Infektion? DNS nach einigen Stunden nicht mehr erreichbar

rilkar · 22.05.2017, 21:34

Hallo zusammen,

ich habe folgendes Problem.
Nach 1-2h stürzt bei meinem PC jeweils Chrome ab und es lassen sich auch keine weiteren Browser mehr öffnen. Dabei kann ich auch jeweils 8.8.8.8 nicht mehr anpingen, Netzwerk-Interne Server gehen. Andere Geräte (z.B. am W-LAN) haben keine Probleme ins Netz zu kommen, es ist also nur dieser eine PC.

Da bei Firefox plötzlich das neue Tab auf "ww-searchings" gelinkt war habe ich Malwarebytes und Avira ausgeführt, diese haben einige unbedeutende Malwares gefunden, das Problem wurde jedoch noch nicht gelöst.

Weiterhin nach ein paar Stunden "stürzt meine Internetleitung ab" und ich muss den PC neustarten.

Anbei ein Hijackthis-Protokoll.

Hat jemand eine Ahnung, wie ich das Problem möglichst schnell löse?

Vielen Dank & Grüsse,
rilkar

====================================

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 14:04:00, on 21.05.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0953)

FIREFOX: 53.0.3 (x86 de)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\System\3DG4me.exe
D:\Programs\CrashPlan\CrashPlanTray.exe
C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe
C:\Users\Michael\AppData\Local\Amazon Music\Amazon Music Helper.exe
C:\Users\Michael\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
D:\Programs\AudioSwitcher\switcher.exe
C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\Xtreme.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Users\Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Michael\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
C:\Program Files (x86)\PDF24\pdf24.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
D:\Programs\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Users\Michael\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Users\Michael\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
H:\jDownloader\HijackThis.exe
D:\Programs\Steam\Steam.exe
D:\Programs\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Programs\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
O4 - HKLM\..\Run: [PDFPrint] "C:\Program Files (x86)\PDF24\pdf24.exe"
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [SDTray] "d:\Programs\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Programs\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "D:\Programs\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
O4 - HKCU\..\Run: [Amazon Music] "C:\Users\Michael\AppData\Local\Amazon Music\Amazon Music Helper.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Michael\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: AudioSwitcher.lnk = D:\Programs\AudioSwitcher\switcher.exe
O4 - Startup: Dropbox.lnk = Michael\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: GIGABYTE XTREME GAMING ENGINE.lnk = C:\Program Files (x86)\GIGABYTE\XTREME GAMING ENGINE\autorun.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O4 - Startup: startup-monitor-timeout.lnk = Michael\Documents\startup-monitor-timeout.bat
O4 - Startup: Synology Cloud Station Drive.lnk = C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe
O4 - Global Startup: FileBox eXtender.lnk = D:\Programs\FileBX\FileBX.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{4a3501c2-f5bb-46aa-a34a-2b67b7ae66fd}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Active File Monitor V14 (AdobeActiveFileMonitor14.0) - Adobe Systems Incorporated - D:\Programs\Adobe PSE 14\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeUpdateService - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service: Adobe Genuine Software Integrity Service (AGSService) - Adobe Systems, Incorporated - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Avira Email-Schutz (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit-Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Browser-Schutz (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Cloud Station Drive VSS Service x64 - Unknown owner - C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CrashPlan Backup Service (CrashPlanService) - Code 42 Software - D:\Programs\CrashPlan\CrashPlanService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NitroPDFDriverCreatorReadSpool11 (NitroDriverReadSpool11) - Nitro Software, Inc. - C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
O23 - Service: NitroUpdateService - Unknown owner - C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\SysWOW64\NLSSRV32.EXE
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - d:\Programs\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - d:\Programs\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - d:\Programs\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: tbupddwu - Unknown owner - C:\Program Files\UPDD\tbupddwu.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vmcompute.exe,-100 (vmcompute) - Unknown owner - C:\WINDOWS\system32\vmcompute.exe (file missing)
O23 - Service: @%systemroot%\system32\vmms.exe,-10 (vmms) - Unknown owner - C:\WINDOWS\system32\vmms.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe

--
End of file - 18976 bytes

burningice · 22.05.2017, 23:23

Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:

Bitte lies meine Posts komplett durch bevor du sie abarbeitest
Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
Bitte kein Crossposting
Installiere oder Deinstalliere keine Software ohne Aufforderung
Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
Wir machen unsere Arbeit freiwillig und ehrenamtlich neben unserer normalen Beschäftigung im Leben. Dennoch, wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!

Los geht's

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Bitte poste dein Ergebnis zwischen Code-Tags
Wenn ein Log zu lange ist, teile ihn bitte auf mehrere Antworten.

Code-Tags?

Drücke einfach die # in Antwortfenster und füge den Log dazwischen ein

rilkar · 23.05.2017, 21:04

danke für die schnelle Rückmeldung.

Die Logfiles habe ich gezippt und angehängt.

Viele Grüsse,
rilkar

burningice · 25.05.2017, 17:42

Schritt 1
Bitte deinstalliere die folgenden Programme aus der Systemsteuerung:
Spybot - Search and Destroy
ZoneAlarm Free Firewall Firewall

Schritt 2
Starte deinen PC neu und führe im Anschluss folgendes aus:

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Schritt: 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

rilkar · 27.05.2017, 18:52

Danke für die Rückmeldung.
Weshalb ratet ihr von Zonealarm ab? Kannst Du ein anderes Tool empfehlen, wo ich selektiv Programme vom Internet trennen kann?

ich probiere dein Vorgehen gleich aus.

Gruss,
Michael

burningice · 28.05.2017, 11:59

Weil das wie Comodo übertrieben in das System eingreift und durch dieses Vorgehen eigentlich nur Probleme macht - insbesondere wenn der User sich wegen Internetproblemen beschwert

Zitat:

Kannst Du ein anderes Tool empfehlen, wo ich selektiv Programme vom Internet trennen kann?

Ja die Windows Firewall

Oder Netlimiter wenn es um kurzfristige Sachen geht. Mir fallen aber in beiden Fällen fast nur illegale Verwendungsmöglichkeiten dafür ein... Aber Windows Firewall reicht da vollkommen aus.

Wo sind die Logfiles?

rilkar · 28.05.2017, 16:15

Das einzige als potentiell gefährlich erkannte Objekt ist der Treiber für die Sennheiser Soundkarte.

