0215 0x1d28 ADP80XX - ok
09:12:00.0607 0x1d28 [ 6C12C7E01A4F64E0AA9C88AF66955CC9, 81A413702909341F8694823EC83FBA0089523D7EC927B80E55E0779BB83AD263 ] AFD C:\WINDOWS\system32\drivers\afd.sys
09:12:00.0631 0x1d28 AFD - ok
09:12:01.0023 0x1d28 [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
09:12:01.0035 0x1d28 agp440 - ok
09:12:01.0433 0x1d28 [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:12:01.0509 0x1d28 ahcache - ok
09:12:01.0665 0x1d28 [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
09:12:02.0087 0x1d28 AJRouter - ok
09:12:02.0603 0x1d28 [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG C:\WINDOWS\System32\alg.exe
09:12:02.0692 0x1d28 ALG - ok
09:12:03.0179 0x1d28 [ 2BBFB2F7BE3623E93D5EEF17EBE9AEE4, E75FF46701A041526AE204C7439692D252692CAA36BDD3761973B9FFE6D6546E ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
09:12:03.0196 0x1d28 AMD External Events Utility - ok
09:12:04.0781 0x1d28 [ B965E93A34E80BDAF2A8102D13EAD649, 4AC0B5A66704A2C3D7A6DCA523D9AB990B4E20C4CB4A5650DECD848E513B2935 ] AMD FUEL Service C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
09:12:04.0796 0x1d28 AMD FUEL Service - detected UnsignedFile.Multi.Generic ( 1 )
09:12:07.0285 0x1d28 Detect skipped due to KSN trusted
09:12:07.0285 0x1d28 AMD FUEL Service - ok
09:12:07.0903 0x1d28 [ 6A2EEB0C4133B20773BB3DD0B7B377B4, E4CB35C6937C70A145A13E5AE5B34A271B49101DA623171ACBFDA8601E5A70EA ] amdiox64 C:\WINDOWS\System32\drivers\amdiox64.sys
09:12:07.0910 0x1d28 amdiox64 - ok
09:12:08.0317 0x1d28 [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
09:12:08.0333 0x1d28 AmdK8 - ok
09:12:08.0746 0x1d28 amdkmdag - ok
09:12:09.0315 0x1d28 [ EDFE43D405C00E98E02852CFA59B1C58, 57AEC52B893A179AFFF4B2DF8138DC770D6575022848851EDD0E072920A385B1 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
09:12:09.0342 0x1d28 amdkmdap - ok
09:12:09.0795 0x1d28 [ 3F11DB5FF2B4E52CA4B5979A37B97A6F, 59350E37AB2FE8D7290B0B9A4C84ADBC69A4EBCEA5AD208E2E5D047C8EE5B65A ] amdkmpfd C:\WINDOWS\system32\drivers\amdkmpfd.sys
09:12:09.0804 0x1d28 amdkmpfd - ok
09:12:10.0205 0x1d28 [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
09:12:10.0622 0x1d28 AmdPPM - ok
09:12:11.0034 0x1d28 [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
09:12:11.0046 0x1d28 amdsata - ok
09:12:11.0567 0x1d28 [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
09:12:11.0988 0x1d28 amdsbs - ok
09:12:12.0399 0x1d28 [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
09:12:12.0410 0x1d28 amdxata - ok
09:12:12.0820 0x1d28 [ F9D46B6B322708BD5AFCC8767EBDC901, BD4872A62516D8326D43FD37A8BECEBADB80C51CD79506FD8A2013358710F774 ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys
09:12:12.0827 0x1d28 amd_sata - ok
09:12:13.0230 0x1d28 [ 329CC9C7E20DEEBCD4CD10816193EF14, FA217536D56EA0BFC783FC29919F529A9AF8E0F7B2A49AA452B218BC6F1E0366 ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys
09:12:13.0237 0x1d28 amd_xata - ok
09:12:13.0644 0x1d28 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
09:12:13.0651 0x1d28 AODDriver4.3 - ok
09:12:14.0873 0x1d28 [ E4AFE476D9F758514A8A571DF6A24372, A37055A2CDB577CC8B76D4B020924A6C68D94166C1C9A64F7C0E9E16692709FC ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
09:12:15.0725 0x1d28 AppHostSvc - ok
09:12:16.0140 0x1d28 [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID C:\WINDOWS\system32\drivers\appid.sys
09:12:16.0154 0x1d28 AppID - ok
09:12:17.0015 0x1d28 [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
09:12:17.0873 0x1d28 AppIDSvc - ok
09:12:18.0286 0x1d28 [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo C:\WINDOWS\System32\appinfo.dll
09:12:18.0707 0x1d28 Appinfo - ok
09:12:19.0563 0x1d28 [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
09:12:19.0976 0x1d28 AppReadiness - ok
09:12:21.0265 0x1d28 [ 4F9CBB4B6FC2D9D0EAC8234343BAA29D, 5A01B55B3D63C3E1593C9E4B653C4D63CAEFBBEB2847D3EBAD4DB3BABA39DE50 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
09:12:22.0045 0x1d28 AppXSvc - ok
09:12:22.0465 0x1d28 [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
09:12:22.0479 0x1d28 arcsas - ok
09:12:24.0133 0x1d28 [ BD63768F58666341BE007DAA21B3A063, 1D6112E97042E19E4D916AA22F8AEB7FCC2F36CA45F55049D77042DAF3B8847C ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:12:24.0146 0x1d28 aspnet_state - ok
09:12:24.0160 0x1d28 [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
09:12:24.0228 0x1d28 AsyncMac - ok
09:12:24.0264 0x1d28 [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
09:12:24.0275 0x1d28 atapi - ok
09:12:24.0306 0x1d28 [ 0966FD5BAB1F9BE200875E9EED0A0A13, F4BE70C0581B51ED6DAE6412A5FF74AE310BF88DE89C5A5E5880BEED543B01D7 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
09:12:25.0177 0x1d28 AtiHDAudioService - ok
09:12:26.0487 0x1d28 [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:12:26.0918 0x1d28 AudioEndpointBuilder - ok
09:12:28.0222 0x1d28 [ 5D6D5DA39A402AE7B05047781699ABDE, E3E4A7BA6E92190F9D9D6AD9AE084E293D2E271089CA78503AD72D7F39492459 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
09:12:29.0474 0x1d28 Audiosrv - ok
09:12:30.0363 0x1d28 [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
09:12:30.0381 0x1d28 AxInstSV - ok
09:12:30.0791 0x1d28 [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
09:12:30.0815 0x1d28 b06bdrv - ok
09:12:31.0208 0x1d28 [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:12:31.0632 0x1d28 BasicDisplay - ok
09:12:32.0052 0x1d28 [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
09:12:32.0484 0x1d28 BasicRender - ok
09:12:32.0912 0x1d28 [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
09:12:32.0919 0x1d28 bcmfn2 - ok
09:12:33.0776 0x1d28 [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
09:12:34.0205 0x1d28 BDESVC - ok
09:12:35.0039 0x1d28 [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:12:35.0051 0x1d28 Beep - ok
09:12:35.0191 0x1d28 [ B1359701847FF1FF415FA083F1610F48, 991F995B9CF614549F5F7EB5C5B2D47F34EFF0F47B35C4BF4CE716666B9DA1D3 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
09:12:35.0330 0x1d28 BEService - detected UnsignedFile.Multi.Generic ( 1 )
09:12:37.0911 0x1d28 Detect skipped due to KSN trusted
09:12:37.0911 0x1d28 BEService - ok
09:12:38.0702 0x1d28 [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE C:\WINDOWS\System32\bfe.dll
09:12:39.0565 0x1d28 BFE - ok
09:12:40.0395 0x1d28 [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS C:\WINDOWS\System32\qmgr.dll
09:12:41.0228 0x1d28 BITS - ok
09:12:41.0287 0x1d28 [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
09:12:41.0432 0x1d28 bowser - ok
09:12:44.0738 0x1d28 [ 7487B46E104303E247F68D485C12326F, BAC6A4FFD5B4009B4B673479630FAA2784618438925DFB6489F07BF163188114 ] BRDriver64_1_3_3_E02B25FC C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys
09:12:44.0746 0x1d28 BRDriver64_1_3_3_E02B25FC - ok
09:12:45.0582 0x1d28 [ EB4F4B88DF20C7B134F33A64EFD56BED, 7C32485FDDEEA23760DF24FC9576FBA11330C5BBA9053869FDAA9AD8A16B1610 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:12:45.0996 0x1d28 BrokerInfrastructure - ok
09:12:46.0815 0x1d28 [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser C:\WINDOWS\System32\browser.dll
09:12:47.0238 0x1d28 Browser - ok
09:12:47.0657 0x1d28 [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub C:\ProgramData\BitRaider\BRSptStub.exe
09:12:47.0671 0x1d28 BRSptStub - ok
09:12:48.0085 0x1d28 [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:12:48.0504 0x1d28 BthAvrcpTg - ok
09:12:49.0342 0x1d28 [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
09:12:49.0755 0x1d28 BthHFEnum - ok
09:12:49.0825 0x1d28 [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
09:12:50.0256 0x1d28 bthhfhid - ok
09:12:51.0179 0x1d28 [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
09:12:51.0200 0x1d28 BthHFSrv - ok
09:12:51.0601 0x1d28 [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
09:12:51.0615 0x1d28 BTHMODEM - ok
09:12:52.0437 0x1d28 [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv C:\WINDOWS\system32\bthserv.dll
09:12:52.0938 0x1d28 bthserv - ok
09:12:53.0351 0x1d28 [ F34AD5A9F944D91BD285D1C29EEECB2B, 2EDA8C481B7F7F49AC8399485AE7C2D182568EE2E62394DC78C9A821ADAEA5EC ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
09:12:53.0492 0x1d28 buttonconverter - ok
09:12:53.0905 0x1d28 [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
09:12:53.0953 0x1d28 CapImg - ok
09:12:54.0357 0x1d28 [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:12:54.0779 0x1d28 cdfs - ok
09:12:56.0403 0x1d28 [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
09:12:58.0175 0x1d28 CDPSvc - ok
09:12:58.0580 0x1d28 [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
09:12:58.0597 0x1d28 cdrom - ok
09:12:58.0992 0x1d28 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
09:12:59.0029 0x1d28 CertPropSvc - ok
09:12:59.0488 0x1d28 [ 4ECA59628D074CF45633EC7A3D7954D3, 054B4AE94920A06ECF8C65A66DC949B65665679B15733D021120159F6E2460DA ] cfwids C:\WINDOWS\system32\drivers\cfwids.sys
09:12:59.0497 0x1d28 cfwids - ok
09:12:59.0925 0x1d28 [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass C:\WINDOWS\System32\drivers\circlass.sys
09:12:59.0939 0x1d28 circlass - ok
09:13:00.0360 0x1d28 [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
09:13:00.0379 0x1d28 CLFS - ok
09:13:00.0795 0x1d28 [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
09:13:00.0821 0x1d28 ClipSVC - ok
09:13:01.0220 0x1d28 [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
09:13:01.0646 0x1d28 CmBatt - ok
09:13:01.0717 0x1d28 [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
09:13:01.0742 0x1d28 CNG - ok
09:13:02.0123 0x1d28 [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
09:13:02.0134 0x1d28 cnghwassist - ok
09:13:03.0049 0x1d28 [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
09:13:03.0063 0x1d28 CompositeBus - ok
09:13:03.0068 0x1d28 COMSysApp - ok
09:13:03.0128 0x1d28 [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
09:13:03.0573 0x1d28 condrv - ok
09:13:04.0414 0x1d28 [ 5C2C63BC5CE4A753C16CED512F91A04D, 4ACFA702B4CD7E30525D9595533E6B8EACBFF7F38EE7A05E8AC087BB229AD9D4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
09:13:04.0442 0x1d28 CoreMessagingRegistrar - ok
09:13:06.0236 0x1d28 [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
09:13:06.0327 0x1d28 CryptSvc - ok
09:13:07.0583 0x1d28 [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam C:\WINDOWS\system32\drivers\dam.sys
