| |
| |||||||
Log-Analyse und Auswertung: Msupdate und RarSFX0, Trojaner?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
20.08.2016, 12:22
| #1 |
| |  Msupdate und RarSFX0, Trojaner? Hallo liebe Community, Sophos hat mich auf einen Virenbefall hingewiesen. Ein Scan mit Malwarebytes hat dies leider bestätigt. Anbei sind Logs von frst mit addition und von malwarebytes. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-08-2016
durchgeführt von Max (Administrator) auf MAX-PC (20-08-2016 12:23:51)
Gestartet von C:\Users\Max\Downloads
Geladene Profile: Max (Verfügbare Profile: Max)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Novell, Inc.) C:\Program Files\Novell\Client\XTier\Services\xtsvcmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUS) C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
() C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Novell\Client\nwtray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel(R) Corporation) C:\Program Files\Intel\TurboBoost\TurboBoost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(asus) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [2799784 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [NWTRAY] => C:\Program Files\Novell\Client\nwtray.exe [40632 2013-12-18] ()
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-17] (NVIDIA Corporation)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2010-07-02] ()
HKLM-x32\...\Run: [SessionLogon] => C:\ExpressGateUtil\SessionLogon.exe
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1531872 2016-04-14] (Sophos Limited)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [1034752 2016-05-03] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2218909522-371895218-1508300633-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2218909522-371895218-1508300633-1000\...\Run: [tsiVideo] => C:\Users\Max\AppData\Local\Temp\mdi064.dll [1456128 2016-08-11] () <===== ACHTUNG
HKU\S-1-5-21-2218909522-371895218-1508300633-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-09-28] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs: , C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [231936 2016-04-14] (Sophos Limited)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [289040 2016-04-14] (Sophos Limited)
Lsa: [Authentication Packages] msv1_0 ncv1_0
ShellIconOverlayIdentifiers: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll [2007-06-15] ()
ShellIconOverlayIdentifiers: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll [2007-06-01] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon] -> {A825576B-0042-4F0F-8FB0-93CE0F054E69} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll [2007-06-15] ()
ShellIconOverlayIdentifiers-x32: [ADSMOverlayIcon1] -> {A8D448F4-0431-45AC-9F5E-E1B434AB2249} => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll [2007-06-01] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2013-09-27]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-14] (Sophos Limited)
Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-14] (Sophos Limited)
Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-14] (Sophos Limited)
Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-14] (Sophos Limited)
Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-14] (Sophos Limited)
Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-14] (Sophos Limited)
Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-14] (Sophos Limited)
Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-14] (Sophos Limited)
Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [141208 2016-04-14] (Sophos Limited)
Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-14] (Sophos Limited)
Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-14] (Sophos Limited)
Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-14] (Sophos Limited)
Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-14] (Sophos Limited)
Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-14] (Sophos Limited)
Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-14] (Sophos Limited)
Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-14] (Sophos Limited)
Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-14] (Sophos Limited)
Winsock: Catalog9-x64 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [194152 2016-04-14] (Sophos Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{5AF2DBF5-3C66-45B4-BB8E-C11446441141}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-2218909522-371895218-1508300633-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-31] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default
FF Homepage: hxxps://www.google.de/
FF NetworkProxy: "autoconfig_url", "data:application/x-ns-proxy-autoconfig;base64,ZnVuY3Rpb24gaXNZb3VUdWJlVmlkZW8odXJsKXsgcmV0dXJuIG5ldyBSZWdFeHAoIl4oPzpodHRwfGh0dHBzKTpcXC9cXC8oPzouKikoPzouZ29vZ2xldmlkZW8uY29tfC5jLnlvdXR1YmUuY29tKSg/Oi4qKVxcL3ZpZGVvcGxheWJhY2soPzouKikoPzpnY3I9dXN8XFwvZ2NyXFwvdXNcXC8pKD86LiopJCIsJ2knKS50ZXN0KHVybCk7fWZ1bmN0aW9uIGlzWW91VHViZVZpZGVvUGFnZSh1cmwsIGhvc3QsIHZpZHVybCkgeyByZXR1cm4gaG9zdC5pbmRleE9mKCd5b3V0dWJlLmNvbScpICE9IC0xICYmIHVybC5pbmRleE9mKHZpZHVybCkgIT0gLTE7fWZ1bmN0aW9uIEZpbmRQcm94eUZvclVSTCh1cmwsIGhvc3QpIHtpZihpc1lvdVR1YmVWaWRlbyh1cmwpICB8fCBpc1lvdVR1YmVWaWRlb1BhZ2UodXJsLCBob3N0LCAnaHR0cHM6Ly93d3cueW91dHViZS5jb20vd2F0Y2g/dj1QdUVNU3ZoY0d3QSZsaXN0PVBMLVVXUGxSSWw2OHJTNTlrN3VTQnlPbXZNV1NpOFgwMzMnKSB8fCBpc1lvdVR1YmVWaWRlb1BhZ2UodXJsLCBob3N0LCAnaHR0cHM6Ly93d3cueW91dHViZS5jb20vd2F0Y2g/dj0yUWZXZ1RjQmRhTSZsaXN0PVBMZGRTa1V4bVBFQy1leHhTdUFqOUQ1c2hxRzZBLXRVQ18nKSl7IHJldHVybiAnUFJPWFkgMjA5LjIzOS4xMjAuMTE0OjMxMzEnO31lbHNleyByZXR1cm4gJ0RJUkVDVCc7fX0="
FF NetworkProxy: "backup.ftp", "37.187.114.209"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "37.187.114.209"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "37.187.114.209"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "proxy.uni-hamburg.de"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "proxy.uni-hamburg.de"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "proxy.uni-hamburg.de"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "proxy.uni-hamburg.de"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-09-04] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-31] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\user.js [2013-11-17]
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\searchplugins\bulbapedia-en.xml [2015-02-28]
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\searchplugins\pokwiki-de.xml [2015-02-28]
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\searchplugins\serebiinet.xml [2016-03-17]
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\searchplugins\youtube-videosuche.xml [2015-03-01]
FF Extension: Rikaichan - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\extensions\{0AA9101C-D3C1-4129-A9B7-D778C6A17F82} [2015-05-29]
FF Extension: Rikaichan Japanese-German Dictionary File - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\extensions\rikaichan-jpde@polarcloud.com [2016-01-02]
FF Extension: Always on Top - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\extensions\{E6C93316-271E-4b3d-8D7E-FE11B4350AEB}.xpi [2016-04-28]
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\Extensions\ich@maltegoetz.de.xpi [2015-07-28]
FF Extension: Adblock Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF Extension: web_clipper - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\euovsn1f.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2016-04-27]
Chrome:
=======
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-17]
CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-17] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [Datei ist nicht signiert]
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-17] (NVIDIA Corporation)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [311544 2016-04-14] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [285136 2016-04-14] (Sophos Limited)
R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe [901248 2016-04-14] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [604000 2016-04-14] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341800 2014-10-14] (Sophos Limited)
R2 sophossps; C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe [2455816 2016-04-14] (Sophos Limited)
R3 spmgr; C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496 2007-08-03] ()
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3339736 2016-04-14] (Sophos Limited)
S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2118896 2016-04-14] (Sophos Limited)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 XTSvcMgr; C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe [21176 2013-12-18] (Novell, Inc.)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-29] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R2 ghaio; C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [17464 2007-08-03] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R0 NCFilter; C:\Windows\System32\DRIVERS\NCFilter.sys [112312 2013-12-18] ()
R2 NCFSD; C:\Program Files\Novell\Client\XTier\Drivers\ncfsd.sys [116408 2013-12-18] ()
R2 NCIOCTL; C:\Program Files\Novell\Client\XTier\Drivers\ncioctl.sys [91320 2013-12-18] ()
R0 NCRecognizer; C:\Windows\System32\DRIVERS\NCRecognizer.sys [121016 2013-12-18] ()
R0 NCUncFilter; C:\Windows\System32\DRIVERS\NCUncFilter.sys [27320 2013-12-18] ()
R1 NICM; C:\Program Files\Novell\Client\XTier\Drivers\nicm.sys [32952 2013-12-18] (Novell, Inc.)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2016-04-14] (Sophos Limited)
S3 sdcfilter; C:\Windows\System32\DRIVERS\sdcfilter.sys [38144 2016-04-14] (Sophos Limited)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R2 sntp; C:\Windows\System32\DRIVERS\sntp.sys [116144 2016-04-14] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [27904 2016-04-14] (Sophos Limited)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-08-06] ()
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
U3 nciom; C:\Program Files\Novell\Client\XTier\Drivers\nciom.sys [82616 2013-12-18] (Novell, Inc.)
U3 ncp; C:\Program Files\Novell\Client\XTier\Drivers\ncp.sys [81592 2013-12-18] (Novell, Inc.)
U3 ncpl; C:\Program Files\Novell\Client\XTier\Drivers\ncpl.sys [50360 2013-12-18] (Novell, Inc.)
U3 ndm; C:\Program Files\Novell\Client\XTier\Drivers\ndm.sys [20664 2013-12-18] (Novell, Inc.)
U3 ndmndap; C:\Program Files\Novell\Client\XTier\Drivers\ndmndap.sys [84664 2013-12-18] (Novell, Inc.)
U3 niam; C:\Program Files\Novell\Client\XTier\Drivers\niam.sys [40120 2013-12-18] (Novell, Inc.)
U3 nipctl; C:\Program Files\Novell\Client\XTier\Drivers\nipctl.sys [58552 2013-12-18] (Novell, Inc.)
U3 nscm; C:\Program Files\Novell\Client\XTier\Drivers\nscm.sys [39096 2013-12-18] (Novell, Inc.)
U3 nsns; C:\Program Files\Novell\Client\XTier\Drivers\nsns.sys [26296 2013-12-18] (Novell, Inc.)
U3 nsvccost; C:\Program Files\Novell\Client\XTier\Drivers\nsvccost.sys [37048 2013-12-18] (Novell, Inc.)
U3 xtxplat; C:\Program Files\Novell\Client\XTier\Drivers\xtxplat.sys [60600 2013-12-18] (Novell, Inc.)
