| |
| |||||||
Log-Analyse und Auswertung: RootkitverdachtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
| |
02.05.2017, 22:45
| #1 |
 |  Rootkitverdacht Hallo Leute Habe den Verdacht von einem fiesen Rootkit heimgesucht worden zu sein. Ich wäre sehr froh wen ihr mir helft könnt. Der sysinspector von Eset und auch sysinternals findet verdächtige Prozesse : Code:
ATTFilter Modul" = "d:\windows\assembly\nativeimages_v4.0.30319_64\smsvchost\a1bca43857f8d35aea9dee66e3d4534b\smsvchost.ni.exe" ( 7: Risikoreich ) ; SMSvcHost.exe ; Microsoft Corporation ; pid 2484
"Modul" = "d:\windows\assembly\nativeimages_v4.0.30319_64\smsvchost\a1bca43857f8d35aea9dee66e3d4534b\smsvchost.ni.exe" ( 7: Risikoreich ) ; SMSvcHost.exe ; Microsoft Corporation ; pid 3284
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-05-2017
durchgeführt von Nada (02-05-2017 23:35:06)
Gestartet von D:\Users\käptnBlaubär\Downloads
Windows 10 Pro Version 1607 (X64) (2016-10-09 18:13:36)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2210758347-1204338499-507655992-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2210758347-1204338499-507655992-503 - Limited - Disabled)
Gast (S-1-5-21-2210758347-1204338499-507655992-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2210758347-1204338499-507655992-1002 - Limited - Enabled)
Nada (S-1-5-21-2210758347-1204338499-507655992-1000 - Administrator - Enabled) => D:\Users\käptnBlaubär
RSS_504C72360D464B11 (S-1-5-21-2210758347-1204338499-507655992-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Returnil System Safe 2011 (Enabled - Up to date) {B1F99400-BE58-E5B3-88CF-FB21D431A392}
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
AdBlockerHelper (HKLM-x32\...\{7923DD5E-8FFC-4DE8-A7DC-D4B83797F3C0}) (Version: - AdBlockerHelper)
Apowersoft kostenloser Bildschirmrekorder V3.0.6 (HKLM-x32\...\{24a5c90b-5128-4fc9-91f5-113d64087118}_is1) (Version: 3.0.6 - APOWERSOFT LIMITED)
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5ED7462B-EF58-4757-B609-53755021EC34}) (Version: 8.1.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.172 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{1f8bb480-f5d7-4414-a6ea-28e005509ae4}) (Version: 1.2.81.6390 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.6390 - Avira Operations GmbH & Co. KG) Hidden
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BDAntiRansomware (HKLM\...\{BE40AB1F-558F-4434-B72F-461EF97E7796}_is1) (Version: 1.0.12.1 - Bitdefender)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
CMS2017 2.0 (HKLM-x32\...\{91190DD8-7271-4F6A-BF98-96B72E835A15}) (Version: - M.S)
Command & Conquer 3 (HKLM-x32\...\{DDEDAF6C-488E-4CDA-8276-1CCF5F3C5C32}) (Version: 1.00.0000 - Ihr Firmenname)
Command & Conquer(TM) Generäle (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer(TM) Generäle (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command and Conquer(TM) Generäle Die Stunde Null (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and Conquer(TM) Generäle Die Stunde Null (x32 Version: 1.00.0000 - Electronic Arts) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
EasySetup 2.0.6 (HKLM-x32\...\{7CD2DA07-6695-4FFE-A2A6-5F7055F1A8FA}) (Version: - Thorsten Hoeppner)
Emsisoft HiJackFree 4.5 (HKLM-x32\...\Emsisoft HiJackFree_is1) (Version: 4.5 - Emsi Software GmbH)
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{4705DBFD-9D5E-4D23-817C-8CA7359B7BDE}) (Version: 11.1.20810.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HTML Help Workshop (HKLM-x32\...\HTML Help Workshop) (Version: - )
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Linkverwaltung 2.0 (HKLM-x32\...\{3AC6AA2F-8C74-48AC-A064-707CDB7461D8}) (Version: - M.S)
MD5Hasch 2.0.0 (HKLM-x32\...\{9C0D084E-423E-452F-9935-F96A2A840C61}) (Version: - M.S)
MeineDaten 2.0 (HKLM-x32\...\{1A25CEB9-5A89-43AB-93CD-BF8B0149F684}) (Version: - M.S)
MeineDatenBank 2.0 (HKLM-x32\...\{7EA04711-607D-424B-A210-900296D7B874}) (Version: - M.S)
MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office 2000 Disc 2 (HKLM-x32\...\{00040407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
Microsoft Office Access Runtime (German) 2007 (HKLM-x32\...\{90120000-001C-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 (Deutsch) (HKLM-x32\...\{FA440BE8-EC2F-4478-A01A-077DA0606501}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual FoxPro OLE DB Provider (HKLM-x32\...\{3DA245C5-23B1-4874-BFA7-287B7D6C1EF6}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 für Windows Desktop - DEU (HKLM-x32\...\{69ec32be-d994-44de-9eae-6d86ced6f352}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 53.0 (x64 de) (HKLM\...\Mozilla Firefox 53.0 (x64 de)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6312 - Mozilla)
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
NetObjects Fusion Essentials (HKLM-x32\...\{8508AD2F-9837-4CC3-AC3C-05DB64D20275}) (Version: 13.0 - NetObjects)
NetObjects Fusion Essentials (x32 Version: 13.00.0000.5598 - NetObjects) Hidden
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.80 - Symantec Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.0.7.34 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.0.7.34 - NVIDIA Corporation)
NVIDIA Grafiktreiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NvNodejs (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.0.0.0 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.9.38188 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
Panda Devices Agent (x32 Version: 1.03.08 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.08.00 - Panda Security) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
PrivaZer (HKLM-x32\...\PrivaZer) (Version: 3.0.19.0 - Goversoft LLC)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Returnil System Safe 2011 (HKLM-x32\...\{92AF8F5C-4F36-4276-ADC7-AC95F348235B}) (Version: 3.2.10853 - CJSC Returnil Software)
RogueKiller Version 12.10.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.10.6.0 - Adlice Software)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: - Samsung Electronics CO.,LTD)
SanityCheck 2.02 (HKLM\...\SanityCheck_is1) (Version: - Resplendence Software Projects Sp.)
Serif PagePlus X2 (HKLM-x32\...\{B00B1355-DD54-4314-90B1-161C6A7D3FD3}) (Version: 12.0.0.012 - Serif (Europe) Ltd)
SHIELD Streaming (Version: 7.1.0320 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.0.7.34 - NVIDIA Corporation) Hidden
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (x32 Version: 14.102.25619 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TrojanHunter 6.0 (HKLM-x32\...\TrojanHunter_is1) (Version: 6.0 - Bytelayer AB)
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.36.0 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VS Update core components (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25431 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17362 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {01D4B8E8-467A-4035-90A1-6A5D225FBF40} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {0271E4B5-0CBB-4FBD-BF90-A81C65725AA4} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {0AE4797F-C5A4-4793-A9F9-B58F04895C3D} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {0C59C8F3-5851-4422-A8EB-C1C2E79851EA} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-09-30] (NVIDIA Corporation)
Task: {0D876791-6730-4569-91A1-16C55356B8D7} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {0DA3D330-6608-429D-8C7F-772E1B18F40A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {22093BCE-0D5C-4DE1-97BA-2DE8FBB4AC7B} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {283FE97C-0921-46FD-89AA-0964480D6676} - System32\Tasks\BDAntiCryptoWallTask => D:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe [2016-05-16] ()
Task: {2CE6F91D-AD61-4A5B-A47E-7BDA0D5CC3EE} - System32\Tasks\Apple\AppleSoftwareUpdate => D:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {2CFBDC09-4D64-44E6-9ECF-CC7F0F76D9BF} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {2FD69397-024B-4ED2-9C5F-29C651355DE4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3B5223C3-3DF8-4660-9F71-06FA0C9AC531} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {3D2FDB4D-CAC6-4CE1-A3EA-06B7D18227A5} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-09-30] (NVIDIA Corporation)
Task: {6EADAB68-C306-4603-AAAC-2714B530E405} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {7F5F7452-6161-4DD5-91D9-FCFE41EC5B08} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => D:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {7F871D47-7D40-4C22-8BF0-7084448DCE1C} - System32\Tasks\{E7EB9F2C-A589-4420-A190-2EBD4D9356C5} => pcalua.exe -a D:\Users\käptnBlaubär\Downloads\MDAC_TYP.EXE -d D:\Users\käptnBlaubär\Downloads
Task: {8B70AB37-B99E-4BC4-8D87-F711C3643B21} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {95E9774F-A4C2-4FBD-A92D-D0CE10521609} - System32\Tasks\Norton Security Scan for Nada => D:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.80\Nss.exe [2016-11-03] (Symantec Corporation)
Task: {9B8180B6-C3BC-4406-B40D-C9247E07DC26} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {AB65F659-6576-490A-9175-C613E99BAF1E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {ABB7C120-8C3C-4B0D-87F9-B1FB6910205F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {AD543F3E-A6BA-4963-B9D4-65399B2608F0} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {DB45A22E-95DB-417E-B2F4-942A0E3F37A3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => D:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-09-30] (NVIDIA Corporation)
Task: {DFD1099D-3BBF-445F-A770-310BDD089ABA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {E7953A10-891C-4E02-8853-7BFF209B64A5} - System32\Tasks\PrivaZer_SkipUAC => D:\Program Files (x86)\PrivaZer\PrivaZer.exe [2017-04-02] (Goversoft LLC)
Task: {FC71D964-1996-43EF-BCD8-211A7E12C037} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {FD040641-285A-4D1B-87CA-569A58C603B6} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => D:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-09-30] (NVIDIA Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () D:\WINDOWS\SYSTEM32\ism32k.dll
2017-04-11 19:36 - 2017-03-28 08:22 - 02681200 _____ () D:\WINDOWS\system32\CoreUIComponents.dll
2016-02-01 19:25 - 2008-06-04 16:53 - 00027648 _____ () D:\WINDOWS\System32\spd__l6.dll
2016-02-01 19:25 - 2009-03-18 14:05 - 00685568 _____ () D:\WINDOWS\system32\spool\DRIVERS\x64\3\spd__du.dll
2014-10-03 20:56 - 2015-09-29 20:38 - 00076152 _____ () D:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-04-20 16:01 - 2017-03-22 09:39 - 00169656 _____ () D:\Program Files\CyberGhost 6\Data\Firewall\x64\nfapi.DLL
2017-04-11 19:36 - 2017-03-28 08:22 - 02681200 _____ () D:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-09 20:17 - 2016-10-09 20:17 - 00959168 _____ () D:\Users\käptnBlaubär\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-10-05 15:38 - 2016-10-07 21:54 - 03525431 _____ () D:\Program Files (x86)\PrivaZer\PrivaMenu5.dll
2016-09-21 22:16 - 2016-09-21 22:16 - 00230064 _____ () D:\Program Files\Notepad++\NppShell_06.dll
2016-10-10 12:07 - 2016-09-07 06:56 - 00134656 _____ () D:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 17:55 - 2017-03-04 08:31 - 00474112 _____ () D:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 17:55 - 2017-03-04 08:12 - 09760768 _____ () D:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 17:55 - 2017-03-04 08:05 - 01401856 _____ () D:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 17:55 - 2017-03-04 08:05 - 00757248 _____ () D:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-04-11 19:36 - 2017-03-28 07:08 - 02424320 _____ () D:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-04-11 19:36 - 2017-03-28 07:11 - 04853760 _____ () D:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-04-29 10:52 - 2016-05-16 16:25 - 01318488 _____ () D:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe
2017-04-29 10:52 - 2015-08-14 14:49 - 00614400 _____ () D:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDMetrics.dll
2017-05-02 20:49 - 2016-12-12 02:16 - 00271280 _____ () D:\Users\käptnBlaubär\Downloads\prozesseChecken\cce_x64\themes\CCE.THEME
2017-05-02 20:49 - 2016-03-16 12:25 - 00073912 _____ () D:\Users\käptnBlaubär\Downloads\prozesseChecken\cce_x64\scanners\smart.cav
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: D:\ProgramData\TEMP:341E39B2 [127]
AlternateDataStreams: D:\ProgramData\TEMP:55B41E6A [122]
AlternateDataStreams: D:\ProgramData\TEMP:9A870F8B [932]
AlternateDataStreams: D:\ProgramData\TEMP:AC64BB05 [131]
AlternateDataStreams: D:\ProgramData\TEMP:CB0AACC9 [320]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\localhost -> hxxps://localhost
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2016-12-29 17:30 - 00000938 _____ D:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\Control Panel\Desktop\\Wallpaper -> d:\users\käptnblaubär\appdata\local\microsoft\windows\themes\img10.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: HDDlife HDD Access service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvContainerLocalSystem => 2
MSCONFIG\Services: NvContainerNetworkService => 3
MSCONFIG\Services: NVIDIA Wireless Controller Service => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: Origin Web Helper Service => 2
MSCONFIG\Services: RUBotSrv => 2
MSCONFIG\Services: Samsung UPD Service => 3
MSCONFIG\Services: SandraAgentSrv => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: XblAuthManager => 3
MSCONFIG\Services: XblGameSave => 3
MSCONFIG\Services: XboxNetApiSvc => 3
HKLM\...\StartupApproved\StartupFolder: => "Malwarebytes Anti-Ransomware.lnk"
HKLM\...\StartupApproved\StartupFolder: => "RSS 2011.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\StartupApproved\StartupFolder: => "MALWAREBYTES ANTI-RANSOMWARE.LNK"
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\StartupApproved\Run: => "SUPERAntiSpyware"
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\StartupApproved\Run: => "Kaspersky Software Updater"
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\StartupApproved\Run: => "KSS"
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\StartupApproved\Run: => "CyberGhost"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-dcom] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [RVM-RPCSS-In-TCP] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [RemoteDesktop-Shadow-In-TCP] => (Block) %SystemRoot%\system32\RdpSa.exe
FirewallRules: [{7F769B1A-858C-458B-9A95-FCF7E5EFA399}] => (Allow) D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\RpcSandraSrv.exe
FirewallRules: [{41724820-1BA1-49E5-BE8C-9DF9A7514327}] => (Allow) D:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{20B3855F-1D77-488C-A050-B71C2E34D227}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F76BB3A0-1177-4D72-BBDF-383DFAE32FBB}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A13DC88-D16A-4C3D-8925-88FCED9383EA}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{78948828-5201-497F-9ED0-DBAB838215D6}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{824E0CB4-2954-46A1-9499-1D88D3360982}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{6F41A2D2-BB0F-4472-8855-6FBB7119011A}] => (Allow) D:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{10AFA1D6-1B82-425C-813B-4CF0928E8C60}] => (Allow) D:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AA6D773E-F25C-4A29-B21D-F255C0EFB9F7}] => (Allow) D:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0C4085FB-E4A8-494B-B93A-8CD6532DE3A8}] => (Allow) D:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E0B059C6-F1D4-4441-9780-D8553F11B575}] => (Allow) D:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\WDExpress.exe
FirewallRules: [{E83FB76E-9205-4B6B-8264-196650AF4E39}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{9EBF74DB-BC08-40B6-9575-D8D213608D0A}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{941EDF7C-AC2E-43A4-8F97-03BB134C3A76}] => (Allow) D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe
FirewallRules: [{B1FB53ED-8CBF-4BD7-B2E1-6F7037D2C96D}] => (Allow) D:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E69C2C7A-2AE5-4E02-B62F-28AFE47B84B1}] => (Allow) D:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AD7DB536-19D1-4741-B5CA-38074D5E1A78}] => (Allow) D:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3344C11A-A8FE-4C9A-A9DD-BEEA3D386BF9}] => (Allow) D:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2384AD3A-D15A-4F07-994F-EBAFEC09606D}] => (Allow) D:\Windows\System32\SUPDSvc.exe
FirewallRules: [{CB56C37F-E60F-44CB-A761-A3E48F5845AA}] => (Allow) D:\Windows\System32\SUPDSvc.exe
FirewallRules: [{49EAE512-EEE3-49B1-9BC4-32F5A7F2FEEC}] => (Allow) D:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{5BD170FA-F34F-4319-8887-B087D7380D33}] => (Allow) D:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{9CE0734A-6829-49A3-81D6-8034B1FECDD0}] => (Allow) D:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6D6BFBEA-9B0A-4F8F-AD28-79BA423DB5D5}] => (Allow) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1E574917-8CE3-4A76-A3F1-3F565C77BA0F}] => (Allow) D:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{478E522C-A52C-44EA-8670-B3E6C5E89A15}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6F94AA1F-8281-48E4-9FE4-335A3C70952E}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{631237D1-47B0-48CB-930E-FE9A63BDD72A}D:\users\käptnblaubär\documents\visual studio 2015\projects\mserver\mserver\bin\debug\mserver.vshost.exe] => (Allow) D:\users\käptnblaubär\documents\visual studio 2015\projects\mserver\mserver\bin\debug\mserver.vshost.exe
FirewallRules: [UDP Query User{79479189-1BE3-4180-8F59-FF21B7EA6F40}D:\users\käptnblaubär\documents\visual studio 2015\projects\mserver\mserver\bin\debug\mserver.vshost.exe] => (Allow) D:\users\käptnblaubär\documents\visual studio 2015\projects\mserver\mserver\bin\debug\mserver.vshost.exe
FirewallRules: [TCP Query User{2C07FB38-2308-41C4-8EA1-3DDE4F628B43}D:\users\käptnblaubär\documents\visual studio 2015\projects\mserver\mserver\bin\debug\mserver.exe] => (Allow) D:\users\käptnblaubär\documents\visual studio 2015\projects\mserver\mserver\bin\debug\mserver.exe
FirewallRules: [UDP Query User{B887583F-AF8C-41D9-AEA1-3A5C9CE84EE1}D:\users\käptnblaubär\documents\visual studio 2015\projects\mserver\mserver\bin\debug\mserver.exe] => (Allow) D:\users\käptnblaubär\documents\visual studio 2015\projects\mserver\mserver\bin\debug\mserver.exe
FirewallRules: [TCP Query User{56F9FDED-A005-4E74-9A7F-2FEFBCC8BC73}D:\users\käptnblaubär\documents\visual studio 2015\projects\meinserver\meinserver\bin\debug\meinserver.vshost.exe] => (Allow) D:\users\käptnblaubär\documents\visual studio 2015\projects\meinserver\meinserver\bin\debug\meinserver.vshost.exe
FirewallRules: [UDP Query User{E4569F72-193F-45C8-B231-2A3B0ED01148}D:\users\käptnblaubär\documents\visual studio 2015\projects\meinserver\meinserver\bin\debug\meinserver.vshost.exe] => (Allow) D:\users\käptnblaubär\documents\visual studio 2015\projects\meinserver\meinserver\bin\debug\meinserver.vshost.exe
FirewallRules: [TCP Query User{5E2B3BAD-54EE-438C-AC3C-1F309DA1993F}M:\programmieren_2016\visualstudioprojekte\fertige\meinserver\meinserver\bin\debug\meinserver.exe] => (Allow) M:\programmieren_2016\visualstudioprojekte\fertige\meinserver\meinserver\bin\debug\meinserver.exe
FirewallRules: [UDP Query User{1FB60CBB-26D5-4F74-9C58-A75F86DE2937}M:\programmieren_2016\visualstudioprojekte\fertige\meinserver\meinserver\bin\debug\meinserver.exe] => (Allow) M:\programmieren_2016\visualstudioprojekte\fertige\meinserver\meinserver\bin\debug\meinserver.exe
FirewallRules: [TCP Query User{171C4656-4433-4F65-97D4-6CF2B47E7A39}D:\users\käptnblaubär\documents\visual studio 2015\projects\meinserver\meinserver\bin\debug\meinserver.exe] => (Allow) D:\users\käptnblaubär\documents\visual studio 2015\projects\meinserver\meinserver\bin\debug\meinserver.exe
FirewallRules: [UDP Query User{8526678C-D896-49D7-87C9-BC30E338E603}D:\users\käptnblaubär\documents\visual studio 2015\projects\meinserver\meinserver\bin\debug\meinserver.exe] => (Allow) D:\users\käptnblaubär\documents\visual studio 2015\projects\meinserver\meinserver\bin\debug\meinserver.exe
FirewallRules: [{DF89024D-2B67-4DA0-9C70-25F04DDFD0AF}] => (Allow) D:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{053641C4-8E62-423E-830A-D1BCA1D101FE}] => (Allow) D:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{47366012-3301-451E-B967-326DA431DB42}] => (Allow) D:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{69B051BA-DDF0-4670-9130-E5299DDCB00D}] => (Allow) D:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{15C47165-9F69-45AD-B585-0115FD36FBFB}D:\program files\mozilla firefox\firefox.exe] => (Block) D:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{10937510-0CE9-4228-AC1A-2E4453E174F8}D:\program files\mozilla firefox\firefox.exe] => (Block) D:\program files\mozilla firefox\firefox.exe
FirewallRules: [{312AD574-CAF1-4AB3-84D3-3C9936F5111E}] => (Allow) D:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3FAC850C-2CB5-4E7C-A3DF-353FC2451365}] => (Allow) LPort=2869
FirewallRules: [{AEFE14F6-3CDA-438C-B783-08410C687D01}] => (Allow) LPort=1900
FirewallRules: [{E62DE134-693D-44A0-BE77-A4DD434723E5}] => (Allow) D:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{5919157E-1C8C-4E91-AE5C-7AF5171615B9}] => (Allow) D:\Program Files (x86)\Apowersoft\Apowersoft Screen Recorder Pro 2\Apowersoft Screen Recorder Pro 2.exe
FirewallRules: [{20ADF67F-6DAC-41BB-8BAA-0995BAF0A1E0}] => (Allow) D:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe
FirewallRules: [{0767923C-CD9E-4991-8A43-09B1226DDE4E}] => (Allow) D:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe
==================== Wiederherstellungspunkte =========================
27-04-2017 14:50:16 Microsoft Visual C++ 2005 Redistributable wird installiert
27-04-2017 15:00:26 JRT Pre-Junkware Removal
01-05-2017 09:53:56 Windows Update
01-05-2017 09:54:39 Windows Update
01-05-2017 10:33:34 Installed Compatibility Pack for the 2007 Office system
02-05-2017 17:44:02 Installed SafenSoft SysWatch.
02-05-2017 17:48:03 Installed SafenSoft SysWatch.
02-05-2017 17:56:03 Removed SafenSoft SysWatch.
02-05-2017 20:15:14 Returnil System Safe 2011 wird installiert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/02/2017 11:26:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Avira Antivirus-Status auf SECURITY_PRODUCT_STATE_ON (Fehler %3).
Error: (05/02/2017 11:26:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Avira Antivirus-Status auf SECURITY_PRODUCT_STATE_ON (Fehler %3).
Error: (05/02/2017 11:16:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Avira Antivirus-Status auf SECURITY_PRODUCT_STATE_ON (Fehler %3).
Error: (05/02/2017 11:16:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Avira Antivirus-Status auf SECURITY_PRODUCT_STATE_ON (Fehler %3).
Error: (05/02/2017 11:06:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Avira Antivirus-Status auf SECURITY_PRODUCT_STATE_ON (Fehler %3).