09:13:07.0594 0x1d28 dam - ok
09:13:08.0858 0x1d28 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:13:10.0227 0x1d28 DcomLaunch - ok
09:13:10.0313 0x1d28 [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
09:13:10.0405 0x1d28 DcpSvc - ok
09:13:10.0844 0x1d28 [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc C:\WINDOWS\System32\defragsvc.dll
09:13:10.0918 0x1d28 defragsvc - ok
09:13:10.0954 0x1d28 [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:13:11.0010 0x1d28 DeviceAssociationService - ok
09:13:11.0161 0x1d28 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
09:13:11.0181 0x1d28 DeviceInstall - ok
09:13:11.0361 0x1d28 [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
09:13:11.0426 0x1d28 DevQueryBroker - ok
09:13:11.0582 0x1d28 [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
09:13:11.0609 0x1d28 Dfsc - ok
09:13:11.0777 0x1d28 [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
09:13:11.0879 0x1d28 Dhcp - ok
09:13:12.0030 0x1d28 [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
09:13:12.0053 0x1d28 diagnosticshub.standardcollector.service - ok
09:13:12.0160 0x1d28 [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
09:13:12.0208 0x1d28 DiagTrack - ok
09:13:12.0251 0x1d28 [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk C:\WINDOWS\system32\drivers\disk.sys
09:13:12.0263 0x1d28 disk - ok
09:13:12.0353 0x1d28 [ 8E481EDF066552D551613EC9FE7D179F, 96E955CA82B4CDEC00ED08003FDC8DD61E685F421912EDBF7B0DA740048416F9 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
09:13:12.0419 0x1d28 DmEnrollmentSvc - ok
09:13:12.0444 0x1d28 [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
09:13:12.0497 0x1d28 dmvsc - ok
09:13:12.0533 0x1d28 [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
09:13:12.0560 0x1d28 dmwappushservice - ok
09:13:12.0583 0x1d28 [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:13:12.0611 0x1d28 Dnscache - ok
09:13:12.0636 0x1d28 [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
09:13:12.0665 0x1d28 dot3svc - ok
09:13:12.0679 0x1d28 [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS C:\WINDOWS\system32\dps.dll
09:13:12.0704 0x1d28 DPS - ok
09:13:12.0717 0x1d28 [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:13:12.0727 0x1d28 drmkaud - ok
09:13:12.0735 0x1d28 [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
09:13:12.0764 0x1d28 DsmSvc - ok
09:13:12.0779 0x1d28 [ F2328181D289CE83E9979733EAB6742A, 73B1CDA6ED8C42B36126909F1335B72126A5DDC6FC7CE8BA2CA274A2B92E82FD ] DsSvc C:\WINDOWS\System32\DsSvc.dll
09:13:12.0805 0x1d28 DsSvc - ok
09:13:12.0848 0x1d28 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
09:13:12.0860 0x1d28 dtsoftbus01 - ok
09:13:12.0975 0x1d28 [ 310334DAF2C455744703E2D582942DF3, C25C42B4C5BA3456DCB2C24546D7E38A9F5321992B81138A8BDCE021C4BE6D13 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:13:13.0030 0x1d28 DXGKrnl - ok
09:13:13.0071 0x1d28 [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost C:\WINDOWS\System32\eapsvc.dll
09:13:13.0088 0x1d28 Eaphost - ok
09:13:13.0642 0x1d28 [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
09:13:13.0773 0x1d28 ebdrv - ok
09:13:13.0824 0x1d28 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS C:\WINDOWS\System32\lsass.exe
09:13:13.0837 0x1d28 EFS - ok
09:13:13.0876 0x1d28 [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
09:13:13.0888 0x1d28 EhStorClass - ok
09:13:13.0904 0x1d28 [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:13:13.0917 0x1d28 EhStorTcgDrv - ok
09:13:14.0075 0x1d28 [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
09:13:14.0111 0x1d28 embeddedmode - ok
09:13:14.0128 0x1d28 [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
09:13:14.0166 0x1d28 EntAppSvc - ok
09:13:14.0179 0x1d28 [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
09:13:14.0269 0x1d28 ErrDev - ok
09:13:14.0383 0x1d28 [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem C:\WINDOWS\system32\es.dll
09:13:14.0549 0x1d28 EventSystem - ok
09:13:14.0615 0x1d28 [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
09:13:14.0682 0x1d28 exfat - ok
09:13:14.0747 0x1d28 [ 435FC0D25ADFD1A2FBA8C98BD4D79E23, F89D02518923D5AAB4A63686F26EE6118584AA9641D2C0B5B1AE4A728D5C06A4 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
09:13:14.0765 0x1d28 fastfat - ok
09:13:14.0893 0x1d28 [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax C:\WINDOWS\system32\fxssvc.exe
09:13:15.0031 0x1d28 Fax - ok
09:13:15.0171 0x1d28 [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc C:\WINDOWS\System32\drivers\fcvsc.sys
09:13:15.0183 0x1d28 fcvsc - ok
09:13:15.0239 0x1d28 [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
09:13:15.0252 0x1d28 fdc - ok
09:13:15.0306 0x1d28 [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
09:13:15.0390 0x1d28 fdPHost - ok
09:13:15.0451 0x1d28 [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
09:13:15.0532 0x1d28 FDResPub - ok
09:13:15.0595 0x1d28 [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc C:\WINDOWS\system32\fhsvc.dll
09:13:15.0670 0x1d28 fhsvc - ok
09:13:15.0718 0x1d28 [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
09:13:15.0807 0x1d28 FileCrypt - ok
09:13:15.0871 0x1d28 [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
09:13:15.0883 0x1d28 FileInfo - ok
09:13:15.0950 0x1d28 [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
09:13:16.0039 0x1d28 Filetrace - ok
09:13:16.0082 0x1d28 [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
09:13:16.0095 0x1d28 flpydisk - ok
09:13:16.0167 0x1d28 [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:13:16.0185 0x1d28 FltMgr - ok
09:13:17.0135 0x1d28 [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache C:\WINDOWS\system32\FntCache.dll
09:13:17.0934 0x1d28 FontCache - ok
09:13:20.0121 0x1d28 [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:13:20.0130 0x1d28 FontCache3.0.0.0 - ok
09:13:20.0531 0x1d28 [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
09:13:20.0543 0x1d28 FsDepends - ok
09:13:21.0344 0x1d28 [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:13:21.0355 0x1d28 Fs_Rec - ok
09:13:21.0771 0x1d28 [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:13:21.0795 0x1d28 fvevol - ok
09:13:22.0170 0x1d28 [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
09:13:22.0182 0x1d28 gagp30kx - ok
09:13:22.0234 0x1d28 [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
09:13:22.0246 0x1d28 gencounter - ok
09:13:22.0643 0x1d28 [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
09:13:23.0058 0x1d28 genericusbfn - ok
09:13:23.0469 0x1d28 [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:13:23.0482 0x1d28 GPIOClx0101 - ok
09:13:24.0331 0x1d28 [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
09:13:24.0384 0x1d28 gpsvc - ok
09:13:24.0459 0x1d28 [ BA2455D93BD57989A04FE4094AA6F941, B579FB367C063EA30C034381148410D49D38E183A5A4D51D2334A81DAEE95CEC ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
09:13:24.0485 0x1d28 GpuEnergyDrv - ok
09:13:24.0512 0x1d28 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:13:24.0521 0x1d28 gupdate - ok
09:13:24.0526 0x1d28 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:13:24.0534 0x1d28 gupdatem - ok
09:13:24.0946 0x1d28 [ C277A49F8A8295840DEBC9240B75A282, 8B2BA0E6A8300323765D95ECD843105B0FC4B80B85EE2220E677C4E9A760C9D8 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
09:13:25.0369 0x1d28 HDAudBus - ok
09:13:25.0787 0x1d28 [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
09:13:26.0202 0x1d28 HidBatt - ok
09:13:26.0280 0x1d28 [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
09:13:26.0696 0x1d28 HidBth - ok
09:13:26.0744 0x1d28 [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
09:13:26.0820 0x1d28 hidi2c - ok
09:13:26.0874 0x1d28 [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
09:13:26.0885 0x1d28 hidinterrupt - ok
09:13:26.0927 0x1d28 [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
09:13:26.0992 0x1d28 HidIr - ok
09:13:27.0111 0x1d28 [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv C:\WINDOWS\system32\hidserv.dll
09:13:27.0519 0x1d28 hidserv - ok
09:13:27.0924 0x1d28 [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
09:13:27.0994 0x1d28 HidUsb - ok
09:13:28.0809 0x1d28 [ E7AF59F1E0352F5EBEC4ECD32103D405, 0E02E031799F407A1BCE926D46471E7EFB8820359CBDE73759219B86C1882EB8 ] HipShieldK C:\WINDOWS\system32\drivers\HipShieldK.sys
09:13:28.0820 0x1d28 HipShieldK - ok
09:13:28.0957 0x1d28 [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:13:29.0369 0x1d28 HomeGroupListener - ok
09:13:29.0857 0x1d28 [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:13:29.0883 0x1d28 HomeGroupProvider - ok
09:13:32.0895 0x1d28 [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:13:32.0908 0x1d28 HomeNetSvc - ok
09:13:32.0965 0x1d28 [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
09:13:32.0977 0x1d28 HpSAMD - ok
09:13:33.0058 0x1d28 [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
09:13:33.0091 0x1d28 HTTP - ok
09:13:33.0117 0x1d28 [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
09:13:33.0128 0x1d28 hwpolicy - ok
09:13:33.0539 0x1d28 [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
09:13:33.0552 0x1d28 hyperkbd - ok
09:13:33.0602 0x1d28 [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
09:13:33.0684 0x1d28 HyperVideo - ok
09:13:33.0743 0x1d28 [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
09:13:33.0881 0x1d28 i8042prt - ok
09:13:34.0283 0x1d28 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
09:13:34.0292 0x1d28 iaLPSSi_GPIO - ok
09:13:35.0178 0x1d28 [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
09:13:35.0187 0x1d28 iaLPSSi_I2C - ok
09:13:35.0273 0x1d28 [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
09:13:35.0298 0x1d28 iaStorAV - ok
09:13:35.0364 0x1d28 [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
09:13:35.0383 0x1d28 iaStorV - ok
09:13:35.0479 0x1d28 [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
09:13:35.0498 0x1d28 ibbus - ok
09:13:35.0636 0x1d28 [ 501AEED29B30B32BB50416C1E04380E6, 5488B34F3FE5D3DFEF321C1EC2F1DC38831A06EA5FC0618FEF24367975ACB862 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
09:13:35.0712 0x1d28 icssvc - ok
09:13:36.0460 0x1d28 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:13:36.0467 0x1d28 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