S3 ASUSProcObsrv; \??\D:\I386\AsPrOb64.sys [X]
S3 ipswuio; System32\DRIVERS\ipswuio.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-20 12:23 - 2016-08-20 12:24 - 00024779 _____ C:\Users\Max\Downloads\FRST.txt
2016-08-20 12:23 - 2016-08-20 12:23 - 02395648 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2016-08-20 12:23 - 2016-08-20 12:23 - 00000000 ____D C:\FRST
2016-08-19 20:44 - 2016-08-19 20:44 - 00001871 _____ C:\Users\Max\Desktop\cisco.lnk
2016-08-19 20:21 - 2016-07-07 17:36 - 01896168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-08-19 20:21 - 2016-07-07 17:36 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2016-08-19 20:21 - 2016-07-07 17:36 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2016-08-19 20:21 - 2016-07-07 17:08 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2016-08-19 20:21 - 2016-07-01 17:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-08-19 20:21 - 2016-07-01 17:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-08-19 20:21 - 2016-07-01 17:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-08-19 20:21 - 2016-07-01 17:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-08-19 20:21 - 2016-07-01 16:56 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-08-19 20:21 - 2016-07-01 16:56 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-08-19 20:21 - 2016-07-01 16:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-08-18 09:58 - 2016-07-08 17:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-08-18 09:58 - 2016-07-08 17:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-08-17 10:43 - 2016-08-17 10:43 - 00001254 _____ C:\Users\Max\AppData\Local\recently-used.xbel
2016-08-17 07:12 - 2016-08-17 07:12 - 00000000 ____D C:\Users\Max\AppData\Roaming\inkscape
2016-08-17 00:28 - 2016-08-17 00:28 - 00000000 ____D C:\Users\Max\AppData\Local\Apps\2.0
2016-08-16 16:13 - 2016-08-16 16:13 - 00001621 _____ C:\Users\Max\Desktop\winCATS.lnk
2016-08-16 14:45 - 2016-08-16 14:45 - 00001036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape.lnk
2016-08-16 14:44 - 2016-08-16 14:44 - 00001016 _____ C:\Users\Public\Desktop\Inkscape.lnk
2016-08-16 14:36 - 2016-08-16 14:45 - 00000000 ____D C:\Program Files (x86)\Inkscape
2016-08-16 14:32 - 2016-08-16 14:32 - 01474568 _____ C:\Users\Max\Downloads\Inkscape - CHIP-Installer.exe
2016-08-16 10:28 - 2016-08-16 10:28 - 00001451 _____ C:\Users\Max\Desktop\Origin - Verknüpfung.lnk
2016-08-16 10:10 - 2016-08-16 10:10 - 00012753 _____ C:\Users\Max\Desktop\MATLAB - Verknüpfung.lnk
2016-08-13 14:39 - 2016-08-14 16:19 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-13 14:38 - 2016-08-13 14:38 - 00001111 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-08-13 14:38 - 2016-08-13 14:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-13 14:38 - 2016-08-13 14:38 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-08-13 14:38 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-13 14:38 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-13 14:38 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-11 16:14 - 2016-08-11 16:15 - 00000000 ____D C:\Users\Max\AppData\Local\OriginLab
2016-08-11 16:14 - 2016-08-11 16:14 - 00000000 ____D C:\Users\Max\Documents\OriginLab
2016-08-11 16:14 - 2016-08-11 16:14 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OriginLab
2016-08-11 16:14 - 2016-08-11 16:14 - 00000000 ____D C:\Users\Max\AppData\Local\CrashRpt
2016-08-09 22:50 - 2016-06-06 18:50 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-08-09 22:50 - 2016-06-06 18:50 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-08-09 22:50 - 2016-06-06 18:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-08-09 22:50 - 2016-06-06 18:50 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-08-09 22:50 - 2016-06-06 17:23 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-08-09 22:50 - 2016-06-06 17:23 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-08-09 22:50 - 2016-06-06 17:23 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-08-09 22:50 - 2016-06-06 17:23 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-08-09 22:45 - 2016-08-02 16:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-08-09 22:45 - 2016-08-02 08:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-08-09 22:45 - 2016-08-02 08:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-08-09 22:45 - 2016-08-02 08:23 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-08-09 22:45 - 2016-08-02 08:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-08-09 22:45 - 2016-08-02 08:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-08-09 22:45 - 2016-08-02 07:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-08-09 22:45 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-08-09 22:45 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-08-09 22:45 - 2016-08-02 07:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-08-09 22:45 - 2016-08-02 07:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-08-09 22:45 - 2016-08-02 07:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-08-09 22:45 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-08-09 22:45 - 2016-08-02 07:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-08-09 22:45 - 2016-08-02 07:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-08-09 22:45 - 2016-08-02 07:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-08-09 22:45 - 2016-08-02 07:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-08-09 22:45 - 2016-08-02 07:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-08-09 22:45 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-08-09 22:45 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-08-09 22:44 - 2016-08-02 16:54 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-08-09 22:44 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-08-09 22:44 - 2016-08-02 08:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-08-09 22:44 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-08-09 22:44 - 2016-08-02 08:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-08-09 22:44 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-08-09 22:44 - 2016-08-02 08:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-08-09 22:44 - 2016-08-02 08:31 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-08-09 22:44 - 2016-08-02 08:24 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-08-09 22:44 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-08-09 22:44 - 2016-08-02 08:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-08-09 22:44 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-08-09 22:44 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-08-09 22:44 - 2016-08-02 08:18 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-08-09 22:44 - 2016-08-02 08:11 - 00969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-08-09 22:44 - 2016-08-02 08:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-08-09 22:44 - 2016-08-02 08:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-08-09 22:44 - 2016-08-02 07:56 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-08-09 22:44 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-08-09 22:44 - 2016-08-02 07:53 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-08-09 22:44 - 2016-08-02 07:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-08-09 22:44 - 2016-08-02 07:51 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-08-09 22:44 - 2016-08-02 07:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-08-09 22:44 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-08-09 22:44 - 2016-08-02 07:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-08-09 22:44 - 2016-08-02 07:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-08-09 22:44 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-08-09 22:44 - 2016-08-02 07:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-08-09 22:44 - 2016-08-02 07:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-08-09 22:44 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-08-09 22:44 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-08-09 22:44 - 2016-08-02 07:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-08-09 22:44 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-08-09 22:44 - 2016-08-02 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-08-09 22:44 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-08-09 22:44 - 2016-08-02 07:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-08-09 22:44 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-08-09 22:44 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-08-09 22:44 - 2016-08-02 07:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-08-09 22:44 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-08-09 22:44 - 2016-08-02 07:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-08-09 22:44 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-08-09 22:44 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-08-09 22:44 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-08-09 22:44 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-08-09 22:44 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-08-09 22:44 - 2016-07-08 17:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-08-09 22:44 - 2016-07-08 17:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-08-09 22:44 - 2016-07-08 17:32 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-08-09 22:44 - 2016-07-08 17:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-08-09 22:44 - 2016-07-08 17:17 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-08-09 22:44 - 2016-07-08 17:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-08-09 22:44 - 2016-07-08 17:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-08-09 22:44 - 2016-07-08 17:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-08-09 22:44 - 2016-07-08 16:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-08-09 22:44 - 2016-07-08 16:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-08-09 22:44 - 2016-07-08 16:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-08-09 22:44 - 2016-07-08 16:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-08-09 22:44 - 2016-07-08 16:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-08-09 22:44 - 2016-07-08 16:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-08-09 22:43 - 2016-07-08 17:01 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-08-03 00:51 - 2016-08-03 00:51 - 00001910 _____ C:\Users\Max\Desktop\OriginPro 2016G 64Bit.lnk
2016-08-03 00:51 - 2016-08-03 00:51 - 00000831 _____ C:\Users\Max\Desktop\CCleaner.lnk
2016-08-03 00:10 - 2016-08-03 00:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OriginLab
2016-08-02 23:26 - 2016-08-02 23:26 - 00000000 ____D C:\Program Files\OriginLab
2016-08-02 23:25 - 2016-08-02 23:25 - 00000000 ____D C:\Users\Public\Documents\OriginLab
2016-08-02 23:02 - 2016-08-02 23:02 - 00000000 ____D C:\Users\Max\AppData\Roaming\Subversion
2016-08-02 23:02 - 2016-08-02 23:02 - 00000000 ____D C:\Users\Max\AppData\Local\MathWorks
2016-08-02 23:01 - 2016-08-17 10:30 - 00000000 ____D C:\Users\Max\Desktop\Auswertung
2016-08-02 21:19 - 2016-08-03 21:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-02 00:35 - 2016-08-17 06:35 - 00000000 ____D C:\Users\Max\Documents\MATLAB
2016-08-02 00:35 - 2016-08-02 00:35 - 00000000 ____D C:\Users\Max\AppData\Roaming\MathWorks
2016-07-24 19:14 - 2016-07-24 19:14 - 00001019 _____ C:\Users\Max\Desktop\Minidump - Verknüpfung.lnk
2016-07-24 18:26 - 2016-08-17 17:40 - 00000000 ____D C:\Users\Max\Desktop\Bachelorarbeit
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-08-20 12:06 - 2009-07-14 06:45 - 00024016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-20 12:06 - 2009-07-14 06:45 - 00024016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-20 11:55 - 2016-07-03 01:56 - 00000542 _____ C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job
2016-08-20 11:51 - 2015-03-25 12:42 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-20 11:50 - 2013-09-27 00:20 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-20 11:50 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-20 05:32 - 2015-07-01 15:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-20 04:36 - 2015-03-25 12:42 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-19 22:37 - 2013-09-28 09:28 - 00007597 _____ C:\Users\Max\AppData\Local\Resmon.ResmonCfg
2016-08-19 21:44 - 2013-09-30 16:41 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-17 17:39 - 2009-07-14 19:58 - 00710272 _____ C:\Windows\system32\perfh007.dat
2016-08-17 17:39 - 2009-07-14 19:58 - 00154570 _____ C:\Windows\system32\perfc007.dat
2016-08-17 17:39 - 2009-07-14 07:13 - 01649790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-17 17:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-08-17 10:21 - 2016-04-05 23:45 - 00000000 ____D C:\Users\Max\AppData\Roaming\GSLBiotech
2016-08-17 04:52 - 2013-09-29 23:12 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-15 15:14 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\addins
2016-08-15 15:14 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Vss
2016-08-14 16:04 - 2013-09-30 16:21 - 00000000 ____D C:\ProgramData\Freemake
2016-08-14 16:04 - 2013-09-30 16:21 - 00000000 ____D C:\Program Files (x86)\Freemake
2016-08-14 15:58 - 2015-02-12 13:38 - 00000000 ____D C:\Windows\Minidump
2016-08-14 15:32 - 2014-12-09 09:44 - 00000000 ___DC C:\Users\Max\Desktop\Studium
2016-08-13 14:22 - 2013-09-29 19:46 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-08-10 13:55 - 2016-04-15 20:17 - 00438856 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-09 23:08 - 2013-09-29 19:47 - 00000000 ____D C:\Windows\system32\MRT
2016-08-06 12:50 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-03 23:29 - 2016-04-14 23:39 - 00116072 _____ C:\Users\Max\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-03 21:24 - 2013-09-29 20:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-02 23:27 - 2013-09-27 00:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-02 19:25 - 2015-07-01 15:31 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-01 22:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-31 13:57 - 2013-10-24 15:33 - 00000000 ____D C:\ProgramData\Oracle
2016-07-31 13:45 - 2014-10-19 14:17 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-31 13:45 - 2013-09-28 11:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-31 13:44 - 2015-09-09 15:53 - 00000000 ____D C:\Users\Max\.oracle_jre_usage
2016-07-31 13:43 - 2014-10-19 14:17 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-07-29 20:31 - 2015-03-25 12:42 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 20:31 - 2015-03-25 12:42 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-09-27 00:34 - 2006-06-02 14:27 - 0017542 _____ () C:\Program Files\Common Files\Net4Switch.ico
2013-09-27 00:34 - 2006-06-02 14:27 - 0017542 _____ () C:\Program Files (x86)\Common Files\Net4Switch.ico
2015-11-24 16:45 - 2016-04-05 23:36 - 0012158 _____ () C:\Users\Max\AppData\Roaming\SerialClonerPrefs
2014-06-13 17:14 - 2014-06-13 17:14 - 0003584 _____ () C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-17 10:43 - 2016-08-17 10:43 - 0001254 _____ () C:\Users\Max\AppData\Local\recently-used.xbel
2013-09-28 09:28 - 2016-08-19 22:37 - 0007597 _____ () C:\Users\Max\AppData\Local\Resmon.ResmonCfg
2014-09-14 13:06 - 2014-09-14 13:06 - 0000315 _____ () C:\ProgramData\NCIDebug.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Max\AppData\Local\Temp\mdi064.dll
Einige Dateien in TEMP:
====================
C:\Users\Max\AppData\Local\Temp\mdi064.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-08-06 00:52
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-08-2016
durchgeführt von Max (20-08-2016 12:25:35)
Gestartet von C:\Users\Max\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-09-26 22:05:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2218909522-371895218-1508300633-500 - Administrator - Disabled)
Gast (S-1-5-21-2218909522-371895218-1508300633-501 - Limited - Disabled)
Max (S-1-5-21-2218909522-371895218-1508300633-1000 - Administrator - Enabled) => C:\Users\Max
SophosSAUMAX-PC0 (S-1-5-21-2218909522-371895218-1508300633-1008 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AV: Sophos Anti-Virus (Enabled - Up to date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Sophos Anti-Virus (Enabled - Up to date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\{23170F69-40C1-2701-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{BCFB58FF-181E-472F-A9DB-827B75C1EDF7}) (Version: 12.0.4.144 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.6 - Sereby Corporation)
Anki (HKLM-x32\...\Anki) (Version: - )
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS Data Security Manager (HKLM-x32\...\{FA2092C5-7979-412D-A962-6485274AE1EE}) (Version: 1.00.0014 - ASUS)
ASUS FancyStart (HKLM-x32\...\{2B81872B-A054-48DA-BE3B-FA5C164C303A}) (Version: 1.0.8 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.37 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0008 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.19 - asus)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0056 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.2.04018 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.2.04018 - Cisco Systems, Inc.) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.7 - ASUS)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DirectX for Managed Code (HKLM\...\{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1) (Version: 1.0.0.0 - Sereby Corporation)
Drucken in PDF Annotator (novaPDF OEM 7.7 printer) (HKLM\...\Drucken in PDF Annotator_is1) (Version: - Softland)
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.4.0.8818 - Thomson Reuters)
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
ExpressGate Cloud (HKLM-x32\...\InstallShield_{499DED08-6FA8-4749-8E94-8526CC9D1CA8}) (Version: 2.1.62.301 - Asus)
ExpressGate Cloud (x32 Version: 2.1.62.301 - Asus) Hidden
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
Fresco Logic USB3.0 Host Controller (HKLM\...\{09964D46-F0AF-4272-987E-96E4E268BB03}) (Version: 3.0.89.14 - Fresco Logic Inc.)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Inkscape 0.91 (HKLM-x32\...\Inkscape) (Version: 0.91 - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2131 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
KeyHoleTV (HKLM-x32\...\KeyHoleTV) (Version: - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MATLAB R2016a (HKLM\...\Matlab R2016a) (Version: 9.0 - MathWorks)
Mendeley Desktop 1.16.1 (HKLM-x32\...\Mendeley Desktop) (Version: 1.16.1 - Mendeley Ltd.)
Microsoft – Speichern als PDF – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B0-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2742597) (HKLM-x32\...\M2742597) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Mozilla Firefox 48.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 de)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.0.6051 - Mozilla)
NB Probe (HKLM-x32\...\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}) (Version: - )
Net4Switch (HKLM-x32\...\{9D6D7811-43B3-463C-BC79-5D1755269989}) (Version: 1.00.0020 - ASUS)
NICI U.S./Worldwide 2.77.2.0 (x32) (HKLM-x32\...\{9C53F2C9-396B-43D5-9F51-40F1405C9816}) (Version: 2.77.2.0 - Novell, Inc.)
NICI U.S./Worldwide 2.77.2.0 (x64) (HKLM\...\{31173D4D-50FB-47B7-B7AC-622EDFA97B88}) (Version: 2.77.2.0 - Novell, Inc.)
NMAS Challenge Response Method (HKLM\...\{54031C8D-F80D-47BB-B3CA-5E9BD7750C27}) (Version: 2.8.3.3 - Novell, Inc.)
NMAS Client (HKLM\...\{22859902-78CE-40B0-9429-6FE7A00BBF85}) (Version: 8.8.8.10 - Novell, Inc.)
Novell Client für Windows (HKLM\...\Novell Client for Windows) (Version: 2 SP3 (IR5) - Novell, Inc.)
NVIDIA 3D Vision Treiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
Origin 2016 (HKLM-x32\...\{DC460501-EEFA-4701-8AD8-5F7DE1B70436}) (Version: 9.30.00 - OriginLab Corporation)
PDF Annotator 4.0.0.414 (HKLM-x32\...\PDFAnnotator_is1) (Version: 4.0.0.414 - GRAHL software design)
Pokemon Online 2.5.0 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version: - Dreambelievers)
Pokemon Showdown (HKLM-x32\...\Pokemon Showdown) (Version: - "Pokemon Showdown")
Pokémon Trading Card Game Online (HKLM-x32\...\{F323157A-218F-4613-9673-F975AB9397CF}) (Version: 2.23.1 - The Pokémon Company International)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.00049 - Realtek Semiconductor Corp.)