Error: (05/02/2017 11:06:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Avira Antivirus-Status auf SECURITY_PRODUCT_STATE_ON (Fehler %3).
Error: (05/02/2017 10:56:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Avira Antivirus-Status auf SECURITY_PRODUCT_STATE_ON (Fehler %3).
Error: (05/02/2017 10:56:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Avira Antivirus-Status auf SECURITY_PRODUCT_STATE_ON (Fehler %3).
Error: (05/02/2017 10:46:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Avira Antivirus-Status auf SECURITY_PRODUCT_STATE_ON (Fehler %3).
Error: (05/02/2017 10:46:55 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Fehler beim Aktualisieren des Avira Antivirus-Status auf SECURITY_PRODUCT_STATE_ON (Fehler %3).
Systemfehler:
=============
Error: (05/02/2017 09:10:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Visual Studio 2012 (KB3002339)
Error: (05/02/2017 09:10:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Update für Microsoft Visual Studio 2012 (KB2781514)
Error: (05/02/2017 09:09:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Returnil System Safe Core Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/02/2017 09:06:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "CDPUserSvc_34db1" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (05/02/2017 09:03:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Origin Web Helper Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (05/02/2017 09:03:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Origin Web Helper Service erreicht.
Error: (05/02/2017 09:02:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "WMPNetworkSvc" ist vom Dienst "WSearch" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (05/02/2017 09:02:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "rvsmonn" ist vom Dienst "rvsmon" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (05/02/2017 09:02:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "rvsmonf" ist vom Dienst "rvsmon" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Ein an das System angeschlossenes Gerät funktioniert nicht.
Error: (05/02/2017 08:42:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
CodeIntegrity:
===================================
Date: 2017-04-27 12:20:22.419
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Users\käptnBlaubär\Desktop\security\security\sysinternals\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-21 12:56:32.450
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\BEC5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-21 12:56:32.439
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\BEC5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-21 12:56:32.427
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\BEC5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-21 12:56:32.410
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\BEC5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-21 12:56:32.396
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\BEC5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-21 12:56:32.389
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\BEC5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-21 12:38:10.011
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\BEC5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-21 10:45:07.782
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\BEC5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-21 10:44:47.507
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Windows\System32\BEC5.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-05-2017
durchgeführt von Nada (Administrator) auf NONNAME (02-05-2017 23:33:31)
Gestartet von D:\Users\käptnBlaubär\Downloads
Geladene Profile: Nada (Verfügbare Profile: Nada)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) D:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) D:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) D:\Windows\System32\mqsvc.exe
() D:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) D:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(CyberGhost S.R.L) D:\Program Files\CyberGhost 6\CyberGhost.Service.exe
(Microsoft Corporation) D:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() D:\Program Files\Bitdefender\Tools\BDAntiRansomware\BDAntiRansomware.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
(F-Secure Corporation) D:\Users\käptnBlaubär\Downloads\fseasyclean.exe
(COMODO) D:\Users\käptnBlaubär\Downloads\prozesseChecken\cce_x64\CCE.exe
(Microsoft Corporation) D:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) D:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803976 2016-12-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] => D:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-03-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => D:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [63432 2017-01-19] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\Run: [CyberGhost] => D:\Program Files\CyberGhost 6\CyberGhost.exe [1229360 2017-03-22] (CyberGhost S.R.L.)
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\MountPoints2: {96ef2f02-b7e1-11e6-affc-00241dcdd299} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\MountPoints2: {96ef3006-b7e1-11e6-affc-00241dcdd299} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\...\MountPoints2: {982a3fa4-8bac-11e6-8259-ac6d6fc2ffef} - "L:\HiSuiteDownLoader.exe"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
Startup: D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\cardisabled [2017-05-02] ()
GroupPolicy: Beschränkung <======= ACHTUNG
GroupPolicyScripts: Beschränkung <======= ACHTUNG
GroupPolicyScripts\User: Beschränkung <======= ACHTUNG
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{5fc12dcf-8f58-4b1e-b714-1f3f22a18988}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5fc12dcf-8f58-4b1e-b714-1f3f22a18988}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{76bd2376-4dec-4907-811f-8ccb99843d19}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2210758347-1204338499-507655992-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-10] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-10] (Oracle Corporation)
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
FireFox:
========
FF ProfilePath: D:\Users\käptnBlaubär\AppData\Roaming\Nvu\Profiles\rsb2mpcf.default [2016-12-27]
FF ProfilePath: D:\Users\käptnBlaubär\AppData\Roaming\Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904 [2017-05-02]
FF Homepage: Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904 -> Google.ch
FF NetworkProxy: Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904 -> type", 0
FF Extension: (Advanced Cookie Manager) - D:\Users\käptnBlaubär\AppData\Roaming\Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904\Extensions\cookiemgr@jayapal.com [2016-10-22]
FF Extension: (SQLite Manager) - D:\Users\käptnBlaubär\AppData\Roaming\Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2016-12-06]
FF Extension: (NoScript) - D:\Users\käptnBlaubär\AppData\Roaming\Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-04-22]
FF Extension: (Video DownloadHelper) - D:\Users\käptnBlaubär\AppData\Roaming\Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-12-30]
FF Extension: (Adblock Plus) - D:\Users\käptnBlaubär\AppData\Roaming\Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF Extension: (BetterPrivacy) - D:\Users\käptnBlaubär\AppData\Roaming\Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-12-21]
FF Extension: (DownThemAll!) - D:\Users\käptnBlaubär\AppData\Roaming\Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-20]
FF Extension: (Shield Recipe Client) - D:\Users\käptnBlaubär\AppData\Roaming\Mozilla\Firefox\Profiles\t1a1hz6g.default-1476978448904\features\{e75cc523-2972-4051-acdc-9ff1e83de574}\shield-recipe-client@mozilla.org.xpi [2017-04-29]
FF SearchPlugin: D:\Program Files (x86)\mozilla firefox\browser\searchplugins\pandasecuritytb.xml [2017-01-02]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> D:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.7.1 -> D:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> D:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> D:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> D:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> D:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> D:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> D:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> D:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> D:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> D:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> D:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [Keine Datei]
Opera:
=======
OPR Extension: (360 Internet Protection) - D:\Users\käptnBlaubär\AppData\Roaming\Opera Software\Opera Stable\Extensions\cnpeghmjdfdmneiljeibjnemfdkojdhl [2016-07-09]
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; D:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; D:\Program Files (x86)\Avira\Antivirus\sched.exe [487432 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Program Files (x86)\Avira\Antivirus\avguard.exe [487432 2017-03-21] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; D:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519136 2017-03-21] (Avira Operations GmbH & Co. KG)
S4 Apple Mobile Device Service; D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 Avira.ServiceHost; D:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349096 2017-01-19] (Avira Operations GmbH & Co. KG)
R2 CG6Service; D:\Program Files\CyberGhost 6\CyberGhost.Service.exe [87088 2017-03-22] (CyberGhost S.R.L)
S3 IEEtwCollectorService; D:\Windows\system32\IEEtwCollector.exe [114688 2015-08-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 MBAMService; D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S4 NvContainerLocalSystem; D:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457272 2016-09-30] (NVIDIA Corporation)
S4 NvContainerNetworkService; D:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [457272 2016-09-30] (NVIDIA Corporation)
S4 NVIDIA Wireless Controller Service; D:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1165368 2016-09-30] (NVIDIA Corporation)
S4 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2147216 2017-04-18] (Electronic Arts)
S2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [3116440 2017-04-18] (Electronic Arts)
R2 PnkBstrA; D:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-09-29] ()
S4 RUBotSrv; D:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [443416 2013-07-25] (Trend Micro Inc.)
S2 RVSMONBL; D:\Program Files (x86)\Returnil\RVS3\rvsmon.exe [1714696 2010-10-22] (CJSC Returnil Software)
S4 SandraAgentSrv; D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe [73200 2014-10-06] (SiSoftware) [Datei ist nicht signiert]
S3 Sense; D:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 VSStandardCollectorService140; D:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-09-06] (Microsoft Corporation)
S3 WdNisSvc; D:\Program Files\Windows Defender\NisSrv.exe [347328 2017-03-28] (Microsoft Corporation)
S3 WinDefend; D:\Program Files\Windows Defender\MsMpEng.exe [103720 2017-03-28] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; D:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-03-21] (Avira Operations GmbH & Co. KG)
R1 avipbb; D:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-03-21] (Avira Operations GmbH & Co. KG)
R1 avkmgr; D:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; D:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; D:\WINDOWS\System32\Drivers\avusbflt.sys [48584 2017-03-21] (Avira Operations GmbH & Co. KG)
R1 cgnetfilter1521; D:\WINDOWS\System32\drivers\cgnetfilter1521.sys [84768 2017-03-22] (Windows (R) Win 7 DDK provider)
S3 eeCtrl; D:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [497392 2016-04-28] (Symantec Corporation)
S3 EraserUtilDrv11521; D:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11521.sys [156912 2016-04-28] (Symantec Corporation)
R3 esihdrv; D:\Users\käptnBlaubär\AppData\Local\Temp\esihdrv.sys [191664 2017-05-02] (ESET) <==== ACHTUNG
R1 HssDRV6; D:\WINDOWS\system32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
S3 MEMSWEEP2; D:\WINDOWS\system32\BEC5.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert]
S3 MFE_RR; D:\Users\käptnBlaubär\AppData\Local\Temp\mfe_rr.sys [24120 2017-05-02] (McAfee, Inc.) <==== ACHTUNG
S3 NetAdapterCx; D:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28ux; D:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2016-07-16] (MediaTek Inc.)
R2 NPF; D:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 NvStreamKms; D:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2016-09-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; D:\WINDOWS\system32\drivers\nvvad64v.sys [47672 2016-09-30] (NVIDIA Corporation)
S3 PORTMON; D:\Users\käptnBlaubär\Desktop\security\security\sysinternals\PORTMSYS.SYS [28656 2017-04-27] (Systems Internals) [Datei ist nicht signiert]
U5 PROCMON23; D:\Windows\System32\Drivers\PROCMON23.sys [92344 2017-05-02] (Sysinternals - www.sysinternals.com)
S3 PSKMAD; D:\WINDOWS\System32\DRIVERS\PSKMAD.sys [50320 2015-01-29] (Panda Security, S.L.)
S3 rkhdrv40; D:\Windows\SysWow64\Drivers\rkhdrv40.sys [24320 2017-03-04] () [Datei ist nicht signiert]
S3 rspSanity; D:\WINDOWS\System32\DRIVERS\rspSanity64.sys [29752 2011-05-04] (Resplendence Software Projects Sp.)
R3 rt640x64; D:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S1 rvsmon; D:\WINDOWS\system32\DRIVERS\rvsmon.sys [165664 2010-10-18] (CJSC Returnil Software)
S2 rvsmonf; D:\WINDOWS\System32\DRIVERS\rvsmonf.sys [1436136 2010-10-18] (CJSC Returnil Software)
S2 rvsmonn; D:\WINDOWS\system32\DRIVERS\rvsmonn2.sys [21920 2010-10-18] (CJSC Returnil Software)
R0 RVSystem; D:\WINDOWS\System32\Drivers\RVSystem.sys [61072 2017-05-02] (CJSC Returnil Software)
S3 SANDRA; D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 taphss6; D:\WINDOWS\System32\drivers\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 tapSF0901; D:\WINDOWS\System32\DRIVERS\tapSF0901.sys [39104 2015-07-31] (Spotflux, Inc.)
S3 WdBoot; D:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; D:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; D:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
U3 idsvc; kein ImagePath
U2 TMAgent; kein ImagePath
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-02-15 17:22 - 2017-02-16 09:17 - 0083644 _____ () D:\Program Files (x86)\Debugtest.html
2017-03-19 14:13 - 2017-03-28 09:33 - 0133314 _____ () D:\Users\käptnBlaubär\AppData\Local\ars.cache
2017-03-19 14:13 - 2017-03-28 09:33 - 0388629 _____ () D:\Users\käptnBlaubär\AppData\Local\census.cache
2017-03-19 13:45 - 2017-03-19 13:45 - 0000036 _____ () D:\Users\käptnBlaubär\AppData\Local\housecall.guid.cache
2017-04-07 09:01 - 2017-04-07 09:01 - 0006819 _____ () D:\Users\käptnBlaubär\AppData\Local\recently-used.xbel
2017-04-29 11:19 - 2017-04-29 11:19 - 0001293 _____ () D:\Users\käptnBlaubär\AppData\Local\Temp1.html
2017-04-29 11:19 - 2017-04-29 11:19 - 0012562 _____ () D:\Users\käptnBlaubär\AppData\Local\Temp34.html
Einige Dateien in TEMP:
====================
2017-05-01 17:48 - 2017-05-01 17:48 - 5441776 _____ (APOWERSOFT LIMITED ) D:\Users\käptnBlaubär\AppData\Local\Temp\ApowersoftVideoEditor-x0r3jzwl.svp.exe
2017-05-02 17:42 - 2016-11-11 12:13 - 1886344 _____ (Microsoft Corporation) D:\Users\käptnBlaubär\AppData\Local\Temp\dllnt_dump.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
D:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
D:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
D:\WINDOWS\explorer.exe => Datei ist digital signiert
D:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
D:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
D:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
D:\WINDOWS\system32\services.exe => Datei ist digital signiert
D:\WINDOWS\system32\User32.dll => Datei ist digital signiert
D:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
D:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
D:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
D:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
D:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
D:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
D:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-04-24 11:33
==================== Ende von FRST.txt ============================
|
|
03.05.2017, 16:37
| #2 |
| /// TB-Ausbilder   | Rootkitverdacht Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
03.05.2017, 17:20
| #3 |
| | Rootkitverdacht Hallo Matthias
__________________Danke vielmals für Deine Hilfe  Code:
ATTFilter 18:10:12.0413 0x1d90 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
18:10:19.0546 0x1d90 ============================================================
18:10:19.0546 0x1d90 Current date / time: 2017/05/03 18:10:19.0546
18:10:19.0546 0x1d90 SystemInfo:
18:10:19.0546 0x1d90
18:10:19.0546 0x1d90 OS Version: 10.0.14393 ServicePack: 0.0
18:10:19.0546 0x1d90 Product type: Workstation
18:10:19.0546 0x1d90 ComputerName: NONNAME
18:10:19.0546 0x1d90 UserName: Nada
18:10:19.0546 0x1d90 Windows directory: D:\WINDOWS
18:10:19.0546 0x1d90 System windows directory: D:\WINDOWS
18:10:19.0546 0x1d90 Running under WOW64
18:10:19.0546 0x1d90 Processor architecture: Intel x64
18:10:19.0546 0x1d90 Number of processors: 8
18:10:19.0546 0x1d90 Page size: 0x1000
18:10:19.0546 0x1d90 Boot type: Normal boot
18:10:19.0546 0x1d90 CodeIntegrityOptions = 0x00000001
18:10:19.0546 0x1d90 ============================================================
18:10:20.0076 0x1d90 KLMD registered as D:\WINDOWS\system32\drivers\63063534.sys
18:10:20.0076 0x1d90 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1066, osProperties = 0x19
18:10:20.0589 0x1d90 System UUID: {3B6518FC-846A-E26E-E1F0-94B8A22FB807}
18:10:21.0624 0x1d90 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0CADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1F8B1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
18:10:21.0633 0x1d90 Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:10:21.0651 0x1d90 ============================================================
18:10:21.0651 0x1d90 \Device\Harddisk1\DR1:
18:10:21.0651 0x1d90 MBR partitions:
18:10:21.0651 0x1d90 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
18:10:21.0651 0x1d90 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0xC350000
18:10:21.0651 0x1d90 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xC3B4800, BlocksNum 0x4FCB1800
18:10:21.0667 0x1d90 \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x5C066800, BlocksNum 0x1869F000
18:10:21.0667 0x1d90 \Device\Harddisk0\DR0:
18:10:21.0667 0x1d90 MBR partitions:
18:10:21.0676 0x1d90 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xBA4527C, BlocksNum 0x3EB4DD8A
18:10:21.0707 0x1d90 ============================================================
18:10:21.0729 0x1d90 C: <-> \Device\Harddisk1\DR1\Partition2
18:10:21.0788 0x1d90 D: <-> \Device\Harddisk0\DR0\Partition1
18:10:21.0807 0x1d90 E: <-> \Device\Harddisk1\DR1\Partition3
18:10:21.0807 0x1d90 M: <-> \Device\Harddisk1\DR1\Partition4
18:10:21.0807 0x1d90 ============================================================
18:10:21.0807 0x1d90 Initialize success
18:10:21.0807 0x1d90 ============================================================
18:10:31.0852 0x1e00 ============================================================
18:10:31.0852 0x1e00 Scan started
18:10:31.0852 0x1e00 Mode: Manual; SigCheck; TDLFS;
18:10:31.0852 0x1e00 ============================================================