09:13:39.0091 0x1d28 Detect skipped due to KSN trusted
09:13:39.0091 0x1d28 IDriverT - ok
09:13:39.0096 0x1d28 IEEtwCollectorService - ok
09:13:39.0488 0x1d28 [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
09:13:39.0527 0x1d28 IKEEXT - ok
09:13:42.0410 0x1d28 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:13:42.0503 0x1d28 IntcAzAudAddService - ok
09:13:42.0770 0x1d28 [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
09:13:42.0780 0x1d28 intelide - ok
09:13:43.0185 0x1d28 [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
09:13:43.0196 0x1d28 intelpep - ok
09:13:43.0257 0x1d28 [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
09:13:43.0682 0x1d28 intelppm - ok
09:13:43.0753 0x1d28 [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
09:13:43.0905 0x1d28 IoQos - ok
09:13:43.0977 0x1d28 [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:13:44.0061 0x1d28 IpFilterDriver - ok
09:13:44.0245 0x1d28 [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
09:13:44.0365 0x1d28 iphlpsvc - ok
09:13:44.0429 0x1d28 [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:13:44.0736 0x1d28 IPMIDRV - ok
09:13:45.0164 0x1d28 [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
09:13:45.0246 0x1d28 IPNAT - ok
09:13:45.0321 0x1d28 [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
09:13:45.0408 0x1d28 IRENUM - ok
09:13:45.0477 0x1d28 [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
09:13:45.0489 0x1d28 isapnp - ok
09:13:45.0563 0x1d28 [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
09:13:45.0579 0x1d28 iScsiPrt - ok
09:13:45.0643 0x1d28 [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
09:13:45.0655 0x1d28 kbdclass - ok
09:13:46.0056 0x1d28 [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
09:13:46.0068 0x1d28 kbdhid - ok
09:13:46.0485 0x1d28 [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
09:13:47.0334 0x1d28 kdnic - ok
09:13:47.0394 0x1d28 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso C:\WINDOWS\system32\lsass.exe
09:13:47.0407 0x1d28 KeyIso - ok
09:13:47.0807 0x1d28 [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
09:13:47.0820 0x1d28 KSecDD - ok
09:13:48.0237 0x1d28 [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:13:48.0250 0x1d28 KSecPkg - ok
09:13:48.0307 0x1d28 [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
09:13:48.0320 0x1d28 ksthunk - ok
09:13:49.0191 0x1d28 [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
09:13:49.0618 0x1d28 KtmRm - ok
09:13:50.0451 0x1d28 [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
09:13:50.0883 0x1d28 LanmanServer - ok
09:13:51.0745 0x1d28 [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:13:52.0158 0x1d28 LanmanWorkstation - ok
09:13:53.0036 0x1d28 [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
09:13:53.0127 0x1d28 lfsvc - ok
09:13:54.0363 0x1d28 [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
09:13:55.0197 0x1d28 LicenseManager - ok
09:13:55.0613 0x1d28 [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
09:13:55.0628 0x1d28 lltdio - ok
09:13:56.0037 0x1d28 [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
09:13:56.0449 0x1d28 lltdsvc - ok
09:13:56.0843 0x1d28 [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
09:13:56.0928 0x1d28 lmhosts - ok
09:13:57.0330 0x1d28 [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
09:13:57.0342 0x1d28 LSI_SAS - ok
09:13:57.0362 0x1d28 [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
09:13:57.0374 0x1d28 LSI_SAS2i - ok
09:13:57.0781 0x1d28 [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
09:13:57.0793 0x1d28 LSI_SAS3i - ok
09:13:58.0195 0x1d28 [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
09:13:58.0206 0x1d28 LSI_SSS - ok
09:13:58.0613 0x1d28 [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM C:\WINDOWS\System32\lsm.dll
09:13:59.0021 0x1d28 LSM - ok
09:13:59.0415 0x1d28 [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
09:13:59.0839 0x1d28 luafv - ok
09:14:00.0252 0x1d28 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64 C:\WINDOWS\system32\DRIVERS\lvrs64.sys
09:14:00.0265 0x1d28 LVRS64 - ok
09:14:02.0394 0x1d28 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
09:14:02.0490 0x1d28 LVUVC64 - ok
09:14:03.0128 0x1d28 [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker C:\WINDOWS\System32\moshost.dll
09:14:03.0564 0x1d28 MapsBroker - ok
09:14:04.0879 0x1d28 [ D8E5D83BE1F296F5AF38F89E4D0C3F3B, F0C3C94FBAC1A3DA4299257CB6DDA581CAAE602606E0039C49BCD19370248CB0 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
09:14:04.0888 0x1d28 McAfee SiteAdvisor Service - ok
09:14:05.0342 0x1d28 [ 6BE500A77E653B3E621F280BA544AA0B, 2AFE3221EC6EABA1C085022555AD349996026E6883952833CF0A69F280E9C8EE ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
09:14:05.0363 0x1d28 McAPExe - ok
09:14:05.0866 0x1d28 [ 998D0AAC182C536C258F7EDF0DCABCB5, 983DE1F52B232369EDAC0E0852815D74A05871A090B49FC16E24FF21B1779F10 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe
09:14:05.0904 0x1d28 mccspsvc - ok
09:14:06.0007 0x1d28 [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:14:06.0020 0x1d28 McMPFSvc - ok
09:14:06.0030 0x1d28 [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:14:06.0043 0x1d28 McNaiAnn - ok
09:14:06.0392 0x1d28 [ C32F9DAFD27557A53ED44915075B5658, 3C14A497021BA51AD8200D94B898ABA039666ED971C3AE4EB4859A35BDFFD564 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
09:14:06.0411 0x1d28 McODS - ok
09:14:06.0421 0x1d28 [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:14:06.0434 0x1d28 mcpltsvc - ok
09:14:06.0443 0x1d28 [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:14:06.0456 0x1d28 McProxy - ok
09:14:06.0505 0x1d28 [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
09:14:06.0516 0x1d28 megasas - ok
09:14:06.0609 0x1d28 [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
09:14:06.0632 0x1d28 megasr - ok
09:14:07.0180 0x1d28 [ B57322E3BC44A1F0A9C97B68A9EFF495, 2C967B0E965DF834BDC92E3D12E372CB47BA88CB02B0B12FA2AE7B94C2AD80A1 ] mfeaack C:\WINDOWS\system32\drivers\mfeaack.sys
09:14:07.0194 0x1d28 mfeaack - ok
09:14:07.0412 0x1d28 [ 2BD453B97EF1B1DB5AA195A261F926F8, 47582D78B3ADD1D77F98C5D4EC89B1EC1EE7A79677691FAE543DECA2EE5ACF79 ] mfeavfk C:\WINDOWS\system32\drivers\mfeavfk.sys
09:14:07.0425 0x1d28 mfeavfk - ok
09:14:07.0564 0x1d28 [ D1780DF54D9DB0DF6801F8657D5F0A14, 4B695A7165BB11521E602D93E73770D4181E170AA010CE5F91F95031BF4865C9 ] mfeelamk C:\WINDOWS\system32\drivers\mfeelamk.sys
09:14:07.0577 0x1d28 mfeelamk - ok
09:14:07.0823 0x1d28 [ B58B438EE841934F0425AC91560D13F4, 3D6FAFB2E7EB3616E2A4827D713DB95795AFA0D50140F8DDF08C102838776277 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
09:14:07.0833 0x1d28 mfefire - ok
09:14:08.0245 0x1d28 [ 9F9BC4DBB610F1AD600F619416A6144D, DE957B0CEF45A4DFD5280DFF8EC4D3EDFBE00E1CB920262D2F6B86E19DDAD7C6 ] mfefirek C:\WINDOWS\system32\drivers\mfefirek.sys
09:14:08.0261 0x1d28 mfefirek - ok
09:14:09.0083 0x1d28 [ B98911F49EA2F83A9079315846BE1E53, 2335ED3F166D5B10F2DBECE330C1FE8D50E1DEE4EA7D523AB6AC79E99A26C206 ] mfehidk C:\WINDOWS\system32\drivers\mfehidk.sys
09:14:09.0106 0x1d28 mfehidk - ok
09:14:09.0220 0x1d28 [ 172F71DAFD8D139CB12D20A2A9986676, 9B2CBCE81C7EE0A150CDC4F68370D0B75E9AE57BDB82A4D1B74F4F9F09329240 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
09:14:09.0233 0x1d28 mfemms - ok
09:14:09.0360 0x1d28 [ 759ABC713BCA60F5508FC1455046670D, 1E8E903982B04D66ACBA0251B5256189F1BA4BD024A1C5F2E37E24D6CD1F96F3 ] mfencbdc C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
09:14:09.0376 0x1d28 mfencbdc - ok
09:14:09.0858 0x1d28 [ 3924A68351C527CCB1AEF2DF486F0C35, C308C472DCB370D10935B1B00368C27F9F66B650F64D9B454495CD1CC5ABF3B6 ] mfencrk C:\WINDOWS\system32\DRIVERS\mfencrk.sys
09:14:09.0866 0x1d28 mfencrk - ok
09:14:10.0017 0x1d28 [ 4BEC4AE374CBE6D562D2DD1DD6118BB4, 2D6F13A6DF5BF1C89291749B061C0152A56417C82B6E4742365B112DA2FBC3B2 ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
09:14:10.0024 0x1d28 mfesapsn - ok
09:14:10.0098 0x1d28 [ E2082E1EF67506041CAD66D905494B43, B577E1D37D16A9FDA9818317D4A8DB0FF49F1099D983F014FFDB697A3FC889F7 ] mfevtp C:\Windows\system32\mfevtps.exe
09:14:10.0110 0x1d28 mfevtp - ok
09:14:10.0596 0x1d28 [ 34CA0FA858BC45FA83247AAD4976CCE7, 676ED2E7EE58D2316F2DC05AB4BD9F9CFE75570E9919D568ACC992B4F9152514 ] mfewfpk C:\WINDOWS\system32\drivers\mfewfpk.sys
09:14:10.0609 0x1d28 mfewfpk - ok
09:14:10.0675 0x1d28 [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
09:14:10.0700 0x1d28 mlx4_bus - ok
09:14:10.0804 0x1d28 [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
09:14:10.0876 0x1d28 MMCSS - ok
09:14:10.0940 0x1d28 [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem C:\WINDOWS\system32\drivers\modem.sys
09:14:11.0027 0x1d28 Modem - ok
09:14:11.0445 0x1d28 [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
09:14:11.0457 0x1d28 monitor - ok
09:14:11.0584 0x1d28 [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
09:14:11.0595 0x1d28 mouclass - ok
09:14:11.0659 0x1d28 [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
09:14:11.0880 0x1d28 mouhid - ok
09:14:12.0027 0x1d28 [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
09:14:12.0040 0x1d28 mountmgr - ok
09:14:12.0129 0x1d28 [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
09:14:12.0415 0x1d28 mpsdrv - ok
09:14:12.0483 0x1d28 [ 51D4584BC245AF1B679CAF01669ACE23, AA0BE0D216A00113F5C07DD95CBC15C4448BF2CBD4954CF16D1E9689455447DB ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
09:14:12.0534 0x1d28 MpsSvc - ok
09:14:12.0607 0x1d28 [ 5B37FDC07159FE9F5F52399F7D78F60B, A0C20EB9A7918395A13A5E21917887DDC9897C475D33091B518354163CAE108A ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
09:14:12.0653 0x1d28 MQAC - ok
09:14:12.0662 0x1d28 [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
09:14:12.0681 0x1d28 MRxDAV - ok
09:14:12.0706 0x1d28 [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:14:12.0729 0x1d28 mrxsmb - ok
09:14:12.0750 0x1d28 [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
09:14:12.0780 0x1d28 mrxsmb10 - ok
09:14:12.0801 0x1d28 [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:14:12.0822 0x1d28 mrxsmb20 - ok
09:14:12.0841 0x1d28 [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
09:14:12.0866 0x1d28 MsBridge - ok
09:14:12.0915 0x1d28 [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:14:12.0942 0x1d28 MSDTC - ok