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology)
Serial Cloner version 2.6.1 (HKLM-x32\...\{6EA0A7CE-3989-4A96-9363-E7F2697F52A3}_is1) (Version: 2.6.1 - SerialBasics)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SnapGene Viewer (HKLM-x32\...\SnapGene Viewer) (Version: 3.1.4 - GSL Biotech LLC)
Sophos Anti-Virus (HKLM-x32\...\{09863DA9-7A9B-4430-9561-E04D178D7017}) (Version: 10.6.3.537 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{BCF53039-A7FC-4C79-A3E3-437AE28FD918}) (Version: 5.2.0.276 - Sophos Limited)
Sophos Network Threat Protection (HKLM\...\{66967E5F-43E8-4402-87A4-04685EE5C2CB}) (Version: 1.2.2.50 - Sophos Limited)
Sophos System Protection (HKLM-x32\...\{1093B57D-A613-47F3-90CF-0FD5C5DCFFE6}) (Version: 1.3.0 - Sophos Limited)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
SPORE™ Galaktische Abenteuer (HKLM-x32\...\{63CEA2E4-4FE7-4F2C-B388-C1313D24157C}) (Version: 1.01.0001 - Electronic Arts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Überwachungstool für die Intel® Turbo-Boost-Technologie (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.115.11 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
USB2.0 UVC 2M WebCam (HKLM\...\USB2.0 UVC 2M WebCam) (Version: 5.8.54000.204 - Sonix)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.30.1 - ASUS)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.17 - ASUS)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2218909522-371895218-1508300633-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2218909522-371895218-1508300633-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2218909522-371895218-1508300633-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2218909522-371895218-1508300633-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2218909522-371895218-1508300633-1000_Classes\CLSID\{92EF2EAD-A7CE-4424-B0DB-499CF856608E}\InprocServer32 -> C:\Users\Max\AppData\Local\Apps\Evernote\Evernote\EvernoteIEx64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-2218909522-371895218-1508300633-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2218909522-371895218-1508300633-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0AB98CA8-45BC-4735-AF79-BEBA1FB59C23} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [2010-05-17] (asus)
Task: {19E14776-88D6-4190-811C-3A5519EB53FA} - System32\Tasks\Net4Switch => C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe [2009-09-23] (ASUS)
Task: {1AA3DEE2-C978-40A1-B527-55CFB8662C71} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {2566533D-8D4B-4D7C-BCC1-EB119EB0F0DE} - System32\Tasks\Erinnerung
Task: {4DFA3690-F421-4FB5-BF89-C730DC955D3E} - System32\Tasks\MATLAB R2016a Startup Accelerator => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe [2015-12-28] ()
Task: {52A4778C-3DF1-485E-B66A-03646FC3844E} - System32\Tasks\NFL
Task: {63B06732-EE2E-4419-A76F-F282E5512696} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {6BF47288-E017-42D0-A97F-6CBD296A3A87} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-05-28] (ATK)
Task: {6E8EAD5A-8680-49C1-BC52-F285B52FEFA2} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {7578321F-BF6C-4A61-9820-F1D45FEBB805} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {8D6F471A-0AE0-44BC-A274-73AD8891DD92} - System32\Tasks\Erinnerung, die zweite
Task: {8DD41D71-32AA-46FC-B929-D0AE4226F9FC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {8EE13A09-4867-4F8D-95D7-AFEDB788AEF4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.)
Task: {BBE7AEEE-3098-4D10-8F8F-648A3AA3B6FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-13] (Adobe Systems Incorporated)
Task: {BF499682-F58B-4812-A762-FE9E026B504B} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-07-31] (ASUS)
Task: {F8E7506D-421B-4F47-B952-94AFE252F140} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job => C:\Program Files\MATLAB\R2016a\bin\win64\MATLABStartupAccelerator.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Max\Favorites\Amazon.de.lnk -> hxxp://www.amazon.de/exec/obidos/redirect-home?tag=marcushumann&site=home
Shortcut: C:\Users\Max\Favorites\CUEcards.lnk -> hxxp://www.mhst.net/cuecards2
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-12-18 03:13 - 2013-12-18 03:13 - 00049336 _____ () C:\Windows\system32\ncv1_0.DLL
2013-03-04 11:14 - 2013-03-04 11:14 - 00016384 _____ () C:\Windows\system32\nls\DEUTSCH\NCLangIDR.DLL
2013-09-29 19:46 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-14 18:08 - 2016-04-14 18:08 - 00233608 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\http.plg
2016-04-14 18:06 - 2016-04-14 18:06 - 00140696 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\ip.plg
2016-04-14 18:06 - 2016-04-14 18:06 - 00119344 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\ipv6.plg
2016-04-14 18:06 - 2016-04-14 18:06 - 00076704 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\portmap.plg
2016-04-14 18:06 - 2016-04-14 18:06 - 00165000 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\tcp.plg
2016-04-14 18:06 - 2016-04-14 18:06 - 00148440 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\udp.plg
2007-06-15 10:28 - 2007-06-15 10:28 - 00104960 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt64.dll
2007-06-01 16:52 - 2007-06-01 16:52 - 00159744 _____ () C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\OverlayIconShlExt1_64.dll
2010-01-11 10:27 - 2010-01-11 10:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-05-05 18:22 - 2010-05-05 18:22 - 00108544 _____ () C:\Program Files\P4G\OvrClk.dll
2013-09-27 00:29 - 2007-11-30 11:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2008-09-30 23:02 - 2008-09-30 23:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-09-27 00:34 - 2007-08-03 12:24 - 00125496 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
2011-04-10 17:40 - 2011-04-10 17:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-18 03:13 - 2013-12-18 03:13 - 00040632 _____ () C:\Program Files\Novell\Client\nwtray.exe
2013-12-18 03:13 - 2013-12-18 03:13 - 01024696 _____ () C:\Windows\system32\NCNetProvider.DLL
2013-12-18 03:13 - 2013-12-18 03:13 - 00109752 _____ () C:\Windows\system32\NCLangID.dll
2013-12-18 03:13 - 2013-12-18 03:13 - 00175288 _____ () C:\Windows\system32\MAPBASE.dll
2013-12-18 03:13 - 2013-12-18 03:13 - 00266936 _____ () C:\Windows\system32\NWSHLXNT.dll
2013-03-04 11:14 - 2013-03-04 11:14 - 00086528 _____ () C:\Windows\system32\nls\DEUTSCH\MAPBASER.DLL
2013-03-04 11:14 - 2013-03-04 11:14 - 00102400 _____ () C:\Windows\system32\nls\DEUTSCH\NWSHLXNTR.DLL
2013-03-04 11:14 - 2013-03-04 11:14 - 00496640 _____ () C:\Windows\system32\nls\DEUTSCH\NCNetProviderR.DLL
2010-07-02 13:36 - 2010-07-02 13:36 - 01597440 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2016-05-03 20:17 - 2016-05-03 20:17 - 00070144 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2013-09-27 00:34 - 2009-09-15 10:47 - 00049152 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ResItf.dll
2013-09-27 00:34 - 2009-09-11 16:40 - 00084992 _____ () C:\Program Files (x86)\ASUS\Net4Switch\cxcmrt.dll
2013-09-27 00:34 - 2009-07-03 13:13 - 00074752 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswobj.dll
2013-09-27 00:34 - 2009-07-01 16:46 - 00461824 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswresmgr.dll
2013-09-27 00:34 - 2009-07-03 13:12 - 00049152 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswhlp.dll
2013-09-27 00:34 - 2009-07-08 11:24 - 00167424 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipsw_cfgmgr.dll
2013-09-27 00:34 - 2009-07-03 13:12 - 00089088 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswds.dll
2013-09-27 00:34 - 2009-07-03 13:12 - 00065024 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswgblset.dll
2013-09-27 00:34 - 2009-07-03 13:40 - 00085504 _____ () C:\Program Files (x86)\ASUS\Net4Switch\LogonStartup.dll
2013-09-27 00:34 - 2009-09-15 16:45 - 00228864 ____N () C:\Program Files (x86)\ASUS\Net4Switch\ipswsysmon.dll
2013-09-27 00:34 - 2009-07-03 13:21 - 00042496 _____ () C:\Program Files (x86)\ASUS\Net4Switch\iphelper.dll
2013-09-27 00:34 - 2009-09-17 13:41 - 00267264 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswcore.dll
2013-09-27 00:34 - 2009-07-03 13:13 - 00297984 _____ () C:\Program Files (x86)\ASUS\Net4Switch\ipswui.dll
2013-09-27 00:34 - 2007-09-14 10:00 - 00147456 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdiskex.dll
2013-09-27 00:34 - 2003-11-28 02:11 - 00135168 _____ () C:\Program Files\ASUS\NB Probe\SPM\spos.dll
2013-09-27 00:34 - 2005-08-29 15:24 - 00081920 _____ () C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll
2013-09-27 00:34 - 2003-09-09 16:08 - 00049152 _____ () C:\Program Files\ASUS\NB Probe\SPM\spdmi.dll
2013-09-27 00:34 - 2006-04-04 10:24 - 00036864 _____ () C:\Program Files\ASUS\NB Probe\SPM\ghadmi.dll
2013-09-27 00:34 - 2005-04-07 19:25 - 00077824 _____ () C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll
2016-08-11 23:27 - 2016-08-11 23:27 - 01456128 _____ () C:\Users\Max\AppData\Local\Temp\mdi064.dll
2010-02-23 15:14 - 2010-02-23 15:14 - 00071680 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Brightness.dll
2010-02-23 15:11 - 2010-02-23 15:11 - 00076288 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Volume.dll
2010-02-23 15:12 - 2010-02-23 15:12 - 00186880 _____ () C:\Program Files (x86)\ASUS\ControlDeck\Resolution.dll
2010-02-23 15:14 - 2010-02-23 15:14 - 00050688 _____ () C:\Program Files (x86)\ASUS\ControlDeck\P4GControl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SntpService => ""="service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2218909522-371895218-1508300633-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: ADSMTray => C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{AD3DD82B-89E6-43BB-959A-8BB4AF387F9F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{174828F6-7B38-452B-B046-0A5A68263A86}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{89015AE3-1B54-47B1-9470-E3650652F3EB}C:\program files (x86)\keyholetv\keyholetv.exe] => (Block) C:\program files (x86)\keyholetv\keyholetv.exe
FirewallRules: [UDP Query User{13466DC8-E78E-4F74-AFA9-C416203B10F6}C:\program files (x86)\keyholetv\keyholetv.exe] => (Block) C:\program files (x86)\keyholetv\keyholetv.exe
FirewallRules: [{5E483261-078F-4DBA-BCBA-A547A4A54F79}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{70FE1B6B-40E2-4812-86C4-D04C061667E5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1ACAA175-2EBB-47FE-8432-BBF8E5A2475C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{846D8F86-FF76-4733-A269-7F699008C851}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{4A1D271F-F76B-4CBB-8684-947C7510BA53}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02D7F4A7-AF51-4508-992F-4775CA62476C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C09A77AC-0897-4B44-A44F-26B7C65F8CCC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{3D77A5A9-3EF5-43B0-99C9-925125A0DB5D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0142A434-9307-4447-B5AD-530A3A214278}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B7E84AA5-3824-44FD-B3A3-BA76F4EE9703}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF2DC682-6E84-4A19-883B-E258F1F5006E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D68EA618-2BFC-4F0B-8B88-480EFF2B0483}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{40F10205-C756-4B3B-B16C-CF0ED07B6167}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A3701A49-349A-43A6-B5BB-C900FA14F89B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F307B4E1-EA31-4831-A127-B81FADDB18DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0AB5DB93-991D-4ACC-B496-C70B04AAA0C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{F3B9DEC2-1A63-4E61-9350-45021C0A33D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BADE0D5A-104D-499F-BF9F-1114360A3EE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D69CB729-11CD-4DBE-A638-1FCB5C041871}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EDAFF456-1ADF-476C-AD4D-97A165F83EFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D4EDD49A-8E73-4BAF-AB06-59F9D47901B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4AC4C788-348F-4AA2-99D1-73DDB86FF714}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{8C453983-57DE-4B8E-9D7C-BF15313193C5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{4E499F01-853E-4648-BA37-5642C8ED7FE8}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{B778CDB5-D2EE-48D2-AE24-63D4B28AFB41}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{C4EB2247-784A-4ACD-8F95-37446CD75F66}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{57554D13-B1F1-4878-A6F6-2B4127F70D70}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{33BF0662-0B5E-4C80-BC9B-53CA10CB747E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{43FA75FF-7418-41B0-9B5E-09999A1F0C42}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C2D52909-4A26-4E75-9E65-BA573668838F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{51258CAF-CF33-4E9B-8473-3BFB588561D6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{2C3D22EA-FDEF-44DA-9549-3F95E13B8F6F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014 Demo\DotP_D14.exe
FirewallRules: [{4AE90FBE-4977-4F26-82F5-9E0A58E007F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2014 Demo\DotP_D14.exe
FirewallRules: [{3B240D57-0CD1-4A9A-ADF4-160F0E3E3654}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2015 Demo\DotP_D15.exe
FirewallRules: [{12902862-E364-4584-8B3A-78923012CC5D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2015 Demo\DotP_D15.exe
FirewallRules: [TCP Query User{2A4A716E-0885-40EA-9087-87A57A60F348}C:\program files (x86)\keyholetv\keyholetv.exe] => (Block) C:\program files (x86)\keyholetv\keyholetv.exe
FirewallRules: [UDP Query User{E0FBF87D-7D11-451A-AA50-F81334748F93}C:\program files (x86)\keyholetv\keyholetv.exe] => (Block) C:\program files (x86)\keyholetv\keyholetv.exe
FirewallRules: [TCP Query User{92E547BA-EC09-4178-938A-7347B601541D}C:\windows\syswow64\msiexec.exe] => (Allow) C:\windows\syswow64\msiexec.exe
FirewallRules: [UDP Query User{508F7D50-5EC7-4CA0-ADF7-316FE1938B1A}C:\windows\syswow64\msiexec.exe] => (Allow) C:\windows\syswow64\msiexec.exe
FirewallRules: [{6B5FF49D-9282-480C-8562-B6EC2F89D5AD}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{66E3AE9A-94B8-40F2-BB15-08B7C4E18141}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F626733C-4CD9-4537-851F-7A9F70BE83F2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{55211D9C-8236-4E27-94B0-1428BB79B2B9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4E7E182B-2672-43E7-BF15-896B28C49C7B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6309BAAF-67CD-404A-80D0-BB95E802B6ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{99B70C80-9BE6-4A08-9B02-FCA12B62FD46}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{792B9373-FB55-401E-B2DE-F80C929EE2EC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{00BFC166-ED9B-4004-879B-4CC7ADFC21EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D10AB80F-D6F3-4EB3-919A-CBF9DD12359E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{98E0E577-7C08-492A-A685-065457C3CC6E}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [UDP Query User{9CC2BC29-4ADA-407D-9B6D-531E6D40D54D}C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_77\bin\javaw.exe
FirewallRules: [TCP Query User{11637A2E-DCE2-470F-BF8C-2008F3EB1830}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
FirewallRules: [UDP Query User{F284F63E-4C9C-4439-914C-CCD9E2A079C2}C:\program files\matlab\r2016a\bin\win64\matlab.exe] => (Allow) C:\program files\matlab\r2016a\bin\win64\matlab.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/19/2016 07:53:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Origin93_64.exe, Version 9.3.2.303 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b04
Startzeit: 01d1fa41e1764024
Endzeit: 31
Anwendungspfad: C:\Program Files\OriginLab\Origin2016\Origin93_64.exe
Berichts-ID: c34bc18e-6635-11e6-9332-485b39e9c4a9
Systemfehler:
=============
Error: (08/20/2016 11:53:55 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (08/20/2016 11:50:16 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2147024894 = Das System kann die angegebene Datei nicht finden.