<CODE>
17:12:30.0618 0x4b3c TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
17:12:55.0441 0x4b3c ============================================================
17:12:55.0441 0x4b3c Current date / time: 2017/05/28 17:12:55.0441
17:12:55.0441 0x4b3c SystemInfo:
17:12:55.0442 0x4b3c
17:12:55.0442 0x4b3c OS Version: 10.0.14393 ServicePack: 0.0
17:12:55.0442 0x4b3c Product type: Workstation
17:12:55.0442 0x4b3c ComputerName: PHANTOM
17:12:55.0442 0x4b3c UserName: Michael
17:12:55.0442 0x4b3c Windows directory: C:\WINDOWS
17:12:55.0442 0x4b3c System windows directory: C:\WINDOWS
17:12:55.0442 0x4b3c Running under WOW64
17:12:55.0442 0x4b3c Processor architecture: Intel x64
17:12:55.0442 0x4b3c Number of processors: 8
17:12:55.0442 0x4b3c Page size: 0x1000
17:12:55.0442 0x4b3c Boot type: Normal boot
17:12:55.0442 0x4b3c CodeIntegrityOptions = 0x00002001
17:12:55.0442 0x4b3c ============================================================
17:12:57.0336 0x4b3c KLMD registered as C:\WINDOWS\system32\drivers\20433079.sys
17:12:57.0336 0x4b3c KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x39
17:12:57.0452 0x4b3c System UUID: {6D22CD72-E207-12B4-737B-C1A7253998E4}
17:12:57.0873 0x4b3c Drive \Device\Harddisk3\DR3 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:12:57.0882 0x4b3c Drive \Device\Harddisk4\DR4 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:12:57.0893 0x4b3c Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:12:57.0908 0x4b3c Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:12:57.0930 0x4b3c Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:12:57.0966 0x4b3c ============================================================
17:12:57.0966 0x4b3c \Device\Harddisk3\DR3:
17:12:57.0967 0x4b3c MBR partitions:
17:12:57.0967 0x4b3c \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xDEB2000
17:12:57.0967 0x4b3c \Device\Harddisk4\DR4:
17:12:57.0967 0x4b3c MBR partitions:
17:12:57.0967 0x4b3c \Device\Harddisk0\DR0:
17:12:57.0967 0x4b3c MBR partitions:
17:12:57.0967 0x4b3c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
17:12:57.0967 0x4b3c \Device\Harddisk1\DR1:
17:12:57.0967 0x4b3c MBR partitions:
17:12:57.0967 0x4b3c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x63FFA80
17:12:58.0003 0x4b3c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x63FFAFE, BlocksNum 0xE2A079C3
17:12:58.0003 0x4b3c \Device\Harddisk2\DR2:
17:12:58.0003 0x4b3c MBR partitions:
17:12:58.0003 0x4b3c \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
17:12:58.0003 0x4b3c ============================================================
17:12:58.0004 0x4b3c C: <-> \Device\Harddisk3\DR3\Partition1
17:12:58.0052 0x4b3c D: <-> \Device\Harddisk0\DR0\Partition1
17:12:58.0114 0x4b3c G: <-> \Device\Harddisk1\DR1\Partition1
17:12:58.0159 0x4b3c H: <-> \Device\Harddisk2\DR2\Partition1
17:12:58.0197 0x4b3c I: <-> \Device\Harddisk1\DR1\Partition2
17:12:58.0197 0x4b3c ============================================================
17:12:58.0197 0x4b3c Initialize success
17:12:58.0197 0x4b3c ============================================================
17:13:05.0398 0x5804 ============================================================
17:13:05.0398 0x5804 Scan started
17:13:05.0398 0x5804 Mode: Manual;
17:13:05.0398 0x5804 ============================================================
17:13:05.0398 0x5804 KSN ping started
17:13:06.0135 0x5804 KSN ping finished: true
17:13:09.0604 0x5804 ================ Scan system memory ========================
17:13:09.0604 0x5804 System memory - ok
17:13:09.0606 0x5804 ================ Scan services =============================
17:13:09.0663 0x5804 1394ohci - ok
17:13:09.0670 0x5804 [ EE6D1EB24DD0FDF8F73D9DC69F32EB5B, 1E25928173E40CD10AF08B2AEF987D6CD945B3D1068DE0852C8BA6FA03B6DDC1 ] 3dxhid C:\WINDOWS\System32\drivers\3dxhid.sys
17:13:09.0671 0x5804 3dxhid - ok
17:13:09.0685 0x5804 3ware - ok
17:13:09.0694 0x5804 ACPI - ok
17:13:09.0701 0x5804 AcpiDev - ok
17:13:09.0707 0x5804 acpiex - ok
17:13:09.0710 0x5804 acpipagr - ok
17:13:09.0714 0x5804 AcpiPmi - ok
17:13:09.0717 0x5804 acpitime - ok
17:13:09.0794 0x5804 [ 37E0AAD625E2CFCED30EA6B44A26D21B, 4E646944C10A91A36FBA16532DCEA01376C742197DDCB6D6CB8AC5CE04353FE3 ] AdobeActiveFileMonitor14.0 D:\Programs\Adobe PSE 14\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
17:13:09.0796 0x5804 AdobeActiveFileMonitor14.0 - ok
17:13:09.0804 0x5804 [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:13:09.0811 0x5804 AdobeARMservice - ok
17:13:09.0831 0x5804 [ 8532B30A054D83614A90D24AD61A29DF, 959C74C63AF7F4E5588C705FBF08EA7A8749268BC28819879ED53AB7A3410B74 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
17:13:09.0840 0x5804 AdobeUpdateService - ok
17:13:09.0846 0x5804 ADP80XX - ok
17:13:09.0851 0x5804 AFD - ok
17:13:09.0893 0x5804 [ A32EA26C90A47B2BC93D7B0B94994B11, 1CF8DB09CA27EAC5741489EDFDFC04D69485B51C726F539BFCDC3C78E8E09EBE ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
17:13:09.0922 0x5804 AGSService - ok
17:13:09.0933 0x5804 ahcache - ok
17:13:09.0939 0x5804 AJRouter - ok
17:13:09.0943 0x5804 ALG - ok
17:13:09.0946 0x5804 AmdK8 - ok
17:13:09.0949 0x5804 AmdPPM - ok
17:13:09.0952 0x5804 amdsata - ok
17:13:09.0955 0x5804 amdsbs - ok
17:13:09.0960 0x5804 amdxata - ok
17:13:09.0990 0x5804 [ 0C891285258A793146DCF286BFEDFF20, 2BF060A4D1C26FBB99229DADFBDBE4C03DE3DE1FA6376948DEC257907CB83442 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:13:10.0015 0x5804 AntiVirMailService - ok
17:13:10.0028 0x5804 [ A92B5723DC25E9755C745F9946A2E2EA, 5C1994BB7BE36555AE43400E12A650B1AC4CC37E9765B3AB5A605AD13E0CE1CF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:13:10.0042 0x5804 AntiVirSchedulerService - ok
17:13:10.0061 0x5804 [ A92B5723DC25E9755C745F9946A2E2EA, 5C1994BB7BE36555AE43400E12A650B1AC4CC37E9765B3AB5A605AD13E0CE1CF ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:13:10.0075 0x5804 AntiVirService - ok
17:13:10.0104 0x5804 [ 56B7AEE325CE5EA2BD854899E4E7123B, E25491348675939CB81C0E19A50473C8B13C1CFA1F84305478DD3403E1393800 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:13:10.0136 0x5804 AntiVirWebService - ok
17:13:10.0142 0x5804 AppHostSvc - ok
17:13:10.0146 0x5804 AppID - ok
17:13:10.0150 0x5804 AppIDSvc - ok
17:13:10.0153 0x5804 Appinfo - ok
17:13:10.0162 0x5804 [ A5E8EB3B4244358F62DADF769DB59567, 76FE364D9A896424E4C2BCA5F66CFF31F22513851B7E4B65EDE206DF159DA67F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:13:10.0163 0x5804 Apple Mobile Device Service - ok
17:13:10.0169 0x5804 applockerfltr - ok
17:13:10.0177 0x5804 AppMgmt - ok
17:13:10.0180 0x5804 AppReadiness - ok
17:13:10.0184 0x5804 AppVClient - ok
17:13:10.0187 0x5804 AppvStrm - ok
17:13:10.0191 0x5804 AppvVemgr - ok
17:13:10.0194 0x5804 AppvVfs - ok
17:13:10.0198 0x5804 AppXSvc - ok
17:13:10.0202 0x5804 arcsas - ok
17:13:10.0206 0x5804 [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64 C:\WINDOWS\system32\drivers\asahci64.sys
17:13:10.0211 0x5804 asahci64 - ok
17:13:10.0226 0x5804 aspnet_state - ok
17:13:10.0229 0x5804 AsyncMac - ok
17:13:10.0232 0x5804 atapi - ok
17:13:10.0236 0x5804 AudioEndpointBuilder - ok
17:13:10.0240 0x5804 Audiosrv - ok
17:13:10.0247 0x5804 [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:13:10.0255 0x5804 avgntflt - ok
17:13:10.0264 0x5804 [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:13:10.0267 0x5804 avipbb - ok
17:13:10.0277 0x5804 [ 64943D597895DE755A58EE46402932F3, 11D6668F325A5C8343C533BC037AD38019EA6F8E84FB15639B16BD3113F73C8D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:13:10.0283 0x5804 Avira.ServiceHost - ok
17:13:10.0294 0x5804 [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:13:10.0295 0x5804 avkmgr - ok
17:13:10.0300 0x5804 [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
17:13:10.0302 0x5804 avnetflt - ok
17:13:10.0305 0x5804 AxInstSV - ok
17:13:10.0309 0x5804 b06bdrv - ok
17:13:10.0313 0x5804 BasicDisplay - ok
17:13:10.0317 0x5804 BasicRender - ok
17:13:10.0322 0x5804 bcmfn - ok
17:13:10.0325 0x5804 bcmfn2 - ok
17:13:10.0329 0x5804 BDESVC - ok
17:13:10.0332 0x5804 Beep - ok
17:13:10.0336 0x5804 BFE - ok
17:13:10.0340 0x5804 BITS - ok
17:13:10.0349 0x5804 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:13:10.0360 0x5804 Bonjour Service - ok
17:13:10.0364 0x5804 bowser - ok
17:13:10.0367 0x5804 BrokerInfrastructure - ok
17:13:10.0370 0x5804 Browser - ok
17:13:10.0377 0x5804 [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
17:13:10.0380 0x5804 BrYNSvc - ok
17:13:10.0385 0x5804 BthAvrcpTg - ok
17:13:10.0389 0x5804 BthHFEnum - ok
17:13:10.0391 0x5804 bthhfhid - ok
17:13:10.0394 0x5804 BthHFSrv - ok
17:13:10.0398 0x5804 BTHMODEM - ok
17:13:10.0409 0x5804 bthserv - ok
17:13:10.0418 0x5804 buttonconverter - ok
17:13:10.0423 0x5804 CapImg - ok
17:13:10.0428 0x5804 cdfs - ok
17:13:10.0433 0x5804 CDPSvc - ok
17:13:10.0437 0x5804 CDPUserSvc - ok
17:13:10.0443 0x5804 cdrom - ok
17:13:10.0447 0x5804 CertPropSvc - ok
17:13:10.0450 0x5804 cht4iscsi - ok
17:13:10.0453 0x5804 cht4vbd - ok
17:13:10.0457 0x5804 circlass - ok
17:13:10.0460 0x5804 CLFS - ok
17:13:10.0526 0x5804 [ F6ED2A874E4FC4FC95F544088F0523F4, F5F239A666288373ED93C6F13EC14FC4AC7257ABF117A7DD97F20070F8EC2205 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
17:13:10.0582 0x5804 ClickToRunSvc - ok
17:13:10.0591 0x5804 ClipSVC - ok
17:13:10.0598 0x5804 [ C2773F2EB9C3A54437616C19A1B84F4A, 784CB6046E00AAD4F08EDEC1A0558FF8D1E5DB7D1F1B4E01AE30EDE3EDC01069 ] Cloud Station Drive VSS Service x64 C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
17:13:10.0609 0x5804 Cloud Station Drive VSS Service x64 - ok
17:13:10.0613 0x5804 clreg - ok
17:13:10.0627 0x5804 CmBatt - ok
17:13:10.0634 0x5804 CNG - ok
17:13:10.0643 0x5804 cnghwassist - ok
17:13:10.0657 0x5804 [ 81F2B52C47B8AD32CC4FF967FC8D73DA, 13D84B4096E0F9AB9D04F6CD9E9C0DE4B6DF6F11D63C797266D719FD2429A655 ] CompFilter64 C:\WINDOWS\System32\drivers\lvbflt64.sys
17:13:10.0659 0x5804 CompFilter64 - ok
17:13:10.0683 0x5804 CompositeBus - ok
17:13:10.0687 0x5804 COMSysApp - ok
17:13:10.0693 0x5804 condrv - ok
17:13:10.0699 0x5804 CoreMessagingRegistrar - ok
17:13:10.0738 0x5804 [ A28D6FA203CE094BDE7ED8CEC6079E42, 5DCA8BA21F5FD0D9F00620E7592949ABCF3BA202CF7AF3D84F93DF7C13E2D4C9 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:13:10.0759 0x5804 cphs - ok
17:13:10.0768 0x5804 CryptSvc - ok
17:13:10.0777 0x5804 CSC - ok
17:13:10.0783 0x5804 CscService - ok
17:13:10.0787 0x5804 dam - ok
17:13:10.0794 0x5804 DcomLaunch - ok
17:13:10.0798 0x5804 DcpSvc - ok
17:13:10.0802 0x5804 defragsvc - ok
17:13:10.0807 0x5804 DeviceAssociationService - ok
17:13:10.0812 0x5804 DeviceInstall - ok
17:13:10.0816 0x5804 DevQueryBroker - ok
17:13:10.0819 0x5804 Dfsc - ok
17:13:10.0823 0x5804 Dhcp - ok
17:13:10.0828 0x5804 diagnosticshub.standardcollector.service - ok
17:13:10.0832 0x5804 DiagTrack - ok
17:13:10.0837 0x5804 disk - ok
17:13:10.0841 0x5804 DmEnrollmentSvc - ok
17:13:10.0845 0x5804 dmvsc - ok
17:13:10.0849 0x5804 dmwappushservice - ok
17:13:10.0854 0x5804 Dnscache - ok
17:13:10.0860 0x5804 dot3svc - ok
17:13:10.0863 0x5804 DPS - ok
17:13:10.0868 0x5804 drmkaud - ok
17:13:10.0872 0x5804 DsmSvc - ok
17:13:10.0878 0x5804 DsSvc - ok
17:13:10.0888 0x5804 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
17:13:10.0892 0x5804 dtsoftbus01 - ok
17:13:10.0902 0x5804 DXGKrnl - ok
17:13:10.0906 0x5804 EapHost - ok
17:13:10.0910 0x5804 ebdrv - ok
17:13:10.0915 0x5804 EFS - ok
17:13:10.0921 0x5804 EhStorClass - ok
17:13:10.0926 0x5804 EhStorTcgDrv - ok
17:13:10.0931 0x5804 embeddedmode - ok
17:13:10.0936 0x5804 EntAppSvc - ok
17:13:10.0940 0x5804 ErrDev - ok
17:13:10.0950 0x5804 [ 233DB99476B8D1CF61AC1177D0137036, E5EF1F30891050729B248013B4D7881FC556D259E2BE3F51980C3A247D3F5950 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
17:13:10.0952 0x5804 ESProtectionDriver - ok
17:13:10.0961 0x5804 EventSystem - ok
17:13:10.0966 0x5804 exfat - ok
17:13:10.0973 0x5804 fastfat - ok
17:13:10.0979 0x5804 Fax - ok
17:13:10.0984 0x5804 fdc - ok
17:13:10.0988 0x5804 fdPHost - ok
17:13:10.0994 0x5804 FDResPub - ok
17:13:10.0999 0x5804 fhsvc - ok
17:13:11.0003 0x5804 FileCrypt - ok
17:13:11.0009 0x5804 FileInfo - ok
17:13:11.0020 0x5804 Filetrace - ok
17:13:11.0027 0x5804 flpydisk - ok
17:13:11.0031 0x5804 FltMgr - ok
17:13:11.0037 0x5804 FontCache - ok
17:13:11.0044 0x5804 FontCache3.0.0.0 - ok
17:13:11.0048 0x5804 FrameServer - ok
17:13:11.0051 0x5804 FsDepends - ok
17:13:11.0057 0x5804 Fs_Rec - ok
17:13:11.0061 0x5804 fvevol - ok
17:13:11.0066 0x5804 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:13:11.0067 0x5804 GEARAspiWDM - ok
17:13:11.0073 0x5804 gencounter - ok
17:13:11.0077 0x5804 genericusbfn - ok
17:13:11.0082 0x5804 GPIOClx0101 - ok
17:13:11.0086 0x5804 gpsvc - ok
17:13:11.0091 0x5804 GpuEnergyDrv - ok
17:13:11.0101 0x5804 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:13:11.0103 0x5804 gupdate - ok
17:13:11.0109 0x5804 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:13:11.0111 0x5804 gupdatem - ok
17:13:11.0115 0x5804 HdAudAddService - ok
17:13:11.0119 0x5804 HDAudBus - ok
17:13:11.0122 0x5804 HidBatt - ok
17:13:11.0126 0x5804 HidBth - ok
17:13:11.0132 0x5804 hidi2c - ok
17:13:11.0142 0x5804 hidinterrupt - ok
17:13:11.0148 0x5804 HidIr - ok
17:13:11.0154 0x5804 hidserv - ok
17:13:11.0160 0x5804 HidUsb - ok
17:13:11.0167 0x5804 hns - ok
17:13:11.0173 0x5804 HomeGroupListener - ok
17:13:11.0180 0x5804 HomeGroupProvider - ok
17:13:11.0189 0x5804 HpSAMD - ok
17:13:11.0196 0x5804 HTTP - ok
17:13:11.0207 0x5804 HvHost - ok
17:13:11.0212 0x5804 hvservice - ok
17:13:11.0216 0x5804 hwpolicy - ok
17:13:11.0220 0x5804 hyperkbd - ok
17:13:11.0223 0x5804 i8042prt - ok
17:13:11.0227 0x5804 iagpio - ok
17:13:11.0231 0x5804 iai2c - ok
17:13:11.0234 0x5804 iaLPSS2i_GPIO2 - ok
17:13:11.0237 0x5804 iaLPSS2i_I2C - ok
17:13:11.0241 0x5804 iaLPSSi_GPIO - ok
17:13:11.0246 0x5804 iaLPSSi_I2C - ok
17:13:11.0252 0x5804 iaStorAV - ok
17:13:11.0260 0x5804 iaStorV - ok
17:13:11.0266 0x5804 ibbus - ok
17:13:11.0272 0x5804 icssvc - ok
17:13:11.0347 0x5804 [ 9CE4D3A79D3180AC5A141E2F7E7137F4, 1D717D2156B78632895281779D2646AB066619EA1DB293A9505BF7C174F53271 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:13:11.0405 0x5804 igfx - ok
17:13:11.0418 0x5804 [ 6A9C613D0F5F9676D128F39B63ACE45B, 027B9568C740E336C7CBBE952309E2719E8FFA14E7DFC2B85B49E0C0CE7D2149 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
17:13:11.0427 0x5804 igfxCUIService1.0.0.0 - ok
17:13:11.0430 0x5804 IKEEXT - ok
17:13:11.0434 0x5804 IndirectKmd - ok
17:13:11.0443 0x5804 [ 41CD73C13FCAEA4942F0CF7608B7530F, 835BF370E6624975E3CB7106D4835488D6F527C545E7B0ECD26A161D36CABABB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:13:11.0445 0x5804 intaud_WaveExtensible - ok
17:13:11.0503 0x5804 [ F2744FD54BE1580BE05916D1C755C92A, 27FAC146876B6C6EBE0C00CDEC3E01C69DACB2584BEC85DD0FE5B55AD2157452 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:13:11.0538 0x5804 IntcAzAudAddService - ok
17:13:11.0552 0x5804 [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:13:11.0559 0x5804 IntcDAud - ok
17:13:11.0562 0x5804 intelide - ok
17:13:11.0565 0x5804 intelpep - ok
17:13:11.0568 0x5804 intelppm - ok
17:13:11.0571 0x5804 iorate - ok
17:13:11.0575 0x5804 IpFilterDriver - ok
17:13:11.0579 0x5804 iphlpsvc - ok
17:13:11.0582 0x5804 IPMIDRV - ok
17:13:11.0584 0x5804 IPNAT - ok
17:13:11.0601 0x5804 [ 6F836118C67812A6CC3F8FC9EAF0E65D, 0E8F977B304890CC9D2FE07C713B2B3F1106A79D97CECDE105AD7FC084638F1F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:13:11.0618 0x5804 iPod Service - ok
17:13:11.0628 0x5804 [ 45F14ACEA013C63A070AC5DB19677620, F60D48E7456800E311B2B7FABB3C03919D47971230C743A118982FDE07E04847 ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
17:13:11.0632 0x5804 IpOverUsbSvc - ok
17:13:11.0636 0x5804 irda - ok
17:13:11.0639 0x5804 IRENUM - ok
17:13:11.0643 0x5804 irmon - ok
17:13:11.0647 0x5804 isapnp - ok
17:13:11.0651 0x5804 iScsiPrt - ok
17:13:11.0656 0x5804 [ 1ECC1A421B0AEBF9A6934451FBFD7848, 1A8DDEC42831C12760CF27FA02EDD06D5CCE25A606E2DECB7D8487B5961B11AC ] ISCT C:\WINDOWS\System32\drivers\ISCTD64.sys
17:13:11.0658 0x5804 ISCT - ok