09:14:12.0957 0x1d28 [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:14:12.0970 0x1d28 Msfs - ok
09:14:13.0015 0x1d28 [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:14:13.0026 0x1d28 msgpiowin32 - ok
09:14:13.0041 0x1d28 [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:14:13.0059 0x1d28 mshidkmdf - ok
09:14:13.0070 0x1d28 [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
09:14:13.0081 0x1d28 mshidumdf - ok
09:14:13.0089 0x1d28 [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
09:14:13.0099 0x1d28 msisadrv - ok
09:14:13.0165 0x1d28 [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
09:14:13.0182 0x1d28 MSiSCSI - ok
09:14:13.0186 0x1d28 msiserver - ok
09:14:13.0282 0x1d28 [ 49756F7F0CD97760A8F100ADC4A253BC, 4B8BDDC897AF438278219BF5CBC8DFA90DD23EECE57C1695B27D3A746F0D2AD3 ] MSI_SuperCharger C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
09:14:13.0291 0x1d28 MSI_SuperCharger - ok
09:14:13.0309 0x1d28 [ 08CCC7622DDDFD649F75F9CFA53E4229, 257C8C285DDAA1CB1AAD3F799235972D0FF9577BE97859337437D4562B7CE4E4 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
09:14:13.0321 0x1d28 MSK80Service - ok
09:14:13.0371 0x1d28 [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:14:13.0395 0x1d28 MSKSSRV - ok
09:14:13.0409 0x1d28 [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
09:14:13.0432 0x1d28 MsLldp - ok
09:14:13.0474 0x1d28 [ 85EBF0A28B8B132B67C84C6CE5EBAC29, D0012CF4822A3D16F7BF61C94C5650DC1ED310A0DD1A3333465D28C73D40ECDB ] MSMQ C:\WINDOWS\system32\mqsvc.exe
09:14:13.0493 0x1d28 MSMQ - ok
09:14:13.0506 0x1d28 [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:14:13.0519 0x1d28 MSPCLOCK - ok
09:14:13.0531 0x1d28 [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:14:13.0555 0x1d28 MSPQM - ok
09:14:13.0571 0x1d28 [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
09:14:13.0590 0x1d28 MsRPC - ok
09:14:13.0603 0x1d28 [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
09:14:13.0614 0x1d28 mssmbios - ok
09:14:13.0623 0x1d28 [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:14:13.0648 0x1d28 MSTEE - ok
09:14:13.0652 0x1d28 [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
09:14:13.0664 0x1d28 MTConfig - ok
09:14:13.0677 0x1d28 [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
09:14:13.0690 0x1d28 Mup - ok
09:14:13.0709 0x1d28 [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
09:14:13.0720 0x1d28 mvumis - ok
09:14:13.0745 0x1d28 [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:14:13.0778 0x1d28 NativeWifiP - ok
09:14:13.0836 0x1d28 [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
09:14:13.0872 0x1d28 NcaSvc - ok
09:14:13.0894 0x1d28 [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService C:\WINDOWS\System32\ncbservice.dll
09:14:13.0938 0x1d28 NcbService - ok
Geändert von Daniel300 (25.09.2015 um 08:51 Uhr) |
|
25.09.2015, 09:22
| #4 |
| | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam TDSSKiller (2) Code:
ATTFilter 09:14:13.0956 0x1d28 [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
09:14:13.0985 0x1d28 NcdAutoSetup - ok
09:14:14.0001 0x1d28 [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
09:14:14.0013 0x1d28 ndfltr - ok
09:14:14.0071 0x1d28 [ D43EAFF4887321A07D9F9A9DD7225E07, CF29073BBABE12D56744B041118F15C6C08CB89EF12413E359A6875C90FA383F ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
09:14:14.0108 0x1d28 NDIS - ok
09:14:14.0140 0x1d28 [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
09:14:14.0161 0x1d28 NdisCap - ok
09:14:14.0172 0x1d28 [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
09:14:14.0195 0x1d28 NdisImPlatform - ok
09:14:14.0210 0x1d28 [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:14:14.0224 0x1d28 NdisTapi - ok
09:14:14.0244 0x1d28 [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
09:14:14.0266 0x1d28 Ndisuio - ok
09:14:14.0282 0x1d28 [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
09:14:14.0297 0x1d28 NdisVirtualBus - ok
09:14:14.0312 0x1d28 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
09:14:14.0337 0x1d28 NdisWan - ok
09:14:14.0345 0x1d28 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:14:14.0363 0x1d28 ndiswanlegacy - ok
09:14:14.0379 0x1d28 [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
09:14:14.0395 0x1d28 ndproxy - ok
09:14:14.0414 0x1d28 [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
09:14:14.0448 0x1d28 Ndu - ok
09:14:14.0460 0x1d28 [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
09:14:14.0471 0x1d28 NetBIOS - ok
09:14:14.0489 0x1d28 [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:14:14.0509 0x1d28 NetBT - ok
09:14:14.0523 0x1d28 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:14:14.0535 0x1d28 Netlogon - ok
09:14:14.0573 0x1d28 [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman C:\WINDOWS\System32\netman.dll
09:14:14.0607 0x1d28 Netman - ok
09:14:14.0654 0x1d28 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:14.0667 0x1d28 NetMsmqActivator - ok
09:14:14.0672 0x1d28 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:14.0683 0x1d28 NetPipeActivator - ok
09:14:14.0735 0x1d28 [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
09:14:14.0765 0x1d28 netprofm - ok
09:14:14.0788 0x1d28 [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
09:14:14.0806 0x1d28 NetSetupSvc - ok
09:14:14.0811 0x1d28 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:14.0822 0x1d28 NetTcpActivator - ok
09:14:14.0827 0x1d28 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:14:14.0838 0x1d28 NetTcpPortSharing - ok
09:14:14.0859 0x1d28 [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
09:14:14.0888 0x1d28 netvsc - ok
09:14:14.0941 0x1d28 [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
09:14:14.0961 0x1d28 NgcCtnrSvc - ok
09:14:14.0966 0x1d28 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc C:\WINDOWS\system32\lsass.exe
09:14:14.0978 0x1d28 NgcSvc - ok
09:14:15.0023 0x1d28 [ D5B50FCE0B749FC82BD8FD3A79FF623E, DB5E21011E020C08A5BE2B250BDEF9ACEA9891D6B7022BB9AAA5C6B92A4C87F8 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
09:14:15.0058 0x1d28 NlaSvc - ok
09:14:15.0077 0x1d28 [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:14:15.0100 0x1d28 Npfs - ok
09:14:15.0130 0x1d28 [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
09:14:15.0149 0x1d28 npsvctrig - ok
09:14:15.0163 0x1d28 [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi C:\WINDOWS\system32\nsisvc.dll
09:14:15.0187 0x1d28 nsi - ok
09:14:15.0198 0x1d28 [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
09:14:15.0220 0x1d28 nsiproxy - ok
09:14:15.0304 0x1d28 [ 466EC5659C02ED53DBD47DC1BC2B8086, 1F35DE75386F7D029C01D67B09D5E5157141C6892858885C11972CE73D6078AC ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
09:14:15.0375 0x1d28 NTFS - ok
09:14:15.0397 0x1d28 [ 23CF3DA010497EB2BF39A5C5A57E437C, 39CFDE7D401EFCE4F550E0A9461F5FC4D71FA07235E1336E4F0B4882BD76550E ] NTIOLib_1_0_3 C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys
09:14:15.0404 0x1d28 NTIOLib_1_0_3 - ok
09:14:15.0415 0x1d28 [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null C:\WINDOWS\system32\drivers\Null.sys
09:14:15.0439 0x1d28 Null - ok
09:14:15.0456 0x1d28 [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\WINDOWS\system32\drivers\nusb3hub.sys
09:14:15.0478 0x1d28 nusb3hub - ok
09:14:15.0507 0x1d28 [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\WINDOWS\system32\drivers\nusb3xhc.sys
09:14:15.0554 0x1d28 nusb3xhc - ok
09:14:15.0570 0x1d28 [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
09:14:15.0583 0x1d28 nvraid - ok
09:14:15.0594 0x1d28 [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
09:14:15.0607 0x1d28 nvstor - ok
09:14:15.0617 0x1d28 [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
09:14:15.0629 0x1d28 nv_agp - ok
09:14:15.0670 0x1d28 [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
09:14:15.0695 0x1d28 OneSyncSvc - ok
09:14:15.0784 0x1d28 [ 4F9FFCF12B6ED0B4DAC95427772C226E, 4A79AEC410ED1034366FAC1388FB29381EE6541AA17E3652BE86265D09541C56 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
09:14:15.0829 0x1d28 Origin Client Service - ok
09:14:15.0877 0x1d28 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
09:14:15.0911 0x1d28 p2pimsvc - ok
09:14:15.0954 0x1d28 [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
09:14:15.0979 0x1d28 p2psvc - ok
09:14:15.0993 0x1d28 [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport C:\WINDOWS\System32\drivers\parport.sys
09:14:16.0020 0x1d28 Parport - ok
09:14:16.0037 0x1d28 [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
09:14:16.0050 0x1d28 partmgr - ok
09:14:16.0067 0x1d28 [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
09:14:16.0090 0x1d28 PcaSvc - ok
09:14:16.0123 0x1d28 [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci C:\WINDOWS\system32\drivers\pci.sys
09:14:16.0140 0x1d28 pci - ok
09:14:16.0153 0x1d28 [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
09:14:16.0165 0x1d28 pciide - ok
09:14:16.0177 0x1d28 [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
09:14:16.0189 0x1d28 pcmcia - ok
09:14:16.0200 0x1d28 [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
09:14:16.0211 0x1d28 pcw - ok
09:14:16.0225 0x1d28 [ 5A4426450501534666F9E6157E258A0B, 2735EE7C5581D2FF5454662623BE94D08043C894580D540F0E5D3E21C7D7EC45 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
09:14:16.0237 0x1d28 pdc - ok
09:14:16.0275 0x1d28 [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
09:14:16.0310 0x1d28 PEAUTH - ok
09:14:16.0326 0x1d28 [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
09:14:16.0337 0x1d28 percsas2i - ok
09:14:16.0344 0x1d28 [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
09:14:16.0355 0x1d28 percsas3i - ok
09:14:16.0427 0x1d28 [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
09:14:16.0450 0x1d28 PerfHost - ok
09:14:16.0472 0x1d28 [ 42172DDE99D9F2AB3B0739506699A566, 6B0FAD656A24787E9429EA89F7DC03CC535D8E5D093378F93164ECADCEE5CFDF ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
09:14:16.0513 0x1d28 PimIndexMaintenanceSvc - ok
09:14:16.0585 0x1d28 [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla C:\WINDOWS\system32\pla.dll
09:14:16.0651 0x1d28 pla - ok
09:14:16.0699 0x1d28 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
09:14:16.0719 0x1d28 PlugPlay - ok
09:14:16.0725 0x1d28 [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