Error: (08/19/2016 08:24:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2147024894 = Das System kann die angegebene Datei nicht finden.
Error: (08/19/2016 07:35:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 19.08.2016 um 19:27:50 unerwartet heruntergefahren.
Error: (08/19/2016 07:35:50 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2147024894 = Das System kann die angegebene Datei nicht finden.
Error: (08/19/2016 03:50:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Microsoft Antimalware Service" wurde mit folgendem Fehler beendet:
%%-2147024894 = Das System kann die angegebene Datei nicht finden.
Error: (08/19/2016 03:45:14 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.
Error: (08/19/2016 03:45:14 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.
Error: (08/19/2016 01:08:21 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.
Error: (08/19/2016 01:08:21 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU M 450 @ 2.40GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 5932.49 MB
Verfügbarer physikalischer RAM: 4023.02 MB
Summe virtueller Speicher: 11863.16 MB
Verfügbarer virtueller Speicher: 9802.45 MB
==================== Laufwerke ================================
Drive c: (DSK1_VOL1) (Fixed) (Total:93.16 GB) (Free:3.47 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 93.2 GB) (Disk ID: 32C02649)
Partition 1: (Active) - (Size=93.2 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 20.08.2016 Suchlaufzeit: 12:32 Protokolldatei: Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.08.20.04 Rootkit-Datenbank: v2016.08.15.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Max Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 321562 Abgelaufene Zeit: 32 Min., 30 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 1 Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Dateien: 11 PUP.Optional.Bundler, C:\Users\Max\AppData\Local\Temp\RarSFX0\keygen-step-3.exe, In Quarantäne, [351f133a1b7f21155620d9f4fe06758b], Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71\dwm.exe, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71\libcurl-4.dl1, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71\libiconv-2.dl1, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71\libidn-11.dl1, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71\libintl-8.dl1, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71\libwinpthread-1.dl1, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71\msupdate.7z, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71\msvcrt.dll, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71\proxy.conf, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Trojan.FakeAlert, C:\Users\Max\AppData\Local\Temp\msupdate71\zlib1.dl1, In Quarantäne, [8cc8b39a3d5d1422f30b0bb742c1718f], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) MfG HoeCard |
|
20.08.2016, 13:04
| #2 |
| /// Malwareteam   | Msupdate und RarSFX0, Trojaner? Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Malwarebytes hat schon gute Arbeit geleistet aber dein PC ist zweifelsohne noch infiziert, wobei du mit dem Versuch einen Crack bzw. Keygen zu installieren wohl bissi selber schuld bist  Schritt: 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
20.08.2016, 13:21
| #3 |
| | Msupdate und RarSFX0, Trojaner? Hallo Rafael,
__________________vielen Dank für deine Hilfe. Hier der report Code:
ATTFilter 14:13:51.0956 0x13c0 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
14:14:04.0046 0x13c0 ============================================================
14:14:04.0046 0x13c0 Current date / time: 2016/08/20 14:14:04.0046
14:14:04.0046 0x13c0 SystemInfo:
14:14:04.0046 0x13c0
14:14:04.0046 0x13c0 OS Version: 6.1.7601 ServicePack: 1.0
14:14:04.0046 0x13c0 Product type: Workstation
14:14:04.0046 0x13c0 ComputerName: MAX-PC
14:14:04.0046 0x13c0 UserName: Max
14:14:04.0046 0x13c0 Windows directory: C:\Windows
14:14:04.0046 0x13c0 System windows directory: C:\Windows
14:14:04.0046 0x13c0 Running under WOW64
14:14:04.0046 0x13c0 Processor architecture: Intel x64
14:14:04.0046 0x13c0 Number of processors: 4
14:14:04.0046 0x13c0 Page size: 0x1000
14:14:04.0046 0x13c0 Boot type: Normal boot
14:14:04.0046 0x13c0 CodeIntegrityOptions = 0x00000001
14:14:04.0046 0x13c0 ============================================================
14:14:04.0498 0x13c0 KLMD registered as C:\Windows\system32\drivers\15214012.sys
14:14:04.0498 0x13c0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23455, osProperties = 0x1
14:14:05.0106 0x13c0 System UUID: {BA9F72AE-AFC2-0F89-C0D0-D19DF13A4B86}
14:14:06.0401 0x13c0 Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 ( 93.16 Gb ), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:14:06.0417 0x13c0 ============================================================
14:14:06.0417 0x13c0 \Device\Harddisk0\DR0:
14:14:06.0417 0x13c0 MBR partitions:
14:14:06.0417 0x13c0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xBA50E02
14:14:06.0417 0x13c0 ============================================================
14:14:06.0417 0x13c0 C: <-> \Device\Harddisk0\DR0\Partition1
14:14:06.0417 0x13c0 ============================================================
14:14:06.0417 0x13c0 Initialize success
14:14:06.0417 0x13c0 ============================================================
14:15:14.0854 0x0308 ============================================================
14:15:14.0854 0x0308 Scan started
14:15:14.0854 0x0308 Mode: Manual; SigCheck; TDLFS;
14:15:14.0854 0x0308 ============================================================
14:15:14.0854 0x0308 KSN ping started
14:15:27.0272 0x0308 KSN ping finished: true
14:15:29.0580 0x0308 ================ Scan system memory ========================
14:15:29.0580 0x0308 System memory - ok
14:15:29.0580 0x0308 ================ Scan services =============================
14:15:29.0892 0x0308 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:15:30.0142 0x0308 1394ohci - ok
14:15:30.0236 0x0308 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:15:30.0314 0x0308 ACPI - ok
14:15:30.0345 0x0308 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:15:30.0423 0x0308 AcpiPmi - ok
14:15:30.0517 0x0308 [ 2D294602EAE4ABEDC31EFE88ED58CC7E, D8882952067AE23B08BEDE13650205BDDA6F4BCA9D1D9770640F702110F9AEC6 ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
14:15:30.0626 0x0308 acsock - ok
14:15:30.0829 0x0308 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:15:30.0891 0x0308 AdobeARMservice - ok
14:15:31.0125 0x0308 [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:15:31.0281 0x0308 AdobeFlashPlayerUpdateSvc - ok
14:15:31.0375 0x0308 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:15:31.0453 0x0308 adp94xx - ok
14:15:31.0499 0x0308 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:15:31.0562 0x0308 adpahci - ok
14:15:31.0609 0x0308 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:15:31.0655 0x0308 adpu320 - ok
14:15:31.0827 0x0308 [ C0BF554D2277F7A4C735D475ADE2E3B2, 58ED620CD73239A6AB8F993492494AB0F09705B25E671A842D5163B13F452B15 ] ADSMService C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
14:15:31.0983 0x0308 ADSMService - detected UnsignedFile.Multi.Generic ( 1 )
14:15:32.0077 0x0308 Detect skipped due to KSN trusted
14:15:32.0077 0x0308 ADSMService - ok
14:15:32.0139 0x0308 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:15:32.0170 0x0308 AeLookupSvc - ok
14:15:32.0264 0x0308 [ 2D00D3DADC1D3326BA788EB071F2726E, 559048C0A15BBA83367D0F2969F48042FB1D11C9862A0BA4DF69FB15DECB8761 ] AFBAgent C:\Windows\system32\FBAgent.exe
14:15:32.0342 0x0308 AFBAgent - ok
14:15:32.0435 0x0308 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
14:15:32.0560 0x0308 AFD - ok
14:15:32.0638 0x0308 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:15:32.0669 0x0308 agp440 - ok
14:15:32.0747 0x0308 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:15:32.0794 0x0308 ALG - ok
14:15:32.0872 0x0308 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:15:32.0903 0x0308 aliide - ok
14:15:32.0919 0x0308 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:15:32.0966 0x0308 amdide - ok
14:15:33.0028 0x0308 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:15:33.0106 0x0308 AmdK8 - ok
14:15:33.0122 0x0308 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:15:33.0184 0x0308 AmdPPM - ok
14:15:33.0247 0x0308 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:15:33.0293 0x0308 amdsata - ok
14:15:33.0340 0x0308 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:15:33.0387 0x0308 amdsbs - ok
14:15:33.0403 0x0308 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:15:33.0449 0x0308 amdxata - ok
14:15:33.0527 0x0308 [ 5F9389D9A2D5A2A7B03DC92914B43A88, CCF08F6BCF2479CA97055A88849CB2E1D7DD32DD87AC3833CB349E788F594AAF ] AppID C:\Windows\system32\drivers\appid.sys
14:15:33.0590 0x0308 AppID - ok
14:15:33.0605 0x0308 [ 4EC449C6A6FE42F2E44F25C17D17C9F1, 24161794DEC599427F370970F7E03548F55BC8A4A58F3B667F565E571BCA0100 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:15:33.0652 0x0308 AppIDSvc - ok
14:15:33.0715 0x0308 [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo C:\Windows\System32\appinfo.dll
14:15:33.0761 0x0308 Appinfo - ok
14:15:33.0824 0x0308 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:15:33.0871 0x0308 arc - ok
14:15:33.0886 0x0308 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:15:33.0917 0x0308 arcsas - ok
14:15:33.0995 0x0308 [ 88FBC8BEBFD38566235EAA5E4DBC4E05, E714D913BA9786BD536F9D99E3510C489CA32F646044718394CEE65247941288 ] AsDsm C:\Windows\system32\drivers\AsDsm.sys
14:15:34.0027 0x0308 AsDsm - ok
14:15:34.0073 0x0308 [ 18E5C2F937F9DEB8C282DF66A3761925, 30294C381F8C7DCB45EF9BCF572F410FF47630E12D5AA02259C6C80F07BEF495 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
14:15:34.0198 0x0308 ASLDRService - ok
14:15:34.0261 0x0308 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
14:15:34.0292 0x0308 ASMMAP64 - ok
14:15:34.0541 0x0308 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:15:34.0682 0x0308 aspnet_state - ok
14:15:34.0697 0x0308 ASUSProcObsrv - ok
14:15:34.0744 0x0308 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:15:34.0947 0x0308 AsyncMac - ok
14:15:35.0025 0x0308 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:15:35.0072 0x0308 atapi - ok
14:15:35.0321 0x0308 [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:15:35.0618 0x0308 athr - ok
14:15:35.0680 0x0308 [ 7910158929571214A959D5A6D16DD9C0, 9B4F8A3AF9E09B2F772EEF1CB8F7EAB8A226068784837F375AE97B89B0B3A383 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
14:15:35.0789 0x0308 ATKGFNEXSrv - ok
14:15:35.0883 0x0308 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:15:36.0008 0x0308 AudioEndpointBuilder - ok
14:15:36.0055 0x0308 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:15:36.0117 0x0308 AudioSrv - ok
14:15:36.0195 0x0308 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:15:36.0242 0x0308 AxInstSV - ok
14:15:36.0335 0x0308 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:15:36.0413 0x0308 b06bdrv - ok
14:15:36.0445 0x0308 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:15:36.0523 0x0308 b57nd60a - ok
14:15:36.0601 0x0308 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:15:36.0663 0x0308 BDESVC - ok
14:15:36.0741 0x0308 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:15:36.0850 0x0308 Beep - ok
14:15:36.0959 0x0308 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:15:37.0053 0x0308 BFE - ok
14:15:37.0162 0x0308 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:15:37.0334 0x0308 BITS - ok
14:15:37.0396 0x0308 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:15:37.0459 0x0308 blbdrive - ok
14:15:37.0521 0x0308 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:15:37.0599 0x0308 bowser - ok
14:15:37.0615 0x0308 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:15:37.0693 0x0308 BrFiltLo - ok
14:15:37.0724 0x0308 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:15:37.0786 0x0308 BrFiltUp - ok
14:15:37.0849 0x0308 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:15:37.0911 0x0308 Browser - ok
14:15:37.0973 0x0308 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:15:38.0051 0x0308 Brserid - ok
14:15:38.0051 0x0308 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:15:38.0114 0x0308 BrSerWdm - ok
14:15:38.0176 0x0308 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:15:38.0223 0x0308 BrUsbMdm - ok
14:15:38.0223 0x0308 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:15:38.0270 0x0308 BrUsbSer - ok
14:15:38.0301 0x0308 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:15:38.0348 0x0308 BTHMODEM - ok
14:15:38.0441 0x0308 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:15:38.0535 0x0308 bthserv - ok
14:15:38.0597 0x0308 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:15:38.0707 0x0308 cdfs - ok
14:15:38.0769 0x0308 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:15:38.0831 0x0308 cdrom - ok
14:15:38.0894 0x0308 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:15:38.0987 0x0308 CertPropSvc - ok
14:15:39.0065 0x0308 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:15:39.0112 0x0308 circlass - ok
14:15:39.0190 0x0308 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:15:39.0253 0x0308 CLFS - ok
14:15:39.0362 0x0308 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:15:39.0487 0x0308 clr_optimization_v2.0.50727_32 - ok
14:15:39.0565 0x0308 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:15:39.0674 0x0308 clr_optimization_v2.0.50727_64 - ok
14:15:39.0799 0x0308 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:15:39.0923 0x0308 clr_optimization_v4.0.30319_32 - ok