18:10:31.0852 0x1e00 KSN ping started
18:10:32.0149 0x1e00 KSN ping finished: true
18:10:34.0399 0x1e00 ================ Scan system memory ========================
18:10:34.0399 0x1e00 System memory - ok
18:10:34.0399 0x1e00 ================ Scan services =============================
18:10:34.0571 0x1e00 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci D:\WINDOWS\System32\drivers\1394ohci.sys
18:10:34.0649 0x1e00 1394ohci - ok
18:10:34.0665 0x1e00 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware D:\WINDOWS\system32\drivers\3ware.sys
18:10:34.0681 0x1e00 3ware - ok
18:10:34.0743 0x1e00 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI D:\WINDOWS\system32\drivers\ACPI.sys
18:10:34.0774 0x1e00 ACPI - ok
18:10:34.0790 0x1e00 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev D:\WINDOWS\System32\drivers\AcpiDev.sys
18:10:34.0806 0x1e00 AcpiDev - ok
18:10:34.0821 0x1e00 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex D:\WINDOWS\system32\Drivers\acpiex.sys
18:10:34.0837 0x1e00 acpiex - ok
18:10:34.0852 0x1e00 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr D:\WINDOWS\System32\drivers\acpipagr.sys
18:10:34.0868 0x1e00 acpipagr - ok
18:10:34.0899 0x1e00 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi D:\WINDOWS\System32\drivers\acpipmi.sys
18:10:34.0915 0x1e00 AcpiPmi - ok
18:10:34.0915 0x1e00 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime D:\WINDOWS\System32\drivers\acpitime.sys
18:10:34.0931 0x1e00 acpitime - ok
18:10:34.0977 0x1e00 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX D:\WINDOWS\system32\drivers\ADP80XX.SYS
18:10:35.0009 0x1e00 ADP80XX - ok
18:10:35.0056 0x1e00 [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD D:\WINDOWS\system32\drivers\afd.sys
18:10:35.0087 0x1e00 AFD - ok
18:10:35.0118 0x1e00 [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache D:\WINDOWS\system32\DRIVERS\ahcache.sys
18:10:35.0149 0x1e00 ahcache - ok
18:10:35.0165 0x1e00 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter D:\WINDOWS\System32\AJRouter.dll
18:10:35.0181 0x1e00 AJRouter - ok
18:10:35.0212 0x1e00 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG D:\WINDOWS\System32\alg.exe
18:10:35.0227 0x1e00 ALG - ok
18:10:35.0243 0x1e00 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 D:\WINDOWS\System32\drivers\amdk8.sys
18:10:35.0259 0x1e00 AmdK8 - ok
18:10:35.0274 0x1e00 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM D:\WINDOWS\System32\drivers\amdppm.sys
18:10:35.0290 0x1e00 AmdPPM - ok
18:10:35.0306 0x1e00 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata D:\WINDOWS\system32\drivers\amdsata.sys
18:10:35.0321 0x1e00 amdsata - ok
18:10:35.0337 0x1e00 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs D:\WINDOWS\system32\drivers\amdsbs.sys
18:10:35.0352 0x1e00 amdsbs - ok
18:10:35.0368 0x1e00 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata D:\WINDOWS\system32\drivers\amdxata.sys
18:10:35.0384 0x1e00 amdxata - ok
18:10:35.0493 0x1e00 [ E6CEE7C270AD1CAE17EA910C85211BAE, 1DEB7185CEDC5918C20353C13AA0398D739A318729700F057B13821FF0FF5C97 ] AntiVirMailService D:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
18:10:35.0540 0x1e00 AntiVirMailService - ok
18:10:35.0571 0x1e00 [ 9658B76971381D9053E48E896256D5EB, 48C763BAF349E663D0E41657779BF5D1106A7C3E7F8C898185DC5D1998C0CDAF ] AntiVirSchedulerService D:\Program Files (x86)\Avira\Antivirus\sched.exe
18:10:35.0602 0x1e00 AntiVirSchedulerService - ok
18:10:35.0634 0x1e00 [ 9658B76971381D9053E48E896256D5EB, 48C763BAF349E663D0E41657779BF5D1106A7C3E7F8C898185DC5D1998C0CDAF ] AntiVirService D:\Program Files (x86)\Avira\Antivirus\avguard.exe
18:10:35.0649 0x1e00 AntiVirService - ok
18:10:35.0696 0x1e00 [ B62E24EEC8C4B6E8A173CAD069B5033A, 719F7C51D615591E70D549552AC66343526902007480278C0E56AA7E1F406F96 ] AntiVirWebService D:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
18:10:35.0743 0x1e00 AntiVirWebService - ok
18:10:35.0806 0x1e00 [ 5B0F4FB165256DE463A51E3A3127969E, 6751ADFFE95FA671C584427A9624EEB79518DE08132FD7A83148700B75487316 ] AppHostSvc D:\WINDOWS\system32\inetsrv\apphostsvc.dll
18:10:35.0821 0x1e00 AppHostSvc - ok
18:10:35.0852 0x1e00 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID D:\WINDOWS\system32\drivers\appid.sys
18:10:35.0868 0x1e00 AppID - ok
18:10:35.0884 0x1e00 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc D:\WINDOWS\System32\appidsvc.dll
18:10:35.0899 0x1e00 AppIDSvc - ok
18:10:35.0915 0x1e00 [ 79A87DD43331290A276C02DC396BF530, D0781DC027EE60C94831A2C9C3DD741F8F2100A253CD847E7FCFA59919014278 ] Appinfo D:\WINDOWS\System32\appinfo.dll
18:10:35.0946 0x1e00 Appinfo - ok
18:10:36.0056 0x1e00 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service D:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:10:36.0056 0x1e00 Apple Mobile Device Service - ok
18:10:36.0071 0x1e00 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr D:\WINDOWS\system32\drivers\applockerfltr.sys
18:10:36.0087 0x1e00 applockerfltr - ok
18:10:36.0118 0x1e00 [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt D:\WINDOWS\System32\appmgmts.dll
18:10:36.0134 0x1e00 AppMgmt - ok
18:10:36.0149 0x1e00 [ 32155E028491267CF2DB6085A0B7E359, 562831841293E4849CD01992DECE39B9B3C0835DCD352994CA2E2FE1C76A7CB3 ] AppReadiness D:\WINDOWS\system32\AppReadiness.dll
18:10:36.0196 0x1e00 AppReadiness - ok
18:10:36.0243 0x1e00 [ 99CA3E622070FDBD7B75EB7E86B2DE40, 12BDD092667250EBC99B4D597897C1B2C83115CD83ECCDEAC36B2D9C9BEA77B6 ] AppVClient D:\WINDOWS\system32\AppVClient.exe
18:10:36.0274 0x1e00 AppVClient - ok
18:10:36.0306 0x1e00 [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm D:\WINDOWS\system32\drivers\AppvStrm.sys
18:10:36.0321 0x1e00 AppvStrm - ok
18:10:36.0352 0x1e00 [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr D:\WINDOWS\system32\drivers\AppvVemgr.sys
18:10:36.0368 0x1e00 AppvVemgr - ok
18:10:36.0399 0x1e00 [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs D:\WINDOWS\system32\drivers\AppvVfs.sys
18:10:36.0399 0x1e00 AppvVfs - ok
18:10:36.0509 0x1e00 [ 95415C7C5C43882F7163CA07D956ADA2, 5A082F36A39BE9ABC47AE8A72972554BA577EB04D8018EC862615EA2130FA0E3 ] AppXSvc D:\WINDOWS\system32\appxdeploymentserver.dll
18:10:36.0602 0x1e00 AppXSvc - ok
18:10:36.0634 0x1e00 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas D:\WINDOWS\system32\drivers\arcsas.sys
18:10:36.0649 0x1e00 arcsas - ok
18:10:36.0759 0x1e00 [ 5EE26734A882478AF6696092E2E0F352, 6CACFF521B3B839F73EBEB6EFBFDCCA8A8BC319DDB254BE3EFE29A39040B2C26 ] aspnet_state D:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:10:36.0774 0x1e00 aspnet_state - ok
18:10:36.0806 0x1e00 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac D:\WINDOWS\System32\drivers\asyncmac.sys
18:10:36.0821 0x1e00 AsyncMac - ok
18:10:36.0852 0x1e00 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi D:\WINDOWS\system32\drivers\atapi.sys
18:10:36.0852 0x1e00 atapi - ok
18:10:36.0915 0x1e00 [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder D:\WINDOWS\System32\AudioEndpointBuilder.dll
18:10:36.0946 0x1e00 AudioEndpointBuilder - ok
18:10:36.0993 0x1e00 [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv D:\WINDOWS\System32\Audiosrv.dll
18:10:37.0040 0x1e00 Audiosrv - ok
18:10:37.0071 0x1e00 [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt D:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:10:37.0087 0x1e00 avgntflt - ok
18:10:37.0118 0x1e00 [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb D:\WINDOWS\system32\DRIVERS\avipbb.sys
18:10:37.0134 0x1e00 avipbb - ok
18:10:37.0196 0x1e00 [ 586FCB1EEC849C06A8DDDDAB276AF113, E193FA64A86C27B2B7AA43E74A196BCBF79A9644F94C96E84E6CC76A405193B6 ] Avira.ServiceHost D:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:10:37.0212 0x1e00 Avira.ServiceHost - ok
18:10:37.0227 0x1e00 [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr D:\WINDOWS\system32\DRIVERS\avkmgr.sys
18:10:37.0227 0x1e00 avkmgr - ok
18:10:37.0259 0x1e00 [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt D:\WINDOWS\system32\DRIVERS\avnetflt.sys
18:10:37.0274 0x1e00 avnetflt - ok
18:10:37.0290 0x1e00 [ D50D54178CA7BF63BD60ABEC8E7772CC, 19EFE0808C2660A22DD69158FEC30F8CB83167D832C3EBE12C99261C6FB79ADF ] avusbflt D:\WINDOWS\system32\Drivers\avusbflt.sys
18:10:37.0306 0x1e00 avusbflt - ok
18:10:37.0337 0x1e00 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV D:\WINDOWS\System32\AxInstSV.dll
18:10:37.0352 0x1e00 AxInstSV - ok
18:10:37.0352 0x1e00 b06bdrv - ok
18:10:37.0368 0x1e00 [ 94D6B95485BFA35D81524B0EBA0F7569, 14A32CD501B1D816526A75A9EB3782E6C4FF78831628F257050AD2BA73733F57 ] BasicDisplay D:\WINDOWS\System32\drivers\BasicDisplay.sys
18:10:37.0384 0x1e00 BasicDisplay - ok
18:10:37.0415 0x1e00 [ 2E78B31C90766FD086D2B766528E9AEA, D0D9ED8AD90E3D400DA4231AB313B4B2869930DADC3034D6FCDEA000E424F843 ] BasicRender D:\WINDOWS\System32\drivers\BasicRender.sys
18:10:37.0431 0x1e00 BasicRender - ok
18:10:37.0446 0x1e00 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn D:\WINDOWS\System32\drivers\bcmfn.sys
18:10:37.0462 0x1e00 bcmfn - ok
18:10:37.0462 0x1e00 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 D:\WINDOWS\System32\drivers\bcmfn2.sys
18:10:37.0477 0x1e00 bcmfn2 - ok
18:10:37.0524 0x1e00 [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC D:\WINDOWS\System32\bdesvc.dll
18:10:37.0540 0x1e00 BDESVC - ok
18:10:37.0571 0x1e00 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep D:\WINDOWS\system32\drivers\Beep.sys
18:10:37.0587 0x1e00 Beep - ok
18:10:37.0634 0x1e00 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE D:\WINDOWS\System32\bfe.dll
18:10:37.0681 0x1e00 BFE - ok
18:10:37.0743 0x1e00 [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS D:\WINDOWS\System32\qmgr.dll
18:10:37.0806 0x1e00 BITS - ok
18:10:37.0852 0x1e00 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service D:\Program Files\Bonjour\mDNSResponder.exe
18:10:37.0868 0x1e00 Bonjour Service - ok
18:10:37.0899 0x1e00 [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser D:\WINDOWS\system32\DRIVERS\bowser.sys
18:10:37.0915 0x1e00 bowser - ok
18:10:37.0962 0x1e00 [ 6A15C5140B6F7D9479A32276AC2BA108, 0A8C6DB88148C6DB61226DD2FF816BDF3FED9E7A60EF17CCA17FA7D9EEC01C71 ] BrokerInfrastructure D:\WINDOWS\System32\bisrv.dll
18:10:38.0009 0x1e00 BrokerInfrastructure - ok
18:10:38.0024 0x1e00 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser D:\WINDOWS\System32\browser.dll
18:10:38.0056 0x1e00 Browser - ok
18:10:38.0071 0x1e00 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg D:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:10:38.0087 0x1e00 BthAvrcpTg - ok
18:10:38.0087 0x1e00 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum D:\WINDOWS\System32\drivers\bthhfenum.sys
18:10:38.0102 0x1e00 BthHFEnum - ok
18:10:38.0118 0x1e00 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid D:\WINDOWS\System32\drivers\BthHFHid.sys
18:10:38.0134 0x1e00 bthhfhid - ok
18:10:38.0149 0x1e00 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv D:\WINDOWS\System32\BthHFSrv.dll
18:10:38.0181 0x1e00 BthHFSrv - ok
18:10:38.0196 0x1e00 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM D:\WINDOWS\System32\drivers\bthmodem.sys
18:10:38.0212 0x1e00 BTHMODEM - ok
18:10:38.0227 0x1e00 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv D:\WINDOWS\system32\bthserv.dll
18:10:38.0243 0x1e00 bthserv - ok
18:10:38.0274 0x1e00 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter D:\WINDOWS\System32\drivers\buttonconverter.sys
18:10:38.0290 0x1e00 buttonconverter - ok
18:10:38.0306 0x1e00 [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg D:\WINDOWS\System32\drivers\capimg.sys
18:10:38.0321 0x1e00 CapImg - ok
18:10:38.0352 0x1e00 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs D:\WINDOWS\system32\DRIVERS\cdfs.sys
18:10:38.0368 0x1e00 cdfs - ok
18:10:38.0399 0x1e00 [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc D:\WINDOWS\System32\CDPSvc.dll
18:10:38.0431 0x1e00 CDPSvc - ok
18:10:38.0446 0x1e00 [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc D:\WINDOWS\System32\CDPUserSvc.dll
18:10:38.0477 0x1e00 CDPUserSvc - ok
18:10:38.0524 0x1e00 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom D:\WINDOWS\System32\drivers\cdrom.sys
18:10:38.0556 0x1e00 cdrom - ok
18:10:38.0602 0x1e00 [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] CertPropSvc D:\WINDOWS\System32\certprop.dll
18:10:38.0618 0x1e00 CertPropSvc - ok
18:10:38.0696 0x1e00 [ A4574046504E8EBD017CE6D0AA3B9034, 05D9CA03B61D170B7DDB297C8AAD3727BAC3D63EF7D6FCD6744F2D6E7E921E6F ] CG6Service D:\Program Files\CyberGhost 6\CyberGhost.Service.exe
18:10:38.0712 0x1e00 CG6Service - ok
18:10:38.0759 0x1e00 [ 44293BF717CA39DC925C6A05453D8D34, 7A0761662C2B79F38CE24DC04509500BD818E6CF27252949072659AB39716A7F ] cgnetfilter1521 D:\WINDOWS\system32\drivers\cgnetfilter1521.sys
18:10:38.0759 0x1e00 cgnetfilter1521 - ok
18:10:38.0774 0x1e00 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi D:\WINDOWS\system32\drivers\cht4sx64.sys
18:10:38.0806 0x1e00 cht4iscsi - ok
18:10:38.0868 0x1e00 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd D:\WINDOWS\System32\drivers\cht4vx64.sys
18:10:38.0946 0x1e00 cht4vbd - ok
18:10:38.0962 0x1e00 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass D:\WINDOWS\System32\drivers\circlass.sys
18:10:38.0977 0x1e00 circlass - ok
18:10:39.0009 0x1e00 [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS D:\WINDOWS\system32\drivers\CLFS.sys
18:10:39.0024 0x1e00 CLFS - ok
18:10:39.0071 0x1e00 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC D:\WINDOWS\System32\ClipSVC.dll
18:10:39.0102 0x1e00 ClipSVC - ok
18:10:39.0134 0x1e00 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg D:\WINDOWS\System32\drivers\registry.sys
18:10:39.0149 0x1e00 clreg - ok
18:10:39.0181 0x1e00 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt D:\WINDOWS\System32\drivers\CmBatt.sys
18:10:39.0181 0x1e00 CmBatt - ok
18:10:39.0227 0x1e00 [ 4289C913D7E2FE963ABB096AA99CB1F7, 49D9008C5E18F62751D2312CE4F49DFBC04ACBBFDD950F0437F35AC21318041B ] CNG D:\WINDOWS\system32\Drivers\cng.sys
18:10:39.0259 0x1e00 CNG - ok
18:10:39.0274 0x1e00 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist D:\WINDOWS\system32\DRIVERS\cnghwassist.sys
18:10:39.0290 0x1e00 cnghwassist - ok
18:10:39.0368 0x1e00 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus D:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
18:10:39.0384 0x1e00 CompositeBus - ok
18:10:39.0384 0x1e00 COMSysApp - ok
18:10:39.0399 0x1e00 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv D:\WINDOWS\system32\drivers\condrv.sys
18:10:39.0415 0x1e00 condrv - ok
18:10:39.0462 0x1e00 [ 9E3B10C490D860F3ED8F61FD0FD5B828, A21CB206A09053C7D9C94F2B71F53A40B3810D02A70C3D6AA0B48676BA5753BD ] CoreMessagingRegistrar D:\WINDOWS\system32\coremessaging.dll
18:10:39.0493 0x1e00 CoreMessagingRegistrar - ok
18:10:39.0509 0x1e00 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc D:\WINDOWS\system32\cryptsvc.dll
18:10:39.0540 0x1e00 CryptSvc - ok
18:10:39.0571 0x1e00 [ EC2EA2F6C6D23315C20B4829F00D0440, BF1F47C3485E9112FB64F582DFA4679455203574F82A5ADB222BDA1FED1601E6 ] CSC D:\WINDOWS\system32\drivers\csc.sys
18:10:39.0602 0x1e00 CSC - ok
18:10:39.0649 0x1e00 [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService D:\WINDOWS\System32\cscsvc.dll
18:10:39.0696 0x1e00 CscService - ok
18:10:39.0727 0x1e00 [ 3BBD0073265DA6D3EFBA54B26E5D8236, 3C10C8BEC0D8AC41A3FBD589F41A83D6345C1FDD04B8B99063B2F5670CF10B18 ] dam D:\WINDOWS\system32\drivers\dam.sys
18:10:39.0727 0x1e00 dam - ok
18:10:39.0821 0x1e00 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch D:\WINDOWS\system32\rpcss.dll
18:10:39.0868 0x1e00 DcomLaunch - ok
18:10:39.0884 0x1e00 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc D:\WINDOWS\system32\dcpsvc.dll
18:10:39.0915 0x1e00 DcpSvc - ok
18:10:39.0946 0x1e00 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc D:\WINDOWS\System32\defragsvc.dll
18:10:39.0977 0x1e00 defragsvc - ok
18:10:40.0009 0x1e00 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService D:\WINDOWS\system32\das.dll
18:10:40.0040 0x1e00 DeviceAssociationService - ok
18:10:40.0071 0x1e00 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall D:\WINDOWS\system32\umpnpmgr.dll
18:10:40.0102 0x1e00 DeviceInstall - ok
18:10:40.0134 0x1e00 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker D:\WINDOWS\system32\DevQueryBroker.dll
18:10:40.0149 0x1e00 DevQueryBroker - ok
18:10:40.0181 0x1e00 [ 4BC21E937E9F9F408672D2C2CBE4A153, 2F27560D09D184ABB7B4415146F5B8DE56C84FF74A4042596635EF896E39CBC4 ] Dfsc D:\WINDOWS\system32\Drivers\dfsc.sys
18:10:40.0196 0x1e00 Dfsc - ok
18:10:40.0227 0x1e00 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp D:\WINDOWS\system32\dhcpcore.dll
18:10:40.0259 0x1e00 Dhcp - ok
18:10:40.0306 0x1e00 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service D:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
18:10:40.0321 0x1e00 diagnosticshub.standardcollector.service - ok
18:10:40.0399 0x1e00 [ EE32B36EA7CBD9BBA26B137C84943E23, BD5DDA2DEAF2D2CF6B24AED81C3EDBFECF6402A7B6A5D49FEDF334FF03CACB86 ] DiagTrack D:\WINDOWS\system32\diagtrack.dll
18:10:40.0493 0x1e00 DiagTrack - ok
18:10:40.0509 0x1e00 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk D:\WINDOWS\system32\drivers\disk.sys
18:10:40.0524 0x1e00 disk - ok
18:10:40.0571 0x1e00 [ A1D7F926ABE7895D18467FF9A5EE7FC7, 2922C92D31EA50A126594967D325B21936432D1BB9C941416989B6848DF890E2 ] DmEnrollmentSvc D:\WINDOWS\system32\Windows.Internal.Management.dll
18:10:40.0618 0x1e00 DmEnrollmentSvc - ok
18:10:40.0618 0x1e00 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc D:\WINDOWS\System32\drivers\dmvsc.sys
18:10:40.0634 0x1e00 dmvsc - ok
18:10:40.0681 0x1e00 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice D:\WINDOWS\system32\dmwappushsvc.dll
18:10:40.0696 0x1e00 dmwappushservice - ok
18:10:40.0727 0x1e00 [ 86E507EE1457D7FA463BBF05BA76EB1E, 2D2D05CED57C22F41684DC6DD00ACECDF708407493286B2D4007068154E436FF ] Dnscache D:\WINDOWS\System32\dnsrslvr.dll
18:10:40.0743 0x1e00 Dnscache - ok
18:10:40.0774 0x1e00 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc D:\WINDOWS\System32\dot3svc.dll
18:10:40.0790 0x1e00 dot3svc - ok
18:10:40.0821 0x1e00 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS D:\WINDOWS\system32\dps.dll
18:10:40.0852 0x1e00 DPS - ok
18:10:40.0852 0x1e00 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud D:\WINDOWS\system32\DRIVERS\drmkaud.sys
18:10:40.0868 0x1e00 drmkaud - ok
18:10:40.0915 0x1e00 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc D:\WINDOWS\System32\DeviceSetupManager.dll
18:10:40.0931 0x1e00 DsmSvc - ok
18:10:40.0962 0x1e00 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc D:\WINDOWS\System32\DsSvc.dll
18:10:40.0977 0x1e00 DsSvc - ok
18:10:41.0056 0x1e00 [ 2DD9CF863320D5EDEA3ED9B8ED280BB0, CC35571FBA2E6E617CF93F778351ED3B3EA16F0B301C5433E94AD328E6EEA0FF ] DXGKrnl D:\WINDOWS\System32\drivers\dxgkrnl.sys
18:10:41.0134 0x1e00 DXGKrnl - ok
18:10:41.0165 0x1e00 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost D:\WINDOWS\System32\eapsvc.dll
18:10:41.0196 0x1e00 EapHost - ok
18:10:41.0306 0x1e00 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv D:\WINDOWS\system32\drivers\evbda.sys
18:10:41.0415 0x1e00 ebdrv - ok
18:10:41.0477 0x1e00 [ E5C10FCFA331D2BA13B211D0454FEA38, 9363545317C655EED282BA1FE7C71B26E2C3599F35E42E7496F413961303A24D ] eeCtrl D:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:10:41.0493 0x1e00 eeCtrl - ok
18:10:41.0524 0x1e00 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS D:\WINDOWS\System32\lsass.exe
18:10:41.0540 0x1e00 EFS - ok