09:14:16.0739 0x1d28 PNRPAutoReg - ok
09:14:16.0752 0x1d28 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
09:14:16.0775 0x1d28 PNRPsvc - ok
09:14:16.0833 0x1d28 [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
09:14:16.0863 0x1d28 PolicyAgent - ok
09:14:16.0880 0x1d28 [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power C:\WINDOWS\system32\umpo.dll
09:14:16.0896 0x1d28 Power - ok
09:14:16.0934 0x1d28 [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
09:14:16.0956 0x1d28 PptpMiniport - ok
09:14:17.0088 0x1d28 [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:14:17.0210 0x1d28 PrintNotify - ok
09:14:17.0252 0x1d28 [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor C:\WINDOWS\System32\drivers\processr.sys
09:14:17.0274 0x1d28 Processor - ok
09:14:17.0312 0x1d28 [ 27D0B024BB356C6BEB1214B61E47DE02, 8CBDD62E243CC652F2197AE83DEDD21D91D2792558A6D7D1CC680B37607DEF4B ] ProfSvc C:\WINDOWS\system32\profsvc.dll
09:14:17.0341 0x1d28 ProfSvc - ok
09:14:17.0367 0x1d28 [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched C:\WINDOWS\system32\drivers\pacer.sys
09:14:17.0380 0x1d28 Psched - ok
09:14:17.0428 0x1d28 [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE C:\WINDOWS\system32\qwave.dll
09:14:17.0462 0x1d28 QWAVE - ok
09:14:17.0489 0x1d28 [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
09:14:17.0502 0x1d28 QWAVEdrv - ok
09:14:17.0518 0x1d28 [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:14:17.0544 0x1d28 RasAcd - ok
09:14:17.0593 0x1d28 [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
09:14:17.0617 0x1d28 RasAgileVpn - ok
09:14:17.0632 0x1d28 [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:14:17.0659 0x1d28 RasAuto - ok
09:14:17.0678 0x1d28 [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
09:14:17.0700 0x1d28 Rasl2tp - ok
09:14:17.0723 0x1d28 [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:14:17.0757 0x1d28 RasMan - ok
09:14:17.0770 0x1d28 [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
09:14:17.0797 0x1d28 RasPppoe - ok
09:14:17.0815 0x1d28 [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
09:14:17.0838 0x1d28 RasSstp - ok
09:14:17.0894 0x1d28 [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:14:17.0918 0x1d28 rdbss - ok
09:14:17.0929 0x1d28 [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
09:14:17.0948 0x1d28 rdpbus - ok
09:14:17.0985 0x1d28 [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
09:14:18.0008 0x1d28 RDPDR - ok
09:14:18.0024 0x1d28 [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:14:18.0034 0x1d28 RdpVideoMiniport - ok
09:14:18.0062 0x1d28 [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
09:14:18.0078 0x1d28 rdyboost - ok
09:14:18.0140 0x1d28 [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
09:14:18.0173 0x1d28 ReFSv1 - ok
09:14:18.0220 0x1d28 [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:14:18.0249 0x1d28 RemoteAccess - ok
09:14:18.0288 0x1d28 [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:14:18.0310 0x1d28 RemoteRegistry - ok
09:14:18.0372 0x1d28 [ 16018214C82C4AA1F58A037FC4601A04, DD9FCC06894879EB11841645C3F0325B61D57A7546811743BAE331E25605201A ] RetailDemo C:\WINDOWS\system32\RDXService.dll
09:14:18.0423 0x1d28 RetailDemo - ok
09:14:18.0481 0x1d28 [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
09:14:18.0521 0x1d28 RpcEptMapper - ok
09:14:18.0565 0x1d28 [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator C:\WINDOWS\system32\locator.exe
09:14:18.0586 0x1d28 RpcLocator - ok
09:14:18.0616 0x1d28 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:14:18.0654 0x1d28 RpcSs - ok
09:14:18.0689 0x1d28 [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
09:14:18.0705 0x1d28 rspndr - ok
09:14:18.0736 0x1d28 [ 179E6BCF8D16AD39C137CB4FCFE015C5, A1DF499AA378BDB1CB7F95ACC0C7D6929358AF4596A47FDEDFAE115461563CD5 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
09:14:18.0765 0x1d28 rt640x64 - ok
09:14:18.0777 0x1d28 [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
09:14:18.0790 0x1d28 s3cap - ok
09:14:18.0806 0x1d28 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs C:\WINDOWS\system32\lsass.exe
09:14:18.0818 0x1d28 SamSs - ok
09:14:18.0862 0x1d28 [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
09:14:18.0874 0x1d28 sbp2port - ok
09:14:18.0916 0x1d28 [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
09:14:18.0946 0x1d28 SCardSvr - ok
09:14:18.0960 0x1d28 [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
09:14:18.0981 0x1d28 ScDeviceEnum - ok
09:14:18.0989 0x1d28 [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:14:19.0017 0x1d28 scfilter - ok
09:14:19.0053 0x1d28 [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:14:19.0103 0x1d28 Schedule - ok
09:14:19.0159 0x1d28 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
09:14:19.0179 0x1d28 SCPolicySvc - ok
09:14:19.0197 0x1d28 [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\WINDOWS\system32\drivers\ScreamingBAudio64.sys
09:14:19.0204 0x1d28 ScreamBAudioSvc - ok
09:14:19.0225 0x1d28 [ CC41D16FB823F9BE167BE773F225CD1F, 97020D419CFC161A4EEF238F8580ADC2D026221217BF41728C54F52ACDBB9FCB ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
09:14:19.0241 0x1d28 sdbus - ok
09:14:19.0288 0x1d28 [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
09:14:19.0319 0x1d28 SDRSVC - ok
09:14:19.0334 0x1d28 [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
09:14:19.0347 0x1d28 sdstor - ok
09:14:19.0358 0x1d28 [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon C:\WINDOWS\system32\seclogon.dll
09:14:19.0391 0x1d28 seclogon - ok
09:14:19.0436 0x1d28 [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS C:\WINDOWS\System32\sens.dll
09:14:19.0466 0x1d28 SENS - ok
09:14:19.0519 0x1d28 [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
09:14:19.0577 0x1d28 SensorDataService - ok
09:14:19.0614 0x1d28 [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService C:\WINDOWS\system32\SensorService.dll
09:14:19.0644 0x1d28 SensorService - ok
09:14:19.0657 0x1d28 [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
09:14:19.0697 0x1d28 SensrSvc - ok
09:14:19.0704 0x1d28 [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
09:14:19.0715 0x1d28 SerCx - ok
09:14:19.0734 0x1d28 [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
09:14:19.0747 0x1d28 SerCx2 - ok
09:14:19.0798 0x1d28 [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
09:14:19.0811 0x1d28 Serenum - ok
09:14:19.0816 0x1d28 [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial C:\WINDOWS\System32\drivers\serial.sys
09:14:19.0831 0x1d28 Serial - ok
09:14:19.0846 0x1d28 [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
09:14:19.0859 0x1d28 sermouse - ok
09:14:19.0883 0x1d28 [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
09:14:19.0906 0x1d28 SessionEnv - ok
09:14:19.0932 0x1d28 [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
09:14:19.0945 0x1d28 sfloppy - ok
09:14:20.0002 0x1d28 [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:14:20.0033 0x1d28 SharedAccess - ok
09:14:20.0063 0x1d28 [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:14:20.0100 0x1d28 ShellHWDetection - ok
09:14:20.0125 0x1d28 [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:14:20.0136 0x1d28 SiSRaid2 - ok
09:14:20.0151 0x1d28 [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
09:14:20.0163 0x1d28 SiSRaid4 - ok
09:14:20.0205 0x1d28 [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost C:\WINDOWS\System32\smphost.dll
09:14:20.0234 0x1d28 smphost - ok
09:14:20.0305 0x1d28 [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
09:14:20.0346 0x1d28 SmsRouter - ok
09:14:20.0386 0x1d28 [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
09:14:20.0412 0x1d28 SNMPTRAP - ok
09:14:20.0531 0x1d28 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
09:14:20.0539 0x1d28 Sony PC Companion - ok
09:14:20.0564 0x1d28 [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
09:14:20.0584 0x1d28 spaceport - ok
09:14:20.0595 0x1d28 [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
09:14:20.0607 0x1d28 SpbCx - ok
09:14:20.0668 0x1d28 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\WINDOWS\syswow64\speedfan.sys
09:14:20.0677 0x1d28 speedfan - ok
09:14:20.0705 0x1d28 [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler C:\WINDOWS\System32\spoolsv.exe
09:14:20.0751 0x1d28 Spooler - ok
09:14:20.0896 0x1d28 [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc C:\WINDOWS\system32\sppsvc.exe
09:14:21.0056 0x1d28 sppsvc - ok
09:14:21.0104 0x1d28 [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:14:21.0133 0x1d28 srv - ok
09:14:21.0162 0x1d28 [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
09:14:21.0194 0x1d28 srv2 - ok
09:14:21.0213 0x1d28 [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:14:21.0231 0x1d28 srvnet - ok
09:14:21.0273 0x1d28 [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:14:21.0305 0x1d28 SSDPSRV - ok
09:14:21.0351 0x1d28 [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
09:14:21.0371 0x1d28 SstpSvc - ok
09:14:21.0463 0x1d28 [ C26E2C89EFB4BB39CD135B5DED804B78, 99288C6023DC6AC6554521EA671AB387ACE2AE2BCDE145C7012202842FF40841 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
09:14:21.0563 0x1d28 StateRepository - ok
09:14:21.0635 0x1d28 [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:14:21.0657 0x1d28 Steam Client Service - ok
09:14:21.0669 0x1d28 [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
09:14:21.0679 0x1d28 stexstor - ok
09:14:21.0730 0x1d28 [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc C:\WINDOWS\System32\wiaservc.dll
09:14:21.0762 0x1d28 stisvc - ok
09:14:21.0779 0x1d28 [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
09:14:21.0792 0x1d28 storahci - ok
09:14:21.0804 0x1d28 [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
09:14:21.0815 0x1d28 storflt - ok
09:14:21.0845 0x1d28 [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
09:14:21.0857 0x1d28 stornvme - ok
09:14:21.0868 0x1d28 [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
09:14:21.0897 0x1d28 storqosflt - ok
09:14:21.0936 0x1d28 [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
09:14:21.0979 0x1d28 StorSvc - ok
09:14:21.0987 0x1d28 [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
09:14:21.0997 0x1d28 storufs - ok
09:14:22.0002 0x1d28 [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
09:14:22.0013 0x1d28 storvsc - ok