14:15:39.0955 0x0308 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:15:40.0079 0x0308 clr_optimization_v4.0.30319_64 - ok
14:15:40.0157 0x0308 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:15:40.0220 0x0308 CmBatt - ok
14:15:40.0267 0x0308 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:15:40.0298 0x0308 cmdide - ok
14:15:40.0376 0x0308 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
14:15:40.0501 0x0308 CNG - ok
14:15:40.0563 0x0308 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:15:40.0594 0x0308 Compbatt - ok
14:15:40.0672 0x0308 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:15:40.0750 0x0308 CompositeBus - ok
14:15:40.0750 0x0308 COMSysApp - ok
14:15:40.0828 0x0308 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:15:40.0859 0x0308 crcdisk - ok
14:15:40.0922 0x0308 [ B1962E21F74697AB442FA4432B970E85, DADE4C90624EC928699246785E3DF73D795B5C68834FCD99D3063AD647423D12 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:15:41.0000 0x0308 CryptSvc - ok
14:15:41.0093 0x0308 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
14:15:41.0187 0x0308 DcomLaunch - ok
14:15:41.0249 0x0308 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:15:41.0374 0x0308 defragsvc - ok
14:15:41.0452 0x0308 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:15:41.0546 0x0308 DfsC - ok
14:15:41.0624 0x0308 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:15:41.0717 0x0308 Dhcp - ok
14:15:41.0873 0x0308 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
14:15:42.0045 0x0308 DiagTrack - ok
14:15:42.0092 0x0308 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:15:42.0217 0x0308 discache - ok
14:15:42.0295 0x0308 [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
14:15:42.0326 0x0308 Disk - ok
14:15:42.0404 0x0308 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:15:42.0466 0x0308 Dnscache - ok
14:15:42.0529 0x0308 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:15:42.0653 0x0308 dot3svc - ok
14:15:42.0731 0x0308 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:15:42.0841 0x0308 DPS - ok
14:15:42.0903 0x0308 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:15:42.0950 0x0308 drmkaud - ok
14:15:43.0043 0x0308 [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:15:43.0090 0x0308 dtsoftbus01 - ok
14:15:43.0199 0x0308 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:15:43.0324 0x0308 DXGKrnl - ok
14:15:43.0402 0x0308 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:15:43.0511 0x0308 EapHost - ok
14:15:43.0761 0x0308 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:15:44.0089 0x0308 ebdrv - ok
14:15:44.0151 0x0308 [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] EFS C:\Windows\System32\lsass.exe
14:15:44.0213 0x0308 EFS - ok
14:15:44.0369 0x0308 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:15:44.0510 0x0308 ehRecvr - ok
14:15:44.0572 0x0308 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:15:44.0635 0x0308 ehSched - ok
14:15:44.0791 0x0308 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:15:44.0900 0x0308 elxstor - ok
14:15:44.0947 0x0308 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:15:44.0993 0x0308 ErrDev - ok
14:15:45.0071 0x0308 [ 0975BF32399A24117E317B5BF1D5D0AA, 850217D920BB6E524C08C11A9806B8B148E9CF6CEBED9481BF7C9F07BCA918D5 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
14:15:45.0118 0x0308 ETD - ok
14:15:45.0212 0x0308 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:15:45.0352 0x0308 EventSystem - ok
14:15:45.0383 0x0308 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:15:45.0508 0x0308 exfat - ok
14:15:45.0539 0x0308 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:15:45.0649 0x0308 fastfat - ok
14:15:45.0742 0x0308 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:15:45.0867 0x0308 Fax - ok
14:15:45.0898 0x0308 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:15:45.0945 0x0308 fdc - ok
14:15:46.0023 0x0308 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:15:46.0132 0x0308 fdPHost - ok
14:15:46.0179 0x0308 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:15:46.0288 0x0308 FDResPub - ok
14:15:46.0351 0x0308 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:15:46.0397 0x0308 FileInfo - ok
14:15:46.0413 0x0308 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:15:46.0522 0x0308 Filetrace - ok
14:15:46.0538 0x0308 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:15:46.0585 0x0308 flpydisk - ok
14:15:46.0647 0x0308 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:15:46.0725 0x0308 FltMgr - ok
14:15:46.0772 0x0308 [ E546FB34A4986316AFC4DBACB32AE80E, D2A1844C0A4CA3CC8BDB71EB1AE797FDC3E1FD126C9ECAB7E7A5BFFFAAFCA551 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
14:15:46.0834 0x0308 FLxHCIc - ok
14:15:46.0959 0x0308 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
14:15:47.0099 0x0308 FontCache - ok
14:15:47.0209 0x0308 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:15:47.0271 0x0308 FontCache3.0.0.0 - ok
14:15:47.0318 0x0308 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:15:47.0365 0x0308 FsDepends - ok
14:15:47.0427 0x0308 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:15:47.0458 0x0308 Fs_Rec - ok
14:15:47.0536 0x0308 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:15:47.0599 0x0308 fvevol - ok
14:15:47.0661 0x0308 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:15:47.0692 0x0308 gagp30kx - ok
14:15:47.0942 0x0308 [ A27A06D8359BC5202F2F8E3240DE205F, C2BB64106D6894E6CF45121FE3ECCDE2A00CAE9268CF5ECA11F436C10DBFC6F0 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:15:48.0113 0x0308 GfExperienceService - ok
14:15:48.0301 0x0308 [ 7D66EBDE8B7F9B4E00BEEFEEE82670D4, C92B794F62F2547E0D02B8D72C02FFDE9FE45E5A2CB352A80D35DDA6444CF561 ] ghaio C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys
14:15:48.0332 0x0308 ghaio - ok
14:15:48.0425 0x0308 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
14:15:48.0566 0x0308 gpsvc - ok
14:15:48.0706 0x0308 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:15:48.0831 0x0308 gupdate - ok
14:15:48.0878 0x0308 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:15:48.0893 0x0308 gupdatem - ok
14:15:48.0956 0x0308 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:15:49.0003 0x0308 hcw85cir - ok
14:15:49.0096 0x0308 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:15:49.0174 0x0308 HdAudAddService - ok
14:15:49.0205 0x0308 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:15:49.0268 0x0308 HDAudBus - ok
14:15:49.0315 0x0308 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:15:49.0361 0x0308 HECIx64 - ok
14:15:49.0408 0x0308 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:15:49.0471 0x0308 HidBatt - ok
14:15:49.0486 0x0308 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:15:49.0533 0x0308 HidBth - ok
14:15:49.0595 0x0308 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:15:49.0658 0x0308 HidIr - ok
14:15:49.0705 0x0308 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:15:49.0814 0x0308 hidserv - ok
14:15:49.0876 0x0308 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:15:49.0939 0x0308 HidUsb - ok
14:15:50.0001 0x0308 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:15:50.0110 0x0308 hkmsvc - ok
14:15:50.0188 0x0308 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:15:50.0251 0x0308 HomeGroupListener - ok
14:15:50.0313 0x0308 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:15:50.0407 0x0308 HomeGroupProvider - ok
14:15:50.0469 0x0308 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:15:50.0516 0x0308 HpSAMD - ok
14:15:50.0625 0x0308 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:15:50.0750 0x0308 HTTP - ok
14:15:50.0812 0x0308 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:15:50.0843 0x0308 hwpolicy - ok
14:15:50.0906 0x0308 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:15:50.0953 0x0308 i8042prt - ok
14:15:51.0062 0x0308 [ 42E00996DFC13C46366689C0EA8ABC5E, 1C73B7FADB3209D7C1CAA75531F789B47907129E418F91F23CBE9FC68B3056E4 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:15:51.0109 0x0308 iaStor - ok
14:15:51.0187 0x0308 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:15:51.0280 0x0308 iaStorV - ok
14:15:51.0421 0x0308 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:15:51.0561 0x0308 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
14:15:51.0670 0x0308 Detect skipped due to KSN trusted
14:15:51.0670 0x0308 IDriverT - ok
14:15:51.0779 0x0308 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:15:51.0935 0x0308 idsvc - ok
14:15:51.0951 0x0308 IEEtwCollectorService - ok
14:15:52.0684 0x0308 [ 174BCAC474DE13B2650E444CF124828E, 42410700408873D890AA0EA1A885086B0DF6D1196957E3CD8A8323C46139E2C6 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:15:53.0729 0x0308 igfx - ok
14:15:53.0823 0x0308 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:15:53.0870 0x0308 iirsp - ok
14:15:53.0979 0x0308 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:15:54.0119 0x0308 IKEEXT - ok
14:15:54.0197 0x0308 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
14:15:54.0260 0x0308 Impcd - ok
14:15:54.0463 0x0308 [ B88E24BD77A0CE2CFFEE2FACF1151BE0, 7BC5EE908C1150E5F85843131BCE5A29806F15BCBF4ECE6AE7EEF10398AC3BBB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:15:54.0681 0x0308 IntcAzAudAddService - ok
14:15:54.0821 0x0308 [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
14:15:54.0899 0x0308 IntcDAud - ok
14:15:54.0931 0x0308 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:15:54.0962 0x0308 intelide - ok
14:15:55.0024 0x0308 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:15:55.0071 0x0308 intelppm - ok
14:15:55.0149 0x0308 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:15:55.0258 0x0308 IPBusEnum - ok
14:15:55.0321 0x0308 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:15:55.0430 0x0308 IpFilterDriver - ok
14:15:55.0523 0x0308 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:15:55.0648 0x0308 iphlpsvc - ok
14:15:55.0695 0x0308 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:15:55.0757 0x0308 IPMIDRV - ok
14:15:55.0820 0x0308 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:15:55.0913 0x0308 IPNAT - ok
14:15:55.0913 0x0308 ipswuio - ok
14:15:55.0945 0x0308 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:15:56.0038 0x0308 IRENUM - ok
14:15:56.0101 0x0308 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:15:56.0132 0x0308 isapnp - ok
14:15:56.0194 0x0308 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:15:56.0257 0x0308 iScsiPrt - ok
14:15:56.0335 0x0308 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:15:56.0366 0x0308 kbdclass - ok
14:15:56.0428 0x0308 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:15:56.0491 0x0308 kbdhid - ok
14:15:56.0537 0x0308 [ E63EF8C3271D014F14E2469CE75FECB4, 3A8DFA4B446AFDC35F01FD5218D0BEBC510A1E3DE9976210F00D19767D0F9069 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
14:15:56.0569 0x0308 kbfiltr - ok
14:15:56.0584 0x0308 [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] KeyIso C:\Windows\system32\lsass.exe
14:15:56.0615 0x0308 KeyIso - ok
14:15:56.0662 0x0308 [ CFBA6BCBBDC7E33813D92FFB3460FA07, 4BE0DF9AC976A991731C784CD3F32C4CED67AD58267658F046798E84BA1BF78C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:15:56.0709 0x0308 KSecDD - ok
14:15:56.0725 0x0308 [ CE66825289EE8326CB52C4E9E785ACB0, 41113B55F891A300C7967F585F59921917EC0718C26798946056B1DE534EE0E3 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:15:56.0771 0x0308 KSecPkg - ok
14:15:56.0849 0x0308 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:15:56.0943 0x0308 ksthunk - ok
14:15:57.0021 0x0308 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:15:57.0146 0x0308 KtmRm - ok
14:15:57.0177 0x0308 [ 48686C29856F46443952A831424F8D6F, 05BEA2243E219575B2FBED23824DB2BE61F422C2972AC2E835C94DFC8A285BF6 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
14:15:57.0208 0x0308 L1C - ok
14:15:57.0286 0x0308 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:15:57.0411 0x0308 LanmanServer - ok
14:15:57.0473 0x0308 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:15:57.0583 0x0308 LanmanWorkstation - ok
14:15:57.0614 0x0308 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:15:57.0723 0x0308 lltdio - ok
14:15:57.0785 0x0308 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:15:57.0910 0x0308 lltdsvc - ok
14:15:57.0941 0x0308 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:15:58.0051 0x0308 lmhosts - ok
14:15:58.0207 0x0308 [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:15:58.0659 0x0308 LMS - detected UnsignedFile.Multi.Generic ( 1 )
14:15:58.0753 0x0308 Detect skipped due to KSN trusted
14:15:58.0753 0x0308 LMS - ok
14:15:58.0831 0x0308 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:15:58.0877 0x0308 LSI_FC - ok
14:15:58.0893 0x0308 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:15:58.0924 0x0308 LSI_SAS - ok
14:15:58.0987 0x0308 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:15:59.0033 0x0308 LSI_SAS2 - ok
14:15:59.0049 0x0308 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:15:59.0096 0x0308 LSI_SCSI - ok
14:15:59.0158 0x0308 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:15:59.0252 0x0308 luafv - ok
14:15:59.0330 0x0308 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:15:59.0377 0x0308 Mcx2Svc - ok
14:15:59.0392 0x0308 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:15:59.0439 0x0308 megasas - ok
14:15:59.0517 0x0308 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:15:59.0564 0x0308 MegaSR - ok