17:13:11.0664 0x5804 [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\WINDOWS\system32\drivers\iusb3hcs.sys
17:13:11.0669 0x5804 iusb3hcs - ok
17:13:11.0674 0x5804 [ 48B904D31F2369D7B0122617038D3F5B, 8A43CB37667929CCCC37B6E79E82509BBCA6C8884B44059DC87BCA7C21BE7FE1 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
17:13:11.0676 0x5804 iwdbus - ok
17:13:11.0679 0x5804 kbdclass - ok
17:13:11.0684 0x5804 kbdhid - ok
17:13:11.0690 0x5804 kdnic - ok
17:13:11.0694 0x5804 KeyIso - ok
17:13:11.0699 0x5804 [ 7D78A7B19ABA781BBF75EC7EF8407668, C43BBCBBA6BB091A6A6D2D1C57A3D137808B679CD57B0CD3BF608659F9A82AC0 ] KMJHidMini C:\WINDOWS\System32\drivers\3dxkmj.sys
17:13:11.0700 0x5804 KMJHidMini - ok
17:13:11.0704 0x5804 [ C3D4347EDAFA5D6022277BA4D5BCBF2A, DAA3BF83175D0AC8B37ED414F880DFCB2D7D6E9284A9135BCF66A14C8D971850 ] KMJShim C:\WINDOWS\System32\drivers\3dxshim.sys
17:13:11.0705 0x5804 KMJShim - ok
17:13:11.0709 0x5804 KSecDD - ok
17:13:11.0714 0x5804 KSecPkg - ok
17:13:11.0718 0x5804 ksthunk - ok
17:13:11.0721 0x5804 KtmRm - ok
17:13:11.0727 0x5804 LanmanServer - ok
17:13:11.0734 0x5804 LanmanWorkstation - ok
17:13:11.0746 0x5804 [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:13:11.0758 0x5804 LBTServ - ok
17:13:11.0767 0x5804 [ FF6F04B30231E76FEFEC59DB89A86F9B, D20F0318B054AF1140C87A1325DF159B64045F4ECCE55CA9FA155897A8D69117 ] LDrvSvc c:\program files (x86)\ostotosoft\drivertalent\LDrvSvc.dll
17:13:11.0778 0x5804 LDrvSvc - ok
17:13:11.0783 0x5804 [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys
17:13:11.0784 0x5804 LEqdUsb - ok
17:13:11.0792 0x5804 [ 081157B1BF9076EDC474623BFC4AF0D8, 11752767D19430245CA1E9F977569B01A0B36CBE7E550B58175C7D6264D612EF ] leusbser C:\WINDOWS\system32\DRIVERS\leusbser.sys
17:13:11.0800 0x5804 leusbser - ok
17:13:11.0805 0x5804 lfsvc - ok
17:13:11.0812 0x5804 [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys
17:13:11.0813 0x5804 LHidEqd - ok
17:13:11.0817 0x5804 [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
17:13:11.0819 0x5804 LHidFilt - ok
17:13:11.0824 0x5804 LicenseManager - ok
17:13:11.0828 0x5804 lltdio - ok
17:13:11.0833 0x5804 lltdsvc - ok
17:13:11.0838 0x5804 lmhosts - ok
17:13:11.0843 0x5804 [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
17:13:11.0844 0x5804 LMouFilt - ok
17:13:11.0849 0x5804 LSI_SAS - ok
17:13:11.0856 0x5804 LSI_SAS2i - ok
17:13:11.0863 0x5804 LSI_SAS3i - ok
17:13:11.0869 0x5804 LSI_SSS - ok
17:13:11.0874 0x5804 LSM - ok
17:13:11.0878 0x5804 luafv - ok
17:13:11.0883 0x5804 lunparser - ok
17:13:11.0893 0x5804 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64 C:\WINDOWS\system32\DRIVERS\lvrs64.sys
17:13:11.0898 0x5804 LVRS64 - ok
17:13:11.0975 0x5804 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
17:13:12.0031 0x5804 LVUVC64 - ok
17:13:12.0039 0x5804 MapsBroker - ok
17:13:12.0046 0x5804 [ 4EA73F071D96F376DB3AB9EF81273B28, 683C362F9B7A0BEC7BA4C1231405FB312EAA9A21260976C084ABA8CA035E6136 ] MBAMChameleon C:\WINDOWS\system32\drivers\MBAMChameleon.sys
17:13:12.0055 0x5804 MBAMChameleon - ok
17:13:12.0061 0x5804 [ C51267EE2726707D38C489C06DDF01ED, BFA9BFB8D2E1581CBF4833DC3D86A88C94B64B3B17D440894AEB111E749E4497 ] MBAMFarflt C:\WINDOWS\system32\drivers\farflt.sys
17:13:12.0063 0x5804 MBAMFarflt - ok
17:13:12.0067 0x5804 [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection C:\WINDOWS\system32\drivers\mbam.sys
17:13:12.0069 0x5804 MBAMProtection - ok
17:13:12.0143 0x5804 [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
17:13:12.0210 0x5804 MBAMService - ok
17:13:12.0229 0x5804 [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
17:13:12.0234 0x5804 MBAMSwissArmy - ok
17:13:12.0240 0x5804 [ BBFBEFBE4598AD6D8E3E821A0FEBDE79, D98CEB294E52167A47CEE7442FF31A44EDC1179069944613203BDC5D8B1B2A73 ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
17:13:12.0243 0x5804 MBAMWebProtection - ok
17:13:12.0247 0x5804 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\WINDOWS\system32\drivers\MBfilt64.sys
17:13:12.0248 0x5804 MBfilt - ok
17:13:12.0253 0x5804 megasas - ok
17:13:12.0257 0x5804 megasas2i - ok
17:13:12.0261 0x5804 megasr - ok
17:13:12.0266 0x5804 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
17:13:12.0267 0x5804 MEIx64 - ok
17:13:12.0271 0x5804 MessagingService - ok
17:13:12.0280 0x5804 mlx4_bus - ok
17:13:12.0283 0x5804 MMCSS - ok
17:13:12.0287 0x5804 Modem - ok
17:13:12.0290 0x5804 monitor - ok
17:13:12.0295 0x5804 mouclass - ok
17:13:12.0298 0x5804 mouhid - ok
17:13:12.0301 0x5804 mountmgr - ok
17:13:12.0309 0x5804 [ 65C0F9AE99ECCCA7C5C3CEFA7ED80904, AABEBEAED256318B5B8C1BC36A2E365CB942ED591C78E78EC6C55EF94A522342 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:13:12.0319 0x5804 MozillaMaintenance - ok
17:13:12.0323 0x5804 mpsdrv - ok
17:13:12.0329 0x5804 MpsSvc - ok
17:13:12.0335 0x5804 MQAC - ok
17:13:12.0345 0x5804 MRxDAV - ok
17:13:12.0349 0x5804 mrxsmb - ok
17:13:12.0354 0x5804 mrxsmb10 - ok
17:13:12.0358 0x5804 mrxsmb20 - ok
17:13:12.0361 0x5804 MsBridge - ok
17:13:12.0365 0x5804 MSDTC - ok
17:13:12.0372 0x5804 Msfs - ok
17:13:12.0377 0x5804 msgpiowin32 - ok
17:13:12.0381 0x5804 mshidkmdf - ok
17:13:12.0386 0x5804 mshidumdf - ok
17:13:12.0395 0x5804 msisadrv - ok
17:13:12.0400 0x5804 MSiSCSI - ok
17:13:12.0404 0x5804 msiserver - ok
17:13:12.0408 0x5804 MSKSSRV - ok
17:13:12.0412 0x5804 MsLldp - ok
17:13:12.0416 0x5804 MSMQ - ok
17:13:12.0420 0x5804 MSPCLOCK - ok
17:13:12.0423 0x5804 MSPQM - ok
17:13:12.0430 0x5804 MsRPC - ok
17:13:12.0435 0x5804 MsSecFlt - ok
17:13:12.0439 0x5804 mssmbios - ok
17:13:12.0444 0x5804 MSSQL$SQLEXPRESS - ok
17:13:12.0452 0x5804 [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:13:12.0459 0x5804 MSSQLServerADHelper100 - ok
17:13:12.0467 0x5804 MSTEE - ok
17:13:12.0470 0x5804 MTConfig - ok
17:13:12.0473 0x5804 Mup - ok
17:13:12.0478 0x5804 mvumis - ok
17:13:12.0483 0x5804 NativeWifiP - ok
17:13:12.0488 0x5804 NcaSvc - ok
17:13:12.0494 0x5804 NcbService - ok
17:13:12.0498 0x5804 NcdAutoSetup - ok
17:13:12.0504 0x5804 ndfltr - ok
17:13:12.0510 0x5804 NDIS - ok
17:13:12.0516 0x5804 NdisCap - ok
17:13:12.0521 0x5804 NdisImPlatform - ok
17:13:12.0525 0x5804 NdisTapi - ok
17:13:12.0529 0x5804 Ndisuio - ok
17:13:12.0532 0x5804 NdisVirtualBus - ok
17:13:12.0535 0x5804 NdisWan - ok
17:13:12.0539 0x5804 ndiswanlegacy - ok
17:13:12.0544 0x5804 ndproxy - ok
17:13:12.0547 0x5804 Ndu - ok
17:13:12.0551 0x5804 NetAdapterCx - ok
17:13:12.0554 0x5804 NetBIOS - ok
17:13:12.0561 0x5804 NetBT - ok
17:13:12.0565 0x5804 Netlogon - ok
17:13:12.0571 0x5804 Netman - ok
17:13:12.0583 0x5804 NetMsmqActivator - ok
17:13:12.0589 0x5804 NetPipeActivator - ok
17:13:12.0598 0x5804 netprofm - ok
17:13:12.0607 0x5804 NetSetupSvc - ok
17:13:12.0615 0x5804 NetTcpActivator - ok
17:13:12.0623 0x5804 NetTcpPortSharing - ok
17:13:12.0630 0x5804 NgcCtnrSvc - ok
17:13:12.0634 0x5804 NgcSvc - ok
17:13:12.0644 0x5804 [ 0669F1F91F3D295447D3F30D123D69DE, 3BE0AD7321AB507F19738F2ABD38596A686851FD88A518FD3400018BAAAAB236 ] NitroDriverReadSpool11 C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
17:13:12.0657 0x5804 NitroDriverReadSpool11 - ok
17:13:12.0668 0x5804 [ E1C6CB0C5B820DE993910422453F33C7, 3FD5210D4AB7CCCA1EC312CF419D82A67AC06AD45729A9A7A4BFF7C6B514FD37 ] NitroUpdateService C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
17:13:12.0682 0x5804 NitroUpdateService - ok
17:13:12.0686 0x5804 NlaSvc - ok
17:13:12.0716 0x5804 [ BD5A51891BB49075EE2B4C9CEE085618, 5B77268F0F66F0021D6D210ECE56BFB3C2E992B4C15D63E0FA791976DABA8EA8 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
17:13:12.0730 0x5804 nlsX86cc - ok
17:13:12.0743 0x5804 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\WINDOWS\system32\drivers\npf.sys
17:13:12.0749 0x5804 NPF - ok
17:13:12.0754 0x5804 Npfs - ok
17:13:12.0758 0x5804 npsvctrig - ok
17:13:12.0762 0x5804 nsi - ok
17:13:12.0767 0x5804 nsiproxy - ok
17:13:12.0773 0x5804 NTFS - ok
17:13:12.0778 0x5804 Null - ok
17:13:12.0789 0x5804 [ 176372CCCD2A3B36224D0490A24FDCD5, 214C2BE782CF060069070C292CD18084DFFC26A2F26DB94847EFFFEC5B190905 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
17:13:12.0795 0x5804 NvContainerLocalSystem - ok
17:13:12.0806 0x5804 [ 176372CCCD2A3B36224D0490A24FDCD5, 214C2BE782CF060069070C292CD18084DFFC26A2F26DB94847EFFFEC5B190905 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
17:13:12.0813 0x5804 NvContainerNetworkService - ok
17:13:12.0822 0x5804 [ C27427C9D79DE00A01B9987B68485F60, D385AFADECC3B1ECD62211D5501050A66F6A334AE3799DDA8F8CA4C231CFB075 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
17:13:12.0826 0x5804 NVHDA - ok
17:13:13.0078 0x5804 [ 90050A0469120BD8E0931267FFE31CFD, 0424DF3733EBF21B2500F7B94C40E0A8AD60005191E4FB0C2F6FFD8FC7844EEF ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e69a53b8ddde469c\nvlddmkm.sys
17:13:13.0257 0x5804 nvlddmkm - ok
17:13:13.0277 0x5804 nvraid - ok
17:13:13.0282 0x5804 nvstor - ok
17:13:13.0286 0x5804 [ D61AC1C1B847970F152CE05AC66A2F6C, 4F9362AEF87F394CF6FA90669A5E49DC5B657B8F36302C27784069416FA0776C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:13:13.0291 0x5804 NvStreamKms - ok
17:13:13.0305 0x5804 [ 0CB5B4866F6A7EAE332E256D151C8190, 2A9CFFD46C2972DDC16C3C34DD3A17B47C6D4145485E4A28365AD3797576424C ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
17:13:13.0319 0x5804 NvTelemetryContainer - ok
17:13:13.0329 0x5804 [ F489CE4A8456F9EB0F0C5532E2FD7549, 145D8A8EBF5120C735FBCDCA6593AB29088E2AB77130749E3727CB1434C9ABEA ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
17:13:13.0331 0x5804 nvvad_WaveExtensible - ok
17:13:13.0337 0x5804 [ FEAA46EB1E2B80C0DEFD2AAE4050E097, 9B429DFEA15A073D80AFB3E422B24286CC26210AD214368B5E1FC5F91B2B2501 ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
17:13:13.0339 0x5804 nvvhci - ok
17:13:13.0344 0x5804 OneSyncSvc - ok
17:13:13.0353 0x5804 [ CBC25009133730EB00BFAD4E37A6D387, AC93BEBD1E13336F9A6A4AB699A34127A31EC949A9EC5930B21BA80A3A6AF916 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:13:13.0365 0x5804 ose - ok
17:13:13.0371 0x5804 p2pimsvc - ok
17:13:13.0375 0x5804 p2psvc - ok
17:13:13.0382 0x5804 Parport - ok
17:13:13.0388 0x5804 partmgr - ok
17:13:13.0392 0x5804 passthruparser - ok
17:13:13.0396 0x5804 PcaSvc - ok
17:13:13.0402 0x5804 pci - ok
17:13:13.0406 0x5804 pciide - ok
17:13:13.0410 0x5804 pcip - ok
17:13:13.0414 0x5804 pcmcia - ok
17:13:13.0418 0x5804 pcw - ok
17:13:13.0423 0x5804 pdc - ok
17:13:13.0428 0x5804 PEAUTH - ok
17:13:13.0434 0x5804 PeerDistSvc - ok
17:13:13.0446 0x5804 percsas2i - ok
17:13:13.0453 0x5804 percsas3i - ok
17:13:13.0485 0x5804 PerfHost - ok
17:13:13.0498 0x5804 PhoneSvc - ok
17:13:13.0503 0x5804 PimIndexMaintenanceSvc - ok
17:13:13.0513 0x5804 pla - ok
17:13:13.0517 0x5804 PlugPlay - ok
17:13:13.0521 0x5804 PNRPAutoReg - ok
17:13:13.0527 0x5804 PNRPsvc - ok
17:13:13.0533 0x5804 PolicyAgent - ok
17:13:13.0539 0x5804 Power - ok
17:13:13.0544 0x5804 PptpMiniport - ok
17:13:13.0614 0x5804 [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:13:13.0660 0x5804 PrintNotify - ok
17:13:13.0669 0x5804 Processor - ok
17:13:13.0677 0x5804 ProfSvc - ok
17:13:13.0689 0x5804 Psched - ok
17:13:13.0694 0x5804 pvhdparser - ok
17:13:13.0699 0x5804 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\WINDOWS\system32\drivers\PxHlpa64.sys
17:13:13.0705 0x5804 PxHlpa64 - ok
17:13:13.0709 0x5804 QWAVE - ok
17:13:13.0713 0x5804 QWAVEdrv - ok
17:13:13.0717 0x5804 ramparser - ok
17:13:13.0721 0x5804 RasAcd - ok
17:13:13.0725 0x5804 RasAgileVpn - ok
17:13:13.0729 0x5804 RasAuto - ok
17:13:13.0732 0x5804 Rasl2tp - ok
17:13:13.0737 0x5804 RasMan - ok
17:13:13.0742 0x5804 RasPppoe - ok
17:13:13.0747 0x5804 RasSstp - ok
17:13:13.0750 0x5804 rdbss - ok
17:13:13.0756 0x5804 rdpbus - ok
17:13:13.0760 0x5804 RDPDR - ok
17:13:13.0768 0x5804 RdpVideoMiniport - ok
17:13:13.0772 0x5804 rdyboost - ok
17:13:13.0776 0x5804 ReFSv1 - ok
17:13:13.0781 0x5804 RemoteAccess - ok
17:13:13.0786 0x5804 RemoteRegistry - ok
17:13:13.0790 0x5804 RetailDemo - ok
17:13:13.0800 0x5804 RmSvc - ok
17:13:13.0814 0x5804 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
17:13:13.0822 0x5804 rpcapd - ok
17:13:13.0826 0x5804 RpcEptMapper - ok
17:13:13.0830 0x5804 RpcLocator - ok
17:13:13.0835 0x5804 RpcSs - ok
17:13:13.0844 0x5804 [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103 C:\WINDOWS\system32\DRIVERS\RsFx0103.sys
17:13:13.0853 0x5804 RsFx0103 - ok
17:13:13.0858 0x5804 rspndr - ok
17:13:13.0862 0x5804 rt640x64 - ok
17:13:13.0866 0x5804 s3cap - ok
17:13:13.0870 0x5804 SamSs - ok
17:13:13.0875 0x5804 sbp2port - ok
17:13:13.0881 0x5804 SCardSvr - ok
17:13:13.0885 0x5804 ScDeviceEnum - ok
17:13:13.0889 0x5804 scfilter - ok
17:13:13.0893 0x5804 Schedule - ok
17:13:13.0897 0x5804 scmbus - ok
17:13:13.0901 0x5804 scmdisk0101 - ok
17:13:13.0905 0x5804 SCPolicySvc - ok
17:13:13.0909 0x5804 sdbus - ok
17:13:13.0914 0x5804 SDRSVC - ok
17:13:13.0921 0x5804 sdstor - ok
17:13:13.0929 0x5804 seclogon - ok
17:13:13.0933 0x5804 SENS - ok
17:13:13.0936 0x5804 Sense - ok
17:13:13.0941 0x5804 SensorDataService - ok
17:13:13.0946 0x5804 SensorService - ok
17:13:13.0949 0x5804 SensorsSimulatorDriver - ok
17:13:13.0953 0x5804 SensrSvc - ok
17:13:13.0957 0x5804 SerCx - ok
17:13:13.0961 0x5804 SerCx2 - ok
17:13:13.0966 0x5804 Serenum - ok
17:13:13.0969 0x5804 Serial - ok
17:13:13.0973 0x5804 sermouse - ok
17:13:13.0984 0x5804 SessionEnv - ok
17:13:13.0993 0x5804 sfloppy - ok
17:13:13.0998 0x5804 SharedAccess - ok
17:13:14.0004 0x5804 ShellHWDetection - ok
17:13:14.0013 0x5804 shpamsvc - ok
17:13:14.0017 0x5804 SiSRaid2 - ok
17:13:14.0022 0x5804 SiSRaid4 - ok
17:13:14.0031 0x5804 [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:13:14.0043 0x5804 SkypeUpdate - ok
17:13:14.0051 0x5804 smphost - ok
17:13:14.0056 0x5804 SmsRouter - ok
17:13:14.0065 0x5804 SNMPTRAP - ok
17:13:14.0069 0x5804 spaceport - ok
17:13:14.0074 0x5804 SpbCx - ok
17:13:14.0104 0x5804 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\WINDOWS\SysWoW64\speedfan.sys
17:13:14.0112 0x5804 speedfan - ok
17:13:14.0117 0x5804 Spooler - ok
17:13:14.0122 0x5804 sppsvc - ok
17:13:14.0135 0x5804 [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:13:14.0149 0x5804 SQLAgent$SQLEXPRESS - ok
17:13:14.0159 0x5804 [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:13:14.0169 0x5804 SQLBrowser - ok
17:13:14.0176 0x5804 [ FAD8A14CAE92E805E48DA87B9564391A, B4BD026B6C9EE72CDE5E9215D903F16AE15893A1491ECFC346CB030C56D592A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:13:14.0177 0x5804 SQLWriter - ok
17:13:14.0182 0x5804 srv - ok
17:13:14.0185 0x5804 srv2 - ok
17:13:14.0189 0x5804 srvnet - ok
17:13:14.0194 0x5804 SSDPSRV - ok
17:13:14.0198 0x5804 SstpSvc - ok
17:13:14.0203 0x5804 StateRepository - ok
17:13:14.0230 0x5804 [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:13:14.0249 0x5804 Steam Client Service - ok
17:13:14.0254 0x5804 stexstor - ok
17:13:14.0259 0x5804 [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
17:13:14.0260 0x5804 StillCam - ok
17:13:14.0265 0x5804 stisvc - ok
17:13:14.0271 0x5804 storahci - ok
17:13:14.0279 0x5804 storflt - ok
17:13:14.0285 0x5804 stornvme - ok
17:13:14.0290 0x5804 storqosflt - ok
17:13:14.0295 0x5804 StorSvc - ok
17:13:14.0298 0x5804 storufs - ok
17:13:14.0303 0x5804 storvsc - ok
17:13:14.0308 0x5804 storvsp - ok
17:13:14.0312 0x5804 svsvc - ok
17:13:14.0316 0x5804 swenum - ok
17:13:14.0321 0x5804 swprv - ok
17:13:14.0326 0x5804 Synth3dVsc - ok
17:13:14.0331 0x5804 Synth3dVsp - ok
17:13:14.0335 0x5804 SysMain - ok
17:13:14.0340 0x5804 SystemEventsBroker - ok
17:13:14.0345 0x5804 TabletInputService - ok
17:13:14.0349 0x5804 TapiSrv - ok
17:13:14.0355 0x5804 [ 64292B0302DBAC8F53DEB0E1A0DEA5C2, 4CEB4F107C5A17C3238232914E0D01807365F0C14BD5C4A7EA198592A240F9AE ] tbupddsu C:\WINDOWS\system32\DRIVERS\tbupddsu.sys
17:13:14.0358 0x5804 tbupddsu - ok
17:13:14.0388 0x5804 [ C98D490A531A64571690B9C2F39B2091, 91652FFF912C2D96820AAEF88E6468F0EE95695CE47C26E8CA5934D5E8F3D42F ] tbupddwu C:\Program Files\UPDD\tbupddwu.exe
17:13:14.0411 0x5804 tbupddwu - ok
17:13:14.0416 0x5804 Tcpip - ok
17:13:14.0420 0x5804 Tcpip6 - ok
17:13:14.0427 0x5804 tcpipreg - ok