09:14:22.0072 0x1d28 [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc C:\WINDOWS\system32\svsvc.dll
09:14:22.0089 0x1d28 svsvc - ok
09:14:22.0158 0x1d28 [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
09:14:22.0168 0x1d28 swenum - ok
09:14:22.0191 0x1d28 [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv C:\WINDOWS\System32\swprv.dll
09:14:22.0233 0x1d28 swprv - ok
09:14:22.0267 0x1d28 [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
09:14:22.0287 0x1d28 Synth3dVsc - ok
09:14:22.0317 0x1d28 [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain C:\WINDOWS\system32\sysmain.dll
09:14:22.0363 0x1d28 SysMain - ok
09:14:22.0380 0x1d28 [ 8863F06F520C1C76254B7DB45057BADA, EE8DA20185FBE37F64E8FE2A6FB477D602159AD6B63FFDD807981E6D28629888 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:14:22.0404 0x1d28 SystemEventsBroker - ok
09:14:22.0438 0x1d28 [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:14:22.0462 0x1d28 TabletInputService - ok
09:14:22.0498 0x1d28 [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:14:22.0528 0x1d28 TapiSrv - ok
09:14:22.0586 0x1d28 [ BA8CDF0FC9469005A84453A128EEB6AE, 5E037452DAB8B9004BCB761FD2161477E1D22D6F398CE97665F95FD0D6DD26B5 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
09:14:22.0650 0x1d28 Tcpip - ok
09:14:22.0711 0x1d28 [ BA8CDF0FC9469005A84453A128EEB6AE, 5E037452DAB8B9004BCB761FD2161477E1D22D6F398CE97665F95FD0D6DD26B5 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
09:14:22.0775 0x1d28 Tcpip6 - ok
09:14:22.0794 0x1d28 [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
09:14:22.0819 0x1d28 tcpipreg - ok
09:14:22.0846 0x1d28 [ 28E1E63A1AC65E17B3194238FA2CF3BF, 9A52D6DD14BEBB7B407B2703A111D1B302F1B84AA40A14D21FCA554F395E935D ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
09:14:22.0858 0x1d28 tdx - ok
09:14:22.0870 0x1d28 [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
09:14:22.0881 0x1d28 terminpt - ok
09:14:22.0919 0x1d28 [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService C:\WINDOWS\System32\termsrv.dll
09:14:22.0961 0x1d28 TermService - ok
09:14:22.0971 0x1d28 [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes C:\WINDOWS\system32\themeservice.dll
09:14:23.0004 0x1d28 Themes - ok
09:14:23.0066 0x1d28 [ 79431E9EEAE85C3E579D28265D2E3F21, 4C4A5CCCA8754D15737EC6E838E9F8A2B0D044F1FEB435B332EC70BB0CFA7DE1 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
09:14:23.0102 0x1d28 tiledatamodelsvc - ok
09:14:23.0116 0x1d28 [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
09:14:23.0133 0x1d28 TimeBroker - ok
09:14:23.0178 0x1d28 [ 48951FBFFFCAE52FADFCDFB76ED19749, A0D4B3944DCB8583864A5DC61C0FF7F437409FC4F3437DD3A83E62D9F22BDB25 ] tmtdi C:\WINDOWS\system32\DRIVERS\tmtdi.sys
09:14:23.0186 0x1d28 tmtdi - ok
09:14:23.0229 0x1d28 [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
09:14:23.0243 0x1d28 TPM - ok
09:14:23.0260 0x1d28 [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks C:\WINDOWS\System32\trkwks.dll
09:14:23.0276 0x1d28 TrkWks - ok
09:14:23.0338 0x1d28 [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:14:23.0362 0x1d28 TrustedInstaller - ok
09:14:23.0391 0x1d28 [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
09:14:23.0424 0x1d28 TsUsbFlt - ok
09:14:23.0434 0x1d28 [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:14:23.0457 0x1d28 TsUsbGD - ok
09:14:23.0507 0x1d28 [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
09:14:23.0534 0x1d28 tunnel - ok
09:14:23.0542 0x1d28 [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
09:14:23.0553 0x1d28 uagp35 - ok
09:14:23.0571 0x1d28 [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
09:14:23.0583 0x1d28 UASPStor - ok
09:14:23.0594 0x1d28 [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
09:14:23.0621 0x1d28 UcmCx0101 - ok
09:14:23.0660 0x1d28 [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
09:14:23.0684 0x1d28 UcmUcsi - ok
09:14:23.0725 0x1d28 [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
09:14:23.0739 0x1d28 Ucx01000 - ok
09:14:23.0752 0x1d28 [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
09:14:23.0788 0x1d28 UdeCx - ok
09:14:23.0812 0x1d28 [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
09:14:23.0837 0x1d28 udfs - ok
09:14:23.0847 0x1d28 [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
09:14:23.0858 0x1d28 UEFI - ok
09:14:23.0882 0x1d28 [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
09:14:23.0897 0x1d28 Ufx01000 - ok
09:14:23.0930 0x1d28 [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
09:14:23.0941 0x1d28 UfxChipidea - ok
09:14:23.0954 0x1d28 [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
09:14:23.0967 0x1d28 ufxsynopsys - ok
09:14:24.0012 0x1d28 [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
09:14:24.0029 0x1d28 UI0Detect - ok
09:14:24.0040 0x1d28 [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
09:14:24.0052 0x1d28 uliagpkx - ok
09:14:24.0063 0x1d28 [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
09:14:24.0077 0x1d28 umbus - ok
09:14:24.0092 0x1d28 [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
09:14:24.0117 0x1d28 UmPass - ok
09:14:24.0155 0x1d28 [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService C:\WINDOWS\System32\umrdp.dll
09:14:24.0183 0x1d28 UmRdpService - ok
09:14:24.0239 0x1d28 [ A4A5FF89F65D8D1AA3A769654AD8DBC0, 9C792595F7E90C6074BC0FF5A63C9A19449E2F2E2780087BBF12A72658437EE0 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
09:14:24.0300 0x1d28 UnistoreSvc - ok
09:14:24.0380 0x1d28 [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost C:\WINDOWS\System32\upnphost.dll
09:14:24.0417 0x1d28 upnphost - ok
09:14:24.0429 0x1d28 [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
09:14:24.0440 0x1d28 UrsChipidea - ok
09:14:24.0453 0x1d28 [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
09:14:24.0464 0x1d28 UrsCx01000 - ok
09:14:24.0485 0x1d28 [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
09:14:24.0496 0x1d28 UrsSynopsys - ok
09:14:24.0514 0x1d28 [ 1DC6166DB6C4FEFE87D9B9105044E5BE, D19B867C0E900B596B4180390A6E4F2ECCBDF8FBD49561C23DBA7D460B8F44A9 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:14:24.0535 0x1d28 usbaudio - ok
09:14:24.0555 0x1d28 [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
09:14:24.0569 0x1d28 usbccgp - ok
09:14:24.0575 0x1d28 [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
09:14:24.0590 0x1d28 usbcir - ok
09:14:24.0675 0x1d28 [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
09:14:24.0687 0x1d28 usbehci - ok
09:14:24.0708 0x1d28 [ 76E2FFAD301490BA27B947C6507752FB, A4C6FC5C3BF428C624D0792873CB01C8F16F49B0E8B36422025A1094F0AAE231 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys
09:14:24.0715 0x1d28 usbfilter - ok
09:14:24.0754 0x1d28 [ 15FE07A404C8A0CD306661433027FFE4, 250C5B4624EF062C88F49DCFEA00BFF1771EFE8B095EC4F0B51C99BB3F80EC66 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
09:14:24.0775 0x1d28 usbhub - ok
09:14:24.0798 0x1d28 [ 7E51F2AD1D729F5CDBB6BE21CB58FEB7, 4C9CBC7BE52EE80E3734ACF9AA6FC106FBAA9AE15FCDACB7E5100ED5CC041E80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
09:14:24.0820 0x1d28 USBHUB3 - ok
09:14:24.0832 0x1d28 [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
09:14:24.0863 0x1d28 usbohci - ok
09:14:24.0980 0x1d28 [ A3FD7E087957D765DF5575EF10AE0E96, 47A03B460A119ABC64D651588003279E4DC9FA2C4FCF10C899EBD13479F11DF7 ] USBPNPA C:\WINDOWS\system32\drivers\CM10864.sys
09:14:25.0160 0x1d28 USBPNPA - ok
09:14:25.0181 0x1d28 [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
09:14:25.0203 0x1d28 usbprint - ok
09:14:25.0217 0x1d28 [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser C:\WINDOWS\System32\drivers\usbser.sys
09:14:25.0243 0x1d28 usbser - ok
09:14:25.0257 0x1d28 [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:14:25.0270 0x1d28 USBSTOR - ok
09:14:25.0282 0x1d28 [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
09:14:25.0294 0x1d28 usbuhci - ok
09:14:25.0314 0x1d28 [ B1484D4BBC6B7B424F1CD1554B0AFB84, C9432978603360182AAA983248FFA97576B3C59BE5DA45473DFA17E2940479C8 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
09:14:25.0332 0x1d28 usbvideo - ok
09:14:25.0361 0x1d28 [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:14:25.0379 0x1d28 USBXHCI - ok
09:14:25.0450 0x1d28 [ FD38DDBCC1699BAB0446B93C1245FE17, 0AADBE137FE4372C3FFF2E98CAB4522CBC16CA1CE9564FB3C53A896A1B4E6EC2 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
09:14:25.0508 0x1d28 UserDataSvc - ok
09:14:25.0588 0x1d28 [ E9E2B5FFBEFC2CDF14A6E55DD94CC823, A10C011835A65601B8FE3A30F361C224C60084A78085842ADCDA248047530CD1 ] UserManager C:\WINDOWS\System32\usermgr.dll
09:14:25.0634 0x1d28 UserManager - ok
09:14:25.0664 0x1d28 [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc C:\WINDOWS\system32\usocore.dll
09:14:25.0687 0x1d28 UsoSvc - ok
09:14:25.0732 0x1d28 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc C:\WINDOWS\system32\lsass.exe
09:14:25.0744 0x1d28 VaultSvc - ok
09:14:25.0757 0x1d28 [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
09:14:25.0768 0x1d28 vdrvroot - ok
09:14:25.0821 0x1d28 [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds C:\WINDOWS\System32\vds.exe
09:14:25.0868 0x1d28 vds - ok
09:14:25.0889 0x1d28 [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
09:14:25.0903 0x1d28 VerifierExt - ok
09:14:25.0968 0x1d28 [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
09:14:25.0993 0x1d28 vhdmp - ok
09:14:26.0016 0x1d28 [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
09:14:26.0028 0x1d28 vhf - ok
09:14:26.0045 0x1d28 [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
09:14:26.0058 0x1d28 vmbus - ok
09:14:26.0066 0x1d28 [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
09:14:26.0079 0x1d28 VMBusHID - ok
09:14:26.0164 0x1d28 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
09:14:26.0197 0x1d28 vmicguestinterface - ok
09:14:26.0209 0x1d28 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
09:14:26.0235 0x1d28 vmicheartbeat - ok
09:14:26.0247 0x1d28 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
09:14:26.0273 0x1d28 vmickvpexchange - ok
09:14:26.0285 0x1d28 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
09:14:26.0311 0x1d28 vmicrdv - ok
09:14:26.0323 0x1d28 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
09:14:26.0349 0x1d28 vmicshutdown - ok
09:14:26.0361 0x1d28 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