14:15:59.0704 0x0308 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:15:59.0813 0x0308 Microsoft Office Groove Audit Service - ok
14:15:59.0860 0x0308 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:16:00.0001 0x0308 MMCSS - ok
14:16:00.0016 0x0308 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:16:00.0110 0x0308 Modem - ok
14:16:00.0172 0x0308 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:16:00.0235 0x0308 monitor - ok
14:16:00.0266 0x0308 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:16:00.0297 0x0308 mouclass - ok
14:16:00.0375 0x0308 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:16:00.0422 0x0308 mouhid - ok
14:16:00.0484 0x0308 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:16:00.0531 0x0308 mountmgr - ok
14:16:00.0609 0x0308 [ C01441BA6F99890B7FF6CD0260B7750A, E02FFB1E8A3E423C9392ADAA9DF5FECF800DFAB3E09B74A029106DC337995539 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:16:00.0718 0x0308 MozillaMaintenance - ok
14:16:00.0796 0x0308 [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
14:16:00.0874 0x0308 MpFilter - ok
14:16:00.0890 0x0308 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:16:00.0952 0x0308 mpio - ok
14:16:00.0999 0x0308 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:16:01.0093 0x0308 mpsdrv - ok
14:16:01.0202 0x0308 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:16:01.0389 0x0308 MpsSvc - ok
14:16:01.0451 0x0308 [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:16:01.0498 0x0308 MRxDAV - ok
14:16:01.0561 0x0308 [ B7FADA5E1E55BB63F90EB9F8F016113B, 33C2C898E4AD0CBD34D9A6CF51987A4703009E23CD9D4F4294BF444C4D3D5A60 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:16:01.0623 0x0308 mrxsmb - ok
14:16:01.0670 0x0308 [ 34AFF1849B3EC042C40C5EEC9D78562A, E3378A9977B429812C38529C562FE27945706ADB5E9E877C4A90B0285631A501 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:16:01.0748 0x0308 mrxsmb10 - ok
14:16:01.0779 0x0308 [ 058CE7A55E140EB0C72FBA6FD2FA72DE, B1D89E524A621BDCC464882EF621BDC7779BFCBCC9FD923D70DE130C41D0DB4C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:16:01.0826 0x0308 mrxsmb20 - ok
14:16:01.0888 0x0308 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:16:01.0919 0x0308 msahci - ok
14:16:01.0982 0x0308 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:16:02.0029 0x0308 msdsm - ok
14:16:02.0060 0x0308 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:16:02.0122 0x0308 MSDTC - ok
14:16:02.0185 0x0308 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:16:02.0278 0x0308 Msfs - ok
14:16:02.0309 0x0308 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:16:02.0419 0x0308 mshidkmdf - ok
14:16:02.0465 0x0308 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:16:02.0512 0x0308 msisadrv - ok
14:16:02.0575 0x0308 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:16:02.0699 0x0308 MSiSCSI - ok
14:16:02.0699 0x0308 msiserver - ok
14:16:02.0762 0x0308 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:16:02.0855 0x0308 MSKSSRV - ok
14:16:02.0965 0x0308 [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:16:03.0011 0x0308 MsMpSvc - ok
14:16:03.0058 0x0308 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:16:03.0152 0x0308 MSPCLOCK - ok
14:16:03.0167 0x0308 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:16:03.0277 0x0308 MSPQM - ok
14:16:03.0355 0x0308 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:16:03.0417 0x0308 MsRPC - ok
14:16:03.0479 0x0308 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:16:03.0511 0x0308 mssmbios - ok
14:16:03.0573 0x0308 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:16:03.0667 0x0308 MSTEE - ok
14:16:03.0682 0x0308 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:16:03.0729 0x0308 MTConfig - ok
14:16:03.0791 0x0308 [ 032D35C996F21D19A205A7C8F0B76F3C, 1A1C5BD7204BB937A05E201BCC0840B2C8E4B273D8E1D6D9407264FB4C57F014 ] MTsensor C:\Windows\system32\DRIVERS\ATK64AMD.sys
14:16:03.0823 0x0308 MTsensor - ok
14:16:03.0885 0x0308 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:16:03.0916 0x0308 Mup - ok
14:16:04.0010 0x0308 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:16:04.0150 0x0308 napagent - ok
14:16:04.0275 0x0308 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:16:04.0353 0x0308 NativeWifiP - ok
14:16:04.0431 0x0308 [ 3DC32ABF6A688DAB4B38945A9B7950CA, 61C899A116F455F93AC0F0B975AB299CD49EF6D8DCFE19990C6101151E47DCAF ] NCFilter C:\Windows\system32\DRIVERS\NCFilter.sys
14:16:04.0478 0x0308 NCFilter - ok
14:16:04.0618 0x0308 [ 1AD5B08231EF4BEE0A23A451FD3EB596, 36E98F13FABE9CA76C30A8B557C9613357F1592976979F5101EF51C73C5216B2 ] NCFSD C:\Program Files\Novell\Client\XTier\Drivers\ncfsd.sys
14:16:04.0665 0x0308 NCFSD - ok
14:16:04.0712 0x0308 [ C867E407025CB589CF34F58B1338A629, 7FC0944157FA8C17BAE397C4DF053177632376884740A60CE9DAC39173BCA739 ] NCIOCTL C:\Program Files\Novell\Client\XTier\Drivers\ncioctl.sys
14:16:04.0743 0x0308 NCIOCTL - ok
14:16:04.0774 0x0308 [ 27EF9E54DB4DF26DC0854E2BF2BD4416, 27EB7219D0E2E7B9EA1473863DE548D1D0D8B5DF27330F77F3EBD03DE6A97F30 ] NCRecognizer C:\Windows\system32\DRIVERS\NCRecognizer.sys
14:16:04.0805 0x0308 NCRecognizer - ok
14:16:04.0868 0x0308 [ D3926CE154397D2B823BB6B7275A7005, C63343B23F625871BAC69942AEB3E236EBDF3305921DA0512B181F50F18E9B2A ] NCUncFilter C:\Windows\system32\DRIVERS\NCUncFilter.sys
14:16:04.0899 0x0308 NCUncFilter - ok
14:16:05.0008 0x0308 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:16:05.0133 0x0308 NDIS - ok
14:16:05.0164 0x0308 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:16:05.0273 0x0308 NdisCap - ok
14:16:05.0351 0x0308 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:16:05.0445 0x0308 NdisTapi - ok
14:16:05.0507 0x0308 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:16:05.0601 0x0308 Ndisuio - ok
14:16:05.0679 0x0308 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:16:05.0788 0x0308 NdisWan - ok
14:16:05.0835 0x0308 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:16:05.0929 0x0308 NDProxy - ok
14:16:05.0991 0x0308 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:16:06.0100 0x0308 NetBIOS - ok
14:16:06.0163 0x0308 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:16:06.0256 0x0308 NetBT - ok
14:16:06.0272 0x0308 [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] Netlogon C:\Windows\system32\lsass.exe
14:16:06.0303 0x0308 Netlogon - ok
14:16:06.0381 0x0308 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:16:06.0521 0x0308 Netman - ok
14:16:06.0599 0x0308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:16:06.0693 0x0308 NetMsmqActivator - ok
14:16:06.0724 0x0308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:16:06.0755 0x0308 NetPipeActivator - ok
14:16:06.0833 0x0308 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:16:07.0005 0x0308 netprofm - ok
14:16:07.0036 0x0308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:16:07.0067 0x0308 NetTcpActivator - ok
14:16:07.0099 0x0308 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:16:07.0130 0x0308 NetTcpPortSharing - ok
14:16:07.0192 0x0308 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:16:07.0223 0x0308 nfrd960 - ok
14:16:07.0286 0x0308 [ 01031EE30C95A5221B78499A1F68AD8C, 7B3B0F6E141BE5B1C142B467382DED53FC999076690B46B5B118D2307E5DFA9E ] NICM C:\Program Files\Novell\Client\XTier\Drivers\nicm.sys
14:16:07.0317 0x0308 NICM - ok
14:16:07.0395 0x0308 [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:16:07.0457 0x0308 NisDrv - ok
14:16:07.0535 0x0308 [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
14:16:07.0613 0x0308 NisSrv - ok
14:16:07.0676 0x0308 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:16:07.0769 0x0308 NlaSvc - ok
14:16:07.0847 0x0308 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\Windows\system32\drivers\npf.sys
14:16:07.0879 0x0308 npf - ok
14:16:07.0941 0x0308 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:16:08.0050 0x0308 Npfs - ok
14:16:08.0097 0x0308 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:16:08.0206 0x0308 nsi - ok
14:16:08.0222 0x0308 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:16:08.0315 0x0308 nsiproxy - ok
14:16:08.0471 0x0308 [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:16:08.0721 0x0308 Ntfs - ok
14:16:08.0971 0x0308 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:16:09.0064 0x0308 Null - ok
14:16:09.0844 0x0308 [ F554291C0A11F5B713B54C5886D4AA31, 65B7DF4BB3DFF616DC2C863988E30F901E14221C00E2A99A2079E19D91D93BAE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:16:10.0905 0x0308 nvlddmkm - ok
14:16:11.0155 0x0308 [ 507E699BD36530491BA0F95251B22F06, BDE6EB91FADBCB8CE16C31EF43A97DC6CC5D0F4EBAEA7903810556D0D70F54BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:16:11.0389 0x0308 NvNetworkService - ok
14:16:11.0467 0x0308 [ 3F403A74349FCE04DF8D7BE24E6A02BD, 0167E289725DB55BEE2792CF8366B62FB6B209C9B815F687C4DAC388125223C3 ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
14:16:11.0498 0x0308 nvpciflt - ok
14:16:11.0529 0x0308 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:16:11.0576 0x0308 nvraid - ok
14:16:11.0638 0x0308 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:16:11.0685 0x0308 nvstor - ok
14:16:11.0825 0x0308 [ 7E4C1879248629A2C9CC9ADF52CBB9B7, 856FF60FD111C3C80B137BC62B7EF92D3B95FBA462A29F97D65457A5A507506E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:16:11.0857 0x0308 NvStreamKms - ok
14:16:13.0058 0x0308 [ C3EB27E4BC00283CA166A9FC42B90FC7, FED7F68D1C6EB442292E40DCFAEE7339AE21D5EF726A9DC9BCB6AB5C5873B3E0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
14:16:14.0743 0x0308 NvStreamSvc - ok
14:16:15.0055 0x0308 [ 8E99BF264C1F20934A67E91BC9F4FB20, 89AA8823B751F4CEF4E862F1270E7EFDA81A6E5D9C5F72625CBF83C70B312353 ] nvsvc C:\Windows\system32\nvvsvc.exe
14:16:15.0133 0x0308 nvsvc - ok
14:16:15.0195 0x0308 [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
14:16:15.0226 0x0308 nvvad_WaveExtensible - ok
14:16:15.0289 0x0308 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:16:15.0335 0x0308 nv_agp - ok
14:16:15.0491 0x0308 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:16:15.0913 0x0308 odserv - ok
14:16:15.0975 0x0308 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:16:16.0022 0x0308 ohci1394 - ok
14:16:16.0100 0x0308 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:16:16.0349 0x0308 ose - ok
14:16:16.0490 0x0308 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:16:16.0568 0x0308 p2pimsvc - ok
14:16:16.0646 0x0308 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:16:16.0739 0x0308 p2psvc - ok
14:16:16.0786 0x0308 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:16:16.0849 0x0308 Parport - ok
14:16:16.0895 0x0308 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:16:16.0942 0x0308 partmgr - ok
14:16:17.0005 0x0308 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:16:17.0067 0x0308 PcaSvc - ok
14:16:17.0129 0x0308 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:16:17.0192 0x0308 pci - ok
14:16:17.0254 0x0308 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:16:17.0285 0x0308 pciide - ok
14:16:17.0348 0x0308 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:16:17.0395 0x0308 pcmcia - ok
14:16:17.0426 0x0308 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:16:17.0457 0x0308 pcw - ok
14:16:17.0551 0x0308 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:16:17.0660 0x0308 PEAUTH - ok
14:16:17.0800 0x0308 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:16:18.0050 0x0308 PerfHost - ok
14:16:18.0206 0x0308 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:16:18.0409 0x0308 pla - ok
14:16:18.0518 0x0308 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:16:18.0627 0x0308 PlugPlay - ok
14:16:18.0643 0x0308 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:16:18.0705 0x0308 PNRPAutoReg - ok
14:16:18.0736 0x0308 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:16:18.0783 0x0308 PNRPsvc - ok
14:16:18.0861 0x0308 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:16:18.0955 0x0308 PolicyAgent - ok
14:16:19.0017 0x0308 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:16:19.0126 0x0308 Power - ok
14:16:19.0204 0x0308 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:16:19.0298 0x0308 PptpMiniport - ok
14:16:19.0345 0x0308 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:16:19.0407 0x0308 Processor - ok
14:16:19.0469 0x0308 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:16:19.0516 0x0308 ProfSvc - ok
14:16:19.0532 0x0308 [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] ProtectedStorage C:\Windows\system32\lsass.exe
14:16:19.0563 0x0308 ProtectedStorage - ok
14:16:19.0625 0x0308 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:16:19.0735 0x0308 Psched - ok
14:16:19.0875 0x0308 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:16:20.0062 0x0308 ql2300 - ok
14:16:20.0109 0x0308 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:16:20.0156 0x0308 ql40xx - ok
14:16:20.0218 0x0308 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:16:20.0296 0x0308 QWAVE - ok
14:16:20.0296 0x0308 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:16:20.0359 0x0308 QWAVEdrv - ok
14:16:20.0405 0x0308 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:16:20.0515 0x0308 RasAcd - ok
14:16:20.0577 0x0308 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:16:20.0686 0x0308 RasAgileVpn - ok
14:16:20.0733 0x0308 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:16:20.0858 0x0308 RasAuto - ok
14:16:20.0920 0x0308 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:16:21.0045 0x0308 Rasl2tp - ok
14:16:21.0123 0x0308 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:16:21.0248 0x0308 RasMan - ok