17:13:14.0433 0x5804 tdx - ok
17:13:14.0440 0x5804 [ 2625DD0C44FEB294E4096E129938C618, 50CD1F8618C46911A1A5DF62797AC16BD88E1915288D62B09BF2BDB44472C68B ] Te.Service C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
17:13:14.0442 0x5804 Te.Service - ok
17:13:14.0552 0x5804 [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:13:14.0644 0x5804 TeamViewer - ok
17:13:14.0655 0x5804 terminpt - ok
17:13:14.0660 0x5804 TermService - ok
17:13:14.0664 0x5804 Themes - ok
17:13:14.0668 0x5804 TieringEngineService - ok
17:13:14.0673 0x5804 tiledatamodelsvc - ok
17:13:14.0677 0x5804 TimeBrokerSvc - ok
17:13:14.0682 0x5804 TPM - ok
17:13:14.0686 0x5804 TrkWks - ok
17:13:14.0693 0x5804 [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
17:13:14.0697 0x5804 truecrypt - ok
17:13:14.0703 0x5804 TrustedInstaller - ok
17:13:14.0708 0x5804 tsusbflt - ok
17:13:14.0713 0x5804 TsUsbGD - ok
17:13:14.0717 0x5804 tsusbhub - ok
17:13:14.0720 0x5804 tunnel - ok
17:13:14.0725 0x5804 tzautoupdate - ok
17:13:14.0730 0x5804 UASPStor - ok
17:13:14.0735 0x5804 UcmCx0101 - ok
17:13:14.0740 0x5804 UcmTcpciCx0101 - ok
17:13:14.0749 0x5804 UcmUcsi - ok
17:13:14.0754 0x5804 Ucx01000 - ok
17:13:14.0758 0x5804 UdeCx - ok
17:13:14.0762 0x5804 udfs - ok
17:13:14.0766 0x5804 UEFI - ok
17:13:14.0770 0x5804 UevAgentDriver - ok
17:13:14.0775 0x5804 UevAgentService - ok
17:13:14.0780 0x5804 Ufx01000 - ok
17:13:14.0784 0x5804 UfxChipidea - ok
17:13:14.0788 0x5804 ufxsynopsys - ok
17:13:14.0797 0x5804 UI0Detect - ok
17:13:14.0803 0x5804 [ 6E566C1708DDC93ADF9286E9C714B652, AF179BCA9395D51ACDFB5BACE29388E2B4D5587FCAB53898AAA4F4011851B115 ] UimBus C:\WINDOWS\System32\drivers\UimBus.sys
17:13:14.0805 0x5804 UimBus - ok
17:13:14.0810 0x5804 [ 7DF6A08B0B74C4F9357EFBAE309B87F1, 9A5BB8EA70709519A3599D0818923321AE691CC9EBC1ABC3F5BB008AF18B797B ] Uim_DEVIM C:\WINDOWS\System32\drivers\uim_devim.sys
17:13:14.0812 0x5804 Uim_DEVIM - ok
17:13:14.0826 0x5804 [ 2DDD63E0948474B91046CF1AB7661189, A91A1F1E646B928C95C30DA4D70220262D3A67C1B66E365C981AA23A401624E9 ] Uim_IM C:\WINDOWS\System32\drivers\uim_im.sys
17:13:14.0835 0x5804 Uim_IM - ok
17:13:14.0840 0x5804 umbus - ok
17:13:14.0846 0x5804 UmPass - ok
17:13:14.0850 0x5804 UmRdpService - ok
17:13:14.0854 0x5804 UnistoreSvc - ok
17:13:14.0867 0x5804 [ D9BA7FCC229D3360078970A0A6AF99D0, 360BF33F6628EF48AEC062CECE3C919A73DFB8797C3684CEB8A8D51EB140C023 ] upddvh C:\WINDOWS\System32\drivers\upddvh.sys
17:13:14.0869 0x5804 upddvh - ok
17:13:14.0873 0x5804 upnphost - ok
17:13:14.0878 0x5804 UrsChipidea - ok
17:13:14.0883 0x5804 UrsCx01000 - ok
17:13:14.0887 0x5804 UrsSynopsys - ok
17:13:14.0892 0x5804 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
17:13:14.0895 0x5804 USBAAPL64 - ok
17:13:14.0921 0x5804 [ 842B334B1F1FDF631F43AD70C3DB9401, CD2FD5B86417101C3C88B105D0F25FD517E22C4EE44EDE01E4E267842CCF8FF6 ] USBADVAU C:\WINDOWS\system32\drivers\cm11264.sys
17:13:14.0936 0x5804 USBADVAU - ok
17:13:14.0942 0x5804 usbaudio - ok
17:13:14.0947 0x5804 usbccgp - ok
17:13:14.0952 0x5804 usbcir - ok
17:13:14.0956 0x5804 usbehci - ok
17:13:14.0960 0x5804 usbhub - ok
17:13:14.0967 0x5804 USBHUB3 - ok
17:13:14.0972 0x5804 usbohci - ok
17:13:14.0983 0x5804 usbprint - ok
17:13:14.0994 0x5804 usbser - ok
17:13:14.0999 0x5804 USBSTOR - ok
17:13:15.0006 0x5804 usbuhci - ok
17:13:15.0013 0x5804 usbvideo - ok
17:13:15.0018 0x5804 USBXHCI - ok
17:13:15.0023 0x5804 UserDataSvc - ok
17:13:15.0032 0x5804 UserManager - ok
17:13:15.0036 0x5804 UsoSvc - ok
17:13:15.0041 0x5804 VaultSvc - ok
17:13:15.0046 0x5804 vdrvroot - ok
17:13:15.0051 0x5804 vds - ok
17:13:15.0056 0x5804 VerifierExt - ok
17:13:15.0061 0x5804 VfpExt - ok
17:13:15.0066 0x5804 vhdmp - ok
17:13:15.0071 0x5804 vhdparser - ok
17:13:15.0076 0x5804 vhf - ok
17:13:15.0081 0x5804 Vid - ok
17:13:15.0086 0x5804 vmbus - ok
17:13:15.0091 0x5804 VMBusHID - ok
17:13:15.0098 0x5804 vmbusr - ok
17:13:15.0104 0x5804 vmcompute - ok
17:13:15.0112 0x5804 vmgid - ok
17:13:15.0119 0x5804 vmicguestinterface - ok
17:13:15.0124 0x5804 vmicheartbeat - ok
17:13:15.0129 0x5804 vmickvpexchange - ok
17:13:15.0135 0x5804 vmicrdv - ok
17:13:15.0139 0x5804 vmicshutdown - ok
17:13:15.0144 0x5804 vmictimesync - ok
17:13:15.0148 0x5804 vmicvmsession - ok
17:13:15.0152 0x5804 vmicvss - ok
17:13:15.0158 0x5804 vmms - ok
17:13:15.0165 0x5804 VMSP - ok
17:13:15.0169 0x5804 vmsproxy - ok
17:13:15.0173 0x5804 VMSVSF - ok
17:13:15.0178 0x5804 VMSVSP - ok
17:13:15.0183 0x5804 volmgr - ok
17:13:15.0188 0x5804 volmgrx - ok
17:13:15.0193 0x5804 volsnap - ok
17:13:15.0198 0x5804 volume - ok
17:13:15.0203 0x5804 vpci - ok
17:13:15.0208 0x5804 vpcivsp - ok
17:13:15.0224 0x5804 [ B0395671CD4A1B046BC7269A37C8E089, 2E6D8843B53D2E34D4FCAD0FB160996536F14D1EC95FB8C2298C9DCD66EFF918 ] Vsdatant C:\WINDOWS\system32\drivers\vsdatant.sys
17:13:15.0232 0x5804 Vsdatant - ok
17:13:15.0303 0x5804 [ 865B3466BA4EA06062019754E3893D6B, 00E43D5E57FEE7DA03050DB5EDC4EE6FF083BD0F69F15F591D04B7BDD0F87D60 ] vsmon C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
17:13:15.0358 0x5804 vsmon - ok
17:13:15.0368 0x5804 vsmraid - ok
17:13:15.0380 0x5804 VSS - ok
17:13:15.0509 0x5804 [ 558B8E6F99E198519FD87F1575F7D92D, B176F51B72D9BCD6472A710D4E0B78A7A7D1C3CAEC12725289C1EBA54E35083D ] VSStandardCollectorService140 D:\Programs\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
17:13:15.0517 0x5804 VSStandardCollectorService140 - ok
17:13:15.0522 0x5804 VSTXRAID - ok
17:13:15.0529 0x5804 vwifibus - ok
17:13:15.0533 0x5804 vwififlt - ok
17:13:15.0538 0x5804 W32Time - ok
17:13:15.0543 0x5804 w3logsvc - ok
17:13:15.0548 0x5804 W3SVC - ok
17:13:15.0553 0x5804 WacomPen - ok
17:13:15.0558 0x5804 WalletService - ok
17:13:15.0562 0x5804 wanarp - ok
17:13:15.0567 0x5804 wanarpv6 - ok
17:13:15.0571 0x5804 WAS - ok
17:13:15.0579 0x5804 wbengine - ok
17:13:15.0590 0x5804 WbioSrvc - ok
17:13:15.0597 0x5804 wcifs - ok
17:13:15.0605 0x5804 Wcmsvc - ok
17:13:15.0616 0x5804 wcncsvc - ok
17:13:15.0626 0x5804 wcnfs - ok
17:13:15.0634 0x5804 WdBoot - ok
17:13:15.0639 0x5804 Wdf01000 - ok
17:13:15.0644 0x5804 WdFilter - ok
17:13:15.0649 0x5804 WdiServiceHost - ok
17:13:15.0655 0x5804 WdiSystemHost - ok
17:13:15.0661 0x5804 wdiwifi - ok
17:13:15.0666 0x5804 WdNisDrv - ok
17:13:15.0671 0x5804 WdNisSvc - ok
17:13:15.0676 0x5804 WebClient - ok
17:13:15.0681 0x5804 Wecsvc - ok
17:13:15.0686 0x5804 WEPHOSTSVC - ok
17:13:15.0691 0x5804 wercplsupport - ok
17:13:15.0696 0x5804 WerSvc - ok
17:13:15.0701 0x5804 WFPLWFS - ok
17:13:15.0706 0x5804 WiaRpc - ok
17:13:15.0712 0x5804 WIMMount - ok
17:13:15.0715 0x5804 WinDefend - ok
17:13:15.0726 0x5804 WindowsTrustedRT - ok
17:13:15.0731 0x5804 WindowsTrustedRTProxy - ok
17:13:15.0737 0x5804 WinHttpAutoProxySvc - ok
17:13:15.0747 0x5804 WinMad - ok
17:13:15.0758 0x5804 Winmgmt - ok
17:13:15.0763 0x5804 WinNat - ok
17:13:15.0768 0x5804 WinRM - ok
17:13:15.0780 0x5804 WINUSB - ok
17:13:15.0785 0x5804 WinVerbs - ok
17:13:15.0789 0x5804 wisvc - ok
17:13:15.0795 0x5804 WlanSvc - ok
17:13:15.0800 0x5804 wlidsvc - ok
17:13:15.0804 0x5804 WmiAcpi - ok
17:13:15.0813 0x5804 wmiApSrv - ok
17:13:15.0818 0x5804 WMPNetworkSvc - ok
17:13:15.0823 0x5804 Wof - ok
17:13:15.0831 0x5804 workfolderssvc - ok
17:13:15.0836 0x5804 WPDBusEnum - ok
17:13:15.0840 0x5804 WpdUpFltr - ok
17:13:15.0845 0x5804 WpnService - ok
17:13:15.0850 0x5804 WpnUserService - ok
17:13:15.0862 0x5804 ws2ifsl - ok
17:13:15.0872 0x5804 wscsvc - ok
17:13:15.0882 0x5804 WSDPrintDevice - ok
17:13:15.0887 0x5804 WSDScan - ok
17:13:15.0892 0x5804 WSearch - ok
17:13:15.0912 0x5804 [ 539D52A1CB4CC3BFB9B6CAD7883B8ECA, 3CAC8F755F85F06C6FFA8C5328943DC55F410EAAA64F0E4241C3E7F60A48D4A9 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
17:13:15.0928 0x5804 WTabletServiceCon - ok
17:13:15.0934 0x5804 wuauserv - ok
17:13:15.0938 0x5804 WudfPf - ok
17:13:15.0943 0x5804 WUDFRd - ok
17:13:15.0949 0x5804 wudfsvc - ok
17:13:15.0953 0x5804 WUDFWpdFs - ok
17:13:15.0958 0x5804 WUDFWpdMtp - ok
17:13:15.0964 0x5804 WwanSvc - ok
17:13:15.0968 0x5804 XblAuthManager - ok
17:13:15.0973 0x5804 XblGameSave - ok
17:13:15.0983 0x5804 xboxgip - ok
17:13:15.0991 0x5804 XboxNetApiSvc - ok
17:13:15.0997 0x5804 xinputhid - ok
17:13:16.0006 0x5804 [ E8CB51ED05A15C6D82B34BCEBEAC0A3A, CFADB68E7C4DC56CF11AD1F32A67BEE06EC87BD835EC7825FE441C67CB29DD4C ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
17:13:16.0008 0x5804 ZAPrivacyService - ok
17:13:16.0029 0x5804 [ 603AEF6A0007C07A9456B5BB776B90FA, CA63FA27B3D7720D2825F05E5AC102194AB067F06213C2E8751787200C468839 ] ZoneAlarm ICM Service C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
17:13:16.0051 0x5804 ZoneAlarm ICM Service - ok
17:13:16.0060 0x5804 ================ Scan global ===============================
17:13:16.0071 0x5804 [ Global ] - ok
17:13:16.0072 0x5804 ================ Scan MBR ==================================
17:13:16.0076 0x5804 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
17:13:16.0184 0x5804 \Device\Harddisk3\DR3 - ok
17:13:16.0186 0x5804 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk4\DR4
17:13:16.0301 0x5804 \Device\Harddisk4\DR4 - ok
17:13:16.0313 0x5804 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:13:16.0324 0x5804 \Device\Harddisk0\DR0 - ok
17:13:16.0329 0x5804 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:13:16.0335 0x5804 \Device\Harddisk1\DR1 - ok
17:13:16.0364 0x5804 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
17:13:16.0370 0x5804 \Device\Harddisk2\DR2 - ok
17:13:16.0371 0x5804 ================ Scan VBR ==================================
17:13:16.0377 0x5804 [ 4E584513472816BF9773B531D781F88D ] \Device\Harddisk3\DR3\Partition1
17:13:16.0378 0x5804 \Device\Harddisk3\DR3\Partition1 - ok
17:13:16.0381 0x5804 [ FBC16D9BA3DC960F796BA7C1EDAA526E ] \Device\Harddisk0\DR0\Partition1
17:13:16.0382 0x5804 \Device\Harddisk0\DR0\Partition1 - ok
17:13:16.0385 0x5804 [ 055B62E3D11ED8A19379FBDFEF40309E ] \Device\Harddisk1\DR1\Partition1
17:13:16.0386 0x5804 \Device\Harddisk1\DR1\Partition1 - ok
17:13:16.0389 0x5804 [ B7D92DE88B46B9DB1CBD242FA6AC1362 ] \Device\Harddisk1\DR1\Partition2
17:13:16.0391 0x5804 \Device\Harddisk1\DR1\Partition2 - ok
17:13:16.0393 0x5804 [ 2581F31D7876FC549AB087F56FFF91F9 ] \Device\Harddisk2\DR2\Partition1
17:13:16.0394 0x5804 \Device\Harddisk2\DR2\Partition1 - ok
17:13:16.0395 0x5804 ================ Scan generic autorun ======================
17:13:16.0603 0x5804 [ C43D50453404EF1C6801EFFC2492A202, 1D4142E49B2F8129C5643A3B6AD3BA93520FA008D9382EFA60CCDC6172F48D43 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:13:16.0751 0x5804 RTHDVCPL - ok
17:13:16.0766 0x5804 [ F7ED64C9765A92B65F2E1868CFF7431A, 5EEFDB3B2C8CEF2C96BF39DE3E527D7D59845250B3861F6D42D7CC3CDA7C6769 ] C:\Windows\System\3DG4me.exe
17:13:16.0768 0x5804 3DG4me - ok
17:13:16.0817 0x5804 [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
17:13:16.0862 0x5804 EvtMgr6 - ok
17:13:16.0865 0x5804 CrashPlanTray - ok
17:13:16.0900 0x5804 [ 6333EA859221D95A2070190448B3D4BD, F92DDD0F1AFE9E19030299FA1F3B3BED9F35C9925F0217F2257B93A58CE2108A ] C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
17:13:16.0924 0x5804 DisplayLinkUI - ok
17:13:16.0944 0x5804 [ 9E79A2008669E07DA37F2B00887FB695, ADD44E08F7328D77EB11A556FB1B39E2D9C0EBCE0C9A8E097029B9485D65B71D ] C:\Program Files\UPDD\tbdaemon.exe
17:13:16.0952 0x5804 tbdaemon - ok
17:13:16.0963 0x5804 [ 2C7B4EF4610B08C6D5BEED7852702E89, BD147C13EF0A0476E5FFBB18F967DB97753D13A3CF8F19FD6CEBD010A4B6131B ] C:\Program Files\UPDD\aidaemon.exe
17:13:16.0969 0x5804 aidaemon - ok
17:13:16.0978 0x5804 [ 782A31DB311AAC5F9CB50DDD9228867A, E200DFE8E1F8F8EEA26EDD76A3A3843EFDAE0A2284808D65C9DA6C4F76970E29 ] C:\Program Files\iTunes\iTunesHelper.exe
17:13:16.0982 0x5804 iTunesHelper - ok
17:13:17.0038 0x5804 [ 5602FF42444B4991E69C62E493BDAEC4, 7AE46CA0CD1E1C091B31EE4A691C26823E0F1AB1CA6B1C29E6C662BF7E28A996 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
17:13:17.0075 0x5804 Malwarebytes TrayApp - ok
17:13:17.0084 0x5804 [ 4D241A6A8F6BA9FA32FF836551FFDCEA, DEE87DFB6A8E87D40E3653435223B54AF2AB232DDC02D22468C126C54096F006 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
17:13:17.0088 0x5804 USB3MON - ok
17:13:17.0103 0x5804 [ D29C3F2BEA792CC2196AF7B2BEB9E899, EC787FC79C01444BAEA4866146FCF810B664D4C176D3F3E9C58C436531EE4266 ] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
17:13:17.0120 0x5804 THX TruStudio NB Settings - ok
17:13:17.0126 0x5804 [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
17:13:17.0127 0x5804 UpdReg - ok
17:13:17.0151 0x5804 [ 30ECFDFE0FAE38B0608A23B444A1A04D, C61EFB59D3ACA2C7345E17099265D62C37F9F34DA026519A58C297350A561945 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:13:17.0161 0x5804 avgnt - ok
17:13:17.0168 0x5804 [ 5D666FC778E7754CC7103402D814809B, 7E9B205B74440D455155014EE8D6FD0D1C647B016D72A28F16709F50BC005D3F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
17:13:17.0176 0x5804 ControlCenter4 - ok
17:13:17.0227 0x5804 [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
17:13:17.0271 0x5804 BrStsMon00 - ok
17:13:17.0324 0x5804 [ 7D5E8D5BDF324718BBC91DF02D830317, AA6A8B0536C14A7D11FDFFA5F980E90059F6C3BE99DE57503EC58DEA022C5398 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
17:13:17.0361 0x5804 Adobe Creative Cloud - ok
17:13:17.0369 0x5804 [ AF9688A90020A67F271D54E503F84C26, 538E068126D072F64BE7BC1B5902D20B6755EF7F7B1C3A04F82C9C97BE0AD50E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
17:13:17.0371 0x5804 Avira SystrayStartTrigger - ok
17:13:17.0377 0x5804 [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
17:13:17.0380 0x5804 PDFPrint - ok
17:13:17.0385 0x5804 [ E9BA162643788A1E48F56ABE3D1D7B25, 0B6408D8861683BE05BB970E11437B5263A6DA7182E7F863F815B391EE7445CF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
17:13:17.0393 0x5804 ZoneAlarm - ok
17:13:17.0421 0x5804 OneDriveSetup - ok
17:13:17.0423 0x5804 OneDriveSetup - ok
17:13:17.0700 0x5804 [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] D:\Programs\DAEMON Tools Lite\DTLite.exe
17:13:17.0740 0x5804 DAEMON Tools Lite - ok
17:13:17.0914 0x5804 [ 3F218819210022E0D585957FB155D4A3, A2F27FCB349BAE82B4A4475F3C26E5D57D0EC07C22228F35CFFE3ABBFBA2EEF8 ] D:\Programs\Steam\steam.exe
17:13:17.0947 0x5804 Steam - ok
17:13:17.0959 0x5804 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe
17:13:17.0968 0x5804 Dropbox Update - ok
17:13:17.0994 0x5804 [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Michael\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:13:18.0020 0x5804 OneDrive - ok
17:13:18.0028 0x5804 [ F30EB4A3C8534F51767F25BEDF8F6F99, 326BAB4DAE218618C98196424B64F36EBC75BF86C9C9DA8B367EF347AE49A245 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
17:13:18.0035 0x5804 iCloudServices - ok
17:13:18.0039 0x5804 [ F805C4D2334F8750CA14EB412A3C403E, F86212B0C7FF74E4C8BBF637D71529FA376AA1CF97CFD39EEA7ACD70D996EEE0 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
17:13:18.0041 0x5804 iCloudDrive - ok
17:13:18.0049 0x5804 [ 5EFD02A5F5DAE55FFE043450A1F1689C, D715A9044D087ACDDB5FE93D7263A3E1B134190202F95C37C36DBF8CCD6428AC ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
17:13:18.0060 0x5804 iCloudPhotos - ok
17:13:18.0063 0x5804 GoogleDriveSync - ok
17:13:18.0080 0x5804 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
17:13:18.0092 0x5804 SpybotPostWindows10UpgradeReInstall - ok
17:13:18.0095 0x5804 OneDriveSetup - ok
17:13:18.0099 0x5804 WAB Migrate - ok
17:13:18.0101 0x5804 Waiting for KSN requests completion. In queue: 69
17:13:19.0115 0x5804 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\WindowsSecurityCenter.exe ( 15.0.26.45 ), 0x41000 ( enabled : updated )
17:13:19.0116 0x5804 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x62100 ( disabled : updated )
17:13:19.0116 0x5804 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
17:13:19.0128 0x5804 FW detected via SS2: ZoneAlarm Free Firewall Firewall, C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe ( 15.1.504.17269 ), 0x41010 ( enabled )
17:13:19.0553 0x5804 ============================================================
17:13:19.0553 0x5804 Scan finished