18:10:41.0571 0x1e00 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass D:\WINDOWS\system32\drivers\EhStorClass.sys
18:10:41.0587 0x1e00 EhStorClass - ok
18:10:41.0618 0x1e00 [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv D:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:10:41.0634 0x1e00 EhStorTcgDrv - ok
18:10:41.0649 0x1e00 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode D:\WINDOWS\System32\embeddedmodesvc.dll
18:10:41.0681 0x1e00 embeddedmode - ok
18:10:41.0712 0x1e00 [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc D:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
18:10:41.0727 0x1e00 EntAppSvc - ok
18:10:41.0806 0x1e00 [ 2BD3F1059975CE90F8D968DADD790DFF, 9FD4FA7DB54B0E1E4A48863435F728220978A271D2A28BB3E9E112C1A59B1D4C ] EraserUtilDrv11521 D:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11521.sys
18:10:41.0806 0x1e00 EraserUtilDrv11521 - ok
18:10:41.0837 0x1e00 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev D:\WINDOWS\System32\drivers\errdev.sys
18:10:41.0852 0x1e00 ErrDev - ok
18:10:41.0977 0x1e00 [ 9D6112514743B85C5B4328E71C4BF1FE, D4CBD86C260B980050F3DFE65ECE9072BD9363D122777CE2D5861BF9272EB786 ] esihdrv D:\Users\KPTNBL~1\AppData\Local\Temp\esihdrv.sys
18:10:41.0993 0x1e00 esihdrv - ok
18:10:42.0040 0x1e00 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem D:\WINDOWS\system32\es.dll
18:10:42.0071 0x1e00 EventSystem - ok
18:10:42.0087 0x1e00 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat D:\WINDOWS\system32\drivers\exfat.sys
18:10:42.0118 0x1e00 exfat - ok
18:10:42.0149 0x1e00 [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat D:\WINDOWS\system32\drivers\fastfat.sys
18:10:42.0165 0x1e00 fastfat - ok
18:10:42.0212 0x1e00 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax D:\WINDOWS\system32\fxssvc.exe
18:10:42.0243 0x1e00 Fax - ok
18:10:42.0259 0x1e00 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc D:\WINDOWS\System32\drivers\fdc.sys
18:10:42.0274 0x1e00 fdc - ok
18:10:42.0306 0x1e00 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost D:\WINDOWS\system32\fdPHost.dll
18:10:42.0321 0x1e00 fdPHost - ok
18:10:42.0337 0x1e00 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub D:\WINDOWS\system32\fdrespub.dll
18:10:42.0352 0x1e00 FDResPub - ok
18:10:42.0384 0x1e00 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc D:\WINDOWS\system32\fhsvc.dll
18:10:42.0399 0x1e00 fhsvc - ok
18:10:42.0415 0x1e00 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt D:\WINDOWS\system32\drivers\filecrypt.sys
18:10:42.0431 0x1e00 FileCrypt - ok
18:10:42.0446 0x1e00 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo D:\WINDOWS\system32\drivers\fileinfo.sys
18:10:42.0462 0x1e00 FileInfo - ok
18:10:42.0477 0x1e00 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace D:\WINDOWS\system32\drivers\filetrace.sys
18:10:42.0493 0x1e00 Filetrace - ok
18:10:42.0509 0x1e00 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk D:\WINDOWS\System32\drivers\flpydisk.sys
18:10:42.0524 0x1e00 flpydisk - ok
18:10:42.0540 0x1e00 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr D:\WINDOWS\system32\drivers\fltmgr.sys
18:10:42.0571 0x1e00 FltMgr - ok
18:10:42.0634 0x1e00 [ 2E193D24CE8460A9C703D0F193192BEF, CD95928BC240D556DFEA265A09A655FFE157A36D2230CD10BBAD4CA15CB98412 ] FontCache D:\WINDOWS\system32\FntCache.dll
18:10:42.0727 0x1e00 FontCache - ok
18:10:42.0837 0x1e00 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 D:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:10:42.0837 0x1e00 FontCache3.0.0.0 - ok
18:10:42.0884 0x1e00 [ CD7CD19E72EA2F597D01FC68ECD2F28E, 4E8BAA4AEF28B043780E2FEFFEB5E4DF4E2FB3211CE617D2DBAFB6C7B7DBBDFD ] FrameServer D:\WINDOWS\system32\FrameServer.dll
18:10:42.0931 0x1e00 FrameServer - ok
18:10:42.0946 0x1e00 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends D:\WINDOWS\system32\drivers\FsDepends.sys
18:10:42.0962 0x1e00 FsDepends - ok
18:10:42.0977 0x1e00 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec D:\WINDOWS\system32\drivers\Fs_Rec.sys
18:10:42.0993 0x1e00 Fs_Rec - ok
18:10:43.0040 0x1e00 [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol D:\WINDOWS\system32\DRIVERS\fvevol.sys
18:10:43.0071 0x1e00 fvevol - ok
18:10:43.0087 0x1e00 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM D:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:10:43.0102 0x1e00 GEARAspiWDM - ok
18:10:43.0134 0x1e00 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter D:\WINDOWS\System32\drivers\vmgencounter.sys
18:10:43.0149 0x1e00 gencounter - ok
18:10:43.0212 0x1e00 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn D:\WINDOWS\System32\drivers\genericusbfn.sys
18:10:43.0212 0x1e00 genericusbfn - ok
18:10:43.0227 0x1e00 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 D:\WINDOWS\system32\Drivers\msgpioclx.sys
18:10:43.0243 0x1e00 GPIOClx0101 - ok
18:10:43.0306 0x1e00 [ 8997353398C8466ECD183942D5FCC65B, C73FD5FFD71003F7FDDC17F59812BD6860992FA35EC0ECC8DE37D935606B485B ] gpsvc D:\WINDOWS\System32\gpsvc.dll
18:10:43.0368 0x1e00 gpsvc - ok
18:10:43.0399 0x1e00 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv D:\WINDOWS\system32\drivers\gpuenergydrv.sys
18:10:43.0415 0x1e00 GpuEnergyDrv - ok
18:10:43.0431 0x1e00 [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService D:\WINDOWS\system32\DRIVERS\HdAudio.sys
18:10:43.0462 0x1e00 HdAudAddService - ok
18:10:43.0477 0x1e00 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus D:\WINDOWS\System32\drivers\HDAudBus.sys
18:10:43.0493 0x1e00 HDAudBus - ok
18:10:43.0509 0x1e00 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt D:\WINDOWS\System32\drivers\HidBatt.sys
18:10:43.0524 0x1e00 HidBatt - ok
18:10:43.0556 0x1e00 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth D:\WINDOWS\System32\drivers\hidbth.sys
18:10:43.0571 0x1e00 HidBth - ok
18:10:43.0587 0x1e00 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c D:\WINDOWS\System32\drivers\hidi2c.sys
18:10:43.0587 0x1e00 hidi2c - ok
18:10:43.0602 0x1e00 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt D:\WINDOWS\System32\drivers\hidinterrupt.sys
18:10:43.0618 0x1e00 hidinterrupt - ok
18:10:43.0634 0x1e00 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr D:\WINDOWS\System32\drivers\hidir.sys
18:10:43.0649 0x1e00 HidIr - ok
18:10:43.0665 0x1e00 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv D:\WINDOWS\system32\hidserv.dll
18:10:43.0681 0x1e00 hidserv - ok
18:10:43.0727 0x1e00 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb D:\WINDOWS\System32\drivers\hidusb.sys
18:10:43.0743 0x1e00 HidUsb - ok
18:10:43.0774 0x1e00 [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener D:\WINDOWS\system32\ListSvc.dll
18:10:43.0806 0x1e00 HomeGroupListener - ok
18:10:43.0837 0x1e00 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider D:\WINDOWS\system32\provsvc.dll
18:10:43.0868 0x1e00 HomeGroupProvider - ok
18:10:43.0899 0x1e00 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD D:\WINDOWS\system32\drivers\HpSAMD.sys
18:10:43.0899 0x1e00 HpSAMD - ok
18:10:43.0946 0x1e00 [ 0063ACEBB5BBE8C563A6ADB09155E644, BC7C9AFB83F5345065BB070A5D992DCE13CB35027D8FE402B338D775C896317B ] HssDRV6 D:\WINDOWS\system32\DRIVERS\hssdrv6.sys
18:10:43.0946 0x1e00 HssDRV6 - ok
18:10:44.0009 0x1e00 [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP D:\WINDOWS\system32\drivers\HTTP.sys
18:10:44.0056 0x1e00 HTTP - ok
18:10:44.0071 0x1e00 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost D:\WINDOWS\System32\hvhostsvc.dll
18:10:44.0087 0x1e00 HvHost - ok
18:10:44.0118 0x1e00 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice D:\WINDOWS\system32\drivers\hvservice.sys
18:10:44.0134 0x1e00 hvservice - ok
18:10:44.0149 0x1e00 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy D:\WINDOWS\system32\drivers\hwpolicy.sys
18:10:44.0181 0x1e00 hwpolicy - ok
18:10:44.0196 0x1e00 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd D:\WINDOWS\System32\drivers\hyperkbd.sys
18:10:44.0196 0x1e00 hyperkbd - ok
18:10:44.0243 0x1e00 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt D:\WINDOWS\System32\drivers\i8042prt.sys
18:10:44.0259 0x1e00 i8042prt - ok
18:10:44.0274 0x1e00 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio D:\WINDOWS\System32\drivers\iagpio.sys
18:10:44.0274 0x1e00 iagpio - ok
18:10:44.0290 0x1e00 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c D:\WINDOWS\System32\drivers\iai2c.sys
18:10:44.0321 0x1e00 iai2c - ok
18:10:44.0339 0x1e00 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 D:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
18:10:44.0354 0x1e00 iaLPSS2i_GPIO2 - ok
18:10:44.0368 0x1e00 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C D:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
18:10:44.0381 0x1e00 iaLPSS2i_I2C - ok
18:10:44.0398 0x1e00 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO D:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:10:44.0416 0x1e00 iaLPSSi_GPIO - ok
18:10:44.0427 0x1e00 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C D:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:10:44.0443 0x1e00 iaLPSSi_I2C - ok
18:10:44.0474 0x1e00 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV D:\WINDOWS\system32\drivers\iaStorAV.sys
18:10:44.0521 0x1e00 iaStorAV - ok
18:10:44.0536 0x1e00 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV D:\WINDOWS\system32\drivers\iaStorV.sys
18:10:44.0552 0x1e00 iaStorV - ok
18:10:44.0583 0x1e00 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus D:\WINDOWS\System32\drivers\ibbus.sys
18:10:44.0614 0x1e00 ibbus - ok
18:10:44.0646 0x1e00 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc D:\WINDOWS\System32\tetheringservice.dll
18:10:44.0677 0x1e00 icssvc - ok
18:10:44.0677 0x1e00 IEEtwCollectorService - ok
18:10:44.0724 0x1e00 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT D:\WINDOWS\System32\ikeext.dll
18:10:44.0786 0x1e00 IKEEXT - ok
18:10:44.0802 0x1e00 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd D:\WINDOWS\System32\drivers\IndirectKmd.sys
18:10:44.0817 0x1e00 IndirectKmd - ok
18:10:44.0849 0x1e00 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide D:\WINDOWS\system32\drivers\intelide.sys
18:10:44.0849 0x1e00 intelide - ok
18:10:44.0864 0x1e00 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep D:\WINDOWS\system32\drivers\intelpep.sys
18:10:44.0880 0x1e00 intelpep - ok
18:10:44.0896 0x1e00 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm D:\WINDOWS\System32\drivers\intelppm.sys
18:10:44.0911 0x1e00 intelppm - ok
18:10:44.0942 0x1e00 [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate D:\WINDOWS\system32\drivers\iorate.sys
18:10:44.0958 0x1e00 iorate - ok
18:10:44.0974 0x1e00 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver D:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:10:44.0989 0x1e00 IpFilterDriver - ok
18:10:45.0036 0x1e00 [ 68C50E8E4265698BE6835156F4DD5008, 5B9CBBCE99315E5569E6733F13E91A687A36F536A68A2B670CC24C4BCC4EAFF4 ] iphlpsvc D:\WINDOWS\System32\iphlpsvc.dll
18:10:45.0083 0x1e00 iphlpsvc - ok
18:10:45.0130 0x1e00 [ 10D01A3657AC8E8004C83D613163DE1E, F9389F1BF87A2D28899F50D270DA6F48B0912CFAF06CEE566697B041DBE92F9C ] IPMIDRV D:\WINDOWS\System32\drivers\IPMIDrv.sys
18:10:45.0130 0x1e00 IPMIDRV - ok
18:10:45.0146 0x1e00 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT D:\WINDOWS\system32\drivers\ipnat.sys
18:10:45.0177 0x1e00 IPNAT - ok
18:10:45.0193 0x1e00 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda D:\WINDOWS\system32\drivers\irda.sys
18:10:45.0208 0x1e00 irda - ok
18:10:45.0224 0x1e00 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM D:\WINDOWS\system32\drivers\irenum.sys
18:10:45.0239 0x1e00 IRENUM - ok
18:10:45.0271 0x1e00 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon D:\WINDOWS\System32\irmon.dll
18:10:45.0286 0x1e00 irmon - ok
18:10:45.0302 0x1e00 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp D:\WINDOWS\system32\drivers\isapnp.sys
18:10:45.0317 0x1e00 isapnp - ok
18:10:45.0333 0x1e00 [ CA20F4621AB8CD3F69199DE21B5B41C4, 0AFFC66DD10D4D15139337E5ED343A2ABBB26CC8A83B3BDF6AD10C68B3931A7C ] iScsiPrt D:\WINDOWS\System32\drivers\msiscsi.sys
18:10:45.0364 0x1e00 iScsiPrt - ok
18:10:45.0364 0x1e00 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass D:\WINDOWS\System32\drivers\kbdclass.sys
18:10:45.0380 0x1e00 kbdclass - ok
18:10:45.0411 0x1e00 [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid D:\WINDOWS\System32\drivers\kbdhid.sys
18:10:45.0427 0x1e00 kbdhid - ok
18:10:45.0443 0x1e00 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic D:\WINDOWS\System32\drivers\kdnic.sys
18:10:45.0458 0x1e00 kdnic - ok
18:10:45.0474 0x1e00 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso D:\WINDOWS\system32\lsass.exe
18:10:45.0489 0x1e00 KeyIso - ok
18:10:45.0521 0x1e00 [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD D:\WINDOWS\system32\Drivers\ksecdd.sys
18:10:45.0536 0x1e00 KSecDD - ok
18:10:45.0583 0x1e00 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg D:\WINDOWS\system32\Drivers\ksecpkg.sys
18:10:45.0599 0x1e00 KSecPkg - ok
18:10:45.0614 0x1e00 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk D:\WINDOWS\system32\drivers\ksthunk.sys
18:10:45.0630 0x1e00 ksthunk - ok
18:10:45.0677 0x1e00 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm D:\WINDOWS\system32\msdtckrm.dll
18:10:45.0708 0x1e00 KtmRm - ok
18:10:45.0755 0x1e00 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer D:\WINDOWS\system32\srvsvc.dll
18:10:45.0786 0x1e00 LanmanServer - ok
18:10:45.0817 0x1e00 [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation D:\WINDOWS\System32\wkssvc.dll
18:10:45.0849 0x1e00 LanmanWorkstation - ok
18:10:45.0864 0x1e00 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc D:\WINDOWS\System32\lfsvc.dll
18:10:45.0880 0x1e00 lfsvc - ok
18:10:45.0911 0x1e00 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager D:\WINDOWS\system32\LicenseManagerSvc.dll
18:10:45.0927 0x1e00 LicenseManager - ok
18:10:45.0958 0x1e00 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio D:\WINDOWS\system32\drivers\lltdio.sys
18:10:45.0974 0x1e00 lltdio - ok
18:10:45.0989 0x1e00 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc D:\WINDOWS\System32\lltdsvc.dll
18:10:46.0021 0x1e00 lltdsvc - ok
18:10:46.0052 0x1e00 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts D:\WINDOWS\System32\lmhsvc.dll
18:10:46.0067 0x1e00 lmhosts - ok
18:10:46.0083 0x1e00 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS D:\WINDOWS\system32\drivers\lsi_sas.sys
18:10:46.0099 0x1e00 LSI_SAS - ok
18:10:46.0130 0x1e00 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i D:\WINDOWS\system32\drivers\lsi_sas2i.sys
18:10:46.0146 0x1e00 LSI_SAS2i - ok
18:10:46.0161 0x1e00 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i D:\WINDOWS\system32\drivers\lsi_sas3i.sys
18:10:46.0177 0x1e00 LSI_SAS3i - ok
18:10:46.0177 0x1e00 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS D:\WINDOWS\system32\drivers\lsi_sss.sys
18:10:46.0192 0x1e00 LSI_SSS - ok
18:10:46.0239 0x1e00 [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM D:\WINDOWS\System32\lsm.dll
18:10:46.0286 0x1e00 LSM - ok
18:10:46.0302 0x1e00 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv D:\WINDOWS\system32\drivers\luafv.sys
18:10:46.0317 0x1e00 luafv - ok
18:10:46.0349 0x1e00 [ 9F699136FA1A8A170C2C05D7790A5FC0, 4363C527BD2FC9FD8937E9866CA200809AC87B64EA57084491BAB6DEB8ED9E87 ] MapsBroker D:\WINDOWS\System32\moshost.dll
18:10:46.0364 0x1e00 MapsBroker - ok
18:10:46.0583 0x1e00 [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
18:10:46.0708 0x1e00 MBAMService - ok
18:10:46.0755 0x1e00 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas D:\WINDOWS\system32\drivers\megasas.sys
18:10:46.0771 0x1e00 megasas - ok
18:10:46.0802 0x1e00 [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i D:\WINDOWS\system32\drivers\MegaSas2i.sys
18:10:46.0817 0x1e00 megasas2i - ok
18:10:46.0849 0x1e00 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr D:\WINDOWS\system32\drivers\megasr.sys
18:10:46.0880 0x1e00 megasr - ok
18:10:46.0927 0x1e00 [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2 D:\WINDOWS\system32\BEC5.tmp
18:10:46.0927 0x1e00 MEMSWEEP2 - detected UnsignedFile.Multi.Generic ( 1 )
18:10:47.0192 0x1e00 Detect skipped due to KSN trusted
18:10:47.0192 0x1e00 MEMSWEEP2 - ok
18:10:47.0224 0x1e00 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService D:\WINDOWS\System32\MessagingService.dll
18:10:47.0239 0x1e00 MessagingService - ok
18:10:47.0349 0x1e00 MFE_RR - ok
18:10:47.0380 0x1e00 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus D:\WINDOWS\System32\drivers\mlx4_bus.sys
18:10:47.0411 0x1e00 mlx4_bus - ok
18:10:47.0442 0x1e00 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS D:\WINDOWS\system32\drivers\mmcss.sys
18:10:47.0458 0x1e00 MMCSS - ok
18:10:47.0489 0x1e00 [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem D:\WINDOWS\system32\drivers\modem.sys
18:10:47.0505 0x1e00 Modem - ok
18:10:47.0521 0x1e00 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor D:\WINDOWS\System32\drivers\monitor.sys
18:10:47.0536 0x1e00 monitor - ok
18:10:47.0536 0x1e00 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass D:\WINDOWS\System32\drivers\mouclass.sys
18:10:47.0552 0x1e00 mouclass - ok
18:10:47.0567 0x1e00 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid D:\WINDOWS\System32\drivers\mouhid.sys
18:10:47.0583 0x1e00 mouhid - ok
18:10:47.0599 0x1e00 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr D:\WINDOWS\system32\drivers\mountmgr.sys
18:10:47.0614 0x1e00 mountmgr - ok
18:10:47.0677 0x1e00 [ 4235B16E8C2E277EECB9BFD4579C428E, BCACE6E4D61E5C8A3BA417A361121A5B2F2B3D6E103B005C3F5738D4915B5FF4 ] MozillaMaintenance D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:10:47.0692 0x1e00 MozillaMaintenance - ok
18:10:47.0692 0x1e00 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv D:\WINDOWS\system32\drivers\mpsdrv.sys
18:10:47.0708 0x1e00 mpsdrv - ok
18:10:47.0755 0x1e00 [ A231E1861F7AA9CCC24B97176BBA838D, CDAB9A25CC55B71E8A83E50504B12E948D7A88F035918E4F94E3624E4AA0A28D ] MpsSvc D:\WINDOWS\system32\mpssvc.dll
18:10:47.0802 0x1e00 MpsSvc - ok
18:10:47.0833 0x1e00 [ 4FC62380457DE25B69011D3542E954AC, D212DDD2446618A6215CF9FC370FA2634F027BC92D1D4999E019BEF8A86AA6EB ] MQAC D:\WINDOWS\system32\drivers\mqac.sys
18:10:47.0864 0x1e00 MQAC - ok
18:10:47.0896 0x1e00 [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV D:\WINDOWS\system32\drivers\mrxdav.sys
18:10:47.0911 0x1e00 MRxDAV - ok
18:10:47.0942 0x1e00 [ D559FF28B1AD9B1E15A4186E785E61F6, 4B22A740E86CA10B1B43E36CBE9A50B53D1E5504C25694C8FF3A514DF699E99C ] mrxsmb D:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:10:47.0974 0x1e00 mrxsmb - ok
18:10:48.0005 0x1e00 [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10 D:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:10:48.0021 0x1e00 mrxsmb10 - ok
18:10:48.0036 0x1e00 [ 0698B15E21EA1B8742F2E7BB3142B754, 0DB79841E863F08452F895DA47CEEF6CA4D527A616EB616FDFF5F7431487E5F7 ] mrxsmb20 D:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:10:48.0052 0x1e00 mrxsmb20 - ok
18:10:48.0083 0x1e00 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge D:\WINDOWS\system32\drivers\bridge.sys
18:10:48.0114 0x1e00 MsBridge - ok
18:10:48.0146 0x1e00 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC D:\WINDOWS\System32\msdtc.exe
18:10:48.0161 0x1e00 MSDTC - ok
18:10:48.0177 0x1e00 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs D:\WINDOWS\system32\drivers\Msfs.sys
18:10:48.0192 0x1e00 Msfs - ok
18:10:48.0208 0x1e00 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 D:\WINDOWS\System32\drivers\msgpiowin32.sys
18:10:48.0224 0x1e00 msgpiowin32 - ok