09:14:26.0387 0x1d28 vmictimesync - ok
09:14:26.0399 0x1d28 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
09:14:26.0425 0x1d28 vmicvmsession - ok
09:14:26.0437 0x1d28 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
09:14:26.0463 0x1d28 vmicvss - ok
09:14:26.0483 0x1d28 [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
09:14:26.0495 0x1d28 volmgr - ok
09:14:26.0516 0x1d28 [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
09:14:26.0534 0x1d28 volmgrx - ok
09:14:26.0550 0x1d28 [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
09:14:26.0569 0x1d28 volsnap - ok
09:14:26.0599 0x1d28 [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
09:14:26.0610 0x1d28 vpci - ok
09:14:26.0626 0x1d28 [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
09:14:26.0639 0x1d28 vsmraid - ok
09:14:26.0708 0x1d28 [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS C:\WINDOWS\system32\vssvc.exe
09:14:26.0764 0x1d28 VSS - ok
09:14:26.0789 0x1d28 [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
09:14:26.0805 0x1d28 VSTXRAID - ok
09:14:26.0820 0x1d28 [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
09:14:26.0839 0x1d28 vwifibus - ok
09:14:26.0852 0x1d28 [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
09:14:26.0877 0x1d28 vwififlt - ok
09:14:26.0913 0x1d28 [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time C:\WINDOWS\system32\w32time.dll
09:14:26.0944 0x1d28 W32Time - ok
09:14:27.0012 0x1d28 [ 9776E4816D92B766F461957FBDA84360, 048F6ADC97767AFAB50582D0AE1E67A15B038A1C02F7982A6AD30B61AC5C7369 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
09:14:27.0049 0x1d28 w3logsvc - ok
09:14:27.0102 0x1d28 [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
09:14:27.0137 0x1d28 W3SVC - ok
09:14:27.0151 0x1d28 [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
09:14:27.0176 0x1d28 WacomPen - ok
09:14:27.0198 0x1d28 [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService C:\WINDOWS\system32\WalletService.dll
09:14:27.0230 0x1d28 WalletService - ok
09:14:27.0266 0x1d28 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:14:27.0282 0x1d28 wanarp - ok
09:14:27.0287 0x1d28 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:14:27.0302 0x1d28 wanarpv6 - ok
09:14:27.0316 0x1d28 [ F61FA0EDBE913DFCA0CF012FDD9E99EE, DE8685230D49F940640F400D2EC4F10E677AF6D57B3FAB0342AA98BEA779D6AD ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
09:14:27.0344 0x1d28 WAS - ok
09:14:27.0569 0x1d28 [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine C:\WINDOWS\system32\wbengine.exe
09:14:27.0637 0x1d28 wbengine - ok
09:14:27.0669 0x1d28 [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
09:14:27.0713 0x1d28 WbioSrvc - ok
09:14:27.0755 0x1d28 [ BB87BF4D17EBB3C05236FDAA048EBE07, 45D3B0C2561E28EDA4460C23768F660AE0F56527F7BDD191ED0DE4F414983AE1 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
09:14:27.0785 0x1d28 Wcmsvc - ok
09:14:27.0801 0x1d28 [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
09:14:27.0842 0x1d28 wcncsvc - ok
09:14:27.0857 0x1d28 [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
09:14:27.0884 0x1d28 WcsPlugInService - ok
09:14:27.0917 0x1d28 [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
09:14:27.0928 0x1d28 WdBoot - ok
09:14:27.0957 0x1d28 [ 796D1C95894BC15B3FEF090C107CBA31, 97917C543CBC13288F2194CB09C3A2759012B74F0D72DDB0896EF42C87348C6D ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
09:14:27.0984 0x1d28 Wdf01000 - ok
09:14:28.0003 0x1d28 [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
09:14:28.0021 0x1d28 WdFilter - ok
09:14:28.0037 0x1d28 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
09:14:28.0064 0x1d28 WdiServiceHost - ok
09:14:28.0068 0x1d28 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
09:14:28.0088 0x1d28 WdiSystemHost - ok
09:14:28.0118 0x1d28 [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
09:14:28.0156 0x1d28 wdiwifi - ok
09:14:28.0191 0x1d28 [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
09:14:28.0204 0x1d28 WdNisDrv - ok
09:14:28.0234 0x1d28 WdNisSvc - ok
09:14:28.0254 0x1d28 [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:14:28.0283 0x1d28 WebClient - ok
09:14:28.0302 0x1d28 [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
09:14:28.0323 0x1d28 Wecsvc - ok
09:14:28.0334 0x1d28 [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
09:14:28.0363 0x1d28 WEPHOSTSVC - ok
09:14:28.0375 0x1d28 [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
09:14:28.0397 0x1d28 wercplsupport - ok
09:14:28.0406 0x1d28 [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc C:\WINDOWS\System32\WerSvc.dll
09:14:28.0428 0x1d28 WerSvc - ok
09:14:28.0431 0x1d28 wfpcapture - ok
09:14:28.0447 0x1d28 [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
09:14:28.0460 0x1d28 WFPLWFS - ok
09:14:28.0473 0x1d28 [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
09:14:28.0498 0x1d28 WiaRpc - ok
09:14:28.0532 0x1d28 [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
09:14:28.0543 0x1d28 WIMMount - ok
09:14:28.0545 0x1d28 WinDefend - ok
09:14:28.0583 0x1d28 [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
09:14:28.0596 0x1d28 WindowsTrustedRT - ok
09:14:28.0610 0x1d28 [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
09:14:28.0620 0x1d28 WindowsTrustedRTProxy - ok
09:14:28.0667 0x1d28 [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:14:28.0720 0x1d28 WinHttpAutoProxySvc - ok
09:14:28.0736 0x1d28 [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
09:14:28.0746 0x1d28 WinMad - ok
09:14:28.0823 0x1d28 [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:14:28.0851 0x1d28 Winmgmt - ok
09:14:28.0938 0x1d28 [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:14:29.0041 0x1d28 WinRM - ok
09:14:29.0064 0x1d28 [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
09:14:29.0078 0x1d28 WINUSB - ok
09:14:29.0113 0x1d28 [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
09:14:29.0124 0x1d28 WinVerbs - ok
09:14:29.0190 0x1d28 [ 1D57DD1A716A1C2C71F0A53BD00B6AFD, 5374CFA453ECE8F70C1A7AC6CB1ABAF64C6BB4366BAD666533C495DD1BADC395 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
09:14:29.0266 0x1d28 WlanSvc - ok
09:14:29.0381 0x1d28 [ 802E5A0B96C1E9FCC0CBFD75F04CE7DF, C689E22141B5FA69438205D824DFCB408429DE9B8612A424E3425717017E9DB3 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
09:14:29.0468 0x1d28 wlidsvc - ok
09:14:29.0497 0x1d28 [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
09:14:29.0509 0x1d28 WmiAcpi - ok
09:14:29.0527 0x1d28 [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:14:29.0555 0x1d28 wmiApSrv - ok
09:14:29.0590 0x1d28 WMPNetworkSvc - ok
09:14:29.0603 0x1d28 [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
09:14:29.0619 0x1d28 Wof - ok
09:14:29.0691 0x1d28 [ B2D8EDBBC339D903BF4073FF7A8D251E, 989F3B94F084720A094C89FD5AF02B5D5BCE5FB127F323E1ADA2890B6AAB3535 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
09:14:29.0792 0x1d28 workfolderssvc - ok
09:14:29.0850 0x1d28 [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
09:14:29.0861 0x1d28 wpcfltr - ok
09:14:29.0875 0x1d28 [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
09:14:29.0907 0x1d28 WPDBusEnum - ok
09:14:29.0947 0x1d28 [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:14:29.0957 0x1d28 WpdUpFltr - ok
09:14:29.0966 0x1d28 [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService C:\WINDOWS\system32\WpnService.dll
09:14:29.0998 0x1d28 WpnService - ok
09:14:30.0027 0x1d28 [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:14:30.0056 0x1d28 ws2ifsl - ok
09:14:30.0070 0x1d28 [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
09:14:30.0091 0x1d28 wscsvc - ok
09:14:30.0094 0x1d28 WSearch - ok
09:14:30.0179 0x1d28 [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService C:\WINDOWS\System32\WSService.dll
09:14:30.0270 0x1d28 WSService - ok
09:14:30.0339 0x1d28 [ 994DB3BD0278B3136FD95F7E1C73A935, 4ECAD55E7ABF24DFB79882E842FE424157C383B0565FF1B222E74A085F05FC28 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
09:14:30.0416 0x1d28 wuauserv - ok
09:14:30.0434 0x1d28 [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
09:14:30.0449 0x1d28 WudfPf - ok
09:14:30.0492 0x1d28 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
09:14:30.0522 0x1d28 WUDFRd - ok
09:14:30.0541 0x1d28 [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
09:14:30.0557 0x1d28 wudfsvc - ok
09:14:30.0633 0x1d28 [ 989EC133AD360CE71F85974B03143D97, 590145B7BD17A25A0848BD5C41AB967ED6C8DADE2BF91C6F4CA6D29CC3D1C79B ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
09:14:30.0697 0x1d28 WwanSvc - ok
09:14:30.0726 0x1d28 [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
09:14:30.0766 0x1d28 XblAuthManager - ok
09:14:30.0798 0x1d28 [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
09:14:30.0863 0x1d28 XblGameSave - ok
09:14:30.0915 0x1d28 [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
09:14:30.0960 0x1d28 xboxgip - ok
09:14:30.0995 0x1d28 [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
09:14:31.0057 0x1d28 XboxNetApiSvc - ok
09:14:31.0091 0x1d28 [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
09:14:31.0103 0x1d28 xinputhid - ok
09:14:31.0146 0x1d28 [ 377F3E3467A8BFA3CDC921AD6425D513, 699271DA1D63E90FE1F9FE8AF3A8789CA588A0B7A2AFF5899EBA443361E041A5 ] XSplit_Dummy C:\WINDOWS\system32\drivers\xspltspk.sys
09:14:31.0154 0x1d28 XSplit_Dummy - ok
09:14:31.0155 0x1d28 ================ Scan global ===============================
09:14:31.0228 0x1d28 [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
09:14:31.0285 0x1d28 [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
09:14:31.0337 0x1d28 [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
09:14:31.0391 0x1d28 [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
09:14:31.0399 0x1d28 [ Global ] - ok
09:14:31.0399 0x1d28 ================ Scan MBR ==================================
09:14:31.0404 0x1d28 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:14:31.0696 0x1d28 \Device\Harddisk0\DR0 - ok
09:14:31.0696 0x1d28 ================ Scan VBR ==================================
09:14:31.0699 0x1d28 [ 1F74617EA6406940F0CCDE95F2A1A3D6 ] \Device\Harddisk0\DR0\Partition1
09:14:31.0745 0x1d28 \Device\Harddisk0\DR0\Partition1 - ok
09:14:31.0748 0x1d28 [ 579251792BC67F1CB8F3280B84F41465 ] \Device\Harddisk0\DR0\Partition2