14:16:21.0310 0x0308 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:16:21.0435 0x0308 RasPppoe - ok
14:16:21.0466 0x0308 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:16:21.0591 0x0308 RasSstp - ok
14:16:21.0669 0x0308 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:16:21.0841 0x0308 rdbss - ok
14:16:21.0887 0x0308 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:16:21.0950 0x0308 rdpbus - ok
14:16:21.0981 0x0308 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:16:22.0075 0x0308 RDPCDD - ok
14:16:22.0090 0x0308 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:16:22.0184 0x0308 RDPENCDD - ok
14:16:22.0215 0x0308 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:16:22.0309 0x0308 RDPREFMP - ok
14:16:22.0418 0x0308 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:16:22.0480 0x0308 RdpVideoMiniport - ok
14:16:22.0543 0x0308 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:16:22.0621 0x0308 RDPWD - ok
14:16:22.0699 0x0308 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:16:22.0761 0x0308 rdyboost - ok
14:16:22.0823 0x0308 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:16:22.0933 0x0308 RemoteAccess - ok
14:16:23.0011 0x0308 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:16:23.0120 0x0308 RemoteRegistry - ok
14:16:23.0167 0x0308 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:16:23.0260 0x0308 RpcEptMapper - ok
14:16:23.0323 0x0308 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:16:23.0354 0x0308 RpcLocator - ok
14:16:23.0447 0x0308 [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
14:16:23.0494 0x0308 RpcSs - ok
14:16:23.0588 0x0308 [ 0103AA79589FCA09DF1DF9B31273B16D, 7F62ACF905A83DF6B1803E92D7444CDF2983590F50D7BEE38413C41730E00DF6 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
14:16:23.0635 0x0308 RSPCIESTOR - ok
14:16:23.0713 0x0308 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:16:23.0806 0x0308 rspndr - ok
14:16:23.0884 0x0308 [ 8C17F3795DAE9A0ECDE4B3A3B0740E5F, 65807F2EEB7E60E1A7EFB4AEC9BB20C7121E8754E9001616DF919E5EA8B7C541 ] rxyycwf C:\Windows\system32\drivers\bpeo.sys
14:16:23.0915 0x0308 rxyycwf - ok
14:16:23.0931 0x0308 [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] SamSs C:\Windows\system32\lsass.exe
14:16:23.0962 0x0308 SamSs - ok
14:16:24.0103 0x0308 [ 0F88547DDDC91DE85B61F93BB8D7866A, 979D28408A7ABD93593D24648DF1067734341CED190BB36B760590915AD86C72 ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
14:16:24.0134 0x0308 SAVAdminService - ok
14:16:24.0212 0x0308 [ 389609560D81988DA2B78F7AFE1384F0, 3AE26F2E4018D45027AA0DE09A0E58BF5F93A7E036AB73188B57C530869B0189 ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
14:16:24.0259 0x0308 SAVOnAccess - ok
14:16:24.0337 0x0308 [ CD72AC46366F3745D0802BE75263CD85, F04B84E55746406701FC67BC03D6315AE2F950036F753CC1861CD01FFFAE01A0 ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
14:16:24.0711 0x0308 SAVService - ok
14:16:24.0773 0x0308 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:16:24.0820 0x0308 sbp2port - ok
14:16:24.0883 0x0308 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:16:25.0007 0x0308 SCardSvr - ok
14:16:25.0054 0x0308 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:16:25.0148 0x0308 scfilter - ok
14:16:25.0257 0x0308 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
14:16:25.0382 0x0308 Schedule - ok
14:16:25.0444 0x0308 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:16:25.0522 0x0308 SCPolicySvc - ok
14:16:25.0585 0x0308 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
14:16:25.0647 0x0308 sdbus - ok
14:16:25.0709 0x0308 [ 75B98959013B22F8F40C08095B8AB73C, EF608EFBF72AF48EFC9352FCEDF0523BDBA6055612FFD22654E3B241AA9C8033 ] sdcfilter C:\Windows\system32\DRIVERS\sdcfilter.sys
14:16:25.0741 0x0308 sdcfilter - ok
14:16:25.0803 0x0308 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:16:25.0865 0x0308 SDRSVC - ok
14:16:25.0943 0x0308 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:16:25.0975 0x0308 secdrv - ok
14:16:26.0037 0x0308 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
14:16:26.0084 0x0308 seclogon - ok
14:16:26.0131 0x0308 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:16:26.0255 0x0308 SENS - ok
14:16:26.0302 0x0308 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:16:26.0380 0x0308 SensrSvc - ok
14:16:26.0443 0x0308 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:16:26.0474 0x0308 Serenum - ok
14:16:26.0521 0x0308 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:16:26.0552 0x0308 Serial - ok
14:16:26.0614 0x0308 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:16:26.0677 0x0308 sermouse - ok
14:16:26.0739 0x0308 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:16:26.0833 0x0308 SessionEnv - ok
14:16:26.0879 0x0308 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:16:26.0926 0x0308 sffdisk - ok
14:16:26.0973 0x0308 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:16:27.0035 0x0308 sffp_mmc - ok
14:16:27.0067 0x0308 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:16:27.0113 0x0308 sffp_sd - ok
14:16:27.0160 0x0308 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:16:27.0223 0x0308 sfloppy - ok
14:16:27.0285 0x0308 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:16:27.0425 0x0308 SharedAccess - ok
14:16:27.0503 0x0308 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:16:27.0628 0x0308 ShellHWDetection - ok
14:16:27.0659 0x0308 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:16:27.0691 0x0308 SiSRaid2 - ok
14:16:27.0737 0x0308 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:16:27.0784 0x0308 SiSRaid4 - ok
14:16:27.0893 0x0308 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:16:27.0971 0x0308 SkypeUpdate - ok
14:16:28.0003 0x0308 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:16:28.0112 0x0308 Smb - ok
14:16:28.0190 0x0308 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:16:28.0283 0x0308 SNMPTRAP - ok
14:16:28.0455 0x0308 [ 2114518E55B380A3ACC28B2C27FD499A, 5EB378ECE4AD1E1C843CF21D46A5A3DE85CB8BBF1DF7292D54200F4ECFAE301A ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
14:16:28.0658 0x0308 SNP2UVC - ok
14:16:28.0736 0x0308 [ 0A8C9F9FB138B30B836CC808F7D14CEF, 6B123185136E1AF0B60B2B34DCA075184739396D0AD854A1036351AB57EC29B9 ] sntp C:\Windows\system32\DRIVERS\sntp.sys
14:16:28.0783 0x0308 sntp - ok
14:16:28.0907 0x0308 [ 95C9BDF5C030644B0B11D8BEEA9740D5, 0EBB624CDD939FBF634CF85DC658C6AB38C02BA3632AC2E8D0BA7B4847EC14BE ] SntpService C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe
14:16:29.0063 0x0308 SntpService - ok
14:16:29.0235 0x0308 [ F5BCDA93F70CE7DCEB81660CB62C2BFF, 5DA4192A08418646E40E5FDC48E613490DD08567FE9E0D765C3FAF6EF9F7BF6D ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
14:16:29.0625 0x0308 Sophos AutoUpdate Service - ok
14:16:29.0797 0x0308 [ E26625A4A22E5BADF495B8FB613F27AD, C040328B0838A1DD2F5E12863611B3755681697D1ADA2F0C014694762B4F8F72 ] Sophos Web Control Service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
14:16:29.0859 0x0308 Sophos Web Control Service - ok
14:16:29.0937 0x0308 [ FFD056D55C46946ACA218F0A61DA2743, A9E3910EBEFC8674704F42C6D43A12A521C212B911D46FCD669D8AAFA8381C55 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
14:16:29.0984 0x0308 SophosBootDriver - ok
14:16:30.0202 0x0308 [ 664C33FCF2A7CE154ED21EC18F2424B1, 8C54F6A512342BAFF6638E5A300B9927592AA886ADCDB835EB1C3EC431A79DF7 ] sophossps C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe
14:16:30.0499 0x0308 sophossps - ok
14:16:30.0561 0x0308 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:16:30.0592 0x0308 spldr - ok
14:16:30.0795 0x0308 [ 739DB668DBD812285ECC553E64A5E212, 08E99CD042232CEB20BB5A808E914C9F2F0C154099BF921BA40E661B08472CF5 ] spmgr C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
14:16:30.0873 0x0308 spmgr - ok
14:16:30.0967 0x0308 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:16:31.0060 0x0308 Spooler - ok
14:16:31.0310 0x0308 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:16:31.0981 0x0308 sppsvc - ok
14:16:32.0043 0x0308 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:16:32.0152 0x0308 sppuinotify - ok
14:16:32.0215 0x0308 [ 16897B0322DD56621DF5978131130AF2, C5A211F69C83B42909A24A52D9E3E49DA71EB966ACD435AF8DFFC6787DC41749 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:16:32.0293 0x0308 srv - ok
14:16:32.0355 0x0308 [ 978423DEC32318FFBCD76D01232AC0FF, 23193895107D2DDA0EA5199CB717ABC5BA0EAC1BC39DB08DE182869FF5AB627D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:16:32.0449 0x0308 srv2 - ok
14:16:32.0495 0x0308 [ CB06B3D4659D744131E691B7B4CE6B2D, C27219DAC5E60716F8F34DCE1832C2CEF34FF47346F231EFE6AC346DF80C9E5A ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:16:32.0589 0x0308 srvnet - ok
14:16:32.0636 0x0308 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:16:32.0792 0x0308 SSDPSRV - ok
14:16:32.0839 0x0308 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:16:32.0963 0x0308 SstpSvc - ok
14:16:33.0119 0x0308 [ 0398BF35F898BA77033E678609AAB64F, E48D2E1E1C8FD314340BA1AA69E8942F630139B1E7019C8828BA5525444320D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:16:33.0369 0x0308 Steam Client Service - ok
14:16:33.0603 0x0308 [ 49D9C17FDDFAC66F27FA735E94923216, 18C8FE5B794927989CDD3BB7A5500C73CCC23559470EEB37D42FD9AD04098C0D ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:16:33.0868 0x0308 Stereo Service - ok
14:16:33.0931 0x0308 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:16:33.0962 0x0308 stexstor - ok
14:16:34.0040 0x0308 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:16:34.0165 0x0308 stisvc - ok
14:16:34.0211 0x0308 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:16:34.0243 0x0308 swenum - ok
14:16:34.0555 0x0308 [ 78D9AE984D5E5C345FE4F536C62C913F, A111A31D9B4FB297B8DDDCA36E5F4A091C709D67F178407110A0B12FCF19C43C ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
14:16:34.0929 0x0308 swi_service - ok
14:16:35.0272 0x0308 [ 357FF184AE5AF39D9C99EE433FA4DE66, D608E6A722A6C7087F012DEC2D55DF696193B59C550B40D3F72E1AE11C871565 ] swi_update_64 C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe
14:16:35.0522 0x0308 swi_update_64 - ok
14:16:35.0615 0x0308 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:16:35.0771 0x0308 swprv - ok
14:16:35.0912 0x0308 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
14:16:36.0115 0x0308 SysMain - ok
14:16:36.0177 0x0308 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:16:36.0255 0x0308 TabletInputService - ok
14:16:36.0302 0x0308 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:16:36.0442 0x0308 TapiSrv - ok
14:16:36.0583 0x0308 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:16:36.0832 0x0308 Tcpip - ok
14:16:36.0988 0x0308 [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:16:37.0097 0x0308 TCPIP6 - ok
14:16:37.0160 0x0308 [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:16:37.0222 0x0308 tcpipreg - ok
14:16:37.0269 0x0308 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:16:37.0331 0x0308 TDPIPE - ok
14:16:37.0394 0x0308 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:16:37.0425 0x0308 TDTCP - ok
14:16:37.0487 0x0308 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:16:37.0550 0x0308 tdx - ok
14:16:37.0628 0x0308 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:16:37.0659 0x0308 TermDD - ok
14:16:37.0768 0x0308 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:16:37.0846 0x0308 TermService - ok
14:16:37.0893 0x0308 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:16:37.0955 0x0308 Themes - ok
14:16:38.0018 0x0308 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:16:38.0096 0x0308 THREADORDER - ok
14:16:38.0158 0x0308 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:16:38.0267 0x0308 TrkWks - ok
14:16:38.0377 0x0308 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:16:38.0501 0x0308 TrustedInstaller - ok
14:16:38.0564 0x0308 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:16:38.0626 0x0308 tssecsrv - ok
14:16:38.0673 0x0308 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:16:38.0720 0x0308 TsUsbFlt - ok
14:16:38.0782 0x0308 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:16:38.0907 0x0308 tunnel - ok
14:16:38.0954 0x0308 [ C45A3E051C65106A28982CAED125F855, 9164708ABC6B1BA804B8297AA4EEBC65C4BDD4D399AD6CBAB9C66BB7AA9020E8 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
14:16:38.0985 0x0308 TurboB - ok
14:16:39.0063 0x0308 [ BAEF86EBEAECE76573FA822DEA256F6C, B845AB0AACCCF4C2D4A8DD152C57C52416C5938FB3FEB670DB5434FA95620F3B ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
14:16:39.0110 0x0308 TurboBoost - ok
14:16:39.0157 0x0308 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:16:39.0188 0x0308 uagp35 - ok
14:16:39.0266 0x0308 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:16:39.0391 0x0308 udfs - ok
14:16:39.0453 0x0308 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:16:39.0500 0x0308 UI0Detect - ok
14:16:39.0531 0x0308 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:16:39.0578 0x0308 uliagpkx - ok
14:16:39.0640 0x0308 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
14:16:39.0703 0x0308 umbus - ok
14:16:39.0765 0x0308 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:16:39.0812 0x0308 UmPass - ok
14:16:40.0093 0x0308 [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:16:40.0935 0x0308 UNS - detected UnsignedFile.Multi.Generic ( 1 )
14:16:51.0115 0x0308 UNS ( UnsignedFile.Multi.Generic ) - warning
14:16:52.0237 0x0308 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:16:52.0442 0x0308 upnphost - ok
14:16:52.0513 0x0308 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:16:52.0577 0x0308 usbccgp - ok