18:10:48.0224 0x1e00 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf D:\WINDOWS\System32\drivers\mshidkmdf.sys
18:10:48.0239 0x1e00 mshidkmdf - ok
18:10:48.0255 0x1e00 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf D:\WINDOWS\System32\drivers\mshidumdf.sys
18:10:48.0271 0x1e00 mshidumdf - ok
18:10:48.0271 0x1e00 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv D:\WINDOWS\system32\drivers\msisadrv.sys
18:10:48.0286 0x1e00 msisadrv - ok
18:10:48.0333 0x1e00 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI D:\WINDOWS\system32\iscsiexe.dll
18:10:48.0349 0x1e00 MSiSCSI - ok
18:10:48.0349 0x1e00 msiserver - ok
18:10:48.0380 0x1e00 [ 4586CDA25B7866DD9505CEECF9DB3C74, B94CE1A7C1B6FFEF7AA33AEC30C27E01E44E6E56A4274705684BFBB738F95BCF ] MSKSSRV D:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
18:10:48.0396 0x1e00 MSKSSRV - ok
18:10:48.0411 0x1e00 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp D:\WINDOWS\system32\drivers\mslldp.sys
18:10:48.0427 0x1e00 MsLldp - ok
18:10:48.0458 0x1e00 [ F3EF38D07A4ADCDF922EEEAF0FED7D4D, B9D436BFA29AA0A7B00889D96C4F8BC33C1809E19B7A71A69AB2E534E9794BF0 ] MSMQ D:\WINDOWS\system32\mqsvc.exe
18:10:48.0474 0x1e00 MSMQ - ok
18:10:48.0489 0x1e00 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK D:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
18:10:48.0505 0x1e00 MSPCLOCK - ok
18:10:48.0505 0x1e00 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM D:\WINDOWS\system32\DRIVERS\MSPQM.sys
18:10:48.0536 0x1e00 MSPQM - ok
18:10:48.0552 0x1e00 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC D:\WINDOWS\system32\drivers\MsRPC.sys
18:10:48.0583 0x1e00 MsRPC - ok
18:10:48.0599 0x1e00 [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt D:\WINDOWS\system32\drivers\mssecflt.sys
18:10:48.0614 0x1e00 MsSecFlt - ok
18:10:48.0630 0x1e00 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios D:\WINDOWS\System32\drivers\mssmbios.sys
18:10:48.0646 0x1e00 mssmbios - ok
18:10:48.0661 0x1e00 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE D:\WINDOWS\system32\DRIVERS\MSTEE.sys
18:10:48.0677 0x1e00 MSTEE - ok
18:10:48.0692 0x1e00 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig D:\WINDOWS\System32\drivers\MTConfig.sys
18:10:48.0708 0x1e00 MTConfig - ok
18:10:48.0724 0x1e00 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup D:\WINDOWS\system32\Drivers\mup.sys
18:10:48.0739 0x1e00 Mup - ok
18:10:48.0755 0x1e00 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis D:\WINDOWS\system32\drivers\mvumis.sys
18:10:48.0771 0x1e00 mvumis - ok
18:10:48.0817 0x1e00 [ A5FA29F748BBF38FC3FAE4B54FA20A93, 8912F08967CFDD2A74593C9D23F43D6487D1920969C380B39BA8EA4672B24C3B ] NativeWifiP D:\WINDOWS\system32\DRIVERS\nwifi.sys
18:10:48.0849 0x1e00 NativeWifiP - ok
18:10:48.0880 0x1e00 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc D:\WINDOWS\System32\ncasvc.dll
18:10:48.0896 0x1e00 NcaSvc - ok
18:10:48.0927 0x1e00 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService D:\WINDOWS\System32\ncbservice.dll
18:10:48.0958 0x1e00 NcbService - ok
18:10:48.0974 0x1e00 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup D:\WINDOWS\System32\NcdAutoSetup.dll
18:10:49.0005 0x1e00 NcdAutoSetup - ok
18:10:49.0021 0x1e00 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr D:\WINDOWS\System32\drivers\ndfltr.sys
18:10:49.0036 0x1e00 ndfltr - ok
18:10:49.0099 0x1e00 [ 63560E6BC9BCA978A6B72DF65F7A8930, 278AAB22ED6001E7E336EFC027073EDA727A3D333FF2576D087C92F8E6D768B2 ] NDIS D:\WINDOWS\system32\drivers\ndis.sys
18:10:49.0146 0x1e00 NDIS - ok
18:10:49.0146 0x1e00 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap D:\WINDOWS\system32\drivers\ndiscap.sys
18:10:49.0161 0x1e00 NdisCap - ok
18:10:49.0192 0x1e00 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform D:\WINDOWS\system32\drivers\NdisImPlatform.sys
18:10:49.0224 0x1e00 NdisImPlatform - ok
18:10:49.0224 0x1e00 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi D:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:10:49.0255 0x1e00 NdisTapi - ok
18:10:49.0271 0x1e00 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio D:\WINDOWS\system32\drivers\ndisuio.sys
18:10:49.0286 0x1e00 Ndisuio - ok
18:10:49.0286 0x1e00 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus D:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:10:49.0302 0x1e00 NdisVirtualBus - ok
18:10:49.0317 0x1e00 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan D:\WINDOWS\System32\drivers\ndiswan.sys
18:10:49.0349 0x1e00 NdisWan - ok
18:10:49.0364 0x1e00 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy D:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:10:49.0396 0x1e00 ndiswanlegacy - ok
18:10:49.0411 0x1e00 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy D:\WINDOWS\system32\DRIVERS\NDProxy.sys
18:10:49.0427 0x1e00 ndproxy - ok
18:10:49.0442 0x1e00 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu D:\WINDOWS\system32\drivers\Ndu.sys
18:10:49.0474 0x1e00 Ndu - ok
18:10:49.0489 0x1e00 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx D:\WINDOWS\system32\drivers\NetAdapterCx.sys
18:10:49.0505 0x1e00 NetAdapterCx - ok
18:10:49.0521 0x1e00 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS D:\WINDOWS\system32\drivers\netbios.sys
18:10:49.0536 0x1e00 NetBIOS - ok
18:10:49.0552 0x1e00 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT D:\WINDOWS\system32\DRIVERS\netbt.sys
18:10:49.0583 0x1e00 NetBT - ok
18:10:49.0599 0x1e00 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon D:\WINDOWS\system32\lsass.exe
18:10:49.0614 0x1e00 Netlogon - ok
18:10:49.0646 0x1e00 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman D:\WINDOWS\System32\netman.dll
18:10:49.0677 0x1e00 Netman - ok
18:10:49.0802 0x1e00 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetMsmqActivator D:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:10:49.0817 0x1e00 NetMsmqActivator - ok
18:10:49.0833 0x1e00 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetPipeActivator D:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:10:49.0849 0x1e00 NetPipeActivator - ok
18:10:49.0896 0x1e00 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm D:\WINDOWS\System32\netprofmsvc.dll
18:10:49.0927 0x1e00 netprofm - ok
18:10:50.0005 0x1e00 [ BA0C8F0B8B10968B63D85D665A6C280E, 94734AEF0F2698863C0570C05955B3C297B038DFE74A759896588C4AAAAB557F ] netr28ux D:\WINDOWS\System32\drivers\netr28ux.sys
18:10:50.0114 0x1e00 netr28ux - ok
18:10:50.0146 0x1e00 [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc D:\WINDOWS\System32\NetSetupSvc.dll
18:10:50.0177 0x1e00 NetSetupSvc - ok
18:10:50.0177 0x1e00 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpActivator D:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:10:50.0192 0x1e00 NetTcpActivator - ok
18:10:50.0192 0x1e00 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing D:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:10:50.0208 0x1e00 NetTcpPortSharing - ok
18:10:50.0239 0x1e00 [ E79E364AF827EB1F141BE000ABB8727D, 96218EB8B7C9E0F614AB9EAEAEC41BD4DB0E9EFE5C1D87EC749B9CB71653CEB1 ] NgcCtnrSvc D:\WINDOWS\System32\NgcCtnrSvc.dll
18:10:50.0271 0x1e00 NgcCtnrSvc - ok
18:10:50.0317 0x1e00 [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc D:\WINDOWS\system32\ngcsvc.dll
18:10:50.0364 0x1e00 NgcSvc - ok
18:10:50.0396 0x1e00 [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc D:\WINDOWS\System32\nlasvc.dll
18:10:50.0427 0x1e00 NlaSvc - ok
18:10:50.0442 0x1e00 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF D:\WINDOWS\system32\drivers\npf.sys
18:10:50.0458 0x1e00 NPF - ok
18:10:50.0458 0x1e00 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs D:\WINDOWS\system32\drivers\Npfs.sys
18:10:50.0489 0x1e00 Npfs - ok
18:10:50.0505 0x1e00 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig D:\WINDOWS\System32\drivers\npsvctrig.sys
18:10:50.0521 0x1e00 npsvctrig - ok
18:10:50.0521 0x1e00 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi D:\WINDOWS\system32\nsisvc.dll
18:10:50.0536 0x1e00 nsi - ok
18:10:50.0552 0x1e00 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy D:\WINDOWS\system32\drivers\nsiproxy.sys
18:10:50.0567 0x1e00 nsiproxy - ok
18:10:50.0661 0x1e00 [ 98BBD81DC481E9D58EEB31C81EBDEFF5, 28FAAFCB90721C557C37D18533681C274428BC97AB3C3AAFCC75212074E9F2CA ] NTFS D:\WINDOWS\system32\drivers\NTFS.sys
18:10:50.0739 0x1e00 NTFS - ok
18:10:50.0755 0x1e00 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null D:\WINDOWS\system32\drivers\Null.sys
18:10:50.0771 0x1e00 Null - ok
18:10:50.0896 0x1e00 [ 681E911AA54E4AC2184C8FC0CEA74EBC, 92E421EEE50E404B3EDC6864097E63BDB80F7CDF0EFEA6DC19977B4DE06F23E2 ] NvContainerLocalSystem D:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
18:10:50.0911 0x1e00 NvContainerLocalSystem - ok
18:10:50.0927 0x1e00 [ 681E911AA54E4AC2184C8FC0CEA74EBC, 92E421EEE50E404B3EDC6864097E63BDB80F7CDF0EFEA6DC19977B4DE06F23E2 ] NvContainerNetworkService D:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
18:10:50.0942 0x1e00 NvContainerNetworkService - ok
18:10:51.0036 0x1e00 [ 5BF89AFD025AC007AD31B67A2D9AD986, 16D60B506C215A6AEC3AB0DB2BCE1DF7C9846FE11AAECFF55D17798833C9290B ] NVIDIA Wireless Controller Service D:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
18:10:51.0067 0x1e00 NVIDIA Wireless Controller Service - ok
18:10:51.0458 0x1e00 [ 6764192883EA0CD324CC4305046D3B6B, 00DEB8AB69E9679EE60A628AD228C092AB1ED45D57A40A9301C2007B0A07D893 ] nvlddmkm D:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
18:10:51.0786 0x1e00 nvlddmkm - ok
18:10:51.0817 0x1e00 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid D:\WINDOWS\system32\drivers\nvraid.sys
18:10:51.0833 0x1e00 nvraid - ok
18:10:51.0849 0x1e00 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor D:\WINDOWS\system32\drivers\nvstor.sys
18:10:51.0864 0x1e00 nvstor - ok
18:10:51.0896 0x1e00 [ DDA83A50B7F46195281CCADD4AF43300, ABF091AED09B57DEF3000EEAE3B47612893F58CD5560C26F64438A89930A1C83 ] NvStreamKms D:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:10:51.0896 0x1e00 NvStreamKms - ok
18:10:51.0958 0x1e00 [ FFADB2E34CE378F059F57161AD555DBF, 442C79D96012ABD76CB8A4FE1490AEB7D8CC9068170AB85DB7F8115FA807ADB0 ] nvsvc D:\WINDOWS\system32\nvvsvc.exe
18:10:51.0989 0x1e00 nvsvc - ok
18:10:52.0005 0x1e00 [ E0277CB18E86B1A37470A0CD65B3E9CC, F4DC71B00C40FD8AC79BDC27A571D27D24AB94B468BEBFA68A0102FF9B2B6590 ] nvvad_WaveExtensible D:\WINDOWS\system32\drivers\nvvad64v.sys
18:10:52.0021 0x1e00 nvvad_WaveExtensible - ok
18:10:52.0052 0x1e00 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc D:\WINDOWS\System32\APHostService.dll
18:10:52.0083 0x1e00 OneSyncSvc - ok
18:10:52.0208 0x1e00 [ D75A76EB38AD90E9AB34CAB1E50CE39E, 63345F673DD7CB590910C40C77D082EE47BF377F146E0C6D948E3CCD17512673 ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
18:10:52.0271 0x1e00 Origin Client Service - ok
18:10:52.0380 0x1e00 [ 8901179D73E77060AD4EED7CB8924E10, 6ED27384A70499E3DF29ED43047E1D60E78F71D1A6820C5487C4621B42B0FFD5 ] Origin Web Helper Service D:\Program Files (x86)\Origin\OriginWebHelperService.exe
18:10:52.0474 0x1e00 Origin Web Helper Service - ok
18:10:52.0536 0x1e00 [ 99BF0B1BCADF83102CBBBEA4D0D22732, D8A8160CCCB1D10EDC030C2E130910FE36B00D059E8E5BCA6DC477A28F4F962D ] ose D:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:10:52.0552 0x1e00 ose - ok
18:10:52.0583 0x1e00 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc D:\WINDOWS\system32\pnrpsvc.dll
18:10:52.0614 0x1e00 p2pimsvc - ok
18:10:52.0661 0x1e00 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc D:\WINDOWS\system32\p2psvc.dll
18:10:52.0692 0x1e00 p2psvc - ok
18:10:52.0708 0x1e00 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport D:\WINDOWS\System32\drivers\parport.sys
18:10:52.0724 0x1e00 Parport - ok
18:10:52.0755 0x1e00 [ 0553ECB742278C8F4CFA28B43FF20EAD, ACD7F5BC36573BCEC2C3413DEA687034ECC101EDD3C1544B264BBA29EFCE3425 ] partmgr D:\WINDOWS\system32\drivers\partmgr.sys
18:10:52.0771 0x1e00 partmgr - ok
18:10:52.0802 0x1e00 [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc D:\WINDOWS\System32\pcasvc.dll
18:10:52.0833 0x1e00 PcaSvc - ok
18:10:52.0864 0x1e00 [ 29AF16726F4DD84376ECA85AB6AFF2C6, BEF9EA10637065365ED343C4EBA51191B9BEADD8F1F3362D3EFE75F40BE9A027 ] pci D:\WINDOWS\system32\drivers\pci.sys
18:10:52.0880 0x1e00 pci - ok
18:10:52.0927 0x1e00 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide D:\WINDOWS\system32\drivers\pciide.sys
18:10:52.0927 0x1e00 pciide - ok
18:10:52.0942 0x1e00 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia D:\WINDOWS\system32\drivers\pcmcia.sys
18:10:52.0958 0x1e00 pcmcia - ok
18:10:52.0974 0x1e00 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw D:\WINDOWS\system32\drivers\pcw.sys
18:10:52.0989 0x1e00 pcw - ok
18:10:53.0021 0x1e00 [ CA979960D3A580C78EDB4BBD6BD3ABCC, 2A136BC562235D26F6421027B158D406FB1D08FE7D70A50DD3E4D344B0E27205 ] pdc D:\WINDOWS\system32\drivers\pdc.sys
18:10:53.0036 0x1e00 pdc - ok
18:10:53.0083 0x1e00 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH D:\WINDOWS\system32\drivers\peauth.sys
18:10:53.0130 0x1e00 PEAUTH - ok
18:10:53.0192 0x1e00 [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc D:\WINDOWS\system32\peerdistsvc.dll
18:10:53.0302 0x1e00 PeerDistSvc - ok
18:10:53.0317 0x1e00 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i D:\WINDOWS\system32\drivers\percsas2i.sys
18:10:53.0333 0x1e00 percsas2i - ok
18:10:53.0333 0x1e00 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i D:\WINDOWS\system32\drivers\percsas3i.sys
18:10:53.0349 0x1e00 percsas3i - ok
18:10:53.0411 0x1e00 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost D:\WINDOWS\SysWow64\perfhost.exe
18:10:53.0427 0x1e00 PerfHost - ok
18:10:53.0489 0x1e00 [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc D:\WINDOWS\System32\PhoneService.dll
18:10:53.0536 0x1e00 PhoneSvc - ok
18:10:53.0552 0x1e00 [ C7A94D99CDF054248EFBD9B93D096DA6, F59F0EB5B17DC078E47D044B1126A786D67DC149AC9614CDA6AA1226EEE3EF55 ] PimIndexMaintenanceSvc D:\WINDOWS\System32\PimIndexMaintenance.dll
18:10:53.0583 0x1e00 PimIndexMaintenanceSvc - ok
18:10:53.0646 0x1e00 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla D:\WINDOWS\system32\pla.dll
18:10:53.0724 0x1e00 pla - ok
18:10:53.0755 0x1e00 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay D:\WINDOWS\system32\umpnpmgr.dll
18:10:53.0786 0x1e00 PlugPlay - ok
18:10:53.0786 0x1e00 PnkBstrA - ok
18:10:53.0802 0x1e00 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg D:\WINDOWS\system32\pnrpauto.dll
18:10:53.0817 0x1e00 PNRPAutoReg - ok
18:10:53.0849 0x1e00 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc D:\WINDOWS\system32\pnrpsvc.dll
18:10:53.0880 0x1e00 PNRPsvc - ok
18:10:53.0896 0x1e00 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent D:\WINDOWS\System32\ipsecsvc.dll
|
|
03.05.2017, 17:21
| #4 |
| | RootkitverdachtCode:
ATTFilter
18:10:53.0927 0x1e00 PolicyAgent - ok
18:10:54.0083 0x1e00 [ C58AE9881CD83BB1662A7E062E11CBD6, 80969EC975C15718DC14136B7E1533FFD3E1530E1A1F6B1411ED3EE0F55016E6 ] PORTMON D:\Users\käptnBlaubär\Desktop\security\security\sysinternals\PORTMSYS.SYS
18:10:54.0099 0x1e00 PORTMON - detected UnsignedFile.Multi.Generic ( 1 )
18:10:54.0380 0x1e00 Detect skipped due to KSN trusted
18:10:54.0380 0x1e00 PORTMON - ok
18:10:54.0411 0x1e00 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power D:\WINDOWS\system32\umpo.dll
18:10:54.0427 0x1e00 Power - ok
18:10:54.0442 0x1e00 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport D:\WINDOWS\System32\drivers\raspptp.sys
18:10:54.0474 0x1e00 PptpMiniport - ok
18:10:54.0614 0x1e00 [ 12ECCDB0C865A8CB805BABAD5A54EF41, B6E709C692EDDC2308A6944DE1ABA13155FC52905DC572C0008BCC97B3889771 ] PrintNotify D:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:10:54.0755 0x1e00 PrintNotify - ok
18:10:54.0771 0x1e00 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor D:\WINDOWS\System32\drivers\processr.sys
18:10:54.0786 0x1e00 Processor - ok
18:10:54.0849 0x1e00 [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc D:\WINDOWS\system32\profsvc.dll
18:10:54.0880 0x1e00 ProfSvc - ok
18:10:54.0942 0x1e00 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched D:\WINDOWS\system32\drivers\pacer.sys
18:10:54.0958 0x1e00 Psched - ok
18:10:54.0989 0x1e00 [ D271C14EE0EEEA27359CD9E14E49F0DE, C69234841EE8E9A584CABF12CE2FA965F038BD30E78C57702B28EF4B3667BD7C ] PSKMAD D:\WINDOWS\system32\DRIVERS\PSKMAD.sys
18:10:54.0989 0x1e00 PSKMAD - ok
18:10:55.0036 0x1e00 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE D:\WINDOWS\system32\qwave.dll
18:10:55.0067 0x1e00 QWAVE - ok
18:10:55.0083 0x1e00 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv D:\WINDOWS\system32\drivers\qwavedrv.sys
18:10:55.0099 0x1e00 QWAVEdrv - ok
18:10:55.0099 0x1e00 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd D:\WINDOWS\system32\DRIVERS\rasacd.sys
18:10:55.0114 0x1e00 RasAcd - ok
18:10:55.0161 0x1e00 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn D:\WINDOWS\System32\drivers\AgileVpn.sys
18:10:55.0177 0x1e00 RasAgileVpn - ok
18:10:55.0208 0x1e00 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto D:\WINDOWS\System32\rasauto.dll
18:10:55.0224 0x1e00 RasAuto - ok
18:10:55.0239 0x1e00 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp D:\WINDOWS\System32\drivers\rasl2tp.sys
18:10:55.0271 0x1e00 Rasl2tp - ok
18:10:55.0317 0x1e00 [ 989DBF4805124A31610947E502501696, BCB73879AEC0588D0BFAB915D1F6EB637333A24D2030ED6572B3A3C03865AE93 ] RasMan D:\WINDOWS\System32\rasmans.dll
18:10:55.0349 0x1e00 RasMan - ok
18:10:55.0364 0x1e00 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe D:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:10:55.0380 0x1e00 RasPppoe - ok
18:10:55.0396 0x1e00 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp D:\WINDOWS\System32\drivers\rassstp.sys
18:10:55.0427 0x1e00 RasSstp - ok
18:10:55.0458 0x1e00 [ 6132B142C5A1FA4C05F06FE43DE5E55E, CCF64C9A778501635B8B5E20BB617D39D0298329FD6911DC125FC8B31FEFEDE1 ] rdbss D:\WINDOWS\system32\DRIVERS\rdbss.sys
18:10:55.0489 0x1e00 rdbss - ok
18:10:55.0505 0x1e00 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus D:\WINDOWS\System32\drivers\rdpbus.sys
18:10:55.0521 0x1e00 rdpbus - ok
18:10:55.0536 0x1e00 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR D:\WINDOWS\system32\drivers\rdpdr.sys
18:10:55.0567 0x1e00 RDPDR - ok
18:10:55.0614 0x1e00 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport D:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:10:55.0630 0x1e00 RdpVideoMiniport - ok
18:10:55.0646 0x1e00 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost D:\WINDOWS\system32\drivers\rdyboost.sys
18:10:55.0677 0x1e00 rdyboost - ok
18:10:55.0724 0x1e00 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 D:\WINDOWS\system32\drivers\ReFSv1.sys
18:10:55.0755 0x1e00 ReFSv1 - ok
18:10:55.0786 0x1e00 [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess D:\WINDOWS\System32\mprdim.dll
18:10:55.0817 0x1e00 RemoteAccess - ok
18:10:55.0849 0x1e00 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry D:\WINDOWS\system32\regsvc.dll
18:10:55.0880 0x1e00 RemoteRegistry - ok
18:10:55.0927 0x1e00 [ 62EC862859B3C6F2B7815466DF24207A, 90A108CB4E58102498F8554D2789C1F3AE505350F640F083373DD07736076554 ] RetailDemo D:\WINDOWS\system32\RDXService.dll
18:10:55.0974 0x1e00 RetailDemo - ok
18:10:55.0989 0x1e00 [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt D:\WINDOWS\system32\DRIVERS\revoflt.sys
18:10:56.0005 0x1e00 Revoflt - ok
18:10:56.0005 0x1e00 rkhdrv40 - ok
18:10:56.0036 0x1e00 [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc D:\WINDOWS\System32\RMapi.dll
18:10:56.0052 0x1e00 RmSvc - ok
18:10:56.0067 0x1e00 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper D:\WINDOWS\System32\RpcEpMap.dll