09:14:31.0788 0x1d28 \Device\Harddisk0\DR0\Partition2 - ok
09:14:31.0788 0x1d28 ================ Scan generic autorun ======================
09:14:32.0038 0x1d28 [ 22EBD5AE3B3220D713E544D1D3AB3FEE, 9EF058B096DAA5C6242FBEB3DF509108180B1EB1EA252E63C437CF6C1B743BE0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
09:14:32.0202 0x1d28 RTHDVCPL - ok
09:14:32.0292 0x1d28 [ 543C8A2961F38C20438A61B9455E914C, 58B5E00312DEEE5474CF42F0C86664254AE7123055219C342A80AB5754E48BF6 ] C:\WINDOWS\syswow64\RunDll32.exe
09:14:32.0368 0x1d28 Cm108Sound - ok
09:14:32.0451 0x1d28 [ 7486DEF5CC9334F58871D6D18B73C562, 68079CAEE80FB4A375EF04B6D3335FDE3A223C295D66821D13FFEF0FFD6B80C3 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
09:14:32.0467 0x1d28 AdobeAAMUpdater-1.0 - ok
09:14:32.0492 0x1d28 [ 5A77E2A4DD76B0733CF30AAD21AB3587, 345C43F209CD29C7A1E8BD88C725D154C29F47B767CD3749EE61601EB4DDDC03 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
09:14:32.0500 0x1d28 RUSB3MON - ok
09:14:32.0551 0x1d28 [ 04D70EE42200A6D07DBB40612FBE4A55, 9EF730E73EF4852C7A64E71E8DA91864CA6C00682A37DC9A3AE4653E5827E017 ] C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
09:14:32.0566 0x1d28 Super-Charger - ok
09:14:32.0659 0x1d28 [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:14:32.0672 0x1d28 SunJavaUpdateSched - ok
09:14:32.0751 0x1d28 [ 1F4DCEB8FF746B8FA077D8370E7CAD59, E29DE166D2A9EB5D6D5483A279D55B7FA972D18547D7C122F739EADC5DBE1DFC ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
09:14:32.0771 0x1d28 StartCCC - ok
09:14:32.0851 0x1d28 [ 051B5C9492CBAF8AF8BF800A27BE0529, 27674C88CBDE020FD385C4BE81E51D67A5A1824AC6E2F85E0BB13BD6D31815AC ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
09:14:32.0900 0x1d28 Adobe Creative Cloud - ok
09:14:32.0966 0x1d28 [ 8FFDB89A0FB7C8ABC3A8825E38047341, B9107FAA3A885CD9A08C20F78D31C3642FA76812E417F41C4F2ADF7D90CA8C72 ] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
09:14:32.0977 0x1d28 LWS - ok
09:14:33.0185 0x1d28 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:14:33.0397 0x1d28 OneDriveSetup - ok
09:14:33.0577 0x1d28 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:14:33.0730 0x1d28 OneDriveSetup - ok
09:14:33.0859 0x1d28 [ 2287DAEA100837E40232FD9053F635D8, 8E905B8BC72F8DD6C7C71A7E04CD8D8EC1E9AD2B77EF5A48E089E439A75043D6 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE
09:14:33.0871 0x1d28 EPLTarget\P0000000000000000 - ok
09:14:33.0996 0x1d28 [ C2D2FFD27F46815951C9562F0A2EC864, 892A5DC5C3D797E3FD36230710BA9AF43ADA5CDFD19A03268D20D5A9DA3CCB3A ] C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
09:14:34.0014 0x1d28 OneDrive - ok
09:14:34.0015 0x1d28 Waiting for KSN requests completion. In queue: 39
09:14:35.0016 0x1d28 Waiting for KSN requests completion. In queue: 39
09:14:36.0017 0x1d28 Waiting for KSN requests completion. In queue: 39
09:14:37.0029 0x1d28 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
09:14:37.0029 0x1d28 AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x52000 ( disabled : updated )
09:14:37.0030 0x1d28 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
09:14:41.0643 0x1d28 ============================================================
09:14:41.0643 0x1d28 Scan finished
09:14:41.0643 0x1d28 ============================================================
09:14:41.0651 0x02c8 Detected object count: 0
09:14:41.0651 0x02c8 Actual detected object count: 0
09:15:03.0056 0x14f0 Deinitialize success
|
|
25.09.2015, 18:20
| #5 |
| /// the machine /// TB-Ausbilder | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.09.2015, 19:57
| #6 |
| | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam Danke! Ich weiß nicht ob es gerade in diesem Moment so viel gebracht hat da mein Rechner gerade eine "ruhige Phase" hat. Er arbeitet zwar nicht wirklich mit Topeffizienz wie vorher, aber er ist gerade auch nicht so extrem eingeschränkt wie gestern. Das ist immer ein auf und ab. Glaube wenn ich meinen Rechner neustarte, würde 'es' wieder losgehen... Edit: Habe gerade mal ein sehr Grafikaufwendiges Spiel gestartet um zu testen. Läuft ohne Probleme auf maximum. Gerade scheint mein PC echt gut zu laufen. ABER ich glaube immer noch, dass wenn ich ihn neustarte, der ganze Salat wieder von vorn los geht. Deutet vielleicht auf einen Schaden am Rechner (Festplatte oder CPU?) als auf einen Virus hin? Geändert von Daniel300 (25.09.2015 um 20:54 Uhr) |
|
27.09.2015, 10:01
| #7 |
| | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam 03:24 UHR: Hab mal Videos die auf der Festplatte liegen getestet. Gibt Ladeprobleme. Damals ging das blitzschnell. Auch beim hin und her spulen. Nun nur sehr langsame Reaktionen und Probleme beim buffern. Generell benötige ich für Rechenintensive Dinge viel länger als vorher und man merkt, dass er dabei Probleme hat (andere Programme die gleichzeitig laufen frieren kurzzeitig ein usw.), Das war früher nicht so. Sich mit dem Explorer im System zu bewegen geht auch langsamer von statten als vorher. Hab das Gefühl das jeder Ordner den ich öffne ein Kraftakt für den PC ist. Thumbnails laden auch nur langsam. Früher blitzschnell. Der Rechner läuft nun zwar trotzdem besser als gestern wo gar nichts mehr ging, aber dennoch stimmt was nicht mit ihm. Bekomme immer mehr den Eindruck das CPU oder Festplatte im Eimer sind. Oder vielleicht doch ein Virus? Ich habe keinen Plan :-/ EDIT 18:52 UHR: Es geht wieder los. Jetzt gerade in diesem Moment ist der Rechner stark am arbeiten. Von jetzt auf gleich und ich weiß nicht an was. Er ist gerade kaum nutzbar. Vieles friert ein "Keine Rückmeldung" und ist sehr langsam. Mir gelang es paar Screenshots zu machen. Hoffe sie helfen.     EDIT 23:10 UHR: So wie ich das sehe ist "system idle process" Verantwortlich?   EDIT 00:22 UHR Ich habe mir mal nach einer Recherche Svchostanalyzer runtergeladen da ich viele svchost Elemente in meiner Taskleiste sehe. Und siehe da: Mehrere sind laut Programm verdächtig. Was tun?  UPDATE 08:25 Malwaeebytes nochmal von der offiziellen Homepage runtergeladen (neuere Version) und NUN wurde was gefunden!   Benötige nun dringend Anweisungen.  Hat leider nichts gebracht. Nachdem Malwarebytes alle Objekte in die Quarantäne verschob und den Rechner neustartete, kam der erste sehr langsame Bootversuch. Dieser scheiterte nach ca. 5 Minuten mit einer Windows DOS Meldung das es einen unerwarteten Fehler gab und irgend ein Wechselmedium z.B. Festplatte nicht mehr verbunden sei. 30 Sekunden später löste sich diese Meldung automatisch in Luft auf und der Rechner bootete automatisch erneut. Ab hier hat es dann - wie vor paar Tagen - ca. zwei Stunden gedauert, bis ich mal auf dem Dekstop landete - der abermals 30 Minuten zum laden benötigte. Es bestehen weiterhin folgende Symptome: - Booten dauert 2 Stunden - Rechner arbeitet SEHR langsam - Programme frieren ein "Keine Rückmeldung" Ich bitte um Hilfe. Geändert von Daniel300 (27.09.2015 um 07:38 Uhr) |
|
27.09.2015, 15:56
| #8 |
| /// the machine /// TB-Ausbilder | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam Die Funde sind nur PUP. Process Explorer ist normal. System Idle ist der Leerlauf, der muss so hoch wie möglich sein. Deinstalliere alles von McAfee, dann nochmal testen. Hilft das nicht, dann: Bitte Windows Repair laufen lassen: Windows reparieren - so geht's - Anleitungen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.09.2015, 03:27
| #9 |
| | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam Benoetige dringend Hilfe. Ich komme nicht mehr aus dem abgesichertem Modus heraus und kann daher nun gar nichts mehr tun. Ins Internet komme ich nur weil ich durch Zufall im MSI Menu ausserhalb von Windows die Funktion Browser and Internet gefunden habe und kann damit nur wenige Seiten nutzen. Interessant zu erwaehnen ist auch, dass hier ausserhalb von windows alles fluessig lauft. F8 im Eingabemenu am Anfang geht bei mir nicht. PC neustarten bringt nichts. EDIT 18.42 UHR Aus dem Abgesicherten Modus kam ich nun dank Windows Taste + R und msconfig. Aber mittlerweile gehen seit ich McAfee deinstalliert habe in Windows die Browser nicht mehr. Sowohl Edge als auch Chrome reagieren nicht. Vermute mal das das vom Virus ausgeht. Online bin ich gerade wieder ueber MSI Winki das ausserhalb von Windows liegt welches ich ueber den Bootvorgang erreiche. Haettest du noch eine Idee Schrauber. EDIT 04:20 UHR Chrome in Windows geht wieder. Habe den Eindruck das der PC nochmal langsamer geworden ist. Werde ihn Mittwoch wohl zur Werkstatt bringen. Oder hättest du noch eine Idee Schrauber? Ist es ein Indiz auf einen normalen Hardwareschaden (ohne Virenfremdeinwirkung) das ich in den letzten Tagen beim booten drei mal eine Windows-Meldung bekam die so ähnlich lautete wie: "Windows Fehler. Kommunikation mit Wechselspeichergerät (z.B. Festplatte, USB, Laufwerk) nicht möglich. Verbindung reagiert nicht." Oder ist es typisch bei Virenbefall solch Meldungen im Bootvorgang zu bekommen? Geändert von Daniel300 (28.09.2015 um 18:34 Uhr) |
|
29.09.2015, 19:11
| #10 |
| /// the machine /// TB-Ausbilder | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam Du sagst doch der Rechner ist normal schnell ausserhalb von Windows? Dann ist Windows das Problem, nicht die Hardware. Daten sicher, neuaufsetzen, keine Programme installieren sondern erst mal testen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.10.2015, 11:39
| #11 | |
| | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsamZitat:
Kann man davon ausgehen, dass - sollte es ein Virus sein (PC arbeitet sehr langsam) - dieser bei Neuinstallation von Windows weg ist? EDIT: Windows wurde neu installiert. Die Probleme bestehen weiterhin. Habe mir mal CrystalDiskInfo runtergeladen und wie es scheint, war es die ganze Zeit kein Virus sondern die Festplatte ist hinüber.  |
|
07.10.2015, 08:21
| #12 |
| /// the machine /// TB-Ausbilder | Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam Jap, sieht nicht gut aus.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Datenträgerauslastung permanent auf 100%, PC bootet kaum und arbeitet sehr langsam |
| 100%, avast, booten, datenträgerauslastung, defender, dnsapi.dll, explorer, festplatte, flash player, ftp, home, internet, internet explorer, kaputt, langsam, lws.exe, onedrive, problem, prozesse, registry, rundll, scan, security, server, services.exe, siteadvisor, temp, usb, virus, webadvisor, windowsapps |
Linear-Darstellung