17:13:19.0553 0x5804 ============================================================
17:13:19.0564 0x580c Detected object count: 0
17:13:19.0564 0x580c Actual detected object count: 0
17:13:40.0793 0x5250 ============================================================
17:13:40.0793 0x5250 Scan started
17:13:40.0793 0x5250 Mode: Manual; SigCheck; TDLFS;
17:13:40.0793 0x5250 ============================================================
17:13:40.0793 0x5250 KSN ping started
17:13:41.0507 0x5250 KSN ping finished: true
17:13:44.0293 0x5250 ================ Scan system memory ========================
17:13:44.0293 0x5250 System memory - ok
17:13:44.0293 0x5250 ================ Scan services =============================
17:13:44.0362 0x5250 1394ohci - ok
17:13:44.0371 0x5250 [ EE6D1EB24DD0FDF8F73D9DC69F32EB5B, 1E25928173E40CD10AF08B2AEF987D6CD945B3D1068DE0852C8BA6FA03B6DDC1 ] 3dxhid C:\WINDOWS\System32\drivers\3dxhid.sys
17:13:44.0419 0x5250 3dxhid - ok
17:13:44.0422 0x5250 3ware - ok
17:13:44.0427 0x5250 ACPI - ok
17:13:44.0430 0x5250 AcpiDev - ok
17:13:44.0435 0x5250 acpiex - ok
17:13:44.0438 0x5250 acpipagr - ok
17:13:44.0442 0x5250 AcpiPmi - ok
17:13:44.0446 0x5250 acpitime - ok
17:13:44.0521 0x5250 [ 37E0AAD625E2CFCED30EA6B44A26D21B, 4E646944C10A91A36FBA16532DCEA01376C742197DDCB6D6CB8AC5CE04353FE3 ] AdobeActiveFileMonitor14.0 D:\Programs\Adobe PSE 14\Elements 14 Organizer\PhotoshopElementsFileAgent.exe
17:13:44.0532 0x5250 AdobeActiveFileMonitor14.0 - ok
17:13:44.0540 0x5250 [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:13:44.0550 0x5250 AdobeARMservice - ok
17:13:44.0572 0x5250 [ 8532B30A054D83614A90D24AD61A29DF, 959C74C63AF7F4E5588C705FBF08EA7A8749268BC28819879ED53AB7A3410B74 ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
17:13:44.0591 0x5250 AdobeUpdateService - ok
17:13:44.0601 0x5250 ADP80XX - ok
17:13:44.0608 0x5250 AFD - ok
17:13:44.0650 0x5250 [ A32EA26C90A47B2BC93D7B0B94994B11, 1CF8DB09CA27EAC5741489EDFDFC04D69485B51C726F539BFCDC3C78E8E09EBE ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
17:13:44.0694 0x5250 AGSService - ok
17:13:44.0700 0x5250 ahcache - ok
17:13:44.0703 0x5250 AJRouter - ok
17:13:44.0710 0x5250 ALG - ok
17:13:44.0720 0x5250 AmdK8 - ok
17:13:44.0725 0x5250 AmdPPM - ok
17:13:44.0730 0x5250 amdsata - ok
17:13:44.0734 0x5250 amdsbs - ok
17:13:44.0738 0x5250 amdxata - ok
17:13:44.0766 0x5250 [ 0C891285258A793146DCF286BFEDFF20, 2BF060A4D1C26FBB99229DADFBDBE4C03DE3DE1FA6376948DEC257907CB83442 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:13:44.0791 0x5250 AntiVirMailService - ok
17:13:44.0805 0x5250 [ A92B5723DC25E9755C745F9946A2E2EA, 5C1994BB7BE36555AE43400E12A650B1AC4CC37E9765B3AB5A605AD13E0CE1CF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:13:44.0820 0x5250 AntiVirSchedulerService - ok
17:13:44.0836 0x5250 [ A92B5723DC25E9755C745F9946A2E2EA, 5C1994BB7BE36555AE43400E12A650B1AC4CC37E9765B3AB5A605AD13E0CE1CF ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:13:44.0855 0x5250 AntiVirService - ok
17:13:44.0883 0x5250 [ 56B7AEE325CE5EA2BD854899E4E7123B, E25491348675939CB81C0E19A50473C8B13C1CFA1F84305478DD3403E1393800 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:13:44.0913 0x5250 AntiVirWebService - ok
17:13:44.0920 0x5250 AppHostSvc - ok
17:13:44.0923 0x5250 AppID - ok
17:13:44.0927 0x5250 AppIDSvc - ok
17:13:44.0932 0x5250 Appinfo - ok
17:13:44.0940 0x5250 [ A5E8EB3B4244358F62DADF769DB59567, 76FE364D9A896424E4C2BCA5F66CFF31F22513851B7E4B65EDE206DF159DA67F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:13:44.0949 0x5250 Apple Mobile Device Service - ok
17:13:44.0962 0x5250 applockerfltr - ok
17:13:44.0968 0x5250 AppMgmt - ok
17:13:44.0972 0x5250 AppReadiness - ok
17:13:44.0977 0x5250 AppVClient - ok
17:13:44.0982 0x5250 AppvStrm - ok
17:13:44.0986 0x5250 AppvVemgr - ok
17:13:44.0990 0x5250 AppvVfs - ok
17:13:44.0995 0x5250 AppXSvc - ok
17:13:44.0999 0x5250 arcsas - ok
17:13:45.0004 0x5250 [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64 C:\WINDOWS\system32\drivers\asahci64.sys
17:13:45.0013 0x5250 asahci64 - ok
17:13:45.0031 0x5250 aspnet_state - ok
17:13:45.0035 0x5250 AsyncMac - ok
17:13:45.0038 0x5250 atapi - ok
17:13:45.0042 0x5250 AudioEndpointBuilder - ok
17:13:45.0045 0x5250 Audiosrv - ok
17:13:45.0051 0x5250 [ 11F3AAFB5D279AFBCBB0AD9FF76A24F8, 06C5FA1BD64EB54691629363DD0771394F81E4EB216E489D5169395736E80D99 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:13:45.0064 0x5250 avgntflt - ok
17:13:45.0072 0x5250 [ F8520E88246641E51108922944FB34A6, 326DCB8114439FB1F75E9DB6E5F7818654FAAC4CD957B80DEE17B850676A737F ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:13:45.0084 0x5250 avipbb - ok
17:13:45.0094 0x5250 [ 64943D597895DE755A58EE46402932F3, 11D6668F325A5C8343C533BC037AD38019EA6F8E84FB15639B16BD3113F73C8D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:13:45.0109 0x5250 Avira.ServiceHost - ok
17:13:45.0114 0x5250 [ 2CBA09A7983B1D39531B768BCED08C20, B40968DFE1A648CCB9260033E1EA57B5D496274A335B000354156B0DB740EDE0 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:13:45.0123 0x5250 avkmgr - ok
17:13:45.0129 0x5250 [ 8D18C6406FF8DC39028177E1E5675182, 44985DEE74F235567FB849350256F342BCE26EF66439D761FA3F6EDA22882092 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
17:13:45.0139 0x5250 avnetflt - ok
17:13:45.0142 0x5250 AxInstSV - ok
17:13:45.0146 0x5250 b06bdrv - ok
17:13:45.0149 0x5250 BasicDisplay - ok
17:13:45.0154 0x5250 BasicRender - ok
17:13:45.0160 0x5250 bcmfn - ok
17:13:45.0163 0x5250 bcmfn2 - ok
17:13:45.0167 0x5250 BDESVC - ok
17:13:45.0170 0x5250 Beep - ok
17:13:45.0173 0x5250 BFE - ok
17:13:45.0177 0x5250 BITS - ok
17:13:45.0189 0x5250 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:13:45.0202 0x5250 Bonjour Service - ok
17:13:45.0207 0x5250 bowser - ok
17:13:45.0210 0x5250 BrokerInfrastructure - ok
17:13:45.0214 0x5250 Browser - ok
17:13:45.0221 0x5250 [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
17:13:45.0236 0x5250 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
17:13:45.0236 0x5250 Detect skipped due to KSN trusted
17:13:45.0236 0x5250 BrYNSvc - ok
17:13:45.0240 0x5250 BthAvrcpTg - ok
17:13:45.0244 0x5250 BthHFEnum - ok
17:13:45.0247 0x5250 bthhfhid - ok
17:13:45.0251 0x5250 BthHFSrv - ok
17:13:45.0254 0x5250 BTHMODEM - ok
17:13:45.0262 0x5250 bthserv - ok
17:13:45.0267 0x5250 buttonconverter - ok
17:13:45.0271 0x5250 CapImg - ok
17:13:45.0276 0x5250 cdfs - ok
17:13:45.0282 0x5250 CDPSvc - ok
17:13:45.0285 0x5250 CDPUserSvc - ok
17:13:45.0293 0x5250 cdrom - ok
17:13:45.0297 0x5250 CertPropSvc - ok
17:13:45.0301 0x5250 cht4iscsi - ok
17:13:45.0314 0x5250 cht4vbd - ok
17:13:45.0324 0x5250 circlass - ok
17:13:45.0330 0x5250 CLFS - ok
17:13:45.0398 0x5250 [ F6ED2A874E4FC4FC95F544088F0523F4, F5F239A666288373ED93C6F13EC14FC4AC7257ABF117A7DD97F20070F8EC2205 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
17:13:45.0472 0x5250 ClickToRunSvc - ok
17:13:45.0481 0x5250 ClipSVC - ok
17:13:45.0493 0x5250 [ C2773F2EB9C3A54437616C19A1B84F4A, 784CB6046E00AAD4F08EDEC1A0558FF8D1E5DB7D1F1B4E01AE30EDE3EDC01069 ] Cloud Station Drive VSS Service x64 C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
17:13:45.0504 0x5250 Cloud Station Drive VSS Service x64 - ok
17:13:45.0509 0x5250 clreg - ok
17:13:45.0520 0x5250 CmBatt - ok
17:13:45.0524 0x5250 CNG - ok
17:13:45.0528 0x5250 cnghwassist - ok
17:13:45.0533 0x5250 [ 81F2B52C47B8AD32CC4FF967FC8D73DA, 13D84B4096E0F9AB9D04F6CD9E9C0DE4B6DF6F11D63C797266D719FD2429A655 ] CompFilter64 C:\WINDOWS\System32\drivers\lvbflt64.sys
17:13:45.0541 0x5250 CompFilter64 - ok
17:13:45.0563 0x5250 CompositeBus - ok
17:13:45.0567 0x5250 COMSysApp - ok
17:13:45.0570 0x5250 condrv - ok
17:13:45.0574 0x5250 CoreMessagingRegistrar - ok
17:13:45.0608 0x5250 [ A28D6FA203CE094BDE7ED8CEC6079E42, 5DCA8BA21F5FD0D9F00620E7592949ABCF3BA202CF7AF3D84F93DF7C13E2D4C9 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:13:45.0626 0x5250 cphs - ok
17:13:45.0632 0x5250 CryptSvc - ok
17:13:45.0636 0x5250 CSC - ok
17:13:45.0639 0x5250 CscService - ok
17:13:45.0643 0x5250 dam - ok
17:13:45.0647 0x5250 DcomLaunch - ok
17:13:45.0650 0x5250 DcpSvc - ok
17:13:45.0655 0x5250 defragsvc - ok
17:13:45.0658 0x5250 DeviceAssociationService - ok
17:13:45.0662 0x5250 DeviceInstall - ok
17:13:45.0665 0x5250 DevQueryBroker - ok
17:13:45.0673 0x5250 Dfsc - ok
17:13:45.0682 0x5250 Dhcp - ok
17:13:45.0690 0x5250 diagnosticshub.standardcollector.service - ok
17:13:45.0697 0x5250 DiagTrack - ok
17:13:45.0707 0x5250 disk - ok
17:13:45.0715 0x5250 DmEnrollmentSvc - ok
17:13:45.0722 0x5250 dmvsc - ok
17:13:45.0726 0x5250 dmwappushservice - ok
17:13:45.0732 0x5250 Dnscache - ok
17:13:45.0737 0x5250 dot3svc - ok
17:13:45.0740 0x5250 DPS - ok
17:13:45.0745 0x5250 drmkaud - ok
17:13:45.0749 0x5250 DsmSvc - ok
17:13:45.0752 0x5250 DsSvc - ok
17:13:45.0760 0x5250 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\WINDOWS\System32\drivers\dtsoftbus01.sys
17:13:45.0772 0x5250 dtsoftbus01 - ok
17:13:45.0777 0x5250 DXGKrnl - ok
17:13:45.0780 0x5250 EapHost - ok
17:13:45.0785 0x5250 ebdrv - ok
17:13:45.0788 0x5250 EFS - ok
17:13:45.0793 0x5250 EhStorClass - ok
17:13:45.0798 0x5250 EhStorTcgDrv - ok
17:13:45.0801 0x5250 embeddedmode - ok
17:13:45.0805 0x5250 EntAppSvc - ok
17:13:45.0809 0x5250 ErrDev - ok
17:13:45.0816 0x5250 [ 233DB99476B8D1CF61AC1177D0137036, E5EF1F30891050729B248013B4D7881FC556D259E2BE3F51980C3A247D3F5950 ] ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys
17:13:45.0829 0x5250 ESProtectionDriver - ok
17:13:45.0841 0x5250 EventSystem - ok
17:13:45.0848 0x5250 exfat - ok
17:13:45.0856 0x5250 fastfat - ok
17:13:45.0861 0x5250 Fax - ok
17:13:45.0865 0x5250 fdc - ok
17:13:45.0869 0x5250 fdPHost - ok
17:13:45.0873 0x5250 FDResPub - ok
17:13:45.0878 0x5250 fhsvc - ok
17:13:45.0882 0x5250 FileCrypt - ok
17:13:45.0889 0x5250 FileInfo - ok
17:13:45.0893 0x5250 Filetrace - ok
17:13:45.0896 0x5250 flpydisk - ok
17:13:45.0900 0x5250 FltMgr - ok
17:13:45.0904 0x5250 FontCache - ok
17:13:45.0909 0x5250 FontCache3.0.0.0 - ok
17:13:45.0912 0x5250 FrameServer - ok
17:13:45.0916 0x5250 FsDepends - ok
17:13:45.0920 0x5250 Fs_Rec - ok
17:13:45.0924 0x5250 fvevol - ok
17:13:45.0929 0x5250 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:13:45.0935 0x5250 GEARAspiWDM - ok
17:13:45.0939 0x5250 gencounter - ok
17:13:45.0943 0x5250 genericusbfn - ok
17:13:45.0946 0x5250 GPIOClx0101 - ok
17:13:45.0954 0x5250 gpsvc - ok
17:13:45.0962 0x5250 GpuEnergyDrv - ok
17:13:45.0971 0x5250 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:13:45.0980 0x5250 gupdate - ok
17:13:45.0985 0x5250 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:13:45.0994 0x5250 gupdatem - ok
17:13:45.0998 0x5250 HdAudAddService - ok
17:13:46.0001 0x5250 HDAudBus - ok
17:13:46.0004 0x5250 HidBatt - ok
17:13:46.0008 0x5250 HidBth - ok
17:13:46.0014 0x5250 hidi2c - ok
17:13:46.0017 0x5250 hidinterrupt - ok
17:13:46.0021 0x5250 HidIr - ok
17:13:46.0024 0x5250 hidserv - ok
17:13:46.0029 0x5250 HidUsb - ok
17:13:46.0032 0x5250 hns - ok
17:13:46.0036 0x5250 HomeGroupListener - ok
17:13:46.0039 0x5250 HomeGroupProvider - ok
17:13:46.0043 0x5250 HpSAMD - ok
17:13:46.0047 0x5250 HTTP - ok
17:13:46.0050 0x5250 HvHost - ok
17:13:46.0054 0x5250 hvservice - ok
17:13:46.0058 0x5250 hwpolicy - ok
17:13:46.0062 0x5250 hyperkbd - ok
17:13:46.0066 0x5250 i8042prt - ok
17:13:46.0072 0x5250 iagpio - ok
17:13:46.0081 0x5250 iai2c - ok
17:13:46.0087 0x5250 iaLPSS2i_GPIO2 - ok
17:13:46.0090 0x5250 iaLPSS2i_I2C - ok
17:13:46.0094 0x5250 iaLPSSi_GPIO - ok
17:13:46.0097 0x5250 iaLPSSi_I2C - ok
17:13:46.0101 0x5250 iaStorAV - ok
17:13:46.0104 0x5250 iaStorV - ok
17:13:46.0107 0x5250 ibbus - ok
17:13:46.0111 0x5250 icssvc - ok
17:13:46.0173 0x5250 [ 9CE4D3A79D3180AC5A141E2F7E7137F4, 1D717D2156B78632895281779D2646AB066619EA1DB293A9505BF7C174F53271 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:13:46.0241 0x5250 igfx - ok
17:13:46.0254 0x5250 [ 6A9C613D0F5F9676D128F39B63ACE45B, 027B9568C740E336C7CBBE952309E2719E8FFA14E7DFC2B85B49E0C0CE7D2149 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
17:13:46.0272 0x5250 igfxCUIService1.0.0.0 - ok
17:13:46.0277 0x5250 IKEEXT - ok
17:13:46.0281 0x5250 IndirectKmd - ok
17:13:46.0289 0x5250 [ 41CD73C13FCAEA4942F0CF7608B7530F, 835BF370E6624975E3CB7106D4835488D6F527C545E7B0ECD26A161D36CABABB ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:13:46.0299 0x5250 intaud_WaveExtensible - ok
17:13:46.0352 0x5250 [ F2744FD54BE1580BE05916D1C755C92A, 27FAC146876B6C6EBE0C00CDEC3E01C69DACB2584BEC85DD0FE5B55AD2157452 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:13:46.0406 0x5250 IntcAzAudAddService - ok
17:13:46.0420 0x5250 [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:13:46.0437 0x5250 IntcDAud - ok
17:13:46.0441 0x5250 intelide - ok
17:13:46.0445 0x5250 intelpep - ok
17:13:46.0449 0x5250 intelppm - ok
17:13:46.0453 0x5250 iorate - ok
17:13:46.0457 0x5250 IpFilterDriver - ok
17:13:46.0460 0x5250 iphlpsvc - ok
17:13:46.0464 0x5250 IPMIDRV - ok
17:13:46.0468 0x5250 IPNAT - ok
17:13:46.0488 0x5250 [ 6F836118C67812A6CC3F8FC9EAF0E65D, 0E8F977B304890CC9D2FE07C713B2B3F1106A79D97CECDE105AD7FC084638F1F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
17:13:46.0506 0x5250 iPod Service - ok
17:13:46.0512 0x5250 [ 45F14ACEA013C63A070AC5DB19677620, F60D48E7456800E311B2B7FABB3C03919D47971230C743A118982FDE07E04847 ] IpOverUsbSvc C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
17:13:46.0521 0x5250 IpOverUsbSvc - ok
17:13:46.0526 0x5250 irda - ok
17:13:46.0529 0x5250 IRENUM - ok
17:13:46.0532 0x5250 irmon - ok
17:13:46.0536 0x5250 isapnp - ok
17:13:46.0542 0x5250 iScsiPrt - ok
17:13:46.0555 0x5250 [ 1ECC1A421B0AEBF9A6934451FBFD7848, 1A8DDEC42831C12760CF27FA02EDD06D5CCE25A606E2DECB7D8487B5961B11AC ] ISCT C:\WINDOWS\System32\drivers\ISCTD64.sys
17:13:46.0564 0x5250 ISCT - ok
17:13:46.0571 0x5250 [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\WINDOWS\system32\drivers\iusb3hcs.sys
17:13:46.0579 0x5250 iusb3hcs - ok
17:13:46.0584 0x5250 [ 48B904D31F2369D7B0122617038D3F5B, 8A43CB37667929CCCC37B6E79E82509BBCA6C8884B44059DC87BCA7C21BE7FE1 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
17:13:46.0594 0x5250 iwdbus - ok
17:13:46.0598 0x5250 kbdclass - ok
17:13:46.0601 0x5250 kbdhid - ok
17:13:46.0605 0x5250 kdnic - ok
17:13:46.0609 0x5250 KeyIso - ok
17:13:46.0613 0x5250 [ 7D78A7B19ABA781BBF75EC7EF8407668, C43BBCBBA6BB091A6A6D2D1C57A3D137808B679CD57B0CD3BF608659F9A82AC0 ] KMJHidMini C:\WINDOWS\System32\drivers\3dxkmj.sys
17:13:46.0620 0x5250 KMJHidMini - detected UnsignedFile.Multi.Generic ( 1 )
17:13:46.0620 0x5250 Detect skipped due to KSN trusted
17:13:46.0620 0x5250 KMJHidMini - ok
17:13:46.0624 0x5250 [ C3D4347EDAFA5D6022277BA4D5BCBF2A, DAA3BF83175D0AC8B37ED414F880DFCB2D7D6E9284A9135BCF66A14C8D971850 ] KMJShim C:\WINDOWS\System32\drivers\3dxshim.sys
17:13:46.0630 0x5250 KMJShim - detected UnsignedFile.Multi.Generic ( 1 )
17:13:46.0631 0x5250 Detect skipped due to KSN trusted
17:13:46.0631 0x5250 KMJShim - ok
17:13:46.0634 0x5250 KSecDD - ok
17:13:46.0638 0x5250 KSecPkg - ok
17:13:46.0641 0x5250 ksthunk - ok
17:13:46.0645 0x5250 KtmRm - ok
17:13:46.0648 0x5250 LanmanServer - ok
17:13:46.0652 0x5250 LanmanWorkstation - ok
17:13:46.0662 0x5250 [ 1D5C6790425CB6DBB1B3C2722C34E199, D8BCC31A443B77711A7CA468E754A73137C1CC47D6F3DA5BEE3735B654327B0C ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:13:46.0675 0x5250 LBTServ - ok
17:13:46.0686 0x5250 [ FF6F04B30231E76FEFEC59DB89A86F9B, D20F0318B054AF1140C87A1325DF159B64045F4ECCE55CA9FA155897A8D69117 ] LDrvSvc c:\program files (x86)\ostotosoft\drivertalent\LDrvSvc.dll
17:13:46.0695 0x5250 LDrvSvc - ok
17:13:46.0700 0x5250 [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb C:\WINDOWS\system32\DRIVERS\LEqdUsb.Sys
17:13:46.0709 0x5250 LEqdUsb - ok
17:13:46.0718 0x5250 [ 081157B1BF9076EDC474623BFC4AF0D8, 11752767D19430245CA1E9F977569B01A0B36CBE7E550B58175C7D6264D612EF ] leusbser C:\WINDOWS\system32\DRIVERS\leusbser.sys
17:13:46.0739 0x5250 leusbser - ok
17:13:46.0743 0x5250 lfsvc - ok
17:13:46.0747 0x5250 [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd C:\WINDOWS\system32\DRIVERS\LHidEqd.Sys