18:10:56.0083 0x1e00 RpcEptMapper - ok
18:10:56.0114 0x1e00 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator D:\WINDOWS\system32\locator.exe
18:10:56.0130 0x1e00 RpcLocator - ok
18:10:56.0177 0x1e00 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs D:\WINDOWS\system32\rpcss.dll
18:10:56.0239 0x1e00 RpcSs - ok
18:10:56.0255 0x1e00 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr D:\WINDOWS\system32\drivers\rspndr.sys
18:10:56.0271 0x1e00 rspndr - ok
18:10:56.0302 0x1e00 [ 6A73FE7D70FA8CE059BFBC91B7A67A59, E80F4752AFE0709D06D8DD2755AC84F97195B76E34A0AA189945BD85BC1CF99F ] rspSanity D:\WINDOWS\system32\DRIVERS\rspSanity64.sys
18:10:56.0302 0x1e00 rspSanity - ok
18:10:56.0333 0x1e00 [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64 D:\WINDOWS\System32\drivers\rt640x64.sys
18:10:56.0380 0x1e00 rt640x64 - ok
18:10:56.0442 0x1e00 [ 45F606823EAA469582318C722C76A29D, 1016FBE111638AE369F7C5FF6CA33178FD6CB06D361F3B488DE6C4D85A22253A ] RUBotSrv D:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
18:10:56.0458 0x1e00 RUBotSrv - ok
18:10:56.0489 0x1e00 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap D:\WINDOWS\System32\drivers\vms3cap.sys
18:10:56.0505 0x1e00 s3cap - ok
18:10:56.0536 0x1e00 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs D:\WINDOWS\system32\lsass.exe
18:10:56.0552 0x1e00 SamSs - ok
18:10:56.0583 0x1e00 [ C259A8B9BCD38988BD71F8F9C9927CDB, 7913F441D423974AEE4AC0CC13A98008E58EAEB07660B5401FAA0FC250C6A593 ] Samsung UPD Service D:\WINDOWS\System32\SUPDSvc.exe
18:10:56.0614 0x1e00 Samsung UPD Service - ok
18:10:56.0708 0x1e00 [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\WNt600x64\Sandra.sys
18:10:56.0708 0x1e00 SANDRA - ok
18:10:56.0724 0x1e00 [ 062DF2975C23079DF834411A5CB761B0, 8CA11CDA54A7464AFA9294E6303DC62D0664BC7BDD0B4755AEC28FD80B86BB41 ] SandraAgentSrv D:\Program Files\SiSoftware\SiSoftware Sandra Lite 2014.SP3e\RpcAgentSrv.exe
18:10:56.0739 0x1e00 SandraAgentSrv - detected UnsignedFile.Multi.Generic ( 1 )
18:10:57.0005 0x1e00 Detect skipped due to KSN trusted
18:10:57.0005 0x1e00 SandraAgentSrv - ok
18:10:57.0052 0x1e00 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port D:\WINDOWS\system32\drivers\sbp2port.sys
18:10:57.0067 0x1e00 sbp2port - ok
18:10:57.0099 0x1e00 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr D:\WINDOWS\System32\SCardSvr.dll
18:10:57.0130 0x1e00 SCardSvr - ok
18:10:57.0161 0x1e00 [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum D:\WINDOWS\System32\ScDeviceEnum.dll
18:10:57.0177 0x1e00 ScDeviceEnum - ok
18:10:57.0208 0x1e00 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter D:\WINDOWS\system32\DRIVERS\scfilter.sys
18:10:57.0224 0x1e00 scfilter - ok
18:10:57.0255 0x1e00 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule D:\WINDOWS\system32\schedsvc.dll
18:10:57.0317 0x1e00 Schedule - ok
18:10:57.0333 0x1e00 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus D:\WINDOWS\system32\drivers\scmbus.sys
18:10:57.0349 0x1e00 scmbus - ok
18:10:57.0364 0x1e00 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 D:\WINDOWS\System32\drivers\scmdisk0101.sys
18:10:57.0380 0x1e00 scmdisk0101 - ok
18:10:57.0411 0x1e00 [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc D:\WINDOWS\System32\certprop.dll
18:10:57.0442 0x1e00 SCPolicySvc - ok
18:10:57.0474 0x1e00 [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus D:\WINDOWS\System32\drivers\sdbus.sys
18:10:57.0489 0x1e00 sdbus - ok
18:10:57.0505 0x1e00 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC D:\WINDOWS\System32\SDRSVC.dll
18:10:57.0521 0x1e00 SDRSVC - ok
18:10:57.0567 0x1e00 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor D:\WINDOWS\System32\drivers\sdstor.sys
18:10:57.0567 0x1e00 sdstor - ok
18:10:57.0583 0x1e00 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon D:\WINDOWS\system32\seclogon.dll
18:10:57.0599 0x1e00 seclogon - ok
18:10:57.0630 0x1e00 [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS D:\WINDOWS\System32\sens.dll
18:10:57.0646 0x1e00 SENS - ok
18:10:57.0661 0x1e00 Sense - ok
18:10:57.0708 0x1e00 [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService D:\WINDOWS\System32\SensorDataService.exe
18:10:57.0786 0x1e00 SensorDataService - ok
18:10:57.0817 0x1e00 [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService D:\WINDOWS\system32\SensorService.dll
18:10:57.0849 0x1e00 SensorService - ok
18:10:57.0864 0x1e00 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc D:\WINDOWS\system32\sensrsvc.dll
18:10:57.0896 0x1e00 SensrSvc - ok
18:10:57.0911 0x1e00 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx D:\WINDOWS\system32\drivers\SerCx.sys
18:10:57.0927 0x1e00 SerCx - ok
18:10:57.0942 0x1e00 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 D:\WINDOWS\system32\drivers\SerCx2.sys
18:10:57.0958 0x1e00 SerCx2 - ok
18:10:57.0974 0x1e00 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum D:\WINDOWS\System32\drivers\serenum.sys
18:10:57.0974 0x1e00 Serenum - ok
18:10:57.0989 0x1e00 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial D:\WINDOWS\System32\drivers\serial.sys
18:10:58.0005 0x1e00 Serial - ok
18:10:58.0021 0x1e00 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse D:\WINDOWS\System32\drivers\sermouse.sys
18:10:58.0036 0x1e00 sermouse - ok
18:10:58.0083 0x1e00 [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv D:\WINDOWS\system32\sessenv.dll
18:10:58.0114 0x1e00 SessionEnv - ok
18:10:58.0130 0x1e00 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy D:\WINDOWS\System32\drivers\sfloppy.sys
18:10:58.0146 0x1e00 sfloppy - ok
18:10:58.0208 0x1e00 [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess D:\WINDOWS\System32\ipnathlp.dll
18:10:58.0239 0x1e00 SharedAccess - ok
18:10:58.0271 0x1e00 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection D:\WINDOWS\System32\shsvcs.dll
18:10:58.0317 0x1e00 ShellHWDetection - ok
18:10:58.0333 0x1e00 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc D:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
18:10:58.0364 0x1e00 shpamsvc - ok
18:10:58.0380 0x1e00 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 D:\WINDOWS\system32\drivers\SiSRaid2.sys
18:10:58.0396 0x1e00 SiSRaid2 - ok
18:10:58.0411 0x1e00 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 D:\WINDOWS\system32\drivers\sisraid4.sys
18:10:58.0427 0x1e00 SiSRaid4 - ok
18:10:58.0442 0x1e00 [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost D:\WINDOWS\System32\smphost.dll
18:10:58.0458 0x1e00 smphost - ok
18:10:58.0489 0x1e00 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter D:\WINDOWS\system32\SmsRouterSvc.dll
18:10:58.0536 0x1e00 SmsRouter - ok
18:10:58.0583 0x1e00 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP D:\WINDOWS\System32\snmptrap.exe
18:10:58.0599 0x1e00 SNMPTRAP - ok
18:10:58.0630 0x1e00 [ 8BDB9E47D84144110F05AB757E630374, 8A49004895B8AD17C877AA8E7B6A0F14936BDDCBB88F0E5FB880DD0D816AEAB4 ] spaceport D:\WINDOWS\system32\drivers\spaceport.sys
18:10:58.0661 0x1e00 spaceport - ok
18:10:58.0677 0x1e00 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx D:\WINDOWS\system32\drivers\SpbCx.sys
18:10:58.0692 0x1e00 SpbCx - ok
18:10:58.0739 0x1e00 [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler D:\WINDOWS\System32\spoolsv.exe
18:10:58.0786 0x1e00 Spooler - ok
18:10:58.0974 0x1e00 [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc D:\WINDOWS\system32\sppsvc.exe
18:10:59.0161 0x1e00 sppsvc - ok
18:10:59.0271 0x1e00 [ E8276BE984738AA44070CFDE6EFC9300, F0B09D3E08BDB1B8AEBA97A700271E97AB2506793B42D96415B23DB68DA99FA8 ] SQLWriter D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
18:10:59.0271 0x1e00 SQLWriter - ok
18:10:59.0302 0x1e00 [ FD3C05C412BE1C9FA477AD9CF9B2AADB, 19BEF5B3A0DAF8227200C2294547A497021F0B2558211345BFFFD13678522592 ] srv D:\WINDOWS\system32\DRIVERS\srv.sys
18:10:59.0333 0x1e00 srv - ok
18:10:59.0364 0x1e00 [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2 D:\WINDOWS\system32\DRIVERS\srv2.sys
18:10:59.0411 0x1e00 srv2 - ok
18:10:59.0442 0x1e00 [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet D:\WINDOWS\system32\DRIVERS\srvnet.sys
18:10:59.0458 0x1e00 srvnet - ok
18:10:59.0489 0x1e00 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV D:\WINDOWS\System32\ssdpsrv.dll
18:10:59.0521 0x1e00 SSDPSRV - ok
18:10:59.0536 0x1e00 [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT D:\Windows\system32\Drivers\SSPORT.sys
18:10:59.0552 0x1e00 SSPORT - ok
18:10:59.0583 0x1e00 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc D:\WINDOWS\system32\sstpsvc.dll
18:10:59.0599 0x1e00 SstpSvc - ok
18:10:59.0771 0x1e00 [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository D:\WINDOWS\system32\windows.staterepository.dll
18:10:59.0958 0x1e00 StateRepository - ok
18:11:00.0036 0x1e00 [ 843F16D234D03756B9EB6054B5C62FAA, 529E1F8C6EB4AA881C9FDE9DA6CAFA34F5770E87059E867B8F88B40FE879743D ] Stereo Service D:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:11:00.0052 0x1e00 Stereo Service - ok
18:11:00.0067 0x1e00 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor D:\WINDOWS\system32\drivers\stexstor.sys
18:11:00.0083 0x1e00 stexstor - ok
18:11:00.0114 0x1e00 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc D:\WINDOWS\System32\wiaservc.dll
18:11:00.0161 0x1e00 stisvc - ok
18:11:00.0192 0x1e00 [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci D:\WINDOWS\system32\drivers\storahci.sys
18:11:00.0208 0x1e00 storahci - ok
18:11:00.0239 0x1e00 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt D:\WINDOWS\system32\drivers\vmstorfl.sys
18:11:00.0255 0x1e00 storflt - ok
18:11:00.0286 0x1e00 [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme D:\WINDOWS\system32\drivers\stornvme.sys
18:11:00.0286 0x1e00 stornvme - ok
18:11:00.0317 0x1e00 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt D:\WINDOWS\system32\drivers\storqosflt.sys
18:11:00.0333 0x1e00 storqosflt - ok
18:11:00.0364 0x1e00 [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc D:\WINDOWS\system32\storsvc.dll
18:11:00.0396 0x1e00 StorSvc - ok
18:11:00.0396 0x1e00 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs D:\WINDOWS\system32\drivers\storufs.sys
18:11:00.0411 0x1e00 storufs - ok
18:11:00.0427 0x1e00 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc D:\WINDOWS\system32\drivers\storvsc.sys
18:11:00.0442 0x1e00 storvsc - ok
18:11:00.0442 0x1e00 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc D:\WINDOWS\system32\svsvc.dll
18:11:00.0474 0x1e00 svsvc - ok
18:11:00.0474 0x1e00 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum D:\WINDOWS\System32\drivers\swenum.sys
18:11:00.0489 0x1e00 swenum - ok
18:11:00.0521 0x1e00 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv D:\WINDOWS\System32\swprv.dll
18:11:00.0552 0x1e00 swprv - ok
18:11:00.0583 0x1e00 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc D:\WINDOWS\System32\drivers\Synth3dVsc.sys
18:11:00.0599 0x1e00 Synth3dVsc - ok
18:11:00.0646 0x1e00 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain D:\WINDOWS\system32\sysmain.dll
18:11:00.0708 0x1e00 SysMain - ok
18:11:00.0739 0x1e00 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker D:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:11:00.0786 0x1e00 SystemEventsBroker - ok
18:11:00.0817 0x1e00 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService D:\WINDOWS\System32\TabSvc.dll
18:11:00.0833 0x1e00 TabletInputService - ok
18:11:00.0864 0x1e00 [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901 D:\WINDOWS\System32\drivers\tap0901.sys
18:11:00.0864 0x1e00 tap0901 - ok
18:11:00.0896 0x1e00 [ BCF5E78E87D258088346E399E406E501, FD75AC5A7085E08AB00A2D0CE01970873598E381B6542DC5EBAC240D727AF6D7 ] taphss6 D:\WINDOWS\System32\drivers\taphss6.sys
18:11:00.0911 0x1e00 taphss6 - ok
18:11:00.0927 0x1e00 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv D:\WINDOWS\System32\tapisrv.dll
18:11:00.0958 0x1e00 TapiSrv - ok
18:11:00.0974 0x1e00 [ 185C2170CFD84F9D708276FBB5ABD77D, FCA00B5CC62F2C160326DBA2F6BF31746324BBE7D5E96291C345DCF2583CE324 ] tapSF0901 D:\WINDOWS\system32\DRIVERS\tapSF0901.sys
18:11:00.0989 0x1e00 tapSF0901 - ok
18:11:01.0083 0x1e00 [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip D:\WINDOWS\system32\drivers\tcpip.sys
18:11:01.0161 0x1e00 Tcpip - ok
18:11:01.0239 0x1e00 [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6 D:\WINDOWS\system32\drivers\tcpip.sys
18:11:01.0317 0x1e00 Tcpip6 - ok
18:11:01.0364 0x1e00 [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg D:\WINDOWS\system32\drivers\tcpipreg.sys
18:11:01.0380 0x1e00 tcpipreg - ok
18:11:01.0396 0x1e00 [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx D:\WINDOWS\system32\DRIVERS\tdx.sys
18:11:01.0411 0x1e00 tdx - ok
18:11:01.0427 0x1e00 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt D:\WINDOWS\System32\drivers\terminpt.sys
18:11:01.0442 0x1e00 terminpt - ok
18:11:01.0489 0x1e00 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService D:\WINDOWS\System32\termsrv.dll
18:11:01.0552 0x1e00 TermService - ok
18:11:01.0567 0x1e00 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes D:\WINDOWS\system32\themeservice.dll
18:11:01.0599 0x1e00 Themes - ok
18:11:01.0630 0x1e00 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService D:\WINDOWS\system32\TieringEngineService.exe
18:11:01.0661 0x1e00 TieringEngineService - ok
18:11:01.0708 0x1e00 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc D:\WINDOWS\system32\tileobjserver.dll
18:11:01.0739 0x1e00 tiledatamodelsvc - ok
18:11:01.0755 0x1e00 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc D:\WINDOWS\System32\TimeBrokerServer.dll
18:11:01.0786 0x1e00 TimeBrokerSvc - ok
18:11:01.0817 0x1e00 [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM D:\WINDOWS\System32\drivers\tpm.sys
18:11:01.0833 0x1e00 TPM - ok
18:11:01.0849 0x1e00 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks D:\WINDOWS\System32\trkwks.dll
18:11:01.0864 0x1e00 TrkWks - ok
18:11:01.0911 0x1e00 [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller D:\WINDOWS\servicing\TrustedInstaller.exe
18:11:01.0927 0x1e00 TrustedInstaller - ok
18:11:01.0942 0x1e00 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt D:\WINDOWS\system32\drivers\TsUsbFlt.sys
18:11:01.0958 0x1e00 tsusbflt - ok
18:11:01.0974 0x1e00 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD D:\WINDOWS\System32\drivers\TsUsbGD.sys
18:11:01.0989 0x1e00 TsUsbGD - ok
18:11:01.0989 0x1e00 [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub D:\WINDOWS\system32\drivers\tsusbhub.sys
18:11:02.0021 0x1e00 tsusbhub - ok
18:11:02.0052 0x1e00 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel D:\WINDOWS\System32\drivers\tunnel.sys
18:11:02.0067 0x1e00 tunnel - ok
18:11:02.0099 0x1e00 [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate D:\WINDOWS\system32\tzautoupdate.dll
18:11:02.0130 0x1e00 tzautoupdate - ok
18:11:02.0161 0x1e00 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor D:\WINDOWS\System32\drivers\uaspstor.sys
18:11:02.0161 0x1e00 UASPStor - ok
18:11:02.0177 0x1e00 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 D:\WINDOWS\system32\Drivers\UcmCx.sys
18:11:02.0192 0x1e00 UcmCx0101 - ok
18:11:02.0208 0x1e00 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 D:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
18:11:02.0224 0x1e00 UcmTcpciCx0101 - ok
18:11:02.0239 0x1e00 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi D:\WINDOWS\System32\drivers\UcmUcsi.sys
18:11:02.0255 0x1e00 UcmUcsi - ok
18:11:02.0255 0x1e00 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 D:\WINDOWS\system32\drivers\ucx01000.sys
18:11:02.0286 0x1e00 Ucx01000 - ok
18:11:02.0286 0x1e00 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx D:\WINDOWS\system32\drivers\udecx.sys
18:11:02.0302 0x1e00 UdeCx - ok
18:11:02.0333 0x1e00 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs D:\WINDOWS\system32\DRIVERS\udfs.sys
18:11:02.0364 0x1e00 udfs - ok
18:11:02.0380 0x1e00 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI D:\WINDOWS\System32\drivers\UEFI.sys
18:11:02.0396 0x1e00 UEFI - ok
18:11:02.0411 0x1e00 [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver D:\WINDOWS\system32\drivers\UevAgentDriver.sys
18:11:02.0411 0x1e00 UevAgentDriver - ok
18:11:02.0474 0x1e00 [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService D:\WINDOWS\system32\AgentService.exe
18:11:02.0536 0x1e00 UevAgentService - ok
18:11:02.0567 0x1e00 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 D:\WINDOWS\system32\drivers\ufx01000.sys
18:11:02.0583 0x1e00 Ufx01000 - ok
18:11:02.0614 0x1e00 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea D:\WINDOWS\System32\drivers\UfxChipidea.sys
18:11:02.0630 0x1e00 UfxChipidea - ok
18:11:02.0646 0x1e00 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys D:\WINDOWS\System32\drivers\ufxsynopsys.sys
18:11:02.0661 0x1e00 ufxsynopsys - ok
18:11:02.0692 0x1e00 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect D:\WINDOWS\system32\UI0Detect.exe
18:11:02.0708 0x1e00 UI0Detect - ok
18:11:02.0724 0x1e00 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus D:\WINDOWS\System32\drivers\umbus.sys
18:11:02.0739 0x1e00 umbus - ok
18:11:02.0755 0x1e00 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass D:\WINDOWS\System32\drivers\umpass.sys
18:11:02.0771 0x1e00 UmPass - ok
18:11:02.0802 0x1e00 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService D:\WINDOWS\System32\umrdp.dll
18:11:02.0833 0x1e00 UmRdpService - ok
18:11:02.0880 0x1e00 [ 4B956444AF2A352366CF59C3A4A87C64, B5FFAF5908DCF78DDA27EA1ABF2AFDD2BDD43FFC0259D847A7107B1597E22BD6 ] UnistoreSvc D:\WINDOWS\System32\unistore.dll
18:11:02.0942 0x1e00 UnistoreSvc - ok
18:11:02.0974 0x1e00 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost D:\WINDOWS\System32\upnphost.dll
18:11:03.0021 0x1e00 upnphost - ok
18:11:03.0052 0x1e00 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea D:\WINDOWS\System32\drivers\urschipidea.sys
18:11:03.0052 0x1e00 UrsChipidea - ok
18:11:03.0067 0x1e00 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 D:\WINDOWS\system32\drivers\urscx01000.sys
18:11:03.0083 0x1e00 UrsCx01000 - ok
18:11:03.0099 0x1e00 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys D:\WINDOWS\System32\drivers\urssynopsys.sys
18:11:03.0114 0x1e00 UrsSynopsys - ok
18:11:03.0130 0x1e00 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp D:\WINDOWS\System32\drivers\usbccgp.sys
18:11:03.0146 0x1e00 usbccgp - ok
18:11:03.0146 0x1e00 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir D:\WINDOWS\System32\drivers\usbcir.sys
18:11:03.0161 0x1e00 usbcir - ok
18:11:03.0177 0x1e00 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci D:\WINDOWS\System32\drivers\usbehci.sys
18:11:03.0192 0x1e00 usbehci - ok
18:11:03.0224 0x1e00 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub D:\WINDOWS\System32\drivers\usbhub.sys
18:11:03.0255 0x1e00 usbhub - ok
18:11:03.0286 0x1e00 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 D:\WINDOWS\System32\drivers\UsbHub3.sys
18:11:03.0317 0x1e00 USBHUB3 - ok
18:11:03.0333 0x1e00 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci D:\WINDOWS\System32\drivers\usbohci.sys
18:11:03.0349 0x1e00 usbohci - ok
18:11:03.0349 0x1e00 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint D:\WINDOWS\System32\drivers\usbprint.sys
18:11:03.0364 0x1e00 usbprint - ok
18:11:03.0380 0x1e00 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser D:\WINDOWS\System32\drivers\usbser.sys
18:11:03.0396 0x1e00 usbser - ok
18:11:03.0411 0x1e00 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR D:\WINDOWS\System32\drivers\USBSTOR.SYS
18:11:03.0427 0x1e00 USBSTOR - ok