14:16:52.0648 0x0308 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:16:52.0710 0x0308 usbcir - ok
14:16:52.0772 0x0308 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:16:52.0833 0x0308 usbehci - ok
14:16:52.0922 0x0308 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:16:52.0986 0x0308 usbhub - ok
14:16:53.0032 0x0308 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:16:53.0068 0x0308 usbohci - ok
14:16:53.0117 0x0308 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:16:53.0166 0x0308 usbprint - ok
14:16:53.0223 0x0308 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:16:53.0275 0x0308 USBSTOR - ok
14:16:53.0350 0x0308 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:16:53.0401 0x0308 usbuhci - ok
14:16:53.0467 0x0308 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:16:53.0521 0x0308 usbvideo - ok
14:16:53.0575 0x0308 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:16:53.0687 0x0308 UxSms - ok
14:16:53.0709 0x0308 [ 13FE29C1C8E782829C7FAA3B14F4A666, C53F7F9039E79AC6D5BDA94981A187570D6C7828930B6064CEFC17DC172EA20E ] VaultSvc C:\Windows\system32\lsass.exe
14:16:53.0743 0x0308 VaultSvc - ok
14:16:53.0770 0x0308 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:16:53.0809 0x0308 vdrvroot - ok
14:16:53.0892 0x0308 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:16:54.0054 0x0308 vds - ok
14:16:54.0125 0x0308 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:16:54.0170 0x0308 vga - ok
14:16:54.0194 0x0308 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:16:54.0298 0x0308 VgaSave - ok
14:16:54.0348 0x0308 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:16:54.0406 0x0308 vhdmp - ok
14:16:54.0454 0x0308 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:16:54.0490 0x0308 viaide - ok
14:16:54.0519 0x0308 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:16:54.0563 0x0308 volmgr - ok
14:16:54.0641 0x0308 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:16:54.0709 0x0308 volmgrx - ok
14:16:54.0788 0x0308 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:16:54.0856 0x0308 volsnap - ok
14:16:54.0996 0x0308 [ 4796ED745BDAD6336E7AB9EFDC28F4D5, 14086957F5FF5145BD4DB9B170DA62B68CC78CCD14FF3F163EC7D24F93E97F03 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
14:16:55.0348 0x0308 vpnagent - ok
14:16:55.0540 0x0308 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
14:16:55.0578 0x0308 vpnva - ok
14:16:55.0653 0x0308 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:16:55.0705 0x0308 vsmraid - ok
14:16:55.0842 0x0308 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:16:56.0074 0x0308 VSS - ok
14:16:56.0095 0x0308 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:16:56.0140 0x0308 vwifibus - ok
14:16:56.0207 0x0308 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:16:56.0258 0x0308 vwififlt - ok
14:16:56.0337 0x0308 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:16:56.0468 0x0308 W32Time - ok
14:16:56.0490 0x0308 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:16:56.0545 0x0308 WacomPen - ok
14:16:56.0622 0x0308 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:16:56.0725 0x0308 WANARP - ok
14:16:56.0747 0x0308 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:16:56.0828 0x0308 Wanarpv6 - ok
14:16:56.0956 0x0308 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:16:57.0129 0x0308 wbengine - ok
14:16:57.0217 0x0308 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:16:57.0313 0x0308 WbioSrvc - ok
14:16:57.0409 0x0308 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:16:57.0556 0x0308 wcncsvc - ok
14:16:57.0620 0x0308 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:16:57.0671 0x0308 WcsPlugInService - ok
14:16:57.0724 0x0308 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:16:57.0762 0x0308 Wd - ok
14:16:57.0859 0x0308 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:16:57.0969 0x0308 Wdf01000 - ok
14:16:58.0029 0x0308 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:16:58.0088 0x0308 WdiServiceHost - ok
14:16:58.0114 0x0308 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:16:58.0151 0x0308 WdiSystemHost - ok
14:16:58.0221 0x0308 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
14:16:58.0305 0x0308 WebClient - ok
14:16:58.0368 0x0308 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:16:58.0483 0x0308 Wecsvc - ok
14:16:58.0538 0x0308 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:16:58.0641 0x0308 wercplsupport - ok
14:16:58.0681 0x0308 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:16:58.0771 0x0308 WerSvc - ok
14:16:58.0841 0x0308 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:16:58.0932 0x0308 WfpLwf - ok
14:16:59.0008 0x0308 [ 52DED146E4797E6CCF94799E8E22BB2A, 57A29260D81AA3AD3F8C29E9CFA7CE3970D7A8BF673ADD9B256EE76C7DEC080E ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:16:59.0061 0x0308 WimFltr - ok
14:16:59.0093 0x0308 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:16:59.0144 0x0308 WIMMount - ok
14:16:59.0196 0x0308 WinDefend - ok
14:16:59.0221 0x0308 WinHttpAutoProxySvc - ok
14:16:59.0363 0x0308 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:16:59.0488 0x0308 Winmgmt - ok
14:16:59.0651 0x0308 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:16:59.0872 0x0308 WinRM - ok
14:16:59.0972 0x0308 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
14:17:00.0020 0x0308 WinUsb - ok
14:17:00.0120 0x0308 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:17:00.0263 0x0308 Wlansvc - ok
14:17:00.0338 0x0308 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:17:00.0377 0x0308 WmiAcpi - ok
14:17:00.0455 0x0308 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:17:00.0535 0x0308 wmiApSrv - ok
14:17:00.0591 0x0308 WMPNetworkSvc - ok
14:17:00.0644 0x0308 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:17:00.0689 0x0308 WPCSvc - ok
14:17:00.0754 0x0308 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:17:00.0822 0x0308 WPDBusEnum - ok
14:17:00.0876 0x0308 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:17:00.0986 0x0308 ws2ifsl - ok
14:17:01.0034 0x0308 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:17:01.0107 0x0308 wscsvc - ok
14:17:01.0113 0x0308 WSearch - ok
14:17:01.0326 0x0308 [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv C:\Windows\system32\wuaueng.dll
14:17:01.0665 0x0308 wuauserv - ok
14:17:01.0725 0x0308 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:17:01.0783 0x0308 WudfPf - ok
14:17:01.0814 0x0308 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:17:01.0877 0x0308 WUDFRd - ok
14:17:01.0903 0x0308 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:17:01.0964 0x0308 wudfsvc - ok
14:17:02.0029 0x0308 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:17:02.0123 0x0308 WwanSvc - ok
14:17:02.0177 0x0308 XTSvcMgr - ok
14:17:02.0213 0x0308 ================ Scan global ===============================
14:17:02.0268 0x0308 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
14:17:02.0345 0x0308 [ 9A4F78635634A939EF3B02003E44657B, F24359B8ECB3EF506C190928B81830CCE0D8C3C4B420A8149379DC6F03042A4C ] C:\Windows\system32\winsrv.dll
14:17:02.0403 0x0308 [ 9A4F78635634A939EF3B02003E44657B, F24359B8ECB3EF506C190928B81830CCE0D8C3C4B420A8149379DC6F03042A4C ] C:\Windows\system32\winsrv.dll
14:17:02.0472 0x0308 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:17:02.0565 0x0308 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
14:17:02.0585 0x0308 [ Global ] - ok
14:17:02.0586 0x0308 ================ Scan MBR ==================================
14:17:02.0600 0x0308 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:17:02.0976 0x0308 \Device\Harddisk0\DR0 - ok
14:17:02.0981 0x0308 ================ Scan VBR ==================================
14:17:02.0982 0x0308 [ EEA01AADF197B2788B60926874F92BC9 ] \Device\Harddisk0\DR0\Partition1
14:17:02.0990 0x0308 \Device\Harddisk0\DR0\Partition1 - ok
14:17:02.0990 0x0308 ================ Scan generic autorun ======================
14:17:02.0991 0x0308 ETDWare - ok
14:17:03.0060 0x0308 [ CDA3CF88FB7C78DFFB629C390D82399F, 922F5A3F63C044DAA084F2C0BBA46A3E4AA311B23DBB891923B977005F113B4A ] C:\Windows\system32\igfxtray.exe
14:17:03.0118 0x0308 IgfxTray - ok
14:17:03.0157 0x0308 [ C27FDBE58254BF6438535E386E17DC8C, 5C1EC6C47E1ED93BAECDB6DC2A320FDF4048DFB3273C7D27D84BEC3D0B5C7031 ] C:\Windows\system32\hkcmd.exe
14:17:03.0238 0x0308 HotKeysCmds - ok
14:17:03.0297 0x0308 [ D2A8A2A49F5B0426EA85C5FA09854531, A499C609DA2BBF4A85E8E41BFF3F80CA1DB4E17C3C7727C99FAAB7CD0E9D76A1 ] C:\Windows\system32\igfxpers.exe
14:17:03.0377 0x0308 Persistence - ok
14:17:03.0379 0x0308 Nvtmru - ok
14:17:03.0442 0x0308 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
14:17:03.0494 0x0308 ShadowPlay - ok
14:17:03.0495 0x0308 NWTRAY - ok
14:17:03.0692 0x0308 [ 4F011F572DAC7057DF9D6E9064AA77E8, CC05441572740A9996525C3B9382191022E4F918C45C09EC0DE4C11215F81008 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
14:17:04.0327 0x0308 NvBackend - ok
14:17:04.0865 0x0308 [ C32B36D2168AEA9D4FA77C0A4F56379D, 0EC6D743F381014874119536DF3E9AE2D20678A602D73CF5012FB1E047AB5F77 ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
14:17:05.0564 0x0308 ATKOSD2 - ok
14:17:05.0636 0x0308 [ 6FCA49B4085C32D1CC738C16142C0CDD, A72D682B055E9D0CDD5D44240B9C37AFDFA4312B909464DE7B6A06C4C043BE5C ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
14:17:05.0766 0x0308 ATKMEDIA - ok
14:17:05.0886 0x0308 [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
14:17:06.0077 0x0308 HControlUser - ok
14:17:06.0229 0x0308 [ F477F57732AFFC5460FCC5302DC08394, 56E759A54243CCEE3E67AE8CF5D52AC91DA64FD8E4B6CC4A9FC5CFF046735812 ] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
14:17:06.0470 0x0308 Wireless Console 3 - detected UnsignedFile.Multi.Generic ( 1 )
14:17:06.0555 0x0308 Detect skipped due to KSN trusted
14:17:06.0555 0x0308 Wireless Console 3 - ok
14:17:06.0596 0x0308 SessionLogon - ok
14:17:06.0709 0x0308 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
14:17:06.0781 0x0308 GrooveMonitor - ok
14:17:06.0925 0x0308 [ FE12709D0ABE8BAE59523B2C4C2BD56F, 938E4E2179BAEB573FD740F17584D6F1F40F0C7BB524375D2010D7DF8F088368 ] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
14:17:07.0035 0x0308 Sophos AutoUpdate Monitor - ok
14:17:07.0159 0x0308 [ 7EC40236CFA2BC1B2A4AAC1CA3E0282A, 0E38F1A311B77CD192100CE12ED1438CB06F7C94D381F68F66E5974289244F23 ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
14:17:07.0486 0x0308 Cisco AnyConnect Secure Mobility Agent for Windows - ok
14:17:07.0726 0x0308 [ 6EACC43D0542EF88226FB34B0B12EDB0, 6345E4B49D7F804F6DE042F981AB172822B6AB74C42209BEFB0582B019430884 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:17:07.0840 0x0308 SunJavaUpdateSched - ok
14:17:07.0942 0x0308 [ 297C1BDCC26ADB339D4C0F0550E434D6, EFF4EC2543421BE537B1EDC8E88CFF7C529F3774F54BD9A71CCDB33EE9ED6370 ] C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe
14:17:08.0062 0x0308 Malwarebytes Anti-Malware (cleanup) - ok
14:17:08.0219 0x0308 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:17:08.0416 0x0308 Sidebar - ok
14:17:08.0474 0x0308 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:17:08.0539 0x0308 mctadmin - ok
14:17:08.0625 0x0308 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:17:08.0707 0x0308 Sidebar - ok
14:17:08.0732 0x0308 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:17:08.0774 0x0308 mctadmin - ok
14:17:08.0961 0x0308 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
14:17:09.0087 0x0308 Sidebar - ok
14:17:09.0119 0x0308 EA Core - ok
14:17:09.0239 0x0308 [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
14:17:09.0329 0x0308 tsiVideo - ok
14:17:09.0331 0x0308 Waiting for KSN requests completion. In queue: 79
14:17:10.0530 0x0308 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x60000 ( disabled : updated )
14:17:10.0531 0x0308 AV detected via SS2: Sophos Anti-Virus, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe ( 10.6.3.0 ), 0x51000 ( enabled : updated )
14:17:10.0594 0x0308 Win FW state via NFP2: enabled ( trusted )
14:17:10.0683 0x0308 ============================================================
14:17:10.0683 0x0308 Scan finished
14:17:10.0683 0x0308 ============================================================
14:17:10.0699 0x19e4 Detected object count: 1
14:17:10.0699 0x19e4 Actual detected object count: 1
14:18:05.0236 0x19e4 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
14:18:05.0236 0x19e4 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
20.08.2016, 14:16
| #4 |
| /// Malwareteam | Msupdate und RarSFX0, Trojaner? Frage  Hast du absichtlich einen der folgenden Proxies eingerichtet: - 37.187.114.209, in Frankreich - einen Proxy zur Uni Hamburg Falls ja, wirst du sie im Anschluss an unsere Arbeit neu einrichten müssen weil sie zurückgesetzt werden. Schritt: 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter closeprocesses:
HKU\S-1-5-21-2218909522-371895218-1508300633-1000\...\Run: [tsiVideo] => C:\Users\Max\AppData\Local\Temp\mdi064.dll [1456128 2016-08-11] () <===== ACHTUNG
FF NetworkProxy: "autoconfig_url", "data:application/x-ns-proxy-autoconfig;base64,Zn
cmd: sfc /scannow
cmd: findstr /c:"[SR]" %windir%\logs\cbs\cbs.log
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Dieser Fix wird eine Weile dauern können. Schritt: 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt: 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
Starte bitte wieder 
Defender zu benutzen. Solltest du noch Windows 7 verwenden, verwende als kostenlose Lösung die 
Microsoft Security Essentials. 
Malwarebytes Anti-Exploit
Linear-Darstellung