17:13:46.0753 0x5250 LHidEqd - ok
17:13:46.0758 0x5250 [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
17:13:46.0767 0x5250 LHidFilt - ok
17:13:46.0772 0x5250 LicenseManager - ok
17:13:46.0776 0x5250 lltdio - ok
17:13:46.0782 0x5250 lltdsvc - ok
17:13:46.0789 0x5250 lmhosts - ok
17:13:46.0798 0x5250 [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
17:13:46.0806 0x5250 LMouFilt - ok
17:13:46.0811 0x5250 LSI_SAS - ok
17:13:46.0815 0x5250 LSI_SAS2i - ok
17:13:46.0819 0x5250 LSI_SAS3i - ok
17:13:46.0823 0x5250 LSI_SSS - ok
17:13:46.0828 0x5250 LSM - ok
17:13:46.0833 0x5250 luafv - ok
17:13:46.0836 0x5250 lunparser - ok
17:13:46.0846 0x5250 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64 C:\WINDOWS\system32\DRIVERS\lvrs64.sys
17:13:46.0860 0x5250 LVRS64 - ok
17:13:46.0937 0x5250 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\WINDOWS\system32\DRIVERS\lvuvc64.sys
17:13:47.0024 0x5250 LVUVC64 - ok
17:13:47.0036 0x5250 MapsBroker - ok
17:13:47.0043 0x5250 [ 4EA73F071D96F376DB3AB9EF81273B28, 683C362F9B7A0BEC7BA4C1231405FB312EAA9A21260976C084ABA8CA035E6136 ] MBAMChameleon C:\WINDOWS\system32\drivers\MBAMChameleon.sys
17:13:47.0053 0x5250 MBAMChameleon - ok
17:13:47.0059 0x5250 [ C51267EE2726707D38C489C06DDF01ED, BFA9BFB8D2E1581CBF4833DC3D86A88C94B64B3B17D440894AEB111E749E4497 ] MBAMFarflt C:\WINDOWS\system32\drivers\farflt.sys
17:13:47.0068 0x5250 MBAMFarflt - ok
17:13:47.0073 0x5250 [ 88BD122C3A35DE63D75D382DF75554CE, ABDF59543CAD186A6ED4E66257205D9CF5047732A5DA74A96A28B468B41BC396 ] MBAMProtection C:\WINDOWS\system32\drivers\mbam.sys
17:13:47.0083 0x5250 MBAMProtection - ok
17:13:47.0154 0x5250 [ D76E56108E6482905D3FAEA0649919E4, E10285889570A01E544B027F4A17BA7242E5E3EF93D20A19B05091DB237C6DD1 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
17:13:47.0228 0x5250 MBAMService - ok
17:13:47.0240 0x5250 [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
17:13:47.0252 0x5250 MBAMSwissArmy - ok
17:13:47.0260 0x5250 [ BBFBEFBE4598AD6D8E3E821A0FEBDE79, D98CEB294E52167A47CEE7442FF31A44EDC1179069944613203BDC5D8B1B2A73 ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
17:13:47.0271 0x5250 MBAMWebProtection - ok
17:13:47.0276 0x5250 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\WINDOWS\system32\drivers\MBfilt64.sys
17:13:47.0284 0x5250 MBfilt - ok
17:13:47.0288 0x5250 megasas - ok
17:13:47.0292 0x5250 megasas2i - ok
17:13:47.0296 0x5250 megasr - ok
17:13:47.0301 0x5250 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
17:13:47.0309 0x5250 MEIx64 - ok
17:13:47.0313 0x5250 MessagingService - ok
17:13:47.0321 0x5250 mlx4_bus - ok
17:13:47.0325 0x5250 MMCSS - ok
17:13:47.0329 0x5250 Modem - ok
17:13:47.0332 0x5250 monitor - ok
17:13:47.0337 0x5250 mouclass - ok
17:13:47.0340 0x5250 mouhid - ok
17:13:47.0344 0x5250 mountmgr - ok
17:13:47.0351 0x5250 [ 65C0F9AE99ECCCA7C5C3CEFA7ED80904, AABEBEAED256318B5B8C1BC36A2E365CB942ED591C78E78EC6C55EF94A522342 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:13:47.0363 0x5250 MozillaMaintenance - ok
17:13:47.0367 0x5250 mpsdrv - ok
17:13:47.0373 0x5250 MpsSvc - ok
17:13:47.0381 0x5250 MQAC - ok
17:13:47.0391 0x5250 MRxDAV - ok
17:13:47.0395 0x5250 mrxsmb - ok
17:13:47.0399 0x5250 mrxsmb10 - ok
17:13:47.0403 0x5250 mrxsmb20 - ok
17:13:47.0407 0x5250 MsBridge - ok
17:13:47.0411 0x5250 MSDTC - ok
17:13:47.0419 0x5250 Msfs - ok
17:13:47.0422 0x5250 msgpiowin32 - ok
17:13:47.0426 0x5250 mshidkmdf - ok
17:13:47.0430 0x5250 mshidumdf - ok
17:13:47.0434 0x5250 msisadrv - ok
17:13:47.0438 0x5250 MSiSCSI - ok
17:13:47.0441 0x5250 msiserver - ok
17:13:47.0446 0x5250 MSKSSRV - ok
17:13:47.0449 0x5250 MsLldp - ok
17:13:47.0454 0x5250 MSMQ - ok
17:13:47.0458 0x5250 MSPCLOCK - ok
17:13:47.0463 0x5250 MSPQM - ok
17:13:47.0467 0x5250 MsRPC - ok
17:13:47.0472 0x5250 MsSecFlt - ok
17:13:47.0476 0x5250 mssmbios - ok
17:13:47.0481 0x5250 MSSQL$SQLEXPRESS - ok
17:13:47.0487 0x5250 [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
17:13:47.0496 0x5250 MSSQLServerADHelper100 - ok
17:13:47.0503 0x5250 MSTEE - ok
17:13:47.0509 0x5250 MTConfig - ok
17:13:47.0514 0x5250 Mup - ok
17:13:47.0518 0x5250 mvumis - ok
17:13:47.0524 0x5250 NativeWifiP - ok
17:13:47.0529 0x5250 NcaSvc - ok
17:13:47.0533 0x5250 NcbService - ok
17:13:47.0537 0x5250 NcdAutoSetup - ok
17:13:47.0541 0x5250 ndfltr - ok
17:13:47.0544 0x5250 NDIS - ok
17:13:47.0547 0x5250 NdisCap - ok
17:13:47.0551 0x5250 NdisImPlatform - ok
17:13:47.0555 0x5250 NdisTapi - ok
17:13:47.0558 0x5250 Ndisuio - ok
17:13:47.0562 0x5250 NdisVirtualBus - ok
17:13:47.0565 0x5250 NdisWan - ok
17:13:47.0569 0x5250 ndiswanlegacy - ok
17:13:47.0573 0x5250 ndproxy - ok
17:13:47.0577 0x5250 Ndu - ok
17:13:47.0581 0x5250 NetAdapterCx - ok
17:13:47.0585 0x5250 NetBIOS - ok
17:13:47.0590 0x5250 NetBT - ok
17:13:47.0594 0x5250 Netlogon - ok
17:13:47.0597 0x5250 Netman - ok
17:13:47.0605 0x5250 NetMsmqActivator - ok
17:13:47.0608 0x5250 NetPipeActivator - ok
17:13:47.0615 0x5250 netprofm - ok
17:13:47.0624 0x5250 NetSetupSvc - ok
17:13:47.0629 0x5250 NetTcpActivator - ok
17:13:47.0633 0x5250 NetTcpPortSharing - ok
17:13:47.0640 0x5250 NgcCtnrSvc - ok
17:13:47.0644 0x5250 NgcSvc - ok
17:13:47.0654 0x5250 [ 0669F1F91F3D295447D3F30D123D69DE, 3BE0AD7321AB507F19738F2ABD38596A686851FD88A518FD3400018BAAAAB236 ] NitroDriverReadSpool11 C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
17:13:47.0667 0x5250 NitroDriverReadSpool11 - ok
17:13:47.0677 0x5250 [ E1C6CB0C5B820DE993910422453F33C7, 3FD5210D4AB7CCCA1EC312CF419D82A67AC06AD45729A9A7A4BFF7C6B514FD37 ] NitroUpdateService C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
17:13:47.0692 0x5250 NitroUpdateService - ok
17:13:47.0698 0x5250 NlaSvc - ok
17:13:47.0725 0x5250 [ BD5A51891BB49075EE2B4C9CEE085618, 5B77268F0F66F0021D6D210ECE56BFB3C2E992B4C15D63E0FA791976DABA8EA8 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
17:13:47.0739 0x5250 nlsX86cc - ok
17:13:47.0753 0x5250 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\WINDOWS\system32\drivers\npf.sys
17:13:47.0761 0x5250 NPF - ok
17:13:47.0766 0x5250 Npfs - ok
17:13:47.0770 0x5250 npsvctrig - ok
17:13:47.0776 0x5250 nsi - ok
17:13:47.0781 0x5250 nsiproxy - ok
17:13:47.0787 0x5250 NTFS - ok
17:13:47.0792 0x5250 Null - ok
17:13:47.0803 0x5250 [ 176372CCCD2A3B36224D0490A24FDCD5, 214C2BE782CF060069070C292CD18084DFFC26A2F26DB94847EFFFEC5B190905 ] NvContainerLocalSystem C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
17:13:47.0818 0x5250 NvContainerLocalSystem - ok
17:13:47.0830 0x5250 [ 176372CCCD2A3B36224D0490A24FDCD5, 214C2BE782CF060069070C292CD18084DFFC26A2F26DB94847EFFFEC5B190905 ] NvContainerNetworkService C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
17:13:47.0845 0x5250 NvContainerNetworkService - ok
17:13:47.0865 0x5250 [ C27427C9D79DE00A01B9987B68485F60, D385AFADECC3B1ECD62211D5501050A66F6A334AE3799DDA8F8CA4C231CFB075 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
17:13:47.0877 0x5250 NVHDA - ok
17:13:48.0116 0x5250 [ 90050A0469120BD8E0931267FFE31CFD, 0424DF3733EBF21B2500F7B94C40E0A8AD60005191E4FB0C2F6FFD8FC7844EEF ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_e69a53b8ddde469c\nvlddmkm.sys
17:13:48.0349 0x5250 nvlddmkm - ok
17:13:48.0369 0x5250 nvraid - ok
17:13:48.0373 0x5250 nvstor - ok
17:13:48.0378 0x5250 [ D61AC1C1B847970F152CE05AC66A2F6C, 4F9362AEF87F394CF6FA90669A5E49DC5B657B8F36302C27784069416FA0776C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:13:48.0385 0x5250 NvStreamKms - ok
17:13:48.0398 0x5250 [ 0CB5B4866F6A7EAE332E256D151C8190, 2A9CFFD46C2972DDC16C3C34DD3A17B47C6D4145485E4A28365AD3797576424C ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
17:13:48.0413 0x5250 NvTelemetryContainer - ok
17:13:48.0419 0x5250 [ F489CE4A8456F9EB0F0C5532E2FD7549, 145D8A8EBF5120C735FBCDCA6593AB29088E2AB77130749E3727CB1434C9ABEA ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
17:13:48.0427 0x5250 nvvad_WaveExtensible - ok
17:13:48.0433 0x5250 [ FEAA46EB1E2B80C0DEFD2AAE4050E097, 9B429DFEA15A073D80AFB3E422B24286CC26210AD214368B5E1FC5F91B2B2501 ] nvvhci C:\WINDOWS\System32\drivers\nvvhci.sys
17:13:48.0444 0x5250 nvvhci - ok
17:13:48.0455 0x5250 OneSyncSvc - ok
17:13:48.0471 0x5250 [ CBC25009133730EB00BFAD4E37A6D387, AC93BEBD1E13336F9A6A4AB699A34127A31EC949A9EC5930B21BA80A3A6AF916 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:13:48.0483 0x5250 ose - ok
17:13:48.0488 0x5250 p2pimsvc - ok
17:13:48.0491 0x5250 p2psvc - ok
17:13:48.0498 0x5250 Parport - ok
17:13:48.0502 0x5250 partmgr - ok
17:13:48.0506 0x5250 passthruparser - ok
17:13:48.0511 0x5250 PcaSvc - ok
17:13:48.0516 0x5250 pci - ok
17:13:48.0520 0x5250 pciide - ok
17:13:48.0524 0x5250 pcip - ok
17:13:48.0528 0x5250 pcmcia - ok
17:13:48.0532 0x5250 pcw - ok
17:13:48.0536 0x5250 pdc - ok
17:13:48.0540 0x5250 PEAUTH - ok
17:13:48.0544 0x5250 PeerDistSvc - ok
17:13:48.0547 0x5250 percsas2i - ok
17:13:48.0551 0x5250 percsas3i - ok
17:13:48.0580 0x5250 PerfHost - ok
17:13:48.0599 0x5250 PhoneSvc - ok
17:13:48.0607 0x5250 PimIndexMaintenanceSvc - ok
17:13:48.0621 0x5250 pla - ok
17:13:48.0625 0x5250 PlugPlay - ok
17:13:48.0629 0x5250 PNRPAutoReg - ok
17:13:48.0634 0x5250 PNRPsvc - ok
17:13:48.0639 0x5250 PolicyAgent - ok
17:13:48.0646 0x5250 Power - ok
17:13:48.0650 0x5250 PptpMiniport - ok
17:13:48.0714 0x5250 [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:13:48.0810 0x5250 PrintNotify - ok
17:13:48.0818 0x5250 Processor - ok
17:13:48.0823 0x5250 ProfSvc - ok
17:13:48.0829 0x5250 Psched - ok
17:13:48.0834 0x5250 pvhdparser - ok
17:13:48.0840 0x5250 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\WINDOWS\system32\drivers\PxHlpa64.sys
17:13:48.0849 0x5250 PxHlpa64 - ok
17:13:48.0865 0x5250 QWAVE - ok
17:13:48.0872 0x5250 QWAVEdrv - ok
17:13:48.0878 0x5250 ramparser - ok
17:13:48.0883 0x5250 RasAcd - ok
17:13:48.0889 0x5250 RasAgileVpn - ok
17:13:48.0894 0x5250 RasAuto - ok
17:13:48.0900 0x5250 Rasl2tp - ok
17:13:48.0904 0x5250 RasMan - ok
17:13:48.0909 0x5250 RasPppoe - ok
17:13:48.0915 0x5250 RasSstp - ok
17:13:48.0920 0x5250 rdbss - ok
17:13:48.0928 0x5250 rdpbus - ok
17:13:48.0933 0x5250 RDPDR - ok
17:13:48.0944 0x5250 RdpVideoMiniport - ok
17:13:48.0949 0x5250 rdyboost - ok
17:13:48.0956 0x5250 ReFSv1 - ok
17:13:48.0963 0x5250 RemoteAccess - ok
17:13:48.0974 0x5250 RemoteRegistry - ok
17:13:48.0990 0x5250 RetailDemo - ok
17:13:48.0996 0x5250 RmSvc - ok
17:13:49.0006 0x5250 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
17:13:49.0016 0x5250 rpcapd - ok
17:13:49.0022 0x5250 RpcEptMapper - ok
17:13:49.0027 0x5250 RpcLocator - ok
17:13:49.0032 0x5250 RpcSs - ok
17:13:49.0041 0x5250 [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103 C:\WINDOWS\system32\DRIVERS\RsFx0103.sys
17:13:49.0055 0x5250 RsFx0103 - ok
17:13:49.0059 0x5250 rspndr - ok
17:13:49.0065 0x5250 rt640x64 - ok
17:13:49.0069 0x5250 s3cap - ok
17:13:49.0074 0x5250 SamSs - ok
17:13:49.0079 0x5250 sbp2port - ok
17:13:49.0083 0x5250 SCardSvr - ok
17:13:49.0089 0x5250 ScDeviceEnum - ok
17:13:49.0097 0x5250 scfilter - ok
17:13:49.0106 0x5250 Schedule - ok
17:13:49.0113 0x5250 scmbus - ok
17:13:49.0118 0x5250 scmdisk0101 - ok
17:13:49.0124 0x5250 SCPolicySvc - ok
17:13:49.0128 0x5250 sdbus - ok
17:13:49.0132 0x5250 SDRSVC - ok
17:13:49.0137 0x5250 sdstor - ok
17:13:49.0141 0x5250 seclogon - ok
17:13:49.0146 0x5250 SENS - ok
17:13:49.0149 0x5250 Sense - ok
17:13:49.0154 0x5250 SensorDataService - ok
17:13:49.0160 0x5250 SensorService - ok
17:13:49.0164 0x5250 SensorsSimulatorDriver - ok
17:13:49.0168 0x5250 SensrSvc - ok
17:13:49.0172 0x5250 SerCx - ok
17:13:49.0176 0x5250 SerCx2 - ok
17:13:49.0182 0x5250 Serenum - ok
17:13:49.0185 0x5250 Serial - ok
17:13:49.0189 0x5250 sermouse - ok
17:13:49.0202 0x5250 SessionEnv - ok
17:13:49.0210 0x5250 sfloppy - ok
17:13:49.0221 0x5250 SharedAccess - ok
17:13:49.0230 0x5250 ShellHWDetection - ok
17:13:49.0234 0x5250 shpamsvc - ok
17:13:49.0238 0x5250 SiSRaid2 - ok
17:13:49.0242 0x5250 SiSRaid4 - ok
17:13:49.0251 0x5250 [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:13:49.0269 0x5250 SkypeUpdate - ok
17:13:49.0273 0x5250 smphost - ok
17:13:49.0278 0x5250 SmsRouter - ok
17:13:49.0288 0x5250 SNMPTRAP - ok
17:13:49.0292 0x5250 spaceport - ok
17:13:49.0297 0x5250 SpbCx - ok
17:13:49.0324 0x5250 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\WINDOWS\SysWoW64\speedfan.sys
17:13:49.0339 0x5250 speedfan - ok
17:13:49.0349 0x5250 Spooler - ok
17:13:49.0355 0x5250 sppsvc - ok
17:13:49.0368 0x5250 [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:13:49.0382 0x5250 SQLAgent$SQLEXPRESS - ok
17:13:49.0391 0x5250 [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:13:49.0403 0x5250 SQLBrowser - ok
17:13:49.0410 0x5250 [ FAD8A14CAE92E805E48DA87B9564391A, B4BD026B6C9EE72CDE5E9215D903F16AE15893A1491ECFC346CB030C56D592A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:13:49.0421 0x5250 SQLWriter - ok
17:13:49.0425 0x5250 srv - ok
17:13:49.0430 0x5250 srv2 - ok
17:13:49.0435 0x5250 srvnet - ok
17:13:49.0439 0x5250 SSDPSRV - ok
17:13:49.0444 0x5250 SstpSvc - ok
17:13:49.0448 0x5250 StateRepository - ok
17:13:49.0480 0x5250 [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:13:49.0511 0x5250 Steam Client Service - ok
17:13:49.0517 0x5250 stexstor - ok
17:13:49.0521 0x5250 [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
17:13:49.0539 0x5250 StillCam - ok
17:13:49.0545 0x5250 stisvc - ok
17:13:49.0549 0x5250 storahci - ok
17:13:49.0553 0x5250 storflt - ok
17:13:49.0558 0x5250 stornvme - ok
17:13:49.0562 0x5250 storqosflt - ok
17:13:49.0567 0x5250 StorSvc - ok
17:13:49.0576 0x5250 storufs - ok
17:13:49.0585 0x5250 storvsc - ok
17:13:49.0592 0x5250 storvsp - ok
17:13:49.0596 0x5250 svsvc - ok
17:13:49.0601 0x5250 swenum - ok
17:13:49.0605 0x5250 swprv - ok
17:13:49.0610 0x5250 Synth3dVsc - ok
17:13:49.0614 0x5250 Synth3dVsp - ok
17:13:49.0618 0x5250 SysMain - ok
17:13:49.0623 0x5250 SystemEventsBroker - ok
17:13:49.0628 0x5250 TabletInputService - ok
17:13:49.0632 0x5250 TapiSrv - ok
17:13:49.0639 0x5250 [ 64292B0302DBAC8F53DEB0E1A0DEA5C2, 4CEB4F107C5A17C3238232914E0D01807365F0C14BD5C4A7EA198592A240F9AE ] tbupddsu C:\WINDOWS\system32\DRIVERS\tbupddsu.sys
17:13:49.0650 0x5250 tbupddsu - ok
17:13:49.0674 0x5250 [ C98D490A531A64571690B9C2F39B2091, 91652FFF912C2D96820AAEF88E6468F0EE95695CE47C26E8CA5934D5E8F3D42F ] tbupddwu C:\Program Files\UPDD\tbupddwu.exe
17:13:49.0697 0x5250 tbupddwu - ok
17:13:49.0706 0x5250 Tcpip - ok
17:13:49.0710 0x5250 Tcpip6 - ok
17:13:49.0718 0x5250 tcpipreg - ok
17:13:49.0724 0x5250 tdx - ok
17:13:49.0732 0x5250 [ 2625DD0C44FEB294E4096E129938C618, 50CD1F8618C46911A1A5DF62797AC16BD88E1915288D62B09BF2BDB44472C68B ] Te.Service C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe
17:13:49.0740 0x5250 Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
17:13:49.0740 0x5250 Detect skipped due to KSN trusted
17:13:49.0741 0x5250 Te.Service - ok
17:13:49.0855 0x5250 [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:13:49.0966 0x5250 TeamViewer - ok
17:13:49.0978 0x5250 terminpt - ok
17:13:49.0982 0x5250 TermService - ok
17:13:49.0987 0x5250 Themes - ok
17:13:49.0991 0x5250 TieringEngineService - ok
17:13:49.0996 0x5250 tiledatamodelsvc - ok
17:13:50.0000 0x5250 TimeBrokerSvc - ok
17:13:50.0005 0x5250 TPM - ok
17:13:50.0010 0x5250 TrkWks - ok
17:13:50.0017 0x5250 [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\WINDOWS\system32\drivers\truecrypt.sys
17:13:50.0030 0x5250 truecrypt - ok
17:13:50.0034 0x5250 TrustedInstaller - ok
17:13:50.0041 0x5250 tsusbflt - ok
17:13:50.0047 0x5250 TsUsbGD - ok
17:13:50.0054 0x5250 tsusbhub - ok
17:13:50.0061 0x5250 tunnel - ok
17:13:50.0066 0x5250 tzautoupdate - ok
17:13:50.0070 0x5250 UASPStor - ok
17:13:50.0075 0x5250 UcmCx0101 - ok
17:13:50.0079 0x5250 UcmTcpciCx0101 - ok
17:13:50.0084 0x5250 UcmUcsi - ok
17:13:50.0088 0x5250 Ucx01000 - ok
17:13:50.0094 0x5250 UdeCx - ok
17:13:50.0098 0x5250 udfs - ok
17:13:50.0102 0x5250 UEFI - ok
17:13:50.0108 0x5250 UevAgentDriver - ok
17:13:50.0112 0x5250 UevAgentService - ok
17:13:50.0116 0x5250 Ufx01000 - ok
17:13:50.0122 0x5250 UfxChipidea - ok
17:13:50.0127 0x5250 ufxsynopsys - ok
17:13:50.0137 0x5250 UI0Detect - ok