18:11:03.0442 0x1e00 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci D:\WINDOWS\System32\drivers\usbuhci.sys
18:11:03.0458 0x1e00 usbuhci - ok
18:11:03.0489 0x1e00 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI D:\WINDOWS\System32\drivers\USBXHCI.SYS
18:11:03.0505 0x1e00 USBXHCI - ok
18:11:03.0536 0x1e00 [ 836828E40B9EEFBC77B3032DB677555C, 8AC045B43086E800B03412895D4DBCF506D1B729791CF24EB2ECA3F0F1C9BDEB ] usb_rndisx D:\WINDOWS\System32\drivers\usb8023x.sys
18:11:03.0536 0x1e00 usb_rndisx - ok
18:11:03.0614 0x1e00 [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc D:\WINDOWS\System32\userdataservice.dll
18:11:03.0692 0x1e00 UserDataSvc - ok
18:11:03.0739 0x1e00 [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager D:\WINDOWS\System32\usermgr.dll
18:11:03.0802 0x1e00 UserManager - ok
18:11:03.0849 0x1e00 [ B0116A4304D08362EE75948BA38B76EA, 1175CA5F9281BA15ED35AFE94F13AE9080595CB16CF5B4B8C843CD22703F26D1 ] UsoSvc D:\WINDOWS\system32\usocore.dll
18:11:03.0896 0x1e00 UsoSvc - ok
18:11:03.0911 0x1e00 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc D:\WINDOWS\system32\lsass.exe
18:11:03.0927 0x1e00 VaultSvc - ok
18:11:03.0942 0x1e00 [ 95717FCA60876284568B5CD476A59C41, 9A360985F072448A89890ACC5DD2155DDA0FD1EC2FFAC4697F0CFE60548CC980 ] VBoxNetAdp D:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
18:11:03.0958 0x1e00 VBoxNetAdp - ok
18:11:03.0989 0x1e00 [ F257A2737280F0076EAE3AB489C06474, A02E37292D86E675D55C13097E9F107C73DDFD8AAC69310F7D9910A811A541D8 ] VClone D:\WINDOWS\System32\drivers\VClone.sys
18:11:04.0005 0x1e00 VClone - ok
18:11:04.0021 0x1e00 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot D:\WINDOWS\system32\drivers\vdrvroot.sys
18:11:04.0036 0x1e00 vdrvroot - ok
18:11:04.0067 0x1e00 [ 2C5D96D0BB7EDEF9F2F8966A31007CCE, A8FB02E9E1B8ED5F2026534360C229DA7FC11BA209DE9C3222C65D0A9652FD3C ] vds D:\WINDOWS\System32\vds.exe
18:11:04.0114 0x1e00 vds - ok
18:11:04.0130 0x1e00 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt D:\WINDOWS\system32\drivers\VerifierExt.sys
18:11:04.0161 0x1e00 VerifierExt - ok
18:11:04.0208 0x1e00 [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp D:\WINDOWS\System32\drivers\vhdmp.sys
18:11:04.0239 0x1e00 vhdmp - ok
18:11:04.0255 0x1e00 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf D:\WINDOWS\System32\drivers\vhf.sys
18:11:04.0271 0x1e00 vhf - ok
18:11:04.0286 0x1e00 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus D:\WINDOWS\system32\drivers\vmbus.sys
18:11:04.0302 0x1e00 vmbus - ok
18:11:04.0317 0x1e00 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID D:\WINDOWS\System32\drivers\VMBusHID.sys
18:11:04.0333 0x1e00 VMBusHID - ok
18:11:04.0349 0x1e00 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid D:\WINDOWS\System32\drivers\vmgid.sys
18:11:04.0349 0x1e00 vmgid - ok
18:11:04.0396 0x1e00 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface D:\WINDOWS\System32\icsvc.dll
18:11:04.0427 0x1e00 vmicguestinterface - ok
18:11:04.0442 0x1e00 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat D:\WINDOWS\System32\icsvc.dll
18:11:04.0458 0x1e00 vmicheartbeat - ok
18:11:04.0474 0x1e00 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange D:\WINDOWS\System32\icsvc.dll
18:11:04.0505 0x1e00 vmickvpexchange - ok
18:11:04.0521 0x1e00 [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv D:\WINDOWS\System32\icsvcext.dll
18:11:04.0552 0x1e00 vmicrdv - ok
18:11:04.0567 0x1e00 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown D:\WINDOWS\System32\icsvc.dll
18:11:04.0599 0x1e00 vmicshutdown - ok
18:11:04.0599 0x1e00 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync D:\WINDOWS\System32\icsvc.dll
18:11:04.0630 0x1e00 vmictimesync - ok
18:11:04.0646 0x1e00 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession D:\WINDOWS\System32\icsvc.dll
18:11:04.0677 0x1e00 vmicvmsession - ok
18:11:04.0692 0x1e00 [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss D:\WINDOWS\System32\icsvcext.dll
18:11:04.0724 0x1e00 vmicvss - ok
18:11:04.0739 0x1e00 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr D:\WINDOWS\system32\drivers\volmgr.sys
18:11:04.0755 0x1e00 volmgr - ok
18:11:04.0771 0x1e00 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx D:\WINDOWS\system32\drivers\volmgrx.sys
18:11:04.0802 0x1e00 volmgrx - ok
18:11:04.0817 0x1e00 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap D:\WINDOWS\system32\drivers\volsnap.sys
18:11:04.0849 0x1e00 volsnap - ok
18:11:04.0864 0x1e00 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume D:\WINDOWS\system32\drivers\volume.sys
18:11:04.0880 0x1e00 volume - ok
18:11:04.0911 0x1e00 [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci D:\WINDOWS\System32\drivers\vpci.sys
18:11:04.0927 0x1e00 vpci - ok
18:11:04.0942 0x1e00 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid D:\WINDOWS\system32\drivers\vsmraid.sys
18:11:04.0958 0x1e00 vsmraid - ok
18:11:05.0036 0x1e00 [ 6DBB20053A67EFE5D8114CE93D12BEB3, B48997FADA4A600FEBFE36B249684E9CAF01570BAD36ED1FC9DA99F2D100638E ] VSS D:\WINDOWS\system32\vssvc.exe
18:11:05.0114 0x1e00 VSS - ok
18:11:05.0192 0x1e00 [ BE6C456AE7620B86A7273CBD11A3D450, DEBBB12CB9771722D8258FDF9ECC4ED035BD7090371A975928D11F6B9EDC0C59 ] VSStandardCollectorService140 D:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
18:11:05.0192 0x1e00 VSStandardCollectorService140 - ok
18:11:05.0224 0x1e00 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID D:\WINDOWS\system32\drivers\vstxraid.sys
18:11:05.0239 0x1e00 VSTXRAID - ok
18:11:05.0271 0x1e00 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus D:\WINDOWS\System32\drivers\vwifibus.sys
18:11:05.0286 0x1e00 vwifibus - ok
18:11:05.0302 0x1e00 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt D:\WINDOWS\system32\drivers\vwififlt.sys
18:11:05.0317 0x1e00 vwififlt - ok
18:11:05.0317 0x1e00 [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp D:\WINDOWS\System32\drivers\vwifimp.sys
18:11:05.0333 0x1e00 vwifimp - ok
18:11:05.0364 0x1e00 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time D:\WINDOWS\system32\w32time.dll
18:11:05.0411 0x1e00 W32Time - ok
18:11:05.0474 0x1e00 [ 4053FB949F48647A327BC18DFEEA4374, 52511C35854A673ADCD9084FEF9BC6A339BCA0290374B81140A371D67B13A8FB ] w3logsvc D:\WINDOWS\system32\inetsrv\w3logsvc.dll
18:11:05.0489 0x1e00 w3logsvc - ok
18:11:05.0505 0x1e00 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen D:\WINDOWS\System32\drivers\wacompen.sys
18:11:05.0521 0x1e00 WacomPen - ok
18:11:05.0552 0x1e00 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService D:\WINDOWS\system32\WalletService.dll
18:11:05.0583 0x1e00 WalletService - ok
18:11:05.0599 0x1e00 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp D:\WINDOWS\system32\DRIVERS\wanarp.sys
18:11:05.0630 0x1e00 wanarp - ok
18:11:05.0630 0x1e00 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 D:\WINDOWS\system32\DRIVERS\wanarp.sys
18:11:05.0661 0x1e00 wanarpv6 - ok
18:11:05.0708 0x1e00 [ 85461F6AD65CCE84A7BC6D9F2A5861B3, 0C9A662F1BADF429B1DF62E91F4626DE996F84945D3A42D26A0FA09EC15CC9D7 ] WAS D:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:11:05.0739 0x1e00 WAS - ok
18:11:05.0802 0x1e00 [ 68CC5E83B6F220F5BD7B5BC394917505, 24A793E1293608D1D1DB9396627DBF5FE66C9EFD1D49CCCD832CF1762B4E0E7D ] wbengine D:\WINDOWS\system32\wbengine.exe
18:11:05.0880 0x1e00 wbengine - ok
18:11:05.0927 0x1e00 [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc D:\WINDOWS\System32\wbiosrvc.dll
18:11:05.0989 0x1e00 WbioSrvc - ok
18:11:06.0005 0x1e00 [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs D:\WINDOWS\system32\drivers\wcifs.sys
18:11:06.0021 0x1e00 wcifs - ok
18:11:06.0067 0x1e00 [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc D:\WINDOWS\System32\wcmsvc.dll
18:11:06.0114 0x1e00 Wcmsvc - ok
18:11:06.0146 0x1e00 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc D:\WINDOWS\System32\wcncsvc.dll
18:11:06.0177 0x1e00 wcncsvc - ok
18:11:06.0192 0x1e00 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs D:\WINDOWS\system32\drivers\wcnfs.sys
18:11:06.0208 0x1e00 wcnfs - ok
18:11:06.0224 0x1e00 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot D:\WINDOWS\system32\drivers\WdBoot.sys
18:11:06.0239 0x1e00 WdBoot - ok
18:11:06.0271 0x1e00 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 D:\WINDOWS\system32\drivers\Wdf01000.sys
18:11:06.0302 0x1e00 Wdf01000 - ok
18:11:06.0333 0x1e00 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter D:\WINDOWS\system32\drivers\WdFilter.sys
18:11:06.0349 0x1e00 WdFilter - ok
18:11:06.0364 0x1e00 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost D:\WINDOWS\system32\wdi.dll
18:11:06.0396 0x1e00 WdiServiceHost - ok
18:11:06.0396 0x1e00 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost D:\WINDOWS\system32\wdi.dll
18:11:06.0427 0x1e00 WdiSystemHost - ok
18:11:06.0474 0x1e00 [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi D:\WINDOWS\system32\DRIVERS\wdiwifi.sys
18:11:06.0521 0x1e00 wdiwifi - ok
18:11:06.0536 0x1e00 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv D:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:11:06.0552 0x1e00 WdNisDrv - ok
18:11:06.0567 0x1e00 WdNisSvc - ok
18:11:06.0583 0x1e00 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient D:\WINDOWS\System32\webclnt.dll
18:11:06.0614 0x1e00 WebClient - ok
18:11:06.0646 0x1e00 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc D:\WINDOWS\system32\wecsvc.dll
18:11:06.0677 0x1e00 Wecsvc - ok
18:11:06.0692 0x1e00 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC D:\WINDOWS\system32\wephostsvc.dll
18:11:06.0724 0x1e00 WEPHOSTSVC - ok
18:11:06.0755 0x1e00 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport D:\WINDOWS\System32\wercplsupport.dll
18:11:06.0771 0x1e00 wercplsupport - ok
18:11:06.0786 0x1e00 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc D:\WINDOWS\System32\WerSvc.dll
18:11:06.0802 0x1e00 WerSvc - ok
18:11:06.0833 0x1e00 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS D:\WINDOWS\system32\drivers\wfplwfs.sys
18:11:06.0849 0x1e00 WFPLWFS - ok
18:11:06.0880 0x1e00 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc D:\WINDOWS\System32\wiarpc.dll
18:11:06.0896 0x1e00 WiaRpc - ok
18:11:06.0927 0x1e00 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount D:\WINDOWS\system32\drivers\wimmount.sys
18:11:06.0942 0x1e00 WIMMount - ok
18:11:06.0942 0x1e00 WinDefend - ok
18:11:06.0958 0x1e00 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT D:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
18:11:06.0974 0x1e00 WindowsTrustedRT - ok
18:11:07.0005 0x1e00 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy D:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
18:11:07.0005 0x1e00 WindowsTrustedRTProxy - ok
18:11:07.0052 0x1e00 [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc D:\WINDOWS\system32\winhttp.dll
18:11:07.0114 0x1e00 WinHttpAutoProxySvc - ok
18:11:07.0130 0x1e00 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad D:\WINDOWS\System32\drivers\winmad.sys
18:11:07.0146 0x1e00 WinMad - ok
18:11:07.0208 0x1e00 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt D:\WINDOWS\system32\wbem\WMIsvc.dll
18:11:07.0239 0x1e00 Winmgmt - ok
18:11:07.0349 0x1e00 [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM D:\WINDOWS\system32\WsmSvc.dll
18:11:07.0489 0x1e00 WinRM - ok
18:11:07.0521 0x1e00 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB D:\WINDOWS\System32\drivers\WinUSB.SYS
18:11:07.0536 0x1e00 WINUSB - ok
18:11:07.0552 0x1e00 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs D:\WINDOWS\System32\drivers\winverbs.sys
18:11:07.0567 0x1e00 WinVerbs - ok
18:11:07.0614 0x1e00 [ EC80E34789681E01D3F1508EC2E13CB3, 584A043D7C58B71B8577A0B7F14BFFEFD6111B7167EE580E6E3EF395BA4059D2 ] wisvc D:\WINDOWS\system32\flightsettings.dll
18:11:07.0646 0x1e00 wisvc - ok
18:11:07.0755 0x1e00 [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc D:\WINDOWS\System32\wlansvc.dll
18:11:07.0864 0x1e00 WlanSvc - ok
18:11:07.0958 0x1e00 [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc D:\WINDOWS\system32\wlidsvc.dll
18:11:08.0067 0x1e00 wlidsvc - ok
18:11:08.0083 0x1e00 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi D:\WINDOWS\System32\drivers\wmiacpi.sys
18:11:08.0099 0x1e00 WmiAcpi - ok
18:11:08.0130 0x1e00 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv D:\WINDOWS\system32\wbem\WmiApSrv.exe
18:11:08.0161 0x1e00 wmiApSrv - ok
18:11:08.0177 0x1e00 WMPNetworkSvc - ok
18:11:08.0224 0x1e00 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof D:\WINDOWS\system32\drivers\Wof.sys
18:11:08.0239 0x1e00 Wof - ok
18:11:08.0317 0x1e00 [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc D:\WINDOWS\system32\workfolderssvc.dll
18:11:08.0411 0x1e00 workfolderssvc - ok
18:11:08.0442 0x1e00 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum D:\WINDOWS\system32\wpdbusenum.dll
18:11:08.0474 0x1e00 WPDBusEnum - ok
18:11:08.0505 0x1e00 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr D:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:11:08.0521 0x1e00 WpdUpFltr - ok
18:11:08.0536 0x1e00 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService D:\WINDOWS\system32\WpnService.dll
18:11:08.0552 0x1e00 WpnService - ok
18:11:08.0583 0x1e00 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService D:\WINDOWS\System32\WpnUserService.dll
18:11:08.0599 0x1e00 WpnUserService - ok
18:11:08.0614 0x1e00 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl D:\WINDOWS\system32\drivers\ws2ifsl.sys
18:11:08.0630 0x1e00 ws2ifsl - ok
18:11:08.0661 0x1e00 [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc D:\WINDOWS\System32\wscsvc.dll
18:11:08.0677 0x1e00 wscsvc - ok
18:11:08.0692 0x1e00 WSearch - ok
18:11:08.0786 0x1e00 [ FC02797FC7910AC4F4A1D366D3584171, 868075A94239086D38C946B9B7F33CA53A17AF91BC442C145C39B30DFA62F36F ] wuauserv D:\WINDOWS\system32\wuaueng.dll
18:11:08.0896 0x1e00 wuauserv - ok
18:11:08.0927 0x1e00 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf D:\WINDOWS\system32\drivers\WudfPf.sys
18:11:08.0942 0x1e00 WudfPf - ok
18:11:08.0958 0x1e00 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd D:\WINDOWS\system32\drivers\WudfRd.sys
18:11:08.0974 0x1e00 WUDFRd - ok
18:11:09.0005 0x1e00 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc D:\WINDOWS\System32\WUDFSvc.dll
18:11:09.0021 0x1e00 wudfsvc - ok
18:11:09.0052 0x1e00 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs D:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:11:09.0067 0x1e00 WUDFWpdFs - ok
18:11:09.0083 0x1e00 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp D:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:11:09.0099 0x1e00 WUDFWpdMtp - ok
18:11:09.0146 0x1e00 [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc D:\WINDOWS\System32\wwansvc.dll
18:11:09.0224 0x1e00 WwanSvc - ok
18:11:09.0286 0x1e00 [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager D:\WINDOWS\System32\XblAuthManager.dll
18:11:09.0349 0x1e00 XblAuthManager - ok
18:11:09.0411 0x1e00 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave D:\WINDOWS\System32\XblGameSave.dll
18:11:09.0474 0x1e00 XblGameSave - ok
18:11:09.0521 0x1e00 [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip D:\WINDOWS\System32\drivers\xboxgip.sys
18:11:09.0536 0x1e00 xboxgip - ok
18:11:09.0583 0x1e00 [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc D:\WINDOWS\system32\XboxNetApiSvc.dll
18:11:09.0646 0x1e00 XboxNetApiSvc - ok
18:11:09.0677 0x1e00 [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid D:\WINDOWS\System32\drivers\xinputhid.sys
18:11:09.0692 0x1e00 xinputhid - ok
18:11:09.0692 0x1e00 ================ Scan global ===============================
18:11:09.0739 0x1e00 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] D:\WINDOWS\system32\basesrv.dll
18:11:09.0771 0x1e00 [ 0690445DD89A6498945E0FECC1689A45, ED11E144FCEDED7EF8ABEFC0B558312047AA7A2F37BFECEC14D5A44179130F70 ] D:\WINDOWS\system32\winsrv.dll
18:11:09.0817 0x1e00 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] D:\WINDOWS\system32\sxssrv.dll
18:11:09.0849 0x1e00 [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] D:\WINDOWS\system32\services.exe
18:11:09.0864 0x1e00 [ Global ] - ok
18:11:09.0864 0x1e00 ================ Scan MBR ==================================
18:11:09.0864 0x1e00 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:11:10.0021 0x1e00 \Device\Harddisk1\DR1 - ok
18:11:10.0021 0x1e00 [ D9F06B7F08521CB05A988443D9083BC3 ] \Device\Harddisk0\DR0
18:11:10.0177 0x1e00 \Device\Harddisk0\DR0 - ok
18:11:10.0177 0x1e00 ================ Scan VBR ==================================
18:11:10.0177 0x1e00 [ 0E22381B919C2CF69ADD2D747F04E127 ] \Device\Harddisk1\DR1\Partition1
18:11:10.0177 0x1e00 \Device\Harddisk1\DR1\Partition1 - ok
18:11:10.0177 0x1e00 [ E9EB4E7B8F6A1FE83171DA8297BC32F6 ] \Device\Harddisk1\DR1\Partition2
18:11:10.0177 0x1e00 \Device\Harddisk1\DR1\Partition2 - ok
18:11:10.0192 0x1e00 [ 3FD75F80B57F7F5155FF2C184D7A0EE6 ] \Device\Harddisk1\DR1\Partition3
18:11:10.0192 0x1e00 \Device\Harddisk1\DR1\Partition3 - ok
18:11:10.0192 0x1e00 [ C55D838969954456D2D87078B28D2A7E ] \Device\Harddisk1\DR1\Partition4
18:11:10.0192 0x1e00 \Device\Harddisk1\DR1\Partition4 - ok
18:11:10.0192 0x1e00 [ 9D463BD43A1D64693D2AA4F7EE27F066 ] \Device\Harddisk0\DR0\Partition1
18:11:10.0192 0x1e00 \Device\Harddisk0\DR0\Partition1 - ok
18:11:10.0192 0x1e00 ================ Scan generic autorun ======================
18:11:10.0302 0x1e00 [ 0575828C8E273D1D61D887E8C31C2BCF, 6F8371EEA9DA7E957A205526690AD75944D904BF741C0AD87E3BD28B3BAC237C ] D:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:11:10.0349 0x1e00 NvBackend - ok
18:11:10.0427 0x1e00 [ DBD8934E3909B60DA81A91BF53B76901, 29B061C5E05097394B8B9D7C6681783DB02735CE8AAD06BCC03C08617D778039 ] D:\Program Files (x86)\Avira\Antivirus\avgnt.exe
18:11:10.0458 0x1e00 avgnt - ok
18:11:10.0505 0x1e00 [ 2AB57E205B61BCB095168A97B8D2AC4D, 18D9709CED7F02B694405E62ED5BA8EBE737FF59BB2D9EFBF0335C0F3BEE105B ] D:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:11:10.0521 0x1e00 Avira SystrayStartTrigger - ok
18:11:10.0614 0x1e00 [ 1F5BF57AE3556E8941CC4F836EBCF823, FA0400865F17A25E8A89727732B1286B413989FB914E740D3C380214D15F862A ] D:\Program Files\CyberGhost 6\CyberGhost.exe
18:11:10.0661 0x1e00 CyberGhost - ok
18:11:10.0958 0x1e00 [ 638AE77DC319958727FBEA403D37B2D6, FF40F8D0A0EA99478BF46656FDB7BB37CED75375F4FD149E3FE2393749120D39 ] D:\Program Files\CCleaner\CCleaner64.exe
18:11:11.0192 0x1e00 CCleaner Monitoring - ok
18:11:11.0505 0x1e00 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] D:\Windows\SysWOW64\OneDriveSetup.exe
18:11:11.0880 0x1e00 OneDriveSetup - ok
18:11:11.0896 0x1e00 Waiting for KSN requests completion. In queue: 242
18:11:12.0942 0x1e00 AV detected via SS2: Avira Antivirus, D:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.25.170 ), 0x41000 ( enabled : updated )
18:11:12.0974 0x1e00 AV detected via SS2: Windows Defender, D:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1066 ), 0x60100 ( disabled : updated )
18:11:12.0989 0x1e00 Win FW state via NFP2: enabled ( trusted )
18:11:13.0286 0x1e00 ============================================================
18:11:13.0286 0x1e00 Scan finished
18:11:13.0286 0x1e00 ============================================================
18:11:13.0286 0x1df8 Detected object count: 0
18:11:13.0286 0x1df8 Actual detected object count: 0
|
|
03.05.2017, 20:28
| #5 |
| /// TB-Ausbilder | Rootkitverdacht Servus, bei den Funden handelt es sich nicht um einen Rootkit, sondern um einen Fehlalarm. Wir kontrollieren trotzdem (vorsorglich).  Schritt 1
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware 3
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
03.05.2017, 22:02
| #6 |
| | Rootkitverdacht AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 03/05/2017 um 22:28:05
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-03.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Nada - NONNAME
# Gestartet von : D:\Users\käptnBlaubär\Downloads\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
D:\AdwCleaner\AdwCleaner[C0].txt - [2402 Bytes] - [05/10/2016 15:16:42]
D:\AdwCleaner\AdwCleaner[C10].txt - [7795 Bytes] - [28/11/2016 12:42:23]
D:\AdwCleaner\AdwCleaner[C11].txt - [8017 Bytes] - [28/11/2016 13:29:21]
D:\AdwCleaner\AdwCleaner[C12].txt - [8239 Bytes] - [28/11/2016 14:15:22]
D:\AdwCleaner\AdwCleaner[C13].txt - [13022 Bytes] - [02/01/2017 23:29:47]
D:\AdwCleaner\AdwCleaner[C14].txt - [12909 Bytes] - [03/01/2017 16:08:53]
D:\AdwCleaner\AdwCleaner[C15].txt - [11866 Bytes] - [19/01/2017 16:21:16]
D:\AdwCleaner\AdwCleaner[C16].txt - [11961 Bytes] - [31/01/2017 10:32:40]
D:\AdwCleaner\AdwCleaner[C17].txt - [14190 Bytes] - [09/03/2017 22:32:51]
D:\AdwCleaner\AdwCleaner[C18].txt - [15905 Bytes] - [23/03/2017 10:37:39]
D:\AdwCleaner\AdwCleaner[C19].txt - [1712 Bytes] - [03/05/2017 22:28:05]
D:\AdwCleaner\AdwCleaner[C2].txt - [2059 Bytes] - [14/10/2016 18:41:25]
D:\AdwCleaner\AdwCleaner[C3].txt - [2268 Bytes] - [14/10/2016 19:16:07]
D:\AdwCleaner\AdwCleaner[C4].txt - [2489 Bytes] - [14/10/2016 19:53:37]
D:\AdwCleaner\AdwCleaner[C5].txt - [3507 Bytes] - [27/10/2016 12:27:27]
D:\AdwCleaner\AdwCleaner[C6].txt - [5280 Bytes] - [12/11/2016 09:05:00]
D:\AdwCleaner\AdwCleaner[C7].txt - [6519 Bytes] - [21/11/2016 18:13:44]
D:\AdwCleaner\AdwCleaner[C8].txt - [6850 Bytes] - [24/11/2016 23:31:46]
D:\AdwCleaner\AdwCleaner[C9].txt - [7517 Bytes] - [28/11/2016 12:37:12]
D:\AdwCleaner\AdwCleaner[S0].txt - [2485 Bytes] - [05/10/2016 15:15:51]
D:\AdwCleaner\AdwCleaner[S100].txt - [9618 Bytes] - [06/12/2016 23:35:48]
D:\AdwCleaner\AdwCleaner[S101].txt - [9692 Bytes] - [07/12/2016 16:50:55]
D:\AdwCleaner\AdwCleaner[S102].txt - [9768 Bytes] - [08/12/2016 23:36:43]
D:\AdwCleaner\AdwCleaner[S103].txt - [9843 Bytes] - [13/12/2016 20:24:22]
D:\AdwCleaner\AdwCleaner[S104].txt - [9918 Bytes] - [14/12/2016 10:42:31]
D:\AdwCleaner\AdwCleaner[S105].txt - [9992 Bytes] - [14/12/2016 21:40:09]
D:\AdwCleaner\AdwCleaner[S106].txt - [10068 Bytes] - [16/12/2016 17:29:30]
D:\AdwCleaner\AdwCleaner[S107].txt - [10145 Bytes] - [17/12/2016 19:20:49]
D:\AdwCleaner\AdwCleaner[S108].txt - [10220 Bytes] - [17/12/2016 20:41:55]
D:\AdwCleaner\AdwCleaner[S109].txt - [10297 Bytes] - [18/12/2016 21:04:39]
D:\AdwCleaner\AdwCleaner[S10].txt - [2400 Bytes] - [14/10/2016 18:47:03]
D:\AdwCleaner\AdwCleaner[S110].txt - [10372 Bytes] - [19/12/2016 14:59:37]
D:\AdwCleaner\AdwCleaner[S111].txt - [10449 Bytes] - [23/12/2016 15:40:24]
D:\AdwCleaner\AdwCleaner[S112].txt - [10525 Bytes] - [24/12/2016 10:13:29]
D:\AdwCleaner\AdwCleaner[S113].txt - [10600 Bytes] - [24/12/2016 11:54:22]
D:\AdwCleaner\AdwCleaner[S114].txt - [10676 Bytes] - [24/12/2016 18:25:07]
D:\AdwCleaner\AdwCleaner[S115].txt - [10753 Bytes] - [27/12/2016 19:43:41]
D:\AdwCleaner\AdwCleaner[S116].txt - [10828 Bytes] - [28/12/2016 10:07:40]
D:\AdwCleaner\AdwCleaner[S117].txt - [10904 Bytes] - [28/12/2016 18:17:49]
D:\AdwCleaner\AdwCleaner[S118].txt - [10981 Bytes] - [29/12/2016 17:56:21]
D:\AdwCleaner\AdwCleaner[S119].txt - [11057 Bytes] - [31/12/2016 12:29:07]
D:\AdwCleaner\AdwCleaner[S11].txt - [2462 Bytes] - [14/10/2016 19:15:56]
D:\AdwCleaner\AdwCleaner[S120].txt - [11132 Bytes] - [31/12/2016 14:54:30]
D:\AdwCleaner\AdwCleaner[S121].txt - [11208 Bytes] - [02/01/2017 11:34:20]
D:\AdwCleaner\AdwCleaner[S122].txt - [13291 Bytes] - [02/01/2017 23:21:43]
D:\AdwCleaner\AdwCleaner[S123].txt - [13213 Bytes] - [03/01/2017 16:01:35]
D:\AdwCleaner\AdwCleaner[S124].txt - [11586 Bytes] - [03/01/2017 16:13:48]
D:\AdwCleaner\AdwCleaner[S125].txt - [11662 Bytes] - [04/01/2017 18:29:36]
D:\AdwCleaner\AdwCleaner[S126].txt - [11741 Bytes] - [08/01/2017 22:18:22]
D:\AdwCleaner\AdwCleaner[S127].txt - [11816 Bytes] - [10/01/2017 20:34:22]
D:\AdwCleaner\AdwCleaner[S128].txt - [11893 Bytes] - [14/01/2017 21:55:02]
D:\AdwCleaner\AdwCleaner[S129].txt - [11996 Bytes] - [15/01/2017 16:29:48]
D:\AdwCleaner\AdwCleaner[S12].txt - [2761 Bytes] - [14/10/2016 19:23:26]
D:\AdwCleaner\AdwCleaner[S130].txt - [12071 Bytes] - [19/01/2017 16:20:52]
D:\AdwCleaner\AdwCleaner[S131].txt - [12222 Bytes] - [31/01/2017 10:32:20]
D:\AdwCleaner\AdwCleaner[S132].txt - [12347 Bytes] - [04/02/2017 16:26:30]
D:\AdwCleaner\AdwCleaner[S133].txt - [12422 Bytes] - [07/02/2017 17:43:54]
D:\AdwCleaner\AdwCleaner[S134].txt - [12498 Bytes] - [07/02/2017 22:43:45]
D:\AdwCleaner\AdwCleaner[S135].txt - [12574 Bytes] - [08/02/2017 21:18:18]
D:\AdwCleaner\AdwCleaner[S136].txt - [12651 Bytes] - [09/02/2017 19:35:36]
D:\AdwCleaner\AdwCleaner[S137].txt - [12725 Bytes] - [13/02/2017 21:55:14]
D:\AdwCleaner\AdwCleaner[S138].txt - [12800 Bytes] - [15/02/2017 10:13:09]
D:\AdwCleaner\AdwCleaner[S139].txt - [12876 Bytes] - [18/02/2017 13:22:36]
D:\AdwCleaner\AdwCleaner[S13].txt - [2683 Bytes] - [14/10/2016 19:52:07]
D:\AdwCleaner\AdwCleaner[S140].txt - [12952 Bytes] - [19/02/2017 11:03:15]
D:\AdwCleaner\AdwCleaner[S141].txt - [13028 Bytes] - [19/02/2017 12:31:48]
D:\AdwCleaner\AdwCleaner[S142].txt - [13104 Bytes] - [19/02/2017 17:56:58]
D:\AdwCleaner\AdwCleaner[S143].txt - [13181 Bytes] - [21/02/2017 14:23:54]
D:\AdwCleaner\AdwCleaner[S144].txt - [13256 Bytes] - [21/02/2017 20:57:03]
D:\AdwCleaner\AdwCleaner[S145].txt - [13332 Bytes] - [22/02/2017 10:04:38]
D:\AdwCleaner\AdwCleaner[S146].txt - [13409 Bytes] - [24/02/2017 15:04:09]
D:\AdwCleaner\AdwCleaner[S147].txt - [13485 Bytes] - [24/02/2017 23:27:16]
D:\AdwCleaner\AdwCleaner[S148].txt - [13560 Bytes] - [25/02/2017 16:50:32]
D:\AdwCleaner\AdwCleaner[S149].txt - [13636 Bytes] - [25/02/2017 20:46:58]
D:\AdwCleaner\AdwCleaner[S14].txt - [2651 Bytes] - [14/10/2016 20:08:24]
D:\AdwCleaner\AdwCleaner[S150].txt - [13712 Bytes] - [26/02/2017 19:45:04]
D:\AdwCleaner\AdwCleaner[S151].txt - [13789 Bytes] - [27/02/2017 12:55:33]
D:\AdwCleaner\AdwCleaner[S152].txt - [13864 Bytes] - [27/02/2017 15:24:11]
D:\AdwCleaner\AdwCleaner[S153].txt - [13940 Bytes] - [27/02/2017 23:47:05]
D:\AdwCleaner\AdwCleaner[S154].txt - [14017 Bytes] - [01/03/2017 11:24:25]
D:\AdwCleaner\AdwCleaner[S155].txt - [14095 Bytes] - [03/03/2017 18:24:35]
D:\AdwCleaner\AdwCleaner[S156].txt - [14170 Bytes] - [04/03/2017 20:24:34]
D:\AdwCleaner\AdwCleaner[S157].txt - [14246 Bytes] - [05/03/2017 12:04:18]
D:\AdwCleaner\AdwCleaner[S158].txt - [14323 Bytes] - [08/03/2017 14:29:14]
D:\AdwCleaner\AdwCleaner[S159].txt - [14407 Bytes] - [09/03/2017 22:32:39]
D:\AdwCleaner\AdwCleaner[S15].txt - [2725 Bytes] - [14/10/2016 20:47:45]
D:\AdwCleaner\AdwCleaner[S160].txt - [14549 Bytes] - [09/03/2017 22:38:24]
D:\AdwCleaner\AdwCleaner[S161].txt - [14624 Bytes] - [10/03/2017 10:22:41]
D:\AdwCleaner\AdwCleaner[S162].txt - [14700 Bytes] - [11/03/2017 11:08:02]
D:\AdwCleaner\AdwCleaner[S163].txt - [14776 Bytes] - [12/03/2017 13:25:32]
D:\AdwCleaner\AdwCleaner[S164].txt - [14851 Bytes] - [12/03/2017 17:40:37]
D:\AdwCleaner\AdwCleaner[S165].txt - [14927 Bytes] - [13/03/2017 11:15:47]
D:\AdwCleaner\AdwCleaner[S166].txt - [15404 Bytes] - [13/03/2017 21:57:03]
D:\AdwCleaner\AdwCleaner[S167].txt - [15080 Bytes] - [15/03/2017 16:49:47]
D:\AdwCleaner\AdwCleaner[S168].txt - [15156 Bytes] - [15/03/2017 18:25:42]
D:\AdwCleaner\AdwCleaner[S169].txt - [15231 Bytes] - [15/03/2017 20:54:13]
D:\AdwCleaner\AdwCleaner[S16].txt - [2799 Bytes] - [16/10/2016 16:25:28]
D:\AdwCleaner\AdwCleaner[S170].txt - [15307 Bytes] - [16/03/2017 21:48:22]
D:\AdwCleaner\AdwCleaner[S171].txt - [15384 Bytes] - [17/03/2017 10:49:35]
D:\AdwCleaner\AdwCleaner[S172].txt - [15459 Bytes] - [17/03/2017 11:53:55]
D:\AdwCleaner\AdwCleaner[S173].txt - [15535 Bytes] - [17/03/2017 18:16:05]
D:\AdwCleaner\AdwCleaner[S174].txt - [15612 Bytes] - [18/03/2017 14:43:04]
D:\AdwCleaner\AdwCleaner[S175].txt - [15687 Bytes] - [18/03/2017 16:01:35]
D:\AdwCleaner\AdwCleaner[S176].txt - [15763 Bytes] - [18/03/2017 21:44:12]
D:\AdwCleaner\AdwCleaner[S177].txt - [15840 Bytes] - [19/03/2017 00:00:51]
D:\AdwCleaner\AdwCleaner[S178].txt - [15916 Bytes] - [19/03/2017 23:10:44]
D:\AdwCleaner\AdwCleaner[S179].txt - [15991 Bytes] - [20/03/2017 13:37:37]
D:\AdwCleaner\AdwCleaner[S17].txt - [2873 Bytes] - [17/10/2016 15:25:37]
D:\AdwCleaner\AdwCleaner[S180].txt - [16068 Bytes] - [21/03/2017 20:27:17]
D:\AdwCleaner\AdwCleaner[S181].txt - [16166 Bytes] - [23/03/2017 10:37:29]
D:\AdwCleaner\AdwCleaner[S182].txt - [16294 Bytes] - [23/03/2017 17:41:33]
D:\AdwCleaner\AdwCleaner[S183].txt - [16371 Bytes] - [23/03/2017 23:24:05]
D:\AdwCleaner\AdwCleaner[S184].txt - [16446 Bytes] - [24/03/2017 12:37:58]
D:\AdwCleaner\AdwCleaner[S185].txt - [16522 Bytes] - [25/03/2017 12:57:57]
D:\AdwCleaner\AdwCleaner[S186].txt - [16598 Bytes] - [25/03/2017 14:08:59]
D:\AdwCleaner\AdwCleaner[S187].txt - [16674 Bytes] - [25/03/2017 16:53:31]
D:\AdwCleaner\AdwCleaner[S188].txt - [16750 Bytes] - [26/03/2017 11:42:14]
D:\AdwCleaner\AdwCleaner[S189].txt - [16826 Bytes] - [26/03/2017 21:34:22]
D:\AdwCleaner\AdwCleaner[S18].txt - [2947 Bytes] - [18/10/2016 17:14:27]
D:\AdwCleaner\AdwCleaner[S190].txt - [16903 Bytes] - [28/03/2017 10:29:39]
D:\AdwCleaner\AdwCleaner[S191].txt - [16980 Bytes] - [28/03/2017 13:29:08]
D:\AdwCleaner\AdwCleaner[S192].txt - [17058 Bytes] - [29/03/2017 15:00:47]
D:\AdwCleaner\AdwCleaner[S193].txt - [17132 Bytes] - [01/04/2017 15:55:29]
D:\AdwCleaner\AdwCleaner[S194].txt - [17207 Bytes] - [01/04/2017 20:28:55]
D:\AdwCleaner\AdwCleaner[S195].txt - [17284 Bytes] - [02/04/2017 13:05:37]
D:\AdwCleaner\AdwCleaner[S196].txt - [17359 Bytes] - [02/04/2017 15:54:24]
D:\AdwCleaner\AdwCleaner[S197].txt - [17435 Bytes] - [02/04/2017 20:38:43]
D:\AdwCleaner\AdwCleaner[S198].txt - [17512 Bytes] - [03/04/2017 22:36:15]
D:\AdwCleaner\AdwCleaner[S199].txt - [17587 Bytes] - [04/04/2017 11:13:01]
D:\AdwCleaner\AdwCleaner[S19].txt - [3021 Bytes] - [19/10/2016 15:35:12]
D:\AdwCleaner\AdwCleaner[S1].txt - [1508 Bytes] - [07/10/2016 21:03:15]
D:\AdwCleaner\AdwCleaner[S200].txt - [17664 Bytes] - [05/04/2017 18:58:37]
D:\AdwCleaner\AdwCleaner[S201].txt - [17739 Bytes] - [06/04/2017 07:18:36]
D:\AdwCleaner\AdwCleaner[S202].txt - [17815 Bytes] - [06/04/2017 19:49:00]
D:\AdwCleaner\AdwCleaner[S203].txt - [17892 Bytes] - [07/04/2017 16:29:15]
D:\AdwCleaner\AdwCleaner[S204].txt - [17967 Bytes] - [07/04/2017 20:06:03]
D:\AdwCleaner\AdwCleaner[S205].txt - [18044 Bytes] - [11/04/2017 09:51:57]
D:\AdwCleaner\AdwCleaner[S206].txt - [18119 Bytes] - [11/04/2017 18:25:13]
D:\AdwCleaner\AdwCleaner[S207].txt - [18196 Bytes] - [13/04/2017 10:56:52]
D:\AdwCleaner\AdwCleaner[S208].txt - [18271 Bytes] - [13/04/2017 16:00:02]
D:\AdwCleaner\AdwCleaner[S209].txt - [18347 Bytes] - [13/04/2017 17:44:07]
D:\AdwCleaner\AdwCleaner[S20].txt - [3111 Bytes] - [20/10/2016 17:48:39]
D:\AdwCleaner\AdwCleaner[S210].txt - [18424 Bytes] - [14/04/2017 22:34:34]
D:\AdwCleaner\AdwCleaner[S211].txt - [18500 Bytes] - [16/04/2017 14:44:03]
D:\AdwCleaner\AdwCleaner[S212].txt - [18584 Bytes] - [17/04/2017 18:38:32]
D:\AdwCleaner\AdwCleaner[S213].txt - [18660 Bytes] - [19/04/2017 10:29:46]
D:\AdwCleaner\AdwCleaner[S214].txt - [18737 Bytes] - [19/04/2017 16:55:14]
D:\AdwCleaner\AdwCleaner[S215].txt - [18813 Bytes] - [20/04/2017 07:35:09]
D:\AdwCleaner\AdwCleaner[S216].txt - [18889 Bytes] - [21/04/2017 09:20:58]
D:\AdwCleaner\AdwCleaner[S217].txt - [18964 Bytes] - [21/04/2017 22:03:01]
D:\AdwCleaner\AdwCleaner[S218].txt - [19041 Bytes] - [22/04/2017 12:39:00]
D:\AdwCleaner\AdwCleaner[S219].txt - [19116 Bytes] - [22/04/2017 14:04:45]
D:\AdwCleaner\AdwCleaner[S21].txt - [3185 Bytes] - [22/10/2016 16:07:20]
D:\AdwCleaner\AdwCleaner[S220].txt - [19186 Bytes] - [24/04/2017 21:59:09]
D:\AdwCleaner\AdwCleaner[S221].txt - [19259 Bytes] - [25/04/2017 15:56:47]
D:\AdwCleaner\AdwCleaner[S222].txt - [19335 Bytes] - [26/04/2017 18:33:20]
D:\AdwCleaner\AdwCleaner[S223].txt - [19411 Bytes] - [26/04/2017 23:51:33]
D:\AdwCleaner\AdwCleaner[S224].txt - [19488 Bytes] - [27/04/2017 09:59:57]
D:\AdwCleaner\AdwCleaner[S225].txt - [19563 Bytes] - [27/04/2017 15:10:45]
D:\AdwCleaner\AdwCleaner[S226].txt - [19639 Bytes] - [28/04/2017 16:13:07]
D:\AdwCleaner\AdwCleaner[S227].txt - [19715 Bytes] - [29/04/2017 23:26:08]
D:\AdwCleaner\AdwCleaner[S228].txt - [19792 Bytes] - [01/05/2017 15:22:37]
D:\AdwCleaner\AdwCleaner[S229].txt - [19868 Bytes] - [02/05/2017 12:34:57]
D:\AdwCleaner\AdwCleaner[S22].txt - [3631 Bytes] - [27/10/2016 12:20:46]
D:\AdwCleaner\AdwCleaner[S230].txt - [19944 Bytes] - [03/05/2017 07:14:41]
D:\AdwCleaner\AdwCleaner[S231].txt - [20022 Bytes] - [03/05/2017 22:16:47]
D:\AdwCleaner\AdwCleaner[S23].txt - [3404 Bytes] - [27/10/2016 12:35:12]
D:\AdwCleaner\AdwCleaner[S24].txt - [3478 Bytes] - [27/10/2016 13:10:38]
D:\AdwCleaner\AdwCleaner[S25].txt - [3552 Bytes] - [27/10/2016 18:39:21]
D:\AdwCleaner\AdwCleaner[S26].txt - [3626 Bytes] - [27/10/2016 20:12:54]
D:\AdwCleaner\AdwCleaner[S27].txt - [3700 Bytes] - [28/10/2016 10:03:30]
D:\AdwCleaner\AdwCleaner[S28].txt - [3774 Bytes] - [28/10/2016 15:06:29]
D:\AdwCleaner\AdwCleaner[S29].txt - [3848 Bytes] - [28/10/2016 16:40:01]
D:\AdwCleaner\AdwCleaner[S2].txt - [1574 Bytes] - [08/10/2016 15:20:14]
D:\AdwCleaner\AdwCleaner[S30].txt - [3922 Bytes] - [28/10/2016 17:55:59]
D:\AdwCleaner\AdwCleaner[S31].txt - [3996 Bytes] - [28/10/2016 19:45:11]
D:\AdwCleaner\AdwCleaner[S32].txt - [4070 Bytes] - [29/10/2016 10:11:17]
D:\AdwCleaner\AdwCleaner[S33].txt - [4144 Bytes] - [29/10/2016 15:08:20]
D:\AdwCleaner\AdwCleaner[S34].txt - [4218 Bytes] - [29/10/2016 16:22:57]
D:\AdwCleaner\AdwCleaner[S35].txt - [4292 Bytes] - [30/10/2016 09:48:32]
D:\AdwCleaner\AdwCleaner[S36].txt - [4366 Bytes] - [30/10/2016 19:52:30]
D:\AdwCleaner\AdwCleaner[S37].txt - [4440 Bytes] - [30/10/2016 20:56:04]
D:\AdwCleaner\AdwCleaner[S38].txt - [4514 Bytes] - [31/10/2016 11:49:48]
D:\AdwCleaner\AdwCleaner[S39].txt - [4588 Bytes] - [01/11/2016 18:51:19]
D:\AdwCleaner\AdwCleaner[S3].txt - [1657 Bytes] - [09/10/2016 18:05:37]
D:\AdwCleaner\AdwCleaner[S40].txt - [4662 Bytes] - [02/11/2016 18:23:16]
D:\AdwCleaner\AdwCleaner[S41].txt - [4736 Bytes] - [03/11/2016 12:51:17]
D:\AdwCleaner\AdwCleaner[S42].txt - [4810 Bytes] - [04/11/2016 20:48:05]
D:\AdwCleaner\AdwCleaner[S43].txt - [4884 Bytes] - [05/11/2016 23:05:12]
D:\AdwCleaner\AdwCleaner[S44].txt - [4957 Bytes] - [06/11/2016 13:49:43]
D:\AdwCleaner\AdwCleaner[S45].txt - [5032 Bytes] - [07/11/2016 23:14:02]
D:\AdwCleaner\AdwCleaner[S46].txt - [5106 Bytes] - [08/11/2016 14:18:54]
D:\AdwCleaner\AdwCleaner[S47].txt - [5180 Bytes] - [09/11/2016 23:15:24]
D:\AdwCleaner\AdwCleaner[S48].txt - [5254 Bytes] - [10/11/2016 14:26:00]
D:\AdwCleaner\AdwCleaner[S49].txt - [5328 Bytes] - [10/11/2016 18:39:33]
D:\AdwCleaner\AdwCleaner[S4].txt - [1707 Bytes] - [09/10/2016 21:27:50]
D:\AdwCleaner\AdwCleaner[S50].txt - [5402 Bytes] - [10/11/2016 21:25:49]
D:\AdwCleaner\AdwCleaner[S51].txt - [5537 Bytes] - [12/11/2016 09:04:31]
D:\AdwCleaner\AdwCleaner[S52].txt - [5623 Bytes] - [12/11/2016 09:10:36]
D:\AdwCleaner\AdwCleaner[S53].txt - [5697 Bytes] - [12/11/2016 14:31:40]
D:\AdwCleaner\AdwCleaner[S54].txt - [5771 Bytes] - [12/11/2016 15:26:27]
D:\AdwCleaner\AdwCleaner[S55].txt - [5845 Bytes] - [12/11/2016 18:55:07]
D:\AdwCleaner\AdwCleaner[S56].txt - [5919 Bytes] - [13/11/2016 12:59:12]
D:\AdwCleaner\AdwCleaner[S57].txt - [5993 Bytes] - [13/11/2016 21:59:51]
D:\AdwCleaner\AdwCleaner[S58].txt - [6067 Bytes] - [14/11/2016 12:53:51]
D:\AdwCleaner\AdwCleaner[S59].txt - [6141 Bytes] - [14/11/2016 16:47:53]
D:\AdwCleaner\AdwCleaner[S5].txt - [1781 Bytes] - [10/10/2016 21:47:26]
D:\AdwCleaner\AdwCleaner[S60].txt - [6215 Bytes] - [16/11/2016 14:37:55]
D:\AdwCleaner\AdwCleaner[S61].txt - [6289 Bytes] - [16/11/2016 20:28:29]
D:\AdwCleaner\AdwCleaner[S62].txt - [6363 Bytes] - [18/11/2016 13:25:19]
D:\AdwCleaner\AdwCleaner[S63].txt - [6437 Bytes] - [19/11/2016 09:33:04]
D:\AdwCleaner\AdwCleaner[S64].txt - [6511 Bytes] - [19/11/2016 15:27:36]
D:\AdwCleaner\AdwCleaner[S65].txt - [6585 Bytes] - [20/11/2016 20:26:01]
D:\AdwCleaner\AdwCleaner[S66].txt - [6781 Bytes] - [21/11/2016 18:12:42]
D:\AdwCleaner\AdwCleaner[S67].txt - [6806 Bytes] - [21/11/2016 18:18:08]
D:\AdwCleaner\AdwCleaner[S68].txt - [6880 Bytes] - [21/11/2016 21:19:34]
D:\AdwCleaner\AdwCleaner[S69].txt - [7062 Bytes] - [24/11/2016 23:31:18]
D:\AdwCleaner\AdwCleaner[S6].txt - [1854 Bytes] - [12/10/2016 18:30:14]
D:\AdwCleaner\AdwCleaner[S70].txt - [7101 Bytes] - [24/11/2016 23:38:04]
D:\AdwCleaner\AdwCleaner[S71].txt - [7175 Bytes] - [25/11/2016 14:57:39]
D:\AdwCleaner\AdwCleaner[S72].txt - [7249 Bytes] - [25/11/2016 20:05:34]
D:\AdwCleaner\AdwCleaner[S73].txt - [7323 Bytes] - [26/11/2016 12:14:17]
D:\AdwCleaner\AdwCleaner[S74].txt - [7399 Bytes] - [26/11/2016 17:28:30]
D:\AdwCleaner\AdwCleaner[S75].txt - [7473 Bytes] - [26/11/2016 17:30:13]
D:\AdwCleaner\AdwCleaner[S76].txt - [7545 Bytes] - [27/11/2016 20:22:25]
D:\AdwCleaner\AdwCleaner[S77].txt - [7716 Bytes] - [28/11/2016 12:34:08]
D:\AdwCleaner\AdwCleaner[S78].txt - [7863 Bytes] - [28/11/2016 12:41:22]
D:\AdwCleaner\AdwCleaner[S79].txt - [8011 Bytes] - [28/11/2016 12:47:01]
D:\AdwCleaner\AdwCleaner[S7].txt - [1927 Bytes] - [13/10/2016 13:45:36]
D:\AdwCleaner\AdwCleaner[S80].txt - [8085 Bytes] - [28/11/2016 13:28:55]
D:\AdwCleaner\AdwCleaner[S81].txt - [8233 Bytes] - [28/11/2016 13:33:10]
D:\AdwCleaner\AdwCleaner[S82].txt - [8307 Bytes] - [28/11/2016 14:08:51]
D:\AdwCleaner\AdwCleaner[S83].txt - [8455 Bytes] - [28/11/2016 14:20:11]
D:\AdwCleaner\AdwCleaner[S84].txt - [8529 Bytes] - [28/11/2016 14:27:11]
D:\AdwCleaner\AdwCleaner[S85].txt - [8603 Bytes] - [28/11/2016 14:40:22]
D:\AdwCleaner\AdwCleaner[S86].txt - [8677 Bytes] - [28/11/2016 15:55:07]
D:\AdwCleaner\AdwCleaner[S87].txt - [8750 Bytes] - [29/11/2016 14:56:49]
D:\AdwCleaner\AdwCleaner[S88].txt - [8730 Bytes] - [29/11/2016 15:05:01]
D:\AdwCleaner\AdwCleaner[S89].txt - [8802 Bytes] - [30/11/2016 14:34:26]
D:\AdwCleaner\AdwCleaner[S8].txt - [2000 Bytes] - [13/10/2016 22:09:52]
D:\AdwCleaner\AdwCleaner[S90].txt - [8876 Bytes] - [30/11/2016 20:50:00]
D:\AdwCleaner\AdwCleaner[S91].txt - [8950 Bytes] - [01/12/2016 13:39:30]
D:\AdwCleaner\AdwCleaner[S92].txt - [9023 Bytes] - [01/12/2016 18:27:32]
D:\AdwCleaner\AdwCleaner[S93].txt - [9098 Bytes] - [02/12/2016 18:53:39]
D:\AdwCleaner\AdwCleaner[S94].txt - [9171 Bytes] - [03/12/2016 17:13:19]
D:\AdwCleaner\AdwCleaner[S95].txt - [9248 Bytes] - [04/12/2016 14:28:36]
D:\AdwCleaner\AdwCleaner[S96].txt - [9320 Bytes] - [04/12/2016 18:04:27]
D:\AdwCleaner\AdwCleaner[S97].txt - [9393 Bytes] - [05/12/2016 11:42:06]
D:\AdwCleaner\AdwCleaner[S98].txt - [9467 Bytes] - [06/12/2016 00:15:15]
D:\AdwCleaner\AdwCleaner[S99].txt - [9542 Bytes] - [06/12/2016 13:28:50]
D:\AdwCleaner\AdwCleaner[S9].txt - [2252 Bytes] - [14/10/2016 18:40:10]
########## EOF - D:\AdwCleaner\AdwCleaner[C19].txt - [19786 Bytes] ##########
[/CODE] Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 03.05.17
Scan-Zeit: 22:34
Protokolldatei: MBR.log
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.1863
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: NONNAME\Nada
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 502782
Abgelaufene Zeit: 13 Min., 51 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
|
|
| Themen zu Rootkitverdacht |
| antivirus, avast, avira, defender, desktop, explorer, firefox, homepage, internet explorer, kaspersky, prozesse, realtek, registry, rootkit, scan, security, server, services.exe, software, superantispyware, symantec, system, udp, updates, windows |
Hybrid-Darstellung