17:13:50.0143 0x5250 [ 6E566C1708DDC93ADF9286E9C714B652, AF179BCA9395D51ACDFB5BACE29388E2B4D5587FCAB53898AAA4F4011851B115 ] UimBus C:\WINDOWS\System32\drivers\UimBus.sys
17:13:50.0153 0x5250 UimBus - ok
17:13:50.0158 0x5250 [ 7DF6A08B0B74C4F9357EFBAE309B87F1, 9A5BB8EA70709519A3599D0818923321AE691CC9EBC1ABC3F5BB008AF18B797B ] Uim_DEVIM C:\WINDOWS\System32\drivers\uim_devim.sys
17:13:50.0167 0x5250 Uim_DEVIM - ok
17:13:50.0188 0x5250 [ 2DDD63E0948474B91046CF1AB7661189, A91A1F1E646B928C95C30DA4D70220262D3A67C1B66E365C981AA23A401624E9 ] Uim_IM C:\WINDOWS\System32\drivers\uim_im.sys
17:13:50.0206 0x5250 Uim_IM - ok
17:13:50.0212 0x5250 umbus - ok
17:13:50.0216 0x5250 UmPass - ok
17:13:50.0221 0x5250 UmRdpService - ok
17:13:50.0226 0x5250 UnistoreSvc - ok
17:13:50.0235 0x5250 [ D9BA7FCC229D3360078970A0A6AF99D0, 360BF33F6628EF48AEC062CECE3C919A73DFB8797C3684CEB8A8D51EB140C023 ] upddvh C:\WINDOWS\System32\drivers\upddvh.sys
17:13:50.0242 0x5250 upddvh - ok
17:13:50.0247 0x5250 upnphost - ok
17:13:50.0251 0x5250 UrsChipidea - ok
17:13:50.0256 0x5250 UrsCx01000 - ok
17:13:50.0261 0x5250 UrsSynopsys - ok
17:13:50.0267 0x5250 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
17:13:50.0284 0x5250 USBAAPL64 - ok
17:13:50.0311 0x5250 [ 842B334B1F1FDF631F43AD70C3DB9401, CD2FD5B86417101C3C88B105D0F25FD517E22C4EE44EDE01E4E267842CCF8FF6 ] USBADVAU C:\WINDOWS\system32\drivers\cm11264.sys
17:13:50.0354 0x5250 USBADVAU - ok
17:13:50.0361 0x5250 usbaudio - ok
17:13:50.0367 0x5250 usbccgp - ok
17:13:50.0372 0x5250 usbcir - ok
17:13:50.0378 0x5250 usbehci - ok
17:13:50.0382 0x5250 usbhub - ok
17:13:50.0387 0x5250 USBHUB3 - ok
17:13:50.0391 0x5250 usbohci - ok
17:13:50.0396 0x5250 usbprint - ok
17:13:50.0400 0x5250 usbser - ok
17:13:50.0405 0x5250 USBSTOR - ok
17:13:50.0411 0x5250 usbuhci - ok
17:13:50.0418 0x5250 usbvideo - ok
17:13:50.0424 0x5250 USBXHCI - ok
17:13:50.0429 0x5250 UserDataSvc - ok
17:13:50.0436 0x5250 UserManager - ok
17:13:50.0440 0x5250 UsoSvc - ok
17:13:50.0445 0x5250 VaultSvc - ok
17:13:50.0449 0x5250 vdrvroot - ok
17:13:50.0453 0x5250 vds - ok
17:13:50.0458 0x5250 VerifierExt - ok
17:13:50.0462 0x5250 VfpExt - ok
17:13:50.0467 0x5250 vhdmp - ok
17:13:50.0471 0x5250 vhdparser - ok
17:13:50.0475 0x5250 vhf - ok
17:13:50.0480 0x5250 Vid - ok
17:13:50.0486 0x5250 vmbus - ok
17:13:50.0490 0x5250 VMBusHID - ok
17:13:50.0496 0x5250 vmbusr - ok
17:13:50.0500 0x5250 vmcompute - ok
17:13:50.0504 0x5250 vmgid - ok
17:13:50.0509 0x5250 vmicguestinterface - ok
17:13:50.0514 0x5250 vmicheartbeat - ok
17:13:50.0518 0x5250 vmickvpexchange - ok
17:13:50.0522 0x5250 vmicrdv - ok
17:13:50.0532 0x5250 vmicshutdown - ok
17:13:50.0538 0x5250 vmictimesync - ok
17:13:50.0544 0x5250 vmicvmsession - ok
17:13:50.0548 0x5250 vmicvss - ok
17:13:50.0553 0x5250 vmms - ok
17:13:50.0559 0x5250 VMSP - ok
17:13:50.0564 0x5250 vmsproxy - ok
17:13:50.0568 0x5250 VMSVSF - ok
17:13:50.0572 0x5250 VMSVSP - ok
17:13:50.0577 0x5250 volmgr - ok
17:13:50.0581 0x5250 volmgrx - ok
17:13:50.0585 0x5250 volsnap - ok
17:13:50.0590 0x5250 volume - ok
17:13:50.0595 0x5250 vpci - ok
17:13:50.0600 0x5250 vpcivsp - ok
17:13:50.0611 0x5250 [ B0395671CD4A1B046BC7269A37C8E089, 2E6D8843B53D2E34D4FCAD0FB160996536F14D1EC95FB8C2298C9DCD66EFF918 ] Vsdatant C:\WINDOWS\system32\drivers\vsdatant.sys
17:13:50.0627 0x5250 Vsdatant - ok
17:13:50.0695 0x5250 [ 865B3466BA4EA06062019754E3893D6B, 00E43D5E57FEE7DA03050DB5EDC4EE6FF083BD0F69F15F591D04B7BDD0F87D60 ] vsmon C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
17:13:50.0764 0x5250 vsmon - ok
17:13:50.0778 0x5250 vsmraid - ok
17:13:50.0783 0x5250 VSS - ok
17:13:50.0919 0x5250 [ 558B8E6F99E198519FD87F1575F7D92D, B176F51B72D9BCD6472A710D4E0B78A7A7D1C3CAEC12725289C1EBA54E35083D ] VSStandardCollectorService140 D:\Programs\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
17:13:50.0929 0x5250 VSStandardCollectorService140 - ok
17:13:50.0934 0x5250 VSTXRAID - ok
17:13:50.0939 0x5250 vwifibus - ok
17:13:50.0944 0x5250 vwififlt - ok
17:13:50.0948 0x5250 W32Time - ok
17:13:50.0953 0x5250 w3logsvc - ok
17:13:50.0958 0x5250 W3SVC - ok
17:13:50.0963 0x5250 WacomPen - ok
17:13:50.0968 0x5250 WalletService - ok
17:13:50.0972 0x5250 wanarp - ok
17:13:50.0978 0x5250 wanarpv6 - ok
17:13:50.0982 0x5250 WAS - ok
17:13:50.0987 0x5250 wbengine - ok
17:13:50.0992 0x5250 WbioSrvc - ok
17:13:50.0998 0x5250 wcifs - ok
17:13:51.0006 0x5250 Wcmsvc - ok
17:13:51.0015 0x5250 wcncsvc - ok
17:13:51.0020 0x5250 wcnfs - ok
17:13:51.0025 0x5250 WdBoot - ok
17:13:51.0030 0x5250 Wdf01000 - ok
17:13:51.0035 0x5250 WdFilter - ok
17:13:51.0039 0x5250 WdiServiceHost - ok
17:13:51.0044 0x5250 WdiSystemHost - ok
17:13:51.0048 0x5250 wdiwifi - ok
17:13:51.0053 0x5250 WdNisDrv - ok
17:13:51.0058 0x5250 WdNisSvc - ok
17:13:51.0063 0x5250 WebClient - ok
17:13:51.0068 0x5250 Wecsvc - ok
17:13:51.0072 0x5250 WEPHOSTSVC - ok
17:13:51.0078 0x5250 wercplsupport - ok
17:13:51.0082 0x5250 WerSvc - ok
17:13:51.0087 0x5250 WFPLWFS - ok
17:13:51.0092 0x5250 WiaRpc - ok
17:13:51.0098 0x5250 WIMMount - ok
17:13:51.0101 0x5250 WinDefend - ok
17:13:51.0111 0x5250 WindowsTrustedRT - ok
17:13:51.0115 0x5250 WindowsTrustedRTProxy - ok
17:13:51.0123 0x5250 WinHttpAutoProxySvc - ok
17:13:51.0134 0x5250 WinMad - ok
17:13:51.0144 0x5250 Winmgmt - ok
17:13:51.0150 0x5250 WinNat - ok
17:13:51.0155 0x5250 WinRM - ok
17:13:51.0166 0x5250 WINUSB - ok
17:13:51.0170 0x5250 WinVerbs - ok
17:13:51.0175 0x5250 wisvc - ok
17:13:51.0180 0x5250 WlanSvc - ok
17:13:51.0186 0x5250 wlidsvc - ok
17:13:51.0190 0x5250 WmiAcpi - ok
17:13:51.0197 0x5250 wmiApSrv - ok
17:13:51.0201 0x5250 WMPNetworkSvc - ok
17:13:51.0206 0x5250 Wof - ok
17:13:51.0215 0x5250 workfolderssvc - ok
17:13:51.0219 0x5250 WPDBusEnum - ok
17:13:51.0224 0x5250 WpdUpFltr - ok
17:13:51.0229 0x5250 WpnService - ok
17:13:51.0234 0x5250 WpnUserService - ok
17:13:51.0243 0x5250 ws2ifsl - ok
17:13:51.0253 0x5250 wscsvc - ok
17:13:51.0261 0x5250 WSDPrintDevice - ok
17:13:51.0266 0x5250 WSDScan - ok
17:13:51.0271 0x5250 WSearch - ok
17:13:51.0290 0x5250 [ 539D52A1CB4CC3BFB9B6CAD7883B8ECA, 3CAC8F755F85F06C6FFA8C5328943DC55F410EAAA64F0E4241C3E7F60A48D4A9 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
17:13:51.0307 0x5250 WTabletServiceCon - ok
17:13:51.0313 0x5250 wuauserv - ok
17:13:51.0318 0x5250 WudfPf - ok
17:13:51.0323 0x5250 WUDFRd - ok
17:13:51.0327 0x5250 wudfsvc - ok
17:13:51.0332 0x5250 WUDFWpdFs - ok
17:13:51.0337 0x5250 WUDFWpdMtp - ok
17:13:51.0342 0x5250 WwanSvc - ok
17:13:51.0347 0x5250 XblAuthManager - ok
17:13:51.0353 0x5250 XblGameSave - ok
17:13:51.0359 0x5250 xboxgip - ok
17:13:51.0367 0x5250 XboxNetApiSvc - ok
17:13:51.0377 0x5250 xinputhid - ok
17:13:51.0387 0x5250 [ E8CB51ED05A15C6D82B34BCEBEAC0A3A, CFADB68E7C4DC56CF11AD1F32A67BEE06EC87BD835EC7825FE441C67CB29DD4C ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
17:13:51.0396 0x5250 ZAPrivacyService - ok
17:13:51.0417 0x5250 [ 603AEF6A0007C07A9456B5BB776B90FA, CA63FA27B3D7720D2825F05E5AC102194AB067F06213C2E8751787200C468839 ] ZoneAlarm ICM Service C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
17:13:51.0441 0x5250 ZoneAlarm ICM Service - ok
17:13:51.0450 0x5250 ================ Scan global ===============================
17:13:51.0463 0x5250 [ Global ] - ok
17:13:51.0464 0x5250 ================ Scan MBR ==================================
17:13:51.0467 0x5250 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
17:13:51.0597 0x5250 \Device\Harddisk3\DR3 - ok
17:13:51.0600 0x5250 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk4\DR4
17:13:51.0689 0x5250 \Device\Harddisk4\DR4 - ok
17:13:51.0700 0x5250 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:13:51.0775 0x5250 \Device\Harddisk0\DR0 - ok
17:13:51.0778 0x5250 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:13:51.0828 0x5250 \Device\Harddisk1\DR1 - ok
17:13:51.0842 0x5250 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2
17:13:51.0899 0x5250 \Device\Harddisk2\DR2 - ok
17:13:51.0899 0x5250 ================ Scan VBR ==================================
17:13:51.0901 0x5250 [ 4E584513472816BF9773B531D781F88D ] \Device\Harddisk3\DR3\Partition1
17:13:51.0902 0x5250 \Device\Harddisk3\DR3\Partition1 - ok
17:13:51.0905 0x5250 [ FBC16D9BA3DC960F796BA7C1EDAA526E ] \Device\Harddisk0\DR0\Partition1
17:13:51.0906 0x5250 \Device\Harddisk0\DR0\Partition1 - ok
17:13:51.0908 0x5250 [ 055B62E3D11ED8A19379FBDFEF40309E ] \Device\Harddisk1\DR1\Partition1
17:13:51.0909 0x5250 \Device\Harddisk1\DR1\Partition1 - ok
17:13:51.0912 0x5250 [ B7D92DE88B46B9DB1CBD242FA6AC1362 ] \Device\Harddisk1\DR1\Partition2
17:13:51.0913 0x5250 \Device\Harddisk1\DR1\Partition2 - ok
17:13:51.0916 0x5250 [ 2581F31D7876FC549AB087F56FFF91F9 ] \Device\Harddisk2\DR2\Partition1
17:13:51.0917 0x5250 \Device\Harddisk2\DR2\Partition1 - ok
17:13:51.0918 0x5250 ================ Scan generic autorun ======================
17:13:52.0124 0x5250 [ C43D50453404EF1C6801EFFC2492A202, 1D4142E49B2F8129C5643A3B6AD3BA93520FA008D9382EFA60CCDC6172F48D43 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:13:52.0331 0x5250 RTHDVCPL - ok
17:13:52.0350 0x5250 [ F7ED64C9765A92B65F2E1868CFF7431A, 5EEFDB3B2C8CEF2C96BF39DE3E527D7D59845250B3861F6D42D7CC3CDA7C6769 ] C:\Windows\System\3DG4me.exe
17:13:52.0360 0x5250 3DG4me - detected UnsignedFile.Multi.Generic ( 1 )
17:13:52.0411 0x5250 3DG4me ( UnsignedFile.Multi.Generic ) - warning
17:13:52.0676 0x5250 [ 2433692BFC2631DC28B0705C1B760FF2, BBDE902F984E0968A3062F3EEA624E804B03095C67C280CDA4E85D02F46B7CDC ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
17:13:52.0729 0x5250 EvtMgr6 - ok
17:13:52.0732 0x5250 CrashPlanTray - ok
17:13:52.0768 0x5250 [ 6333EA859221D95A2070190448B3D4BD, F92DDD0F1AFE9E19030299FA1F3B3BED9F35C9925F0217F2257B93A58CE2108A ] C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
17:13:52.0813 0x5250 DisplayLinkUI - ok
17:13:52.0834 0x5250 [ 9E79A2008669E07DA37F2B00887FB695, ADD44E08F7328D77EB11A556FB1B39E2D9C0EBCE0C9A8E097029B9485D65B71D ] C:\Program Files\UPDD\tbdaemon.exe
17:13:52.0858 0x5250 tbdaemon - detected UnsignedFile.Multi.Generic ( 1 )
17:13:52.0858 0x5250 Detect skipped due to KSN trusted
17:13:52.0858 0x5250 tbdaemon - ok
17:13:52.0871 0x5250 [ 2C7B4EF4610B08C6D5BEED7852702E89, BD147C13EF0A0476E5FFBB18F967DB97753D13A3CF8F19FD6CEBD010A4B6131B ] C:\Program Files\UPDD\aidaemon.exe
17:13:52.0892 0x5250 aidaemon - detected UnsignedFile.Multi.Generic ( 1 )
17:13:52.0892 0x5250 Detect skipped due to KSN trusted
17:13:52.0892 0x5250 aidaemon - ok
17:13:52.0901 0x5250 [ 782A31DB311AAC5F9CB50DDD9228867A, E200DFE8E1F8F8EEA26EDD76A3A3843EFDAE0A2284808D65C9DA6C4F76970E29 ] C:\Program Files\iTunes\iTunesHelper.exe
17:13:52.0916 0x5250 iTunesHelper - ok
17:13:52.0967 0x5250 [ 5602FF42444B4991E69C62E493BDAEC4, 7AE46CA0CD1E1C091B31EE4A691C26823E0F1AB1CA6B1C29E6C662BF7E28A996 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
17:13:53.0022 0x5250 Malwarebytes TrayApp - ok
17:13:53.0031 0x5250 [ 4D241A6A8F6BA9FA32FF836551FFDCEA, DEE87DFB6A8E87D40E3653435223B54AF2AB232DDC02D22468C126C54096F006 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
17:13:53.0042 0x5250 USB3MON - ok
17:13:53.0062 0x5250 [ D29C3F2BEA792CC2196AF7B2BEB9E899, EC787FC79C01444BAEA4866146FCF810B664D4C176D3F3E9C58C436531EE4266 ] C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
17:13:53.0088 0x5250 THX TruStudio NB Settings - detected UnsignedFile.Multi.Generic ( 1 )
17:13:53.0088 0x5250 Detect skipped due to KSN trusted
17:13:53.0088 0x5250 THX TruStudio NB Settings - ok
17:13:53.0092 0x5250 [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
17:13:53.0100 0x5250 UpdReg - detected UnsignedFile.Multi.Generic ( 1 )
17:13:53.0100 0x5250 Detect skipped due to KSN trusted
17:13:53.0100 0x5250 UpdReg - ok
17:13:53.0124 0x5250 [ 30ECFDFE0FAE38B0608A23B444A1A04D, C61EFB59D3ACA2C7345E17099265D62C37F9F34DA026519A58C297350A561945 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:13:53.0144 0x5250 avgnt - ok
17:13:53.0151 0x5250 [ 5D666FC778E7754CC7103402D814809B, 7E9B205B74440D455155014EE8D6FD0D1C647B016D72A28F16709F50BC005D3F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
17:13:53.0159 0x5250 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
17:13:53.0159 0x5250 Detect skipped due to KSN trusted
17:13:53.0159 0x5250 ControlCenter4 - ok
17:13:53.0211 0x5250 [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
17:13:53.0292 0x5250 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
17:13:53.0292 0x5250 Detect skipped due to KSN trusted
17:13:53.0292 0x5250 BrStsMon00 - ok
17:13:53.0341 0x5250 [ 7D5E8D5BDF324718BBC91DF02D830317, AA6A8B0536C14A7D11FDFFA5F980E90059F6C3BE99DE57503EC58DEA022C5398 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
17:13:53.0383 0x5250 Adobe Creative Cloud - ok
17:13:53.0391 0x5250 [ AF9688A90020A67F271D54E503F84C26, 538E068126D072F64BE7BC1B5902D20B6755EF7F7B1C3A04F82C9C97BE0AD50E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
17:13:53.0401 0x5250 Avira SystrayStartTrigger - ok
17:13:53.0411 0x5250 [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
17:13:53.0428 0x5250 PDFPrint - ok
17:13:53.0433 0x5250 [ E9BA162643788A1E48F56ABE3D1D7B25, 0B6408D8861683BE05BB970E11437B5263A6DA7182E7F863F815B391EE7445CF ] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
17:13:53.0443 0x5250 ZoneAlarm - ok
17:13:53.0471 0x5250 OneDriveSetup - ok
17:13:53.0472 0x5250 OneDriveSetup - ok
17:13:53.0582 0x5250 [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] D:\Programs\DAEMON Tools Lite\DTLite.exe
17:13:53.0645 0x5250 DAEMON Tools Lite - ok
17:13:53.0784 0x5250 [ 3F218819210022E0D585957FB155D4A3, A2F27FCB349BAE82B4A4475F3C26E5D57D0EC07C22228F35CFFE3ABBFBA2EEF8 ] D:\Programs\Steam\steam.exe
17:13:53.0833 0x5250 Steam - ok
17:13:53.0844 0x5250 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Michael\AppData\Local\Dropbox\Update\DropboxUpdate.exe
17:13:53.0853 0x5250 Dropbox Update - ok
17:13:53.0882 0x5250 [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Michael\AppData\Local\Microsoft\OneDrive\OneDrive.exe
17:13:53.0915 0x5250 OneDrive - ok
17:13:53.0922 0x5250 [ F30EB4A3C8534F51767F25BEDF8F6F99, 326BAB4DAE218618C98196424B64F36EBC75BF86C9C9DA8B367EF347AE49A245 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
17:13:53.0931 0x5250 iCloudServices - ok
17:13:53.0936 0x5250 [ F805C4D2334F8750CA14EB412A3C403E, F86212B0C7FF74E4C8BBF637D71529FA376AA1CF97CFD39EEA7ACD70D996EEE0 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
17:13:53.0944 0x5250 iCloudDrive - ok
17:13:53.0953 0x5250 [ 5EFD02A5F5DAE55FFE043450A1F1689C, D715A9044D087ACDDB5FE93D7263A3E1B134190202F95C37C36DBF8CCD6428AC ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
17:13:53.0966 0x5250 iCloudPhotos - ok
17:13:53.0969 0x5250 GoogleDriveSync - ok
17:13:53.0987 0x5250 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
17:13:54.0017 0x5250 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
17:13:54.0017 0x5250 Detect skipped due to KSN trusted
17:13:54.0017 0x5250 SpybotPostWindows10UpgradeReInstall - ok
17:13:54.0018 0x5250 OneDriveSetup - ok
17:13:54.0020 0x5250 WAB Migrate - ok
17:13:54.0024 0x5250 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\WindowsSecurityCenter.exe ( 15.0.26.45 ), 0x41000 ( enabled : updated )
17:13:54.0025 0x5250 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x62100 ( disabled : updated )
17:13:54.0025 0x5250 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.143 ), 0x61000 ( enabled : updated )
17:13:54.0026 0x5250 FW detected via SS2: ZoneAlarm Free Firewall Firewall, C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZA_WSC_Remediation.exe ( 15.1.504.17269 ), 0x41010 ( enabled )
17:13:54.0325 0x5250 ============================================================
17:13:54.0325 0x5250 Scan finished
17:13:54.0325 0x5250 ============================================================
17:13:54.0332 0x5220 Detected object count: 1
17:13:54.0332 0x5220 Actual detected object count: 1
17:14:04.0102 0x5220 3DG4me ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:04.0102 0x5220 3DG4me ( UnsignedFile.Multi.Generic ) - User select action: Skip
</CODE>

burningice · 29.05.2017, 03:05

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Lade dir folgendes Programm herunter und installiere es:

Malwarebytes Anti-Malware

Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:

Logfile von AdwCleaner
Logfile von Malwarebytes
Frst.txt
Addition.txt

Bitte achte diesmal wirklich auf die Code-Tags:

Bitte poste dein Ergebnis zwischen Code-Tags
Wenn ein Log zu lange ist, teile ihn bitte auf mehrere Antworten.

Code-Tags?

Drücke einfach die # in Antwortfenster und füge den Log dazwischen ein

rilkar · 29.05.2017, 20:09

Leider lässt sich ZoneAlarm nicht deinstallieren !?

Ich habs in der Systemsteuerung deinstalliert aber das Programm startet immer noch mit Windows und anscheinend habe ich als Admin keine Berechtigung den entsprechenden Ordner im C:\Program Files zu löschen...

Jemand einen Tip wie man das Ding runterbekommt?

burningice · 29.05.2017, 20:34

Probier mal dieses Tool: http://download.zonealarm.com/bin/fr...load/CLEAN.exe

29.05.2017, 20:34	#10
burningice /// Malwareteam	Infektion? DNS nach einigen Stunden nicht mehr erreichbar Probier mal dieses Tool: http://download.zonealarm.com/bin/fr...load/CLEAN.exe __________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook ..........

Infektion? DNS nach einigen Stunden nicht mehr erreichbar

Log-Analyse und Auswertung: Infektion? DNS nach einigen Stunden nicht mehr erreichbar